/// <summary> /// Writes the user current session. /// </summary> public static void UpdateUserSession(HttpContextBase context, LiveLoginResult loginResult, string requestTs) { if (context == null) { return; } Debug.Assert(loginResult != null); Dictionary <string, string> cookieValues = new Dictionary <string, string>(); HttpCookie cookie = context.Request.Cookies[AuthCookie]; HttpCookie newCookie = new HttpCookie(AuthCookie); newCookie.Path = "/"; string host = context.Request.Headers["Host"]; newCookie.Domain = host.Split(':')[0]; if (cookie != null && cookie.Values != null) { foreach (string key in cookie.Values.AllKeys) { newCookie.Values[key] = cookie[key]; } } LiveConnectSession session = loginResult.Session; if (session != null) { newCookie.Values[AuthConstants.AccessToken] = Uri.EscapeDataString(session.AccessToken); newCookie.Values[AuthConstants.AuthenticationToken] = Uri.EscapeDataString(session.AuthenticationToken); newCookie.Values[AuthConstants.Scope] = Uri.EscapeDataString(LiveAuthUtility.BuildScopeString(session.Scopes)); newCookie.Values[AuthConstants.ExpiresIn] = Uri.EscapeDataString(LiveAuthWebUtility.GetExpiresInString(session.Expires)); newCookie.Values[AuthConstants.Expires] = Uri.EscapeDataString(LiveAuthWebUtility.GetExpiresString(session.Expires)); } LiveConnectSessionStatus status; if (!string.IsNullOrEmpty(newCookie[AuthConstants.AccessToken])) { // We have an access token, so it is connected, regardless expired or not // since it is handled after loading the session in both Asp.Net and JS library. status = LiveConnectSessionStatus.Connected; } else { status = loginResult.Status; if (loginResult.Status == LiveConnectSessionStatus.Unknown) { // If we recorded NotConnected previously, keep it. LiveConnectSessionStatus statusFromCookie; if (Enum.TryParse <LiveConnectSessionStatus>( newCookie[AuthConstants.Status], true /*ignore case*/, out statusFromCookie)) { if (statusFromCookie == LiveConnectSessionStatus.NotConnected) { status = statusFromCookie; } } } } newCookie.Values[AuthConstants.Status] = GetStatusString(status); // Needs to write error to inform the JS library. LiveAuthException authError = loginResult.Error as LiveAuthException; if (authError != null) { newCookie.Values[AuthConstants.Error] = Uri.EscapeDataString(authError.ErrorCode); newCookie.Values[AuthConstants.ErrorDescription] = HttpUtility.UrlPathEncode(authError.Message); } else if (status != LiveConnectSessionStatus.Connected) { newCookie.Values[AuthConstants.Error] = Uri.EscapeDataString(AuthErrorCodes.AccessDenied); newCookie.Values[AuthConstants.ErrorDescription] = HttpUtility.UrlPathEncode("Cannot retrieve access token."); } if (!string.IsNullOrEmpty(requestTs)) { newCookie.Values[AuthConstants.ClientRequestTs] = requestTs; } context.Response.Cookies.Add(newCookie); }