public DataSet.TokenRow Publish()
{
TokenTableAdapter ta = new TokenTableAdapter();
DataSet.TokenDataTable dt = ta.GetDataBySubscriberId(subscriber.Id);
if (dt.Count > 0)
{
if (dt.Count >= Constant.AuthTokenMaxCount)
{
if (dt[1].PublishedDate > now - Constant.AuthTokenDoubtLeakSpan && subscriber.AuthScheme == AuthScheme.Web.ToString())
{
throw new DoubtfulAuthBehaviorException("�Z���Ԃɑ����̔F�g�[�N���̔��s��v������܂���");
}
}
DataSet.TokenRow r2 = dt[dt.Count - 1];
TokenVerifier v = new TokenVerifier(r2, now);
if (v.IsFresh)
{
return r2;
}
}
for (int i = 0; i < dt.Count - Constant.AuthTokenMaxCount + 1; i++)
{
dt[i].Delete();
}
string tokenBody = Guid.NewGuid().ToString("N");
DataSet.TokenRow t = dt.AddTokenRow(subscriber, now, tokenBody);
ta.Update(dt);
return t;
}
public override void AuthenticateRequest(HttpContext context)
{
if (context.Request.Cookies[SiteConstant.AuthTokenCookieName] == null)
{
WebUtil.RedirectToAskAuthPage(context);
return;
}
string tokenBody = context.Request.Cookies[SiteConstant.AuthTokenCookieName].Value;
TokenVerifier v = new TokenVerifier(tokenBody, now);
if (!v.IsValid)
{
logger.Info("token invalid. RequestInfo: " + WebUtil.RequestInfo(context));
WebUtil.RedirectToAskAuthPage(context);
return;
}
if (v.IsLockedOut)
{
logger.Info("token is locked out. RequestInfo: " + WebUtil.RequestInfo(context));
WebUtil.RedirectToLockout(context, v.Subscriber.LockoutUntil);
return;
}
if (v.IsOutdated)
{
logger.Info("token is Outdated. RequestInfo: " + WebUtil.RequestInfo(context));
TokenPublisher p = new TokenPublisher(v.Subscriber, now);
DataSet.TokenRow t;
try
{
t = p.Publish();
}
catch (DoubtfulAuthBehaviorException e)
{
p.LockOut();
logger.Info(e.Message);
WebUtil.RedirectToLockout(context, v.Subscriber.LockoutUntil);
return;
}
catch (Exception ex)
{
logger.Error("�F�g�[�N���̔��s�Ɏ��s���܂���", ex);
context.Response.StatusCode = (int) HttpStatusCode.InternalServerError;
context.Response.End();
return;
}
HttpCookie cookie = new HttpCookie(SiteConstant.AuthTokenCookieName, t.Body);
cookie.Expires = DateTime.MaxValue;
context.Response.Cookies.Add(cookie);
}
context.User = new GenericPrincipal(new GenericIdentity("user"), null);
}
private bool AuthenticateRequestImpl(HttpContext context)
{
string tokenBody = context.Request.Headers[SiteConstant.AuthTokenRequestResposeHeaderName];
if (tokenBody == null)
{
logger.Info("�F�g�[�N���̂Ȃ����N�G�X�g������܂����BRequestInfo: " + WebUtil.RequestInfo(context));
return false;
}
logger.Info("token:" + tokenBody + " RequestInfo:" + WebUtil.RequestInfo(context));
TokenVerifier v = new TokenVerifier(tokenBody, now);
if (!v.IsValid)
{
logger.Info("token invalid. RequestInfo: " + WebUtil.RequestInfo(context));
return false;
}
if (!v.IsAuthScheme(AuthScheme.iOS_APNs))
{
logger.Info("scheme is not APNs. RequestInfo: " + WebUtil.RequestInfo(context));
// return false;
}
if (v.IsLockedOut)
{
logger.Info("token is locked out. RequestInfo: " + WebUtil.RequestInfo(context));
// return false;
}
if (!v.IsLiving)
{
logger.Info("token is not living. RequestInfo: " + WebUtil.RequestInfo(context));
// return false;
}
if (v.IsOutdated)
{
logger.Info("token is Outdated. RequestInfo: " + WebUtil.RequestInfo(context));
context.Response.Headers[SiteConstant.AuthStatusRequestResposeHeaderName] = "Outdated";
}
APNsTableAdapter ata = new APNsTableAdapter();
DataSet.APNsDataTable adt = ata.GetDataBySubscriberId(v.Subscriber.Id);
if (adt[0].UnreadRelease > 0)
{
adt[0].UnreadRelease = 0;
ata.Update(adt);
}
context.User = new GenericPrincipal(new GenericIdentity("user"), null);
return true;
}
private bool AuthenticateRequestImpl(HttpContext context)
{
string tokenBody = context.Request.Headers[SiteConstant.AuthTokenRequestResposeHeaderName];
if (tokenBody == null)
{
logger.Info("�F�g�[�N���̂Ȃ����N�G�X�g������܂����BRequestInfo: " + WebUtil.RequestInfo(context));
return false;
}
TokenVerifier v = new TokenVerifier(tokenBody, now);
if (!v.IsValid)
{
logger.Info("token invalid. RequestInfo: " + WebUtil.RequestInfo(context));
// return false;
}
if (!v.IsAuthScheme(AuthScheme.Android_LVL))
{
logger.Info("scheme is not Android_LVL. RequestInfo: " + WebUtil.RequestInfo(context));
// return false;
}
if (v.IsLockedOut)
{
logger.Info("token is locked out. RequestInfo: " + WebUtil.RequestInfo(context));
// return false;
}
if (!v.IsLiving)
{
logger.Info("token is not living. RequestInfo: " + WebUtil.RequestInfo(context));
// return false;
}
if (v.IsOutdated)
{
logger.Info("token is Outdated. RequestInfo: " + WebUtil.RequestInfo(context));
context.Response.Headers[SiteConstant.AuthStatusRequestResposeHeaderName] = "Outdated";
}
context.User = new GenericPrincipal(new GenericIdentity("user"), null);
return true;
}
