private void RenewCookieIfExpiring(HttpContext context, CookieProtector protector, AuthenticationCookie authenticationCookie)
{
if (!_configuration.SlidingExpiration || !authenticationCookie.IsExpired(TimeSpan.FromTicks(_configuration.Timeout.Ticks / 2)))
{
return;
}
authenticationCookie.Renew();
context.Response.Cookies.Remove(_configuration.CookieName);
var newCookie = new HttpCookie(_configuration.CookieName, protector.Protect(authenticationCookie.Serialize()))
{
HttpOnly = true,
Secure = _configuration.RequireSSL,
};
if (!string.IsNullOrEmpty(_configuration.Domain))
{
newCookie.Domain = _configuration.Domain;
}
var expireDateTime = authenticationCookie.IssueDate + _configuration.Timeout;
if (authenticationCookie.Persistent)
{
newCookie.Expires = expireDateTime;
}
context.Response.Cookies.Add(newCookie);
RenewTrackExpireTimeCookie(context, expireDateTime);
}
public void SetCookie(string username, bool persistent = false, string[] roles = null, byte[] tag = null, DateTime?explicitExpiry = null)
{
var cookie = new AuthenticationCookie(0, Guid.NewGuid(), persistent, username, roles, tag);
using (var protector = new CookieProtector(_configuration))
{
var httpCookie = new HttpCookie(_configuration.CookieName, protector.Protect(cookie.Serialize()))
{
HttpOnly = true,
Secure = _configuration.RequireSSL,
};
if (!string.IsNullOrEmpty(_configuration.Domain))
{
httpCookie.Domain = _configuration.Domain;
}
if (persistent)
{
if (explicitExpiry.HasValue)
{
httpCookie.Expires = explicitExpiry.Value;
}
else
{
httpCookie.Expires = cookie.IssueDate + _configuration.Timeout;
}
}
_context.Response.Cookies.Add(httpCookie);
}
}
public void SetCookie(string username, bool persistent = false, string[] roles = null, byte[] tag = null, DateTime? explicitExpiry = null)
{
var cookie = new AuthenticationCookie(0, Guid.NewGuid(), persistent, username, roles, tag);
using (var protector = new CookieProtector(_configuration))
{
var httpCookie = new HttpCookie(_configuration.CookieName, protector.Protect(cookie.Serialize()))
{
HttpOnly = true,
Secure = _configuration.RequireSSL,
};
if (!string.IsNullOrEmpty(_configuration.Domain))
{
httpCookie.Domain = _configuration.Domain;
}
if (persistent)
{
DateTime expireDateTime;
if (explicitExpiry.HasValue)
{
expireDateTime = explicitExpiry.Value;
}
else
{
expireDateTime = cookie.IssueDate + _configuration.Timeout;
}
httpCookie.Expires = expireDateTime;
SetExpireTimeTrackingCookie(expireDateTime);
}
_context.Response.Cookies.Add(httpCookie);
}
}
public CookieIdentity(AuthenticationCookie cookie)
{
if (cookie == null)
{
throw new ArgumentNullException("cookie");
}
_cookie = cookie;
}
public CookieIdentity(AuthenticationCookie cookie)
{
if (cookie == null)
{
throw new ArgumentNullException("cookie");
}
_cookie = cookie;
}
public byte[] GetTagData()
{
var cookie = _context.Request.Cookies[_configuration.CookieName];
if (cookie != null)
{
using (var protector = new CookieProtector(_configuration))
{
byte[] data;
protector.Validate(cookie.Value, out data);
var authenticationCookie = AuthenticationCookie.Deserialize(data);
return(authenticationCookie.Tag);
}
}
return(null);
}
public void SetCookie(ClaimsIdentity identity, bool persistent = false)
{
var cookie = new AuthenticationCookie(0, Guid.NewGuid(), persistent, identity);
using (var protector = new CookieProtector(_configuration))
{
var httpCookie = new HttpCookie(_configuration.CookieName, protector.Protect(cookie.Serialize()))
{
HttpOnly = true,
Secure = _configuration.RequireSSL,
};
if (persistent)
{
httpCookie.Expires = cookie.IssueDate + _configuration.Timeout;
}
_context.Response.Cookies.Add(httpCookie);
}
}
public void SetCookie(string username, bool persistent = false, string[] roles = null, byte[] tag = null)
{
var cookie = new AuthenticationCookie(0, Guid.NewGuid(), persistent, username, roles, tag);
using (var protector = new CookieProtector(_configuration))
{
var httpCookie = new HttpCookie(_configuration.CookieName, protector.Protect(cookie.Serialize()))
{
HttpOnly = true,
Secure = _configuration.RequireSSL,
};
if (!persistent)
{
httpCookie.Expires = cookie.IssueDate + _configuration.Timeout;
}
_context.Response.Cookies.Add(httpCookie);
}
}
public void SetCookie(ClaimsIdentity identity, bool persistent = false)
{
var cookie = new AuthenticationCookie(0, Guid.NewGuid(), persistent, identity);
using (var protector = new CookieProtector(_configuration))
{
var httpCookie = new HttpCookie(_configuration.CookieName, protector.Protect(cookie.Serialize()))
{
HttpOnly = true,
Secure = _configuration.RequireSSL,
};
if (persistent)
{
httpCookie.Expires = cookie.IssueDate + _configuration.Timeout;
}
_context.Response.Cookies.Add(httpCookie);
}
}
public void SetCookie(string username, bool persistent = false, string[] roles = null, byte[] tag = null)
{
var cookie = new AuthenticationCookie(0, Guid.NewGuid(), persistent, username, roles, tag);
using (var protector = new CookieProtector(_configuration))
{
var httpCookie = new HttpCookie(_configuration.CookieName, protector.Protect(cookie.Serialize()))
{
HttpOnly = true,
Secure = _configuration.RequireSSL,
};
if (!persistent)
{
httpCookie.Expires = cookie.IssueDate + _configuration.Timeout;
}
_context.Response.Cookies.Add(httpCookie);
}
}
private void OnAuthenticateRequest(object sender, EventArgs e)
{
var context = ((HttpApplication)sender).Context;
var cookie = context.Request.Cookies[_configuration.CookieName];
if (cookie != null)
{
var protector = new CookieProtector(_configuration);
try
{
byte[] data;
var cookieData = protector.Validate(cookie.Value, out data);
var authenticationCookie = AuthenticationCookie.Deserialize(data);
if (!authenticationCookie.IsExpired(_configuration.Timeout))
{
context.User = authenticationCookie.GetPrincipal();
RenewCookieIfExpiring(context, protector, authenticationCookie);
}
}
catch
{
// do not leak any information if an exception was thrown.
// simply don't set the context.User property.
}
finally
{
if (protector != null)
{
protector.Dispose();
}
}
}
if (IsLoginPage(context.Request))
{
context.SkipAuthorization = true;
}
}
private void RenewCookieIfExpiring(HttpContext context, CookieProtector protector, AuthenticationCookie authenticationCookie)
{
if (!_configuration.SlidingExpiration || !authenticationCookie.IsExpired(TimeSpan.FromTicks(_configuration.Timeout.Ticks / 2)))
{
return;
}
authenticationCookie.Renew();
context.Response.Cookies.Remove(_configuration.CookieName);
var newCookie = new HttpCookie(_configuration.CookieName, protector.Protect(authenticationCookie.Serialize()))
{
HttpOnly = true,
Secure = _configuration.RequireSSL,
};
if (!authenticationCookie.Persistent)
{
newCookie.Expires = authenticationCookie.IssueDate + _configuration.Timeout;
}
context.Response.Cookies.Add(newCookie);
}
