Neuron®
The Neuron® is the basis for the creation of open and secure federated networks for smart societies.
Loading...
Searching...
No Matches
RequiredUserPrivileges.cs
1using System.Threading.Tasks;
2using System.Web;
3using Waher.Networking.HTTP;
4using Waher.Networking.HTTP.HeaderFields;
5using Waher.Script;
6using Waher.Security;
7
8namespace Waher.IoTGateway.WebResources
9{
14 public class RequiredUserPrivileges : HttpAuthenticationScheme
15 {
16 private readonly HttpServer server;
17 private readonly string[] privileges;
18 private readonly string userVariable;
19 private readonly string loginPage;
20
27 public RequiredUserPrivileges(HttpServer Server, params string[] Privileges)
28 : this("User", string.Empty, Server, Privileges)
29 {
30 }
31
39 public RequiredUserPrivileges(string UserVariable, HttpServer Server, params string[] Privileges)
40 : this(UserVariable, string.Empty, Server, Privileges)
41 {
42 }
43
52 public RequiredUserPrivileges(string UserVariable, string LoginPage, HttpServer Server, params string[] Privileges)
53 {
54 this.userVariable = UserVariable;
55 this.loginPage = LoginPage;
56 this.server = Server;
57 this.privileges = Privileges;
58 }
59
64 public override string GetChallenge()
65 {
66 foreach (string Privilege in this.privileges)
67 throw ForbiddenException.AccessDenied(string.Empty, string.Empty, Privilege);
68
69 throw ForbiddenException.AccessDenied(string.Empty, string.Empty, string.Empty);
70 }
71
77 public override Task<IUser> IsAuthenticated(HttpRequest Request)
78 {
79 Variables Variables = Request.Session;
80 string HttpSessionID;
81
82 if (Variables is null &&
83 !string.IsNullOrEmpty(HttpSessionID = HttpResource.GetSessionId(Request, Request.Response)))
84 {
85 Request.Session = Variables = this.server.GetSession(HttpSessionID);
86 }
87
88 if (Variables is null ||
89 !Variables.TryGetVariable(this.userVariable, out Variable v) ||
90 !(v.ValueObject is IUser User))
91 {
92 if (!string.IsNullOrEmpty(this.loginPage))
93 throw new SeeOtherException(this.loginPage + "?from=" + HttpUtility.UrlEncode(Request.Header.GetURL(true, true)));
94
95 return Task.FromResult<IUser>(null);
96 }
97
98 foreach (string Privilege in this.privileges)
99 {
100 if (!User.HasPrivilege(Privilege))
101 return Task.FromResult<IUser>(null);
102 }
103
104 return Task.FromResult(User);
105 }
106 }
107}
Waher.IoTGateway.WebResources.RequiredUserPrivileges
Authentication mechanism that makes sure the user has an established session with the IoT Gateway,...
Definition: RequiredUserPrivileges.cs:15
Waher.IoTGateway.WebResources.RequiredUserPrivileges.RequiredUserPrivileges
RequiredUserPrivileges(string UserVariable, HttpServer Server, params string[] Privileges)
Authentication mechanism that makes sure the user has an established session with the IoT Gateway,...
Definition: RequiredUserPrivileges.cs:39
Waher.IoTGateway.WebResources.RequiredUserPrivileges.GetChallenge
override string GetChallenge()
Gets a challenge for the authenticating client to respond to.
Definition: RequiredUserPrivileges.cs:64
Waher.IoTGateway.WebResources.RequiredUserPrivileges.IsAuthenticated
override Task< IUser > IsAuthenticated(HttpRequest Request)
Checks if the request is authorized.
Definition: RequiredUserPrivileges.cs:77
Waher.IoTGateway.WebResources.RequiredUserPrivileges.RequiredUserPrivileges
RequiredUserPrivileges(HttpServer Server, params string[] Privileges)
Authentication mechanism that makes sure the user has an established session with the IoT Gateway,...
Definition: RequiredUserPrivileges.cs:27
Waher.IoTGateway.WebResources.RequiredUserPrivileges.RequiredUserPrivileges
RequiredUserPrivileges(string UserVariable, string LoginPage, HttpServer Server, params string[] Privileges)
Authentication mechanism that makes sure the user has an established session with the IoT Gateway,...
Definition: RequiredUserPrivileges.cs:52
Waher.Networking.HTTP.ForbiddenException
The server understood the request, but is refusing to fulfill it. Authorization will not help and the...
Definition: ForbiddenException.cs:13
Waher.Networking.HTTP.ForbiddenException.AccessDenied
static ForbiddenException AccessDenied(string ObjectId, string ActorId, string MissingPrivilege)
Returns a ForbiddenException object, and logs a entry in the event log about the event.
Definition: ForbiddenException.cs:70
Waher.Networking.HTTP.HttpAuthenticationScheme
Base class for all HTTP authentication schemes, as defined in RFC-7235: https://datatracker....
Definition: HttpAuthenticationScheme.cs:11
Waher.Networking.HTTP.HttpRequestHeader.GetURL
string GetURL()
Gets an absolute URL for the request.
Definition: HttpRequestHeader.cs:427
Waher.Networking.HTTP.HttpRequest
Represents an HTTP request.
Definition: HttpRequest.cs:18
Waher.Networking.HTTP.HttpRequest.Header
HttpRequestHeader Header
Request header.
Definition: HttpRequest.cs:134
Waher.Networking.HTTP.HttpRequest.Session
Variables Session
Contains session states, if the resource requires sessions, or null otherwise.
Definition: HttpRequest.cs:164
Waher.Networking.HTTP.HttpRequest.Response
HttpResponse Response
HTTP Response object, if one has been assigned to the request.
Definition: HttpRequest.cs:206
Waher.Networking.HTTP.HttpResource
Base class for all HTTP resources.
Definition: HttpResource.cs:23
Waher.Networking.HTTP.HttpResource.GetSessionId
static string GetSessionId(HttpRequest Request, HttpResponse Response)
Gets the session ID used for a request.
Definition: HttpResource.cs:248
Waher.Networking.HTTP.HttpServer
Implements an HTTP server.
Definition: HttpServer.cs:36
Waher.Networking.HTTP.SeeOtherException
The response to the request can be found under a different URI and SHOULD be retrieved using a GET me...
Definition: SeeOtherException.cs:12
Waher.Script.Variable
Contains information about a variable.
Definition: Variable.cs:10
Waher.Script.Variables
Collection of variables.
Definition: Variables.cs:25
Waher.Script.Variables.TryGetVariable
virtual bool TryGetVariable(string Name, out Variable Variable)
Tries to get a variable object, given its name.
Definition: Variables.cs:52
Waher.Security.IUser
Basic interface for a user.
Definition: IUser.cs:7