public static bool SetAuthCookie(OSHttpRequest httpRequest, OSHttpResponse httpResponse, Uri identity, string consumer) { bool permissionGranted = false; HttpCookie cookie = (httpRequest.Cookies != null) ? httpRequest.Cookies["cb_auth"] : null; AuthCookie authCookie; string cookieKey; // Check for an existing cookie pointing to valid server-side cached info if (cookie != null && AuthCookies.TryGetValue(cookie.Value, out authCookie)) { cookieKey = cookie.Value; // TODO: Linear search could be eliminated with a HashSet<> if (authCookie.AuthedRealms.Contains(consumer)) permissionGranted = true; } else { // Create a new cookie cookieKey = UUID.Random().ToString(); authCookie = new AuthCookie(cookieKey, identity); } // Cookie will expire in five days DateTime cookieExpiration = DateTime.Now + TimeSpan.FromDays(5.0); // Set cookie information on the server side and in the client response AuthCookies.AddOrUpdate(cookieKey, authCookie, cookieExpiration); HttpCookie responseCookie = new HttpCookie("cb_auth", cookieKey); responseCookie.Expires = cookieExpiration; httpResponse.SetCookie(responseCookie); return permissionGranted; }
void SetCookie(OSHttpResponse httpResponse, Uri identity, UserProfileData profile) { string cookieKey = UUID.Random().ToString(); // Cookie will expire in five days DateTime cookieExpiration = DateTime.Now + TimeSpan.FromDays(5.0); // Cache the server-side data CableBeachState.AuthCookies.AddOrUpdate(cookieKey, new AuthCookie(cookieKey, identity, profile), cookieExpiration); // Create the cookie HttpCookie responseCookie = new HttpCookie("cb_openid_auth", cookieKey); responseCookie.Expires = cookieExpiration; httpResponse.SetCookie(responseCookie); }