private Manager()
{
Initialized = false;
Config = new NameValueCollection((NameValueCollection)ConfigurationManager.GetSection("SSO.Client.SettingsGroup/SSO.Client.Settings"));
ManagerIPAddr = null;
RNG = new RNGCryptoServiceProvider();
CookieSent = false;
UserInfo = null;
UserCache = null;
// Initialize new read/write globals.
QueryString = new NameValueCollection(HttpContext.Current.Request.QueryString);
Form = new NameValueCollection(HttpContext.Current.Request.Form);
Cookies = new NameValueCollection();
foreach (string Key in HttpContext.Current.Request.Cookies)
{
Cookies[Key] = HttpContext.Current.Request.Cookies[Key].Value;
}
RequestVars = new NameValueCollection(Cookies);
foreach (string Key in QueryString)
{
RequestVars[Key] = QueryString[Key];
}
foreach (string Key in Form)
{
RequestVars[Key] = Form[Key];
}
}
public bool LoggedIn()
{
if (UserInfo != null) return (UserInfo.sso_id != "");
if (RequestVars[Config["cookie_name"] + "_s"] == null) return false;
try
{
// Decrypt the cookie.
UserInfo = new UserInfoBase();
byte[] CData = Base64Decode(RequestVars[Config["cookie_name"] + "_s"].Replace('-', '+').Replace('_', '/'));
NameValueCollection Options = new NameValueCollection();
Options["mode"] = "CBC";
Options["iv"] = Config["rand_seed2"];
Options["key2"] = Config["rand_seed4"];
Options["iv2"] = Config["rand_seed5"];
Options["lightweight"] = "true";
CData = AES_ExtractDataPacket(CData, Config["rand_seed"], Options);
if (CData.Length > 2)
{
byte[] APIKey = Encoding.UTF8.GetBytes(Config["server_apikey"]);
byte[] CData2 = new byte[CData.Length + 1 + APIKey.Length];
System.Buffer.BlockCopy(CData, 0, CData2, 0, CData.Length);
CData2[CData.Length] = (byte)':';
System.Buffer.BlockCopy(APIKey, 0, CData2, CData.Length + 1, APIKey.Length);
string VData;
using (HMACSHA1 TempHMAC = new HMACSHA1(ConvertHexToBytes(Config["rand_seed6"])))
{
TempHMAC.ComputeHash(CData2);
VData = Convert.ToBase64String(TempHMAC.Hash);
}
bool Compressed = (CData[0] == (byte)'1');
CData2 = new byte[CData.Length - 2];
System.Buffer.BlockCopy(CData, 2, CData2, 0, CData.Length - 2);
CData = (Compressed ? Uncompress(CData2) : CData2);
JObject CDataObj = JsonConvert.DeserializeObject<JObject>(Encoding.UTF8.GetString(CData));
// Load the user information structure.
UserInfo.sso_id = (string)CDataObj["s"];
UserInfo.id = (string)CDataObj["i"];
UserInfo.extra = (string)CDataObj["e"];
if (CDataObj["t"] != null)
{
foreach (var x in (JObject)CDataObj["t"]) UserInfo.tag_map[x.Key] = "1";
}
if (CDataObj["a"] != null) UserInfo.admin = ((int)CDataObj["a"] == 1);
UserCache = new UserCacheBase();
if (CDataObj["b"] != null) UserCache.hasdb = ((int)CDataObj["b"] == 1);
UserCache.ts = (string)CDataObj["c"];
UserCache.ipaddr = (ManagerIPAddr["ipv4"] != "" && ManagerIPAddr["ipv4"].Length < ManagerIPAddr["shortipv6"].Length ? ManagerIPAddr["ipv4"] : ManagerIPAddr["shortipv6"]);
if (CDataObj["d"] != null)
{
foreach (var x in (JObject)CDataObj["d"]) UserCache.data[x.Key] = (string)x.Value;
}
// If the verification cookie is missing or invalid, logout of the session.
if (RequestVars[Config["cookie_name"] + "_v"] == null || RequestVars[Config["cookie_name"] + "_v"].Replace('-', '+').Replace('_', '/') != VData.Replace("=", ""))
{
Logout();
return false;
}
// Check for outdated login information.
UserCache.ts2 = UTCToLocalDate(UserCache.ts);
if (RequestVars[Config["cookie_name"] + "_c"] == null || UserCache.ts2 < DateTime.Now || UserCache.ipaddr != (string)CDataObj["p"] || (IsSiteAdmin() && Config["client_check_site_admin"] == "1"))
{
// Reset the session if the IP address changed.
if (Config["cookie_reset_ipaddr_changes"] == "1" && UserCache.ipaddr != (string)CDataObj["p"])
{
UserInfo.sso_id = "";
return false;
}
// Validate the login. Handle scenarios where the SSO Server is unavailable.
Options = new NameValueCollection();
Options["sso_id"] = UserInfo.sso_id;
Options["expires"] = (Convert.ToInt32(Config["cookie_timeout"]) > 0 && Convert.ToInt32(Config["cookie_timeout"]) < Convert.ToInt32(Config["server_session_timeout"]) ? Config["cookie_timeout"] : Config["server_session_timeout"]);
JObject Result = SendRequest("getlogin", Options);
if (!(bool)Result["success"] && Result["info"] == null)
{
UserInfo.sso_id = "";
return false;
}
if ((bool)Result["success"]) ProcessLogin(Result, false);
}
return true;
}
}
catch (Exception)
{
}
return false;
}
private void ProcessLogin(JObject Info, bool FromServer)
{
UserInfo = new UserInfoBase();
UserInfo.sso_id = (string)Info["sso_id"];
UserInfo.id = (string)Info["id"];
UserInfo.extra = (string)Info["extra"];
if (Info["field_map"].Type == JTokenType.Object)
{
JObject TempMap = (JObject)Info["field_map"];
foreach (var x in TempMap) UserInfo.field_map[x.Key] = (string)x.Value;
}
if (Info["writable"].Type == JTokenType.Object)
{
JObject TempMap = (JObject)Info["writable"];
foreach (var x in TempMap) UserInfo.writable[x.Key] = "1";
}
if (Info["tag_map"].Type == JTokenType.Object)
{
JObject TempMap = (JObject)Info["tag_map"];
foreach (var x in TempMap) UserInfo.tag_map[x.Key] = "1";
}
UserInfo.admin = (bool)Info["admin"];
UserInfo.loaded = true;
UserCache = new UserCacheBase();
UserCache.fromserver = FromServer;
UserCache.changed = true;
UserCache.dbchanged = true;
UserCache.hasdb = false;
UserCache.ts = DateTime.Now.AddSeconds(Convert.ToInt32(Config["cookie_check"])).ToUniversalTime().ToString("u").Replace("Z", "");
UserCache.ts2 = DateTime.Now.AddSeconds(Convert.ToInt32(Config["cookie_check"]));
UserCache.ipaddr = (ManagerIPAddr["ipv4"] != "" && ManagerIPAddr["ipv4"].Length < ManagerIPAddr["shortipv6"].Length ? ManagerIPAddr["ipv4"] : ManagerIPAddr["shortipv6"]);
Cookies.Remove(Config["cookie_name"] + "_c");
Cookies.Remove(Config["cookie_name"] + "_s");
Cookies.Remove(Config["cookie_name"] + "_v");
if (Info["rinfo"] != null)
{
try
{
byte[] Data = Base64Decode((string)Info["rinfo"]);
NameValueCollection Options = new NameValueCollection();
Options["mode"] = "CBC";
Options["iv"] = Config["rand_seed8"];
Options["key2"] = Config["rand_seed9"];
Options["iv2"] = Config["rand_seed10"];
Data = AES_ExtractDataPacket(Data, Config["rand_seed7"], Options);
Data = Uncompress(Data);
JObject TempMap = JsonConvert.DeserializeObject<JObject>(Encoding.UTF8.GetString(Data));
// Reload.
QueryString = new NameValueCollection();
foreach (var x in (JObject)TempMap["get"]) QueryString[x.Key] = (string)x.Value;
Form = new NameValueCollection();
foreach (var x in (JObject)TempMap["post"]) Form[x.Key] = (string)x.Value;
RequestVars = new NameValueCollection();
foreach (var x in (JObject)TempMap["request"]) RequestVars[x.Key] = (string)x.Value;
}
catch (Exception)
{
}
}
// Reinitialize stored input.
QueryString.Remove(Config["cookie_name"] + "_c");
QueryString.Remove(Config["cookie_name"] + "_s");
QueryString.Remove(Config["cookie_name"] + "_v");
Form.Remove(Config["cookie_name"] + "_c");
Form.Remove(Config["cookie_name"] + "_s");
Form.Remove(Config["cookie_name"] + "_v");
}
