public AuthenticateResult Authenticate(HttpContextBase contextBase) { if (!contextBase.Request.Browser.Cookies) { logger.LogWarning("This browser doesnot support cookies, so cookie based authentication is disabled"); return(AuthenticateResult.NoResult()); } var authCookie = contextBase.Request.Cookies.Get(AuthConstants.AUTH_COOKIE_NM); if (authCookie != null) { try { var unprotectedCookieBytes = dataProtector.UnProtect(Convert.FromBase64String(authCookie.Value)); var ticket = serializer.Deserialize(unprotectedCookieBytes); logger.LogDebug("Cookie authentication succeeded"); return(AuthenticateResult.Success(ticket)); } catch (Exception) { return(AuthenticateResult.Fail($"Unable to extract cookie '{AuthConstants.AUTH_COOKIE_NM}', cookie might be damaged/modified")); } } logger.LogDebug("Cookie authentication failed"); return(AuthenticateResult.NoResult()); }
public void Test_SignIn_AddsCookie_IfAuthResultIsSuccess() { var serializer = new TicketSerializer(); var ticket = new AuthenticationTicket( new ClaimsPrincipal( new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, "Foo User"), }, AuthConstants.SPNEGO_DEFAULT_SCHEME)), AuthConstants.SPNEGO_DEFAULT_SCHEME); var serializedTicket = serializer.Serialize(ticket); var protectedTicket = dataProtector.Protect(serializedTicket); var encodedTicket = Convert.ToBase64String(protectedTicket); var cookie = new HttpCookie(AuthConstants.AUTH_COOKIE_NM) { Expires = DateTime.Now.AddDays(CookieAuthenticator.COOKIE_TIMEOUT_IN_MINUTES), Value = encodedTicket }; var authenticator = new CookieAuthenticator(dataProtector, logger.Object); authenticator.SignIn(AuthenticateResult.Success(ticket), context.Object); response.Verify(r => r.AppendCookie(It.Is <HttpCookie>(c => Convert.ToBase64String(dataProtector.UnProtect(Convert.FromBase64String(c.Value))) == Convert.ToBase64String(dataProtector.UnProtect(Convert.FromBase64String(encodedTicket))) && c.Expires.Date.Minute == DateTime.Now.AddMinutes(CookieAuthenticator.COOKIE_TIMEOUT_IN_MINUTES).Date.Minute)), Times.Once); }