Example #1
0
        private string EncryptValue(ImpersonationInfo impersonationInfo)
        {
            var json           = JsonConvert.SerializeObject(impersonationInfo);
            var protector      = dataProtectionProvider.CreateProtector(CookiePurpose);
            var encryptedValue = protector.Protect(json);

            return(encryptedValue);
        }
Example #2
0
        private void SetCookie(ImpersonationInfo impersonationInfo, bool expire)
        {
            var json           = JsonConvert.SerializeObject(impersonationInfo);
            var protector      = dataProtectionProvider.CreateProtector(CookiePurpose);
            var encryptedValue = protector.Protect(json);
            var expires        = expire ? DateTimeOffset.Now.AddDays(-10) : (DateTimeOffset?)null;

            httpContextAccessor.HttpContext.Response.Cookies.Append(Impersonation, encryptedValue, new CookieOptions()
            {
                HttpOnly = true, Expires = expires
            });
        }
Example #3
0
        public void SetImpersonation(IUserInfo userInfo, string impersonatedUserName)
        {
            var authenticatedUserName = (userInfo as IImpersonationUserInfo)?.OriginalUsername ?? userInfo.UserName;

            logger.LogTrace($"Impersonate: {authenticatedUserName} as {impersonatedUserName}");

            var impersonationInfo = new ImpersonationInfo()
            {
                Authenticated = authenticatedUserName,
                Impersonated  = impersonatedUserName,
                Expires       = DateTime.Now.AddMinutes(CookieDurationMinutes)
            };

            SetCookie(impersonationInfo, false);
        }
Example #4
0
        private void AppendCookie(ImpersonationInfo impersonationInfo, bool remove)
        {
            if (httpContextAccessor.HttpContext == null) // Unit tests or CLI utilities.
            {
                return;
            }

            string encryptedValue = EncryptValue(impersonationInfo);
            var    expires        = remove ? DateTimeOffset.Now.AddDays(-10) : (DateTimeOffset?)null; // Marks cookie as expired. This instructs browser to remove the cookie from the client.
            var    cookieOptions  = new CookieOptions()
            {
                HttpOnly = true, Expires = expires
            };

            httpContextAccessor.HttpContext.Response.Cookies.Append(CookieKey, encryptedValue, cookieOptions);
        }
Example #5
0
        public void SetImpersonation(IUserInfo currentUserInfo, string impersonatedUserName)
        {
            if (!currentUserInfo.IsUserRecognized)
            {
                RemoveImpersonationCookie();
                throw new UserException("You are not authorized for impersonation. Please log in first.");
            }

            var authenticatedUserName = (currentUserInfo as IImpersonationUserInfo)?.OriginalUsername ?? currentUserInfo.UserName;

            logger.Trace(() => $"Impersonate: {authenticatedUserName} as {impersonatedUserName}");

            var impersonationInfo = new ImpersonationInfo()
            {
                Authenticated = authenticatedUserName,
                Impersonated  = impersonatedUserName,
                Expires       = DateTime.Now.AddMinutes(options.CookieDurationMinutes)
            };

            SetCookie(impersonationInfo);
        }
Example #6
0
 private void SetCookie(ImpersonationInfo impersonationInfo)
 {
     AppendCookie(impersonationInfo, remove: false);
 }
Example #7
0
 public AuthenticationInfo(ImpersonationInfo impersonationInfo, IUserInfo originalUser, bool cookieRemoved)
 {
     ImpersonationInfo = impersonationInfo;
     OriginalUser      = originalUser;
     CookieRemoved     = cookieRemoved;
 }