/// <summary>
/// Used by server to validate the signature using PPK.
/// </summary>
/// <param name="domainId"></param>
/// <param name="memberId"></param>
/// <param name="signed"></param>
/// <param name="ctx"></param>
static public void VerifyWithPPK(string domainId, string memberId, byte[] signed, HttpContext ctx)
{
Simias.Authentication.Session simiasSession;
Simias.Storage.Domain domain = null;
Simias.Storage.Member member = null;
Store store = Store.GetStore();
ctx.Response.Cache.SetCacheability(HttpCacheability.NoCache);
domain = store.GetDomain(domainId);
if (domain == null)
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Invalid Domain";
ctx.ApplicationInstance.CompleteRequest();
return;
}
member = domain.GetMemberByID(memberId);
if (member == null)
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Invalid Member";
ctx.ApplicationInstance.CompleteRequest();
return;
}
if (ctx.Session == null)
{
// Must have a session.
ctx.Response.StatusCode = 401;
ctx.Response.AddHeader(
"WWW-Authenticate",
String.Concat("Basic realm=\"", domain.Name, "\""));
ctx.ApplicationInstance.CompleteRequest();
return;
}
simiasSession = ctx.Session[sessionTag] as Simias.Authentication.Session;
if (simiasSession != null)
{
ctx.User = simiasSession.User;
}
if (ctx.User.Identity.IsAuthenticated == false)
{
// Validate signature.
string nonce = (string)ctx.Session[NonceKey];
byte[] nonceBytes = Nonce.GetBytes(nonce);
if (member.PublicKey.VerifyData(nonceBytes, new SHA1CryptoServiceProvider(), signed))
{
simiasSession = new Simias.Authentication.Session();
simiasSession.MemberID = member.UserID;
simiasSession.Requests++;
ctx.Session[sessionTag] = simiasSession;
// Setup a principal
simiasSession.User =
new GenericPrincipal(
new GenericIdentity(
member.UserID,
PpkType),
hostRoles);
ctx.User = simiasSession.User;
Thread.CurrentPrincipal = ctx.User;
// Set the last login time for the user.
SetLastLoginTime(domain, member);
}
else
{
// Failed
ctx.Response.StatusCode = 401;
ctx.Response.AddHeader(
"WWW-Authenticate",
String.Concat("Basic realm=\"", domain.Name, "\""));
ctx.ApplicationInstance.CompleteRequest();
return;
}
}
else
{
simiasSession.Requests++;
Thread.CurrentPrincipal = ctx.User;
member = domain.GetMemberByID(simiasSession.MemberID);
}
}
/// <summary>
/// Summary description for Http
/// </summary>
/// <param name="domainID"></param>
/// <param name="ctx"></param>
static public Simias.Storage.Member GetMember(string domainID, HttpContext ctx)
{
Simias.Authentication.Session simiasSession;
Simias.Authentication.Status status;
Simias.Storage.Domain domain = null;
Simias.Storage.Member member = null;
Store store = Store.GetStore();
ctx.Response.Cache.SetCacheability(HttpCacheability.NoCache);
//
// Look for the special domain ID header in the request. If the
// header doesn't exist use the default domain
//
if ((domainID != null) && (domainID != String.Empty))
{
domain = store.GetDomain(domainID);
}
if (domain == null)
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Invalid Domain";
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
if (ctx.Session != null)
{
simiasSession = ctx.Session[sessionTag] as Simias.Authentication.Session;
if (simiasSession != null)
{
ctx.User = simiasSession.User;
}
if (ctx.User.Identity.IsAuthenticated == false)
{
status = DomainProvider.Authenticate(domain, ctx);
if (status.statusCode != StatusCodes.Success &&
status.statusCode != StatusCodes.SuccessInGrace)
{
Simias.Authentication.Http.SetResponseHeaders(ctx, status);
if (ctx.Response.StatusCode == 401)
{
ctx.Response.AddHeader(
"WWW-Authenticate",
String.Concat("Basic realm=\"", domain.Name, "\""));
}
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
// Authentication modules are required to set the member's
// userID on successful authentication - let's make sure
if (status.UserID == null || status.UserID == "")
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Unknown UserID";
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
member = domain.GetMemberByID(status.UserID);
if (member == null)
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Unknown Member in Domain";
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
if (status.statusCode == StatusCodes.SuccessInGrace ||
status.statusCode == StatusCodes.Success)
{
Simias.Authentication.Http.SetResponseHeaders(ctx, status);
}
simiasSession = new Simias.Authentication.Session();
simiasSession.MemberID = member.UserID;
simiasSession.Requests++;
ctx.Session[sessionTag] = simiasSession;
// Setup a principal
simiasSession.User =
new GenericPrincipal(
new GenericIdentity(
member.UserID,
"Basic authentication"),
rolesArray);
ctx.User = simiasSession.User;
Thread.CurrentPrincipal = ctx.User;
// Set the last login time for the user.
SetLastLoginTime(domain, member);
}
else
{
simiasSession.Requests++;
Thread.CurrentPrincipal = ctx.User;
member = domain.GetMemberByID(simiasSession.MemberID);
}
}
else
{
// No session exists so "authenticate" every request
status = DomainProvider.Authenticate(domain, ctx);
if (status.statusCode != StatusCodes.Success &&
status.statusCode != StatusCodes.SuccessInGrace)
{
Simias.Authentication.Http.SetResponseHeaders(ctx, status);
if (ctx.Response.StatusCode == 401)
{
ctx.Response.AddHeader(
"WWW-Authenticate",
String.Concat("Basic realm=\"", domain.Name, "\""));
}
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
// Authentication modules are required to set the member's
// userID on successful authentication - let's make sure
if (status.UserID == null || status.UserID == "")
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Unknown UserID-2";
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
member = domain.GetMemberByID(status.UserID);
if (member == null)
{
ctx.Response.StatusCode = 500;
ctx.Response.StatusDescription = "Unknown Member in Domain-2";
ctx.ApplicationInstance.CompleteRequest();
return(null);
}
// Setup a principal
ctx.User =
new GenericPrincipal(
new GenericIdentity(
member.UserID,
"Basic authentication"),
rolesArray);
Thread.CurrentPrincipal = ctx.User;
// Set the last login time for the user.
SetLastLoginTime(domain, member);
}
return(member);
}
