public static bool SetAuthCookie(OSHttpRequest httpRequest, OSHttpResponse httpResponse, Uri identity, string consumer)
{
bool permissionGranted = false;
HttpCookie cookie = (httpRequest.Cookies != null) ? httpRequest.Cookies["cb_auth"] : null;
AuthCookie authCookie;
string cookieKey;
// Check for an existing cookie pointing to valid server-side cached info
if (cookie != null && AuthCookies.TryGetValue(cookie.Value, out authCookie))
{
cookieKey = cookie.Value;
// TODO: Linear search could be eliminated with a HashSet<>
if (authCookie.AuthedRealms.Contains(consumer))
permissionGranted = true;
}
else
{
// Create a new cookie
cookieKey = UUID.Random().ToString();
authCookie = new AuthCookie(cookieKey, identity);
}
// Cookie will expire in five days
DateTime cookieExpiration = DateTime.Now + TimeSpan.FromDays(5.0);
// Set cookie information on the server side and in the client response
AuthCookies.AddOrUpdate(cookieKey, authCookie, cookieExpiration);
HttpCookie responseCookie = new HttpCookie("cb_auth", cookieKey);
responseCookie.Expires = cookieExpiration;
httpResponse.SetCookie(responseCookie);
return permissionGranted;
}
void SetCookie(OSHttpResponse httpResponse, Uri identity, UserProfileData profile)
{
string cookieKey = UUID.Random().ToString();
// Cookie will expire in five days
DateTime cookieExpiration = DateTime.Now + TimeSpan.FromDays(5.0);
// Cache the server-side data
CableBeachState.AuthCookies.AddOrUpdate(cookieKey, new AuthCookie(cookieKey, identity, profile), cookieExpiration);
// Create the cookie
HttpCookie responseCookie = new HttpCookie("cb_openid_auth", cookieKey);
responseCookie.Expires = cookieExpiration;
httpResponse.SetCookie(responseCookie);
}
