// gets cached credentials from the isolated storage
private static IEnumerable <CachedCredential> GetCachedCredentials()
{
var cachedCredentials = new List <CachedCredential>();
try
{
using (var isoStore = GetStore())
{
if (isoStore.FileExists(CredentialFilePath))
{
using (var reader = new StreamReader(isoStore.OpenFile(CredentialFilePath, FileMode.Open, FileAccess.Read)))
{
string url;
while (!string.IsNullOrEmpty(url = reader.ReadLine()))
{
var credentialStorage = new CachedCredential {
Url = url, UserName = reader.ReadLine(), Password = Decrypt(reader.ReadLine())
};
// remove duplicates
foreach (var sc in cachedCredentials.Where(c => c.Url == url).ToArray())
{
cachedCredentials.Remove(sc);
}
cachedCredentials.Add(credentialStorage);
}
}
}
}
}
catch { }
return(cachedCredentials);
}
public void CredentialsProvided(Credentials credentials)
{
var serviceId = credentials.ServiceInformation.ServiceID;
var userName = credentials.UserName;
var normalizedUserName = GetNormalizedUserName(userName);
var password = credentials.Password;
if (!_cache.ContainsKey(serviceId))
_cache[serviceId] = new CachedCredential
{
ServiceId = serviceId,
UserName = normalizedUserName,
Password = password,
IsPasswordCached = credentials.IsPasswordCachingAllowed
};
SaveCache();
}
// gets cached credentials from the isolated storage
private static IEnumerable<CachedCredential> GetCachedCredentials()
{
var cachedCredentials = new List<CachedCredential>();
try
{
using (var isoStore = GetStore())
{
if (isoStore.FileExists(CredentialFilePath))
{
using (var reader = new StreamReader(isoStore.OpenFile(CredentialFilePath, FileMode.Open, FileAccess.Read)))
{
string url;
while (!string.IsNullOrEmpty(url = reader.ReadLine()))
{
var credentialStorage = new CachedCredential { Url = url, UserName = reader.ReadLine(), Password = Decrypt(reader.ReadLine()) };
// remove duplicates
foreach (var sc in cachedCredentials.Where(c => c.Url == url).ToArray())
cachedCredentials.Remove(sc);
cachedCredentials.Add(credentialStorage);
}
}
}
}
}
catch { }
return cachedCredentials;
}
/// <summary>
/// Authenticates the request from the browser.
/// </summary>
/// <param name="context"></param>
/// <param name="requestArgs"></param>
/// <returns></returns>
private bool Authenticated(IContext context, RequestReceivedEventArgs requestArgs)
{
bool result = false;
var authenticationScheme = AuthenticationScheme;
var isAdministratorPath = IsAdministratorPath(requestArgs);
if (isAdministratorPath)
{
authenticationScheme = AuthenticationSchemes.Basic;
}
switch (authenticationScheme)
{
case AuthenticationSchemes.None:
case AuthenticationSchemes.Anonymous:
if (isAdministratorPath)
{
throw new InvalidOperationException("Anonymous access to administrator paths is not supported");
}
result = true;
break;
case AuthenticationSchemes.Basic:
bool useCache = CacheCredentials;
if (useCache && context.BasicUserName != null)
{
CachedCredential cachedCredential;
if (_AuthenticatedUserCache.TryGetValue(context.BasicUserName, out cachedCredential))
{
result = context.BasicPassword == cachedCredential.Password;
if (result)
{
result = !isAdministratorPath || cachedCredential.IsAdministrator;
}
}
}
if (!result)
{
var args = new AuthenticationRequiredEventArgs(context.BasicUserName, context.BasicPassword);
OnAuthenticationRequired(args);
result = args.IsAuthenticated && (!isAdministratorPath || args.IsAdministrator);
if (result)
{
if (useCache && args.User != null)
{
var cachedCredential = new CachedCredential()
{
IsAdministrator = args.IsAdministrator,
Password = context.BasicPassword,
};
_AuthenticatedUserCache.Add(context.BasicUserName, cachedCredential);
}
}
else
{
var failedLogin = _FailedLoginAttempts.GetAndRefreshOrCreate(context.Request.RemoteEndPoint.Address, (unused) => new FailedLogin());
var sameCredentials = context.BasicUserName == failedLogin.User && context.BasicPassword == failedLogin.Password;
failedLogin.User = context.BasicUserName;
failedLogin.Password = context.BasicPassword;
if (!sameCredentials)
{
if (failedLogin.Attempts < int.MaxValue)
{
++failedLogin.Attempts;
}
if (failedLogin.Attempts > 2)
{
var pauseMilliseconds = (Math.Min(failedLogin.Attempts, 14) - 2) * 5000;
Thread.Sleep(pauseMilliseconds);
}
}
context.Response.StatusCode = HttpStatusCode.Unauthorized;
context.Response.AddHeader("WWW-Authenticate", String.Format(@"Basic Realm=""{0}""", Provider.ListenerRealm));
}
}
if (result)
{
requestArgs.UserName = context.BasicUserName;
}
break;
default:
throw new NotImplementedException();
}
return(result);
}
