API authentication fixed when AD down or unreachable

Author: lorenzobruni

rls/API.Library.dll

@@ -88,9 +88,9 @@ public class Common
         /// Authenticate the user in the context
         /// </summary>
         /// <param name="context"></param>
-        internal bool Authenticate(ref HttpContext context)
+        internal bool? Authenticate(ref HttpContext context)
         {
-            bool isAuthenticated = false;
+            bool? isAuthenticated = null;
             Log.Instance.Info("Stateless: " + API_STATELESS);
 
             // Get the username if any
@@ -129,10 +129,14 @@ internal bool Authenticate(ref HttpContext context)
                 {
                     isAuthenticated = AuthenticateByType();
 
-                    // Set the cache to expire at midnight
-                    if (MemCacheD.Store_BSO<dynamic>("API", "Common", "Authenticate", NetworkIdentity, UserPrincipal, DateTime.Today.AddDays(1)))
+                    // Store the cache only when authentication works.
+                    if (isAuthenticated != null)
                     {
-                        Log.Instance.Info("Authentication stored in Cache");
+                        // Set the cache to expire at midnight
+                        if (MemCacheD.Store_BSO<dynamic>("API", "Common", "Authenticate", NetworkIdentity, UserPrincipal, DateTime.Today.AddDays(1)))
+                        {
+                            Log.Instance.Info("Authentication stored in Cache");
+                        }
                     }
                 }
             }
@@ -146,9 +150,13 @@ internal bool Authenticate(ref HttpContext context)
 
                     isAuthenticated = AuthenticateByType();
 
-                    // Save the serialized userPrincipal in the Session
-                    context.Session[UserPrincipal_Container] = Utility.JsonSerialize_IgnoreLoopingReference(UserPrincipal);
-                    Log.Instance.Info("Authentication stored in Session");
+                    // Initiate a new Session only when authentication works.
+                    if (isAuthenticated != null)
+                    {
+                        // Save the serialized userPrincipal in the Session
+                        context.Session[UserPrincipal_Container] = Utility.JsonSerialize_IgnoreLoopingReference(UserPrincipal);
+                        Log.Instance.Info("Authentication stored in Session");
+                    }
                 }
                 else
                 {
@@ -171,7 +179,7 @@ internal bool Authenticate(ref HttpContext context)
         /// <summary>
         /// Authenticate the user by the relative Authentication Type
         /// </summary>
-        private bool AuthenticateByType()
+        private bool? AuthenticateByType()
         {
             string[] AuthenticationTypeAllowed = new string[]
             {
@@ -207,7 +215,7 @@ private bool AuthenticateByType()
         /// <summary>
         /// Process Windows Authentication
         /// </summary>
-        private bool WindowsAuthentication()
+        private bool? WindowsAuthentication()
         {
             // Override userPrincipal for security
             UserPrincipal = null;
@@ -216,13 +224,13 @@ private bool WindowsAuthentication()
             if (string.IsNullOrEmpty(NetworkUsername))
             {
                 Log.Instance.Fatal("Undefined Network Username");
-                return false;
+                return null;
             }
 
             if (String.IsNullOrEmpty(API_AD_DOMAIN))
             {
                 Log.Instance.Fatal("Undefined AD Domain");
-                return false;
+                return null;
             }
 
             // Query AD
@@ -245,22 +253,22 @@ private bool WindowsAuthentication()
                 if (UserPrincipal == null)
                 {
                     Log.Instance.Fatal("Undefined User Principal against AD");
-                    return false;
+                    return null;
                 }
                 return true;
             }
             catch (Exception e)
             {
                 Log.Instance.Fatal("Unable to connect/query AD");
                 Log.Instance.Fatal(e);
-                return false;
+                return null;
             }
         }
 
         /// <summary>
         /// Process Anonymous Authentication
         /// </summary>
-        private bool AnonymousAuthentication()
+        private bool? AnonymousAuthentication()
         {
             // Override userPrincipal for security
             UserPrincipal = null;
@@ -270,7 +278,7 @@ private bool AnonymousAuthentication()
         /// <summary>
         /// Process Any Authentication
         /// </summary>
-        private bool AnyAuthentication()
+        private bool? AnyAuthentication()
         {
             // Override userPrincipal for security
             UserPrincipal = null;
@@ -302,7 +310,7 @@ private bool AnyAuthentication()
                 {
                     Log.Instance.Fatal("Unable to connect/query AD");
                     Log.Instance.Fatal(e);
-                    return false;
+                    return null;
                 }
             }
 

rls/API.Library.pdb

@@ -63,7 +63,7 @@ public void ProcessRequest(HttpContext context)
             }
 
             // Authenticate and append credentials
-            if (!Authenticate(ref context))
+            if (Authenticate(ref context) == false)
             {
                 JSONRPC_Error error = new JSONRPC_Error { code = -32002 };
                 ParseError(ref context, JSONRPC_Request.id, error);

src/API.Library/Entities/API.Common.cs

@@ -47,7 +47,7 @@ public void ProcessRequest(HttpContext context)
             }
 
             // Authenticate and append credentials
-            if (!Authenticate(ref context))
+            if (Authenticate(ref context) == false)
             {
                 ParseError(ref context, HttpStatusCode.Unauthorized, "Invalid authentication");
             }

src/API.Library/Entities/API.JSONRPC.cs

@@ -31,8 +31,8 @@
 // You can specify all the values or you can default the Build and Revision Numbers 
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("4.1.2")]
-[assembly: AssemblyFileVersion("4.1.2")]
+[assembly: AssemblyVersion("4.1.3")]
+[assembly: AssemblyFileVersion("4.1.3")]
 
 // Configure log4net using the Web.config file by default
 [assembly: log4net.Config.XmlConfigurator(Watch = true)]

src/API.Library/Entities/API.RESTful.cs

@@ -72,9 +72,9 @@
     <CodeAnalysisRuleSet>MinimumRecommendedRules.ruleset</CodeAnalysisRuleSet>
   </PropertyGroup>
   <ItemGroup>
-    <Reference Include="API.Library, Version=4.1.2, Culture=neutral, processorArchitecture=MSIL">
+    <Reference Include="API.Library, Version=4.1.3, Culture=neutral, processorArchitecture=MSIL">
       <SpecificVersion>False</SpecificVersion>
-      <HintPath>..\packages\API.Library.4.1.2\API.Library.dll</HintPath>
+      <HintPath>..\packages\API.Library.4.1.3\API.Library.dll</HintPath>
     </Reference>
     <Reference Include="Enyim.Caching, Version=2.16.0.0, Culture=neutral, PublicKeyToken=cec98615db04012e, processorArchitecture=MSIL">
       <HintPath>..\packages\EnyimMemcached.2.16.0\lib\net35\Enyim.Caching.dll</HintPath>