public virtual void AuthorizeMachine(Guid applicationInstance, MachineKey machineKey)
{
if (!((MembershipProvider)Membership.Provider).IsValidApplicationMember(applicationInstance, machineKey.Email))
{
throw new KeyNotFoundException(machineKey.Email);
}
using (var Entities = Repository)
{
//Entities.Users_v1_0.Where(u => u.userName == System.Threading.Thread.CurrentPrincipal.Identity.Name).Single().contactId;
var authority = GetCurrentAuthority(applicationInstance);
var contacts = Entities.ContactEmails_v1_0.Where(e => e.Email_v1_0.formattedEmailAddress == machineKey.Email);
if (contacts.Count() == 0)
{
throw new KeyNotFoundException(machineKey.Email);
}
else
{
Contacts_v1_0 contact = contacts.Single().Contacts_v1_0;
if (String.IsNullOrEmpty(contact.firstName))
{
contact.firstName = machineKey.Contact.FirstName;
}
if (String.IsNullOrEmpty(contact.lastName))
{
contact.lastName = machineKey.Contact.LastName;
}
var instances = Entities.ApplicationInstanceMachineKeys_v1_0.Where(i => i.MachineKeys_v1_0.machineKey == machineKey.Key && i.ApplicationInstance_v1_0.instanceUID == applicationInstance);
if (instances.Count() == 0)
{
var machines = Entities.MachineKeys_v1_0.Where(m => m.machineKey == machineKey.Key);
if (machines.Count() == 0)
{
Entities.ApplicationInstanceMachineKeys_v1_0.AddObject(new ApplicationInstanceMachineKeys_v1_0()
{
ApplicationInstance_v1_0 = Entities.ApplicationInstance_v1_0.Single(a => a.instanceUID == applicationInstance),
MachineKeys_v1_0 = new MachineKeys_v1_0() { contactId = contact.id, machineKey = machineKey.Key, createDate = DateTime.Now, machineDescription = (contact.lastName??"") + "," + (contact.firstName??"") },
authorized = true,
authorizedBy = authority,
authorizedDate = DateTime.Now,
createDate = DateTime.Now,
createdBy = authority
});
}
else
{
var machine = machines.Single();
if (machine.contactId != contact.id)
{
throw new InvalidOperationException("Machine is not asscoiated with the contact");
}
Entities.ApplicationInstanceMachineKeys_v1_0.AddObject(new ApplicationInstanceMachineKeys_v1_0()
{
ApplicationInstance_v1_0 = Entities.ApplicationInstance_v1_0.Single(a => a.instanceUID == applicationInstance),
machineKeyId = machine.id,
authorized = true,
authorizedBy = authority,
authorizedDate = DateTime.Now,
createDate = DateTime.Now,
createdBy = authority
});
}
Entities.SaveChanges();
}
else
{
var instance = instances.Single();
instance.authorized = true;
instance.lastModifiedBy = authority;
instance.lastModifiedDate = DateTime.Now;
Entities.SaveChanges();
}
}
}
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
// Decrypt and get the auth ticket
/// <include file='doc\FormsAuthentication.uex' path='docs/doc[@for="FormsAuthentication.Decrypt"]/*' />
/// <devdoc>
/// <para>Given an encrypted authenitcation ticket as
/// obtained from an HTTP cookie, this method returns an instance of a
/// FormsAuthenticationTicket class.</para>
/// </devdoc>
public static FormsAuthenticationTicket Decrypt(String encryptedTicket)
{
if (encryptedTicket == null || encryptedTicket.Length == 0)
{
throw new ArgumentException(HttpRuntime.FormatResourceString(SR.InvalidArgumentValue, "encryptedTicket"));
}
Initialize();
Trace("Decrypting cookie: " + encryptedTicket);
byte [] bBlob = MachineKey.HexStringToByteArray(encryptedTicket);
if (bBlob == null || bBlob.Length < 1)
{
throw new ArgumentException(HttpRuntime.FormatResourceString(SR.InvalidArgumentValue, "encryptedTicket"));
}
if (_Protection == FormsProtectionEnum.All || _Protection == FormsProtectionEnum.Encryption)
{
bBlob = MachineKey.EncryptOrDecryptData(false, bBlob, null, 0, bBlob.Length);
if (bBlob == null)
{
return(null);
}
}
if (_Protection == FormsProtectionEnum.All || _Protection == FormsProtectionEnum.Validation)
{
//////////////////////////////////////////////////////////////////////
// Step 2: Get the MAC: Last MAC_LENGTH bytes
if (bBlob.Length <= MAC_LENGTH)
{
return(null);
}
byte [] bTicket = new byte[bBlob.Length - MAC_LENGTH];
Buffer.BlockCopy(bBlob, 0, bTicket, 0, bTicket.Length);
byte [] bMac = MachineKey.HashData(bTicket, null, 0, bTicket.Length);
//////////////////////////////////////////////////////////////////////
// Step 3: Make sure the MAC is correct
if (bMac == null)
{
Trace("Decrypting cookie failed to get the MAC.");
return(null);
}
if (bMac.Length != MAC_LENGTH)
{
Trace("Decrypting cookie failed due to bad MAC length: " + bMac.Length);
return(null);
}
for (int iter = 0; iter < MAC_LENGTH; iter++)
{
if (bMac[iter] != bBlob[bTicket.Length + iter])
{
Trace("Incorrect byte at " + iter + ", byte1: " + ((int)bMac[iter]) + ", byte2: " + ((int)bBlob[bTicket.Length + iter]));
return(null);
}
}
bBlob = bTicket;
}
//////////////////////////////////////////////////////////////////////
// Step 4: Change binary ticket to managed struct
int iSize = ((bBlob.Length > 4096) ? 4096 : bBlob.Length);
StringBuilder name = new StringBuilder(iSize);
StringBuilder data = new StringBuilder(iSize);
StringBuilder path = new StringBuilder(iSize);
byte [] pBin = new byte[2];
long [] pDates = new long[2];
int iRet = UnsafeNativeMethods.CookieAuthParseTicket(bBlob, bBlob.Length,
name, iSize,
data, iSize,
path, iSize,
pBin, pDates);
if (iRet != 0)
{
return(null);
}
return(new FormsAuthenticationTicket((int)pBin[0],
name.ToString(),
DateTime.FromFileTime(pDates[0]),
DateTime.FromFileTime(pDates[1]),
(bool)(pBin[1] != 0),
data.ToString(),
path.ToString()));
}
