We have a authentication/authorization service that we need to use in our WCF services. I've implemented custom client/service credentials, along with corresponding tokens and supporting classes. Everything works except for one thing.
Part of the requirement is that we can define authorization roles on the service method (via an attribute), and those roles will be sent along with the user information to the auth service, which response with a success/fail message.
I tried implementing the following:
DispatchOperation operation = OperationContext.Current.EndpointDispatcher.DispatchRuntime.Operations.FirstOrDefault(o => o.Action == action);
if (operation != default(DispatchOperation))
{
Type hostType = OperationContext.Current.Host.Description.ServiceType;
MethodInfo method = hostType.GetMethod(operation.Name);
RegistryAuthGroupAttribute authGroupAttribute = (RegistryAuthGroupAttribute)method.GetCustomAttribute(typeof(RegistryAuthGroupAttribute));
if (authGroupAttribute != null)
{
return authGroupAttribute.AuthGroup;
}
}
This would would splendidly... if the OperationContext.Current wasn't always null (Found out it doesn't get populated until after authentication happens.
Do I have any other options for getting the ServiceType of the target endpoint during/before the authentication phase? I thought about using a message interceptor, but am not sure how I'd go about taking the xml specifying the endpoint and use it to look up the ServiceType.