Beispiel #1
0
 public static void Serialize(AntiForgeryToken token, Stream stream)
 {
     using (BinaryWriter writer = new BinaryWriter(stream))
     {
         writer.Write(token.Username);
         writer.Write(token.IPAddress);
         writer.Write(token.ExpiresOn.Ticks);
         writer.Write(token.Random);
     }
 }
 public static void Serialize(AntiForgeryToken token, Stream stream)
 {
     using (BinaryWriter writer = new BinaryWriter(stream))
     {
         writer.Write(token.Username);
         writer.Write(token.IPAddress);
         writer.Write(token.ExpiresOn.Ticks);
         writer.Write(token.Random);
     }
 }
Beispiel #3
0
        public static bool ValidateAuthToken(AntiForgeryToken antiForgeryToken, TimeSpan validityPeriod)
        {
            if (DateTime.UtcNow > antiForgeryToken.ExpiresOn)
            {
                return false;
            }

            string callerIPAddress = GetCallerIPAddress();

            if (!string.Equals(callerIPAddress, antiForgeryToken.IPAddress))
            {
                return false;
            }

            return true;
        }
Beispiel #4
0
        public static bool ValidateAntiForgeryToken(string token, out AntiForgeryToken antiForgeryToken)
        {
            byte[] tokenBytes = EncryptionHelper.DecryptAntiForgeryToken(Convert.FromBase64String(token));

            using (MemoryStream memoryStream = new MemoryStream(tokenBytes))
            {
                antiForgeryToken = AntiForgeryToken.Deserialize(memoryStream);
            }

            return ValidateAuthToken(antiForgeryToken, Settings.Default.AntiForgeryTokenExpiryInterval);
        }
Beispiel #5
0
        public static string NewAntiForgeryToken(string username)
        {
            AntiForgeryToken antiForgeryToken = new AntiForgeryToken(username, GetCallerIPAddress(),
                DateTime.UtcNow + Settings.Default.AntiForgeryTokenExpiryInterval,
                Common.Helpers.RandomHelper.RandomLong());

            return Convert.ToBase64String(EncryptionHelper.EncryptAntiForgeryToken(antiForgeryToken.AsBytes()));
        }