1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
|
//-----------------------------------------------------------------------
// <copyright file="OpenAuthAuthenticationTicketHelper.cs" company="Microsoft">
// Copyright (c) Microsoft. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
namespace DotNetOpenAuth.AspNet {
using System;
using System.Diagnostics;
using System.Web;
using System.Web.Security;
/// <summary>
/// Helper methods for setting and retrieving a custom forms authentication ticket for delegation protocols.
/// </summary>
internal static class OpenAuthAuthenticationTicketHelper {
#region Constants and Fields
/// <summary>
/// The open auth cookie token.
/// </summary>
private const string OpenAuthCookieToken = "OAuth";
#endregion
#region Public Methods and Operators
/// <summary>
/// Checks whether the specified HTTP request comes from an authenticated user.
/// </summary>
/// <param name="context">
/// The context.
/// </param>
/// <returns>True if the reuest is authenticated; false otherwise.</returns>
public static bool IsValidAuthenticationTicket(HttpContextBase context) {
HttpCookie cookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie == null) {
return false;
}
string encryptedCookieData = cookie.Value;
if (string.IsNullOrEmpty(encryptedCookieData)) {
return false;
}
try {
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(encryptedCookieData);
return authTicket != null && !authTicket.Expired && authTicket.UserData == OpenAuthCookieToken;
} catch (ArgumentException) {
return false;
}
}
/// <summary>
/// Adds an authentication cookie to the user agent in the next HTTP response.
/// </summary>
/// <param name="context">
/// The context.
/// </param>
/// <param name="userName">
/// The user name.
/// </param>
/// <param name="createPersistentCookie">
/// A value indicating whether the cookie should persist across sessions.
/// </param>
public static void SetAuthenticationTicket(HttpContextBase context, string userName, bool createPersistentCookie) {
if (!context.Request.IsSecureConnection && FormsAuthentication.RequireSSL) {
throw new HttpException(WebResources.ConnectionNotSecure);
}
HttpCookie cookie = GetAuthCookie(userName, createPersistentCookie);
context.Response.Cookies.Add(cookie);
}
#endregion
#region Methods
/// <summary>
/// Creates an HTTP authentication cookie.
/// </summary>
/// <param name="userName">
/// The user name.
/// </param>
/// <param name="createPersistentCookie">
/// A value indicating whether the cookie should last across sessions.
/// </param>
/// <returns>An authentication cookie.</returns>
private static HttpCookie GetAuthCookie(string userName, bool createPersistentCookie) {
Requires.NotNullOrEmpty(userName, "userName");
var ticket = new FormsAuthenticationTicket(
/* version */
2,
userName,
DateTime.Now,
DateTime.Now.Add(FormsAuthentication.Timeout),
createPersistentCookie,
OpenAuthCookieToken,
FormsAuthentication.FormsCookiePath);
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
if (encryptedTicket == null || encryptedTicket.Length < 1) {
throw new HttpException(WebResources.FailedToEncryptTicket);
}
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) {
HttpOnly = true,
Path = FormsAuthentication.FormsCookiePath,
Secure = FormsAuthentication.RequireSSL
};
if (FormsAuthentication.CookieDomain != null) {
cookie.Domain = FormsAuthentication.CookieDomain;
}
if (ticket.IsPersistent) {
cookie.Expires = ticket.Expiration;
}
return cookie;
}
#endregion
}
}
|
