-
Notifications
You must be signed in to change notification settings - Fork 41
/
ApiKeyOptions.cs
63 lines (55 loc) · 2.98 KB
/
ApiKeyOptions.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
// Copyright (c) Mihir Dilip. All rights reserved.
// Licensed under the MIT License. See LICENSE file in the project root for license information.
using Microsoft.AspNetCore.Authentication;
using System;
namespace AspNetCore.Authentication.ApiKey
{
/// <summary>
/// Inherited from <see cref="AuthenticationSchemeOptions"/> to allow extra option properties for 'ApiKey' authentication.
/// </summary>
public class ApiKeyOptions : AuthenticationSchemeOptions
{
/// <summary>
/// This is required property. It is the name of the header or query parameter of the API Key.
/// </summary>
public string KeyName { get; set; }
/// <summary>
/// Gets or sets the realm property. It is used with WWW-Authenticate response header when challenging un-authenticated requests.
/// Required to be set if SuppressWWWAuthenticateHeader is not set to true.
/// <see href="https://tools.ietf.org/html/rfc7235#section-2.2"/>
/// </summary>
public string Realm { get; set; }
/// <summary>
/// Default value is false.
/// When set to true, it will NOT return WWW-Authenticate response header when challenging un-authenticated requests.
/// When set to false, it will return WWW-Authenticate response header when challenging un-authenticated requests.
/// It is normally used to disable browser prompt when doing ajax calls.
/// <see href="https://tools.ietf.org/html/rfc7235#section-4.1"/>
/// </summary>
public bool SuppressWWWAuthenticateHeader { get; set; }
/// <summary>
/// The object provided by the application to process events raised by the api key authentication middleware.
/// The application may implement the interface fully, or it may create an instance of <see cref="ApiKeyEvents"/>
/// and assign delegates only to the events it wants to process.
/// </summary>
public new ApiKeyEvents Events
{
get => (ApiKeyEvents)base.Events;
set => base.Events = value;
}
/// <summary>
/// Default value is false.
/// If set to true, <see cref="IApiKey.Key"/> property returned from <see cref="IApiKeyProvider.ProvideAsync(string)"/> method is not compared with the key parsed from the request.
/// This extra check did not existed in the previous version. So you if want to revert back to old version validation, please set this to true.
/// </summary>
public bool ForLegacyIgnoreExtraValidatedApiKeyCheck { get; set; }
#if !(NET461 || NETSTANDARD2_0)
/// <summary>
/// Default value is false.
/// If set to true, it checks if AllowAnonymous filter on controller action or metadata on the endpoint which, if found, it does not try to authenticate the request.
/// </summary>
public bool IgnoreAuthenticationIfAllowAnonymous { get; set; }
#endif
internal Type ApiKeyProviderType { get; set; } = null;
}
}