OpenRasta - Scott Littlewoods Basic Authentication working example

Question

I'm testing out the feasibility of using OpenRasta as a viable alternative to ASP.NET MVC. However, I've run into a stumbling block regarding authentication.

Let me be clear, "Open Digest Authentication" is NOT an option at this point.

I've read that Scott Littlewood created a basic authentication fork for OpenRasta and I've downloaded the source from git and successfully built it.

I'm now trying to get the authentication working, so if someone has a real working model, I would be very grateful. Here's what I've done so far:

//Authentication.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using OpenRasta;
using OpenRasta.Configuration;
using OpenRasta.Authentication;
using OpenRasta.Authentication.Basic;
using OpenRasta.Configuration.Fluent;
using OpenRasta.DI;

namespace myOpenRastaTest.Extensions
{
    public static class ExtensionsToIUses
    {
        public static void BasicAuthentication<TBasicAuthenticator>(this IUses uses) where TBasicAuthenticator : class, IBasicAuthenticator
        {
            uses.CustomDependency<IAuthenticationScheme, BasicAuthenticationScheme>(DependencyLifetime.Transient);

            uses.CustomDependency<IBasicAuthenticator, TBasicAuthenticator>(DependencyLifetime.Transient);
        }
    }

    public class CustomBasicAuthenticator : IBasicAuthenticator
    {
        public string Realm { get { return "stackoverflow-realm"; } }

        public CustomBasicAuthenticator()
        {            
        }

        public AuthenticationResult Authenticate(BasicAuthRequestHeader header)
        {
            /* use the information in the header to check credentials against your service/db */
            if (true)
            {
                return new AuthenticationResult.Success(header.Username);
            }

            return new AuthenticationResult.Failed();
        }
    }
}

Now to test it I just created an instance of CustomBasicAuthenticator in my HomeHandler.cs:

//HomeHandler.cs
using System;
using myOpenRastaTest.Resources;

namespace myOpenRastaTest.Handlers
{
    public class HomeHandler
    {
        public object Get()
        {
            var custAuth = new myOpenRastaTest.Extensions.CustomBasicAuthenticator();

            return new HomeResource();
        }
    }
}

So, I need to know what steps i need to take next, hence the reason for me asking for a real working model and not just theory answers since I've just stumbled upon the framework 2 days ago and might not know all the OpenRasta framework,RESTful lingo that you might throw back at me :)

Once I get a grasp of authentication, I'll have a good indication as to how to proceed with my evaluation of whether to port an existing asp.net prototype portal to OpenRasta or not.

Thanks in advance...

Answer 1

I have a sample application using the new OpenRasta authentication process that ONLY supports BASIC authentication at the moment.

Plugging in different authentication schemes should be quite straight forward but I haven't had the time recently to do this.

See this github discussion for future reference: https://github.com/scottlittlewood/openrasta-stable/commit/25ee8bfbf610cea17626a9e7dfede565f662d7bb#comments

For a working example checkout the code here: https://github.com/scottlittlewood/OpenRastaAuthSample

Hope this helps

Answer 2

Once you have an authentication in place, you need it to be triggered by having authorization on one of your resource handlers, which you can do by adding a RequiresAuthentication attribute on it for example.

You can have a look at the code for that attribute to see how to implement custom authorization yourself.