/// <summary>
/// Gets the PersonToken by impersonation token (rckipid)
/// </summary>
/// <param name="impersonationToken">The impersonation token.</param>
/// <returns></returns>
public PersonToken GetByImpersonationToken(string impersonationToken)
{
// the impersonationToken should normally be a UrlEncoded string, but it is possible that the caller already UrlDecoded it, so first try without UrlDecoding it
var decryptedToken = Rock.Security.Encryption.DecryptString(impersonationToken);
if (decryptedToken == null)
{
// do a Replace('!', '%') on the token before UrlDecoding because we did a Replace('%', '!') after we UrlEncoded it (to make it embeddable in HTML and cross browser compatible)
string urlDecodedKey = System.Web.HttpUtility.UrlDecode(impersonationToken.Replace('!', '%'));
decryptedToken = Rock.Security.Encryption.DecryptString(urlDecodedKey);
}
var personToken = this.Queryable().Include(pt => pt.PersonAlias).FirstOrDefault(a => a.Token == decryptedToken);
if (personToken == null)
{
bool tokenUseLegacyFallback = GlobalAttributesCache.Get().GetValue("core.PersonTokenUseLegacyFallback").AsBoolean();
if (tokenUseLegacyFallback)
{
var legacyPerson = new PersonService(this.Context as Data.RockContext).GetByLegacyEncryptedKey(impersonationToken, true);
if (legacyPerson == null || !legacyPerson.IsPersonTokenUsageAllowed())
{
return(null);
}
if (legacyPerson != null)
{
// if LegacyFallback is enabled, and we found a person, create a fake PersonToken
personToken = new PersonToken
{
PersonAlias = legacyPerson.PrimaryAlias,
ExpireDateTime = null,
PageId = null,
LastUsedDateTime = RockDateTime.Now,
UsageLimit = null
};
}
}
else
{
return(null);
}
}
var person = new PersonService(this.Context as Data.RockContext).Get(personToken.PersonAlias.PersonId);
if (!person.IsPersonTokenUsageAllowed())
{
return(null);
}
return(personToken);
}
