protected override void SaveSharePointContext(SharePointContext spContext, HttpContextBase httpContext)
{
SharePointAcsSerializableContext spAcsContext = spContext as SharePointAcsSerializableContext;
if (spAcsContext != null)
{
HttpCookie spCacheKeyCookie = new HttpCookie(SPCacheKeyKey)
{
Value = spAcsContext.CacheKey,
Secure = true,
HttpOnly = true
};
httpContext.Response.AppendCookie(spCacheKeyCookie);
}
httpContext.Session[SPContextKey] = spAcsContext;
}
protected override bool ValidateSharePointContext(SharePointContext spContext, HttpContextBase httpContext)
{
SharePointAcsSerializableContext spAcsContext = spContext as SharePointAcsSerializableContext;
if (spAcsContext != null)
{
Uri spHostUrl = SharePointContext.GetSPHostUrl(httpContext.Request);
var contextTokenFromRequest = TokenHelper.GetContextTokenFromRequest(httpContext.Request);
HttpCookie spCacheKeyCookie = httpContext.Request.Cookies[SPCacheKeyKey];
string spCacheKey = spCacheKeyCookie != null ? spCacheKeyCookie.Value : null;
var urlsMatch = (spHostUrl == spAcsContext.SPHostUrl);
var cacheKeysMatch = !string.IsNullOrEmpty(spAcsContext.CacheKey) &&
spCacheKey == spAcsContext.CacheKey;
var contextTokensMatch = string.IsNullOrEmpty(spAcsContext.ContextToken) ||
string.IsNullOrEmpty(contextTokenFromRequest) ||
contextTokenFromRequest == spAcsContext.ContextToken;
return(urlsMatch && cacheKeysMatch && contextTokensMatch);
}
return(false);
}
