diff options
| author | Microsoft <aspnet@microsoft.com> | 2011-12-08 15:50:14 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-03-01 19:35:54 -0800 |
| commit | 67e1a42ffe2ed7ac2bf99c703f17e4406cc35921 (patch) | |
| tree | b117701274fea4bb5cfb1342c7ba20605fbaf13d /src/DotNetOpenAuth.Web/OAuthAuthenticationTicketHelper.cs | |
| parent | 8f4165ee515728aca3faaa26e8354a40612e85e4 (diff) | |
| download | DotNetOpenAuth-67e1a42ffe2ed7ac2bf99c703f17e4406cc35921.zip DotNetOpenAuth-67e1a42ffe2ed7ac2bf99c703f17e4406cc35921.tar.gz DotNetOpenAuth-67e1a42ffe2ed7ac2bf99c703f17e4406cc35921.tar.bz2 | |
Add DotNetOpenAuth.Web and DotNetOpenAut.WebPages projects. Add commands to build nuget packages for DNOA.
Diffstat (limited to 'src/DotNetOpenAuth.Web/OAuthAuthenticationTicketHelper.cs')
| -rw-r--r-- | src/DotNetOpenAuth.Web/OAuthAuthenticationTicketHelper.cs | 88 |
1 files changed, 88 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.Web/OAuthAuthenticationTicketHelper.cs b/src/DotNetOpenAuth.Web/OAuthAuthenticationTicketHelper.cs new file mode 100644 index 0000000..ba351d0 --- /dev/null +++ b/src/DotNetOpenAuth.Web/OAuthAuthenticationTicketHelper.cs @@ -0,0 +1,88 @@ +using System; +using System.Diagnostics; +using System.Web; +using System.Web.Security; +using DotNetOpenAuth.Web.Resources; + +namespace DotNetOpenAuth.Web +{ + internal static class OAuthAuthenticationTicketHelper + { + private const string OAuthCookieToken = "OAuth"; + + public static void SetAuthenticationTicket(HttpContextBase context, string userName, bool createPersistentCookie) + { + if (!context.Request.IsSecureConnection && FormsAuthentication.RequireSSL) + { + throw new HttpException(WebResources.ConnectionNotSecure); + } + + HttpCookie cookie = GetAuthCookie(userName, createPersistentCookie); + context.Response.Cookies.Add(cookie); + } + + public static bool IsOAuthAuthenticationTicket(HttpContextBase context) + { + HttpCookie cookie = context.Request.Cookies[FormsAuthentication.FormsCookieName]; + if (cookie == null) + { + return false; + } + + string encryptedCookieData = cookie.Value; + if (String.IsNullOrEmpty(encryptedCookieData)) + { + return false; + } + + try + { + FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(encryptedCookieData); + return authTicket != null && !authTicket.Expired && authTicket.UserData == OAuthCookieToken; + } + catch (ArgumentException) + { + return false; + } + } + + private static HttpCookie GetAuthCookie(string userName, bool createPersistentCookie) + { + Debug.Assert(!String.IsNullOrEmpty(userName)); + + var ticket = new FormsAuthenticationTicket( + /* version */ 2, + userName, + DateTime.Now, + DateTime.Now.Add(FormsAuthentication.Timeout), + createPersistentCookie, + OAuthCookieToken, + FormsAuthentication.FormsCookiePath); + + string encryptedTicket = FormsAuthentication.Encrypt(ticket); + if (encryptedTicket == null || encryptedTicket.Length < 1) + { + throw new HttpException(WebResources.FailedToEncryptTicket); + } + + var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) + { + HttpOnly = true, + Path = FormsAuthentication.FormsCookiePath, + Secure = FormsAuthentication.RequireSSL + }; + + if (FormsAuthentication.CookieDomain != null) + { + cookie.Domain = FormsAuthentication.CookieDomain; + } + + if (ticket.IsPersistent) + { + cookie.Expires = ticket.Expiration; + } + + return cookie; + } + } +}
\ No newline at end of file |