private bool HandleLiveId(string token, string host)
{
Tuple<bool, bool> inCache = IsInCache(host, token);
if (inCache.Item1)
return inCache.Item2;
WindowsLiveLogin wll = new WindowsLiveLogin(Constants.LiveIdappId, Constants.LiveIdappsecret, Constants.LiveIdsecurityAlgorithm, true, Constants.LiveIdpolicyURL, Constants.LiveIdreturnURL);
WindowsLiveLogin.User user = wll.ProcessToken(token);
if (user == null)
ThrowRejection(HttpStatusCode.Unauthorized, "Invalid user token in authorization header.");
if (DateTime.UtcNow.Subtract(user.Timestamp).TotalMilliseconds > Constants.PrivilegeLevelTokenExpiry[Constants.LiveId] * 1000)
ThrowRejection(HttpStatusCode.Unauthorized, "Expired token being presented. Token Expiry: " + Constants.PrivilegeLevelTokenExpiry[Constants.LiveId] + " seconds");
bool retVal = IsValidAccess(host, Constants.LiveId, user.Id);
UpdateCache(host, token, user.Timestamp, retVal); // *** updating cache
return retVal;
}
private string GetUserName(string scheme,string stoken)
{
// if this is a liveID authenticated user. he must have a name associated with this token
if (scheme.Equals(Constants.LiveId, StringComparison.CurrentCultureIgnoreCase))
{
WindowsLiveLogin wll = new WindowsLiveLogin(Constants.LiveIdappId, Constants.LiveIdappsecret, Constants.LiveIdsecurityAlgorithm, true, Constants.LiveIdpolicyURL, Constants.LiveIdreturnURL);
WindowsLiveLogin.User windowsliveiduser = wll.ProcessToken(stoken);
string name = platform.GetLiveIdUserName(windowsliveiduser.Id);
if (string.IsNullOrEmpty(name))
return "unknown";
else
return name;
}
return scheme;
}
/// <summary>
/// Initialize the ConsentToken.
/// </summary>
/// <param name="wll">WindowsLiveLogin</param>
/// <param name="delegationToken">Delegation token</param>
/// <param name="refreshToken">Refresh token</param>
/// <param name="sessionKey">Session key</param>
/// <param name="expiry">Expiry</param>
/// <param name="offers">Offers</param>
/// <param name="locationID">Location ID</param>
/// <param name="context">Application context</param>
/// <param name="decodedToken">Decoded token</param>
/// <param name="token">Raw token</param>
public ConsentToken(WindowsLiveLogin wll, string delegationToken, string refreshToken, string sessionKey, string expiry, string offers, string locationID, string context, string decodedToken, string token)
{
this.wll = wll;
setDelegationToken(delegationToken);
setRefreshToken(refreshToken);
setSessionKey(sessionKey);
setExpiry(expiry);
setOffers(offers);
setLocationID(locationID);
setContext(context);
setDecodedToken(decodedToken);
setToken(token);
}
private string HandleAddUserGuiWebPage(string stoken, Dictionary<string,string> dict)
{
string html="";
try
{
WindowsLiveLogin wll = new WindowsLiveLogin(Constants.LiveIdappId, Constants.LiveIdappsecret, Constants.LiveIdsecurityAlgorithm, true, Constants.LiveIdpolicyURL, Constants.LiveIdreturnURL);
WindowsLiveLogin.User windowsliveiduser = wll.ProcessToken(stoken);
if (windowsliveiduser == null)
throw new Exception("unable to decrypt liveid token");
else if (DateTime.UtcNow.Subtract(windowsliveiduser.Timestamp).TotalMilliseconds <= Constants.PrivilegeLevelTokenExpiry[Constants.LiveId] * 1000)
{
dict["liveIdUniqueUserToken"] = windowsliveiduser.Id;
string redirectTo = "../" + Constants.GuiServiceSuffixWeb + "/" + GuiWebAddLiveIdUserPage;
foreach (string param in dict.Keys)
{
redirectTo += param + "=" + dict[param] + ",";
}
redirectTo = redirectTo.TrimEnd(',');
html += "<html> " + redirectJS + "<script type='text/javascript'>redirect(\"" + redirectTo + "\");</script>";
}
else
throw new Exception("Token provided is expired.");
}
catch (Exception e)
{
logger.Log("Unable to add user. Exception : " + e);
string redirectTo = "../" + Constants.GuiServiceSuffixWeb + "/" + GuiWebAddLiveIdUserPage + "?function=message,message= User add failed! " + e.Message;
html += "<html> " + redirectJS + "<script type='text/javascript'>redirect(\"" + redirectTo + "\");</script>";
}
return html;
}
