Table of Contents

Class DigestAuthenticationHandler

Namespace
Cuemon.AspNetCore.Authentication.Digest
Assembly
Cuemon.AspNetCore.Authentication.dll

Provides a HTTP Digest Access Authentication implementation of AuthenticationHandler<TOptions> for ASP.NET Core.

public class DigestAuthenticationHandler : AuthenticationHandler<DigestAuthenticationOptions>, IAuthenticationHandler
Inheritance
DigestAuthenticationHandler
Implements
Inherited Members

Examples

The following example demonstrates how to register DigestAuthenticationHandler with ASP.NET Core authentication services. It configures DI with INonceTracker, registers a digest authentication scheme with a username/password lookup callback, and builds the service provider. The handler is resolved from DI and its type name is written to the console, verifying that digest authentication wiring is operational.

using System;
using System.Security.Claims;
using Cuemon.AspNetCore.Authentication;
using Cuemon.AspNetCore.Authentication.Digest;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.DependencyInjection;

namespace MyApp.Examples;

public static class DigestAuthenticationHandlerExample
{
    public static void Demonstrate()
    {
        var services = new ServiceCollection();

        services.AddLogging();
        services.AddSingleton<INonceTracker, MemoryNonceTracker>();
        services.AddAuthentication(DigestAuthorizationHeader.Scheme)
            .AddScheme<DigestAuthenticationOptions, DigestAuthenticationHandler>(DigestAuthorizationHeader.Scheme, options =>
            {
                options.Realm = "docs-example";
                options.RequireSecureConnection = false;
                options.Authenticator = (string username, out string password) =>
                {
                    password = username == "Agent" ? "Test" : null;
                    return password == null
                        ? null
                        : new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, username) }, DigestAuthorizationHeader.Scheme));
                };
            });

        using var provider = services.BuildServiceProvider();
        var handler = provider.GetRequiredService<DigestAuthenticationHandler>();

        Console.WriteLine(handler.GetType().Name);
    }
}

Constructors

DigestAuthenticationHandler(IOptionsMonitor<DigestAuthenticationOptions>, ILoggerFactory, UrlEncoder, INonceTracker)

Initializes a new instance of the DigestAuthenticationHandler class.

public DigestAuthenticationHandler(IOptionsMonitor<DigestAuthenticationOptions> options, ILoggerFactory logger, UrlEncoder encoder, INonceTracker nonceTracker = null)

Parameters

options IOptionsMonitor<DigestAuthenticationOptions>

The monitor for the options instance.

logger ILoggerFactory

The ILoggerFactory.

encoder UrlEncoder

The UrlEncoder.

nonceTracker INonceTracker

The dependency injected implementation of an INonceTracker.

Methods

HandleAuthenticateAsync()

Handle authenticate as an asynchronous operation.

protected override Task<AuthenticateResult> HandleAuthenticateAsync()

Returns

Task<AuthenticateResult>

A Task<TResult> representing the asynchronous operation.

HandleChallengeAsync(AuthenticationProperties)

Handle challenge as an asynchronous operation.

protected override Task HandleChallengeAsync(AuthenticationProperties properties)

Parameters

properties AuthenticationProperties

The properties.

Returns

Task

A Task representing the asynchronous operation.

Remarks

qop is included and supported to be compliant with RFC 2617 (hence, this implementation cannot revert to reduced legacy RFC 2069 mode).

See Also