File: Core\IISServerAuthenticationHandlerInternal.cs
Web Access
Project: src\src\Servers\IIS\IIS\src\Microsoft.AspNetCore.Server.IIS.csproj (Microsoft.AspNetCore.Server.IIS)
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
 
using System.Diagnostics;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Http.Features;
 
namespace Microsoft.AspNetCore.Server.IIS.Core;
 
/// <summary>
/// The default authentication handler with IIS In-Process
/// </summary>
internal sealed class IISServerAuthenticationHandlerInternal : IAuthenticationHandler
{
    private HttpContext? _context;
    private IISHttpContext? _iisHttpContext;
 
    internal AuthenticationScheme? Scheme { get; private set; }
 
    ///<inheritdoc/>
    public Task<AuthenticateResult> AuthenticateAsync()
    {
        Debug.Assert(_iisHttpContext != null, "Handler must be initialized.");
        Debug.Assert(Scheme != null, "Handler must be initialized.");
 
        var user = _iisHttpContext.WindowsUser;
        if (user != null && user.Identity != null && user.Identity.IsAuthenticated)
        {
            return Task.FromResult(AuthenticateResult.Success(new AuthenticationTicket(user, Scheme.Name)));
        }
        else
        {
            return Task.FromResult(AuthenticateResult.NoResult());
        }
    }
 
    ///<inheritdoc/>
    public Task ChallengeAsync(AuthenticationProperties? properties)
    {
        Debug.Assert(_context != null, "Handler must be initialized.");
 
        // We would normally set the www-authenticate header here, but IIS does that for us.
        _context.Response.StatusCode = 401;
        return Task.CompletedTask;
    }
 
    ///<inheritdoc/>
    public Task ForbidAsync(AuthenticationProperties? properties)
    {
        Debug.Assert(_context != null, "Handler must be initialized.");
 
        _context.Response.StatusCode = 403;
        return Task.CompletedTask;
    }
 
    ///<inheritdoc/>
    public Task InitializeAsync(AuthenticationScheme scheme, HttpContext context)
    {
        _iisHttpContext = context.Features.GetRequiredFeature<IISHttpContext>();
 
        Scheme = scheme;
        _context = context;
 
        return Task.CompletedTask;
    }
}