43 lines
1.2 KiB
C#
43 lines
1.2 KiB
C#
namespace NATS.Server.Auth;
|
|
|
|
public sealed class ExternalAuthCalloutAuthenticator : IAuthenticator
|
|
{
|
|
private readonly IExternalAuthClient _client;
|
|
private readonly TimeSpan _timeout;
|
|
|
|
public ExternalAuthCalloutAuthenticator(IExternalAuthClient client, TimeSpan timeout)
|
|
{
|
|
_client = client;
|
|
_timeout = timeout;
|
|
}
|
|
|
|
public AuthResult? Authenticate(ClientAuthContext context)
|
|
{
|
|
using var cts = new CancellationTokenSource(_timeout);
|
|
ExternalAuthDecision decision;
|
|
try
|
|
{
|
|
decision = _client.AuthorizeAsync(
|
|
new ExternalAuthRequest(
|
|
context.Opts.Username,
|
|
context.Opts.Password,
|
|
context.Opts.Token,
|
|
context.Opts.JWT),
|
|
cts.Token).GetAwaiter().GetResult();
|
|
}
|
|
catch (OperationCanceledException)
|
|
{
|
|
return null;
|
|
}
|
|
|
|
if (!decision.Allowed)
|
|
return null;
|
|
|
|
return new AuthResult
|
|
{
|
|
Identity = decision.Identity ?? context.Opts.Username ?? "external",
|
|
AccountName = decision.Account,
|
|
};
|
|
}
|
|
}
|