Beispiel #1
0
        public static Boolean CheckAndPunchTicket(HttpContext httpContext, String ServiceURL, String ticketKey, out ServiceUser t)
        {
            try
            {
                t = null;
                String[] parts = ticketKey.Split(new char[] { '-' }, StringSplitOptions.RemoveEmptyEntries);
                if (parts.Length != 4)
                {
                    return false;
                }
                if (!String.Equals(parts[0], "TRUST"))
                {
                    return false;
                }
                DateTime dateTimeCheck = DateTime.Now;
                if (!DateTime.TryParseExact(parts[1], "MMddyyyyHHmmss", System.Globalization.DateTimeFormatInfo.CurrentInfo, System.Globalization.DateTimeStyles.None, out dateTimeCheck) ||
                    dateTimeCheck.AddMinutes(1.0) < DateTime.Now)
                {
                    return false;
                }
                if (String.IsNullOrWhiteSpace(parts[2]) || parts[2].Length != 21)
                {
                    return false;
                }

                if (!String.Equals(parts[3], "ticket"))
                {
                    return false;
                }

                // load ticket from context cache
                ServiceUser ticket = httpContext.Cache.Get(ticketKey) as ServiceUser;
                if (ticket == null)
                {
                    return false;
                }

                if (!String.Equals(ticket.serviceURL, ServiceURL))
                {
                    return false;
                }
                // return ticket data
                t = ticket;
                return true;
            }
            finally
            {
                Conductor.PunchTicket(httpContext, ticketKey);
            }
        }
Beispiel #2
0
        public static String IssueTicket(HttpContext httpContext, ServiceUser serviceUser)
        {
            // create 120 bit random data
            Byte[] rdata = new Byte[15];
            Random random = new Random(Convert.ToInt32(DateTime.Now.Ticks % Int32.MaxValue));
            random.NextBytes(rdata);

            // convert random data to an URL save token of 20 characters length
            String TicketToken = HttpServerUtility.UrlTokenEncode(rdata);

            // build the ticket Key
            String TicketKey = "TRUST-" + DateTime.Now.ToString("MMddyyyyHHmmss") + "-" + TicketToken + "-ticket";

            // store ticket in context cache
            httpContext.Cache.Add(TicketKey, serviceUser, null, DateTime.Now.AddMinutes(1.0), Cache.NoSlidingExpiration, CacheItemPriority.Normal, null);

            return TicketKey;
        }
Beispiel #3
0
        protected void Page_Load(Object sender, EventArgs e)
        {
            this.usernameValidation.Visible = false;
            this.passphraseValidation.Visible = false;
            this.LoginValidationSummary.Visible = false;
            this.LoginValidationSummary.Text = String.Empty;

            if (!String.Equals(this.Request.HttpMethod, "post", StringComparison.InvariantCultureIgnoreCase))
            { return; }

            if (this.Page.IsPostBack)
            {

                if (!Regex.IsMatch(this.Request.Form["anonym"], "^[a-zA-Z.0-9]{5,20}$"))
                {
                    this.usernameValidation.Visible = true;
                    this.LoginValidationSummary.Visible = true;
                    this.LoginValidationSummary.Text = "Username must be 5-20 alphanumeric characters.";
                }

                if (!Regex.IsMatch(this.Request.Form["plainText1"], "^[a-zA-Z.0-9]{3,7}$") ||
                    !Regex.IsMatch(this.Request.Form["plainText2"], "^[a-zA-Z.0-9]{3,7}$") ||
                    !Regex.IsMatch(this.Request.Form["plainText3"], "^[a-zA-Z.0-9]{3,7}$") ||
                    !Regex.IsMatch(this.Request.Form["plainText4"], "^[a-zA-Z.0-9]{3,7}$"))
                {
                    this.passphraseValidation.Visible = true;
                    this.LoginValidationSummary.Visible = true;
                    this.LoginValidationSummary.Text += (!String.IsNullOrWhiteSpace(this.LoginValidationSummary.Text) ? "<br/>" : String.Empty) + "Each passphrase word must be 3-7 alphanumeric characters.";
                }
                if (!LoginValidationSummary.Visible)
                {
                    if (UserAuthenticator.Authenticate(this.Request.Form["anonym"], this.Request.Form["plainText1"], this.Request.Form["plainText2"], this.Request.Form["plainText3"], this.Request.Form["plainText4"]))
                    {
                        this.TrustSignin(this.Request.Form["anonym"]);
                    }
                    else
                    {
                        this.LoginValidationSummary.Visible = true;
                        this.LoginValidationSummary.Text += (!String.IsNullOrWhiteSpace(this.LoginValidationSummary.Text) ? "<br/>" : String.Empty) + "Could not validate username and/or passphrase.";
                    }
                }
            }

            if (System.Web.HttpContext.Current.User.Identity != null
             && System.Web.HttpContext.Current.User.Identity.IsAuthenticated
             && System.Web.HttpContext.Current.User.Identity.AuthenticationType == "Forms")
            {
                String upn = System.Web.HttpContext.Current.User.Identity.Name;
                if (!String.IsNullOrWhiteSpace(upn))
                {
                    String service = Request.QueryString["service"];
                    if (!String.IsNullOrWhiteSpace(service))
                    {
                        Uri serviceHostChecker = null;
                        Uri.TryCreate(service, UriKind.RelativeOrAbsolute, out serviceHostChecker);
                        if (serviceHostChecker != null
                         && serviceHostChecker.IsAbsoluteUri
                         && ServiceHosts.whiteList.Contains(serviceHostChecker.Host))
                        {
                            // as an aside, check sign out rules
                            ServiceUser _user = new ServiceUser(service, upn);
                            String ticketKey = Conductor.IssueTicket(this.Context, _user);

                            String returnServiceUrl = service + (!service.Contains('?') ? "?ticket=" + ticketKey : "&ticket=" + ticketKey);

                            this.Response.Redirect(returnServiceUrl, false);
                            this.Context.ApplicationInstance.CompleteRequest();
                        }
                    }
                }
            }
        }