When implementing an IAuthenticationFilter, in the AuthenticateAsync method you can return one of the out of the box implemented classes: SuccessfullAuthenticationResult or FailedAuthenticationResult to signal the result of the operation.
However, the possibles outcomes of the AuthenticateAsync method are really three:
Success: Meaning that the authentication information was present on the request and was correct.
Failure: Meaning that the authentication information was present on the request but was incorrect.
Empty: Meaning that there is no authentication information on the request.
In order to signal this third state, the user can return Task.FromResult(null), but this is confusing as there are classes for the other two states and there is no easy way to know that returning null will just work.
Its more clear to have an explicit class EmptyAuthenticationResult that the user can return when creating his own authentication filter.
The resulting implementation will look like in pseudocode:
```
public Task<IAuthenticationResult> AuthenticateAsync(params)
{
if(requestContainsAuthenticationInformation){
if(authenticationInfo)
{
return new SucessfulAuthentication(principal);
}
else
{
return new FailedAuthentication(error);
}
}
return new EmptyAuthenticationResult();
}
```
However, the possibles outcomes of the AuthenticateAsync method are really three:
Success: Meaning that the authentication information was present on the request and was correct.
Failure: Meaning that the authentication information was present on the request but was incorrect.
Empty: Meaning that there is no authentication information on the request.
In order to signal this third state, the user can return Task.FromResult(null), but this is confusing as there are classes for the other two states and there is no easy way to know that returning null will just work.
Its more clear to have an explicit class EmptyAuthenticationResult that the user can return when creating his own authentication filter.
The resulting implementation will look like in pseudocode:
```
public Task<IAuthenticationResult> AuthenticateAsync(params)
{
if(requestContainsAuthenticationInformation){
if(authenticationInfo)
{
return new SucessfulAuthentication(principal);
}
else
{
return new FailedAuthentication(error);
}
}
return new EmptyAuthenticationResult();
}
```