/// <summary>
/// MVC and private use only.
/// </summary>
public static void SetFormsAuthCookieAndUser(User user, IdentityProvider identityProvider = null)
{
if (AppRequestState.Instance.ImpersonatorExists)
{
UserImpersonationStatics.SetCookie(user);
}
else
{
// If the user's role requires enhanced security, require re-authentication every 12 minutes. Otherwise, make it the same as a session timeout.
var authenticationDuration = identityProvider is LocalIdentityProvider local && local.AuthenticationTimeoutMinutes.HasValue
?
TimeSpan.FromMinutes(local.AuthenticationTimeoutMinutes.Value)
: user.Role.RequiresEnhancedSecurity
? TimeSpan.FromMinutes(12)
: SessionDuration;
var ticket = new FormsAuthenticationTicket(user.UserId.ToString(), false /*meaningless*/, (int)authenticationDuration.TotalMinutes);
AppRequestState.AddNonTransactionalModificationMethod(() => setFormsAuthCookie(ticket));
}
AppRequestState.Instance.SetUser(user);
if (identityProvider != null)
{
AppRequestState.AddNonTransactionalModificationMethod(() => SetUserLastIdentityProvider(identityProvider));
}
else
{
AppRequestState.AddNonTransactionalModificationMethod(() => CookieStatics.ClearCookie(identityProviderCookieName));
}
}
void ControlTreeDataLoader.LoadData()
{
EwfPage.Instance.AddDisplayLink(this);
// NOTE: Currently this hidden field will always be persisted in page state whether the page cares about that or not. We should put this decision into the
// hands of the page, maybe by making ToggleButton sort of like a form control such that it takes a boolean value in its constructor and allows access to
// its post back value.
var controlsToggled = false;
EwfHiddenField.Create(
this,
EwfPage.Instance.PageState.GetValue(this, pageStateKey, false).ToString(),
postBackValue => controlsToggled = getControlsToggled(postBackValue),
EwfPage.Instance.DataUpdate,
out controlsToggledHiddenFieldValueGetter,
out controlsToggledHiddenFieldClientIdGetter);
EwfPage.Instance.DataUpdate.AddModificationMethod(
() => AppRequestState.AddNonTransactionalModificationMethod(() => EwfPage.Instance.PageState.SetValue(this, pageStateKey, controlsToggled)));
if (TagKey == HtmlTextWriterTag.Button)
{
PostBackButton.AddButtonAttributes(this);
}
this.AddJavaScriptEventScript(JsWritingMethods.onclick, handlerName + "()");
CssClass = CssClass.ConcatenateWithSpace("ewfClickable");
textControl = ActionControlStyle.SetUpControl(this, "", width, height, w => base.Width = w);
}
internal static void SetCookie(User userBeingImpersonated)
{
AppRequestState.AddNonTransactionalModificationMethod(
() => CookieStatics.SetCookie(
CookieName,
userBeingImpersonated?.UserId.ToString() ?? "",
null,
EwfConfigurationStatics.AppSupportsSecureConnections,
true));
}
// Log-Out
/// <summary>
/// Do not call if the system does not implement the forms authentication capable user management provider.
/// </summary>
public static void LogOutUser()
{
if (AppRequestState.Instance.ImpersonatorExists)
{
UserImpersonationStatics.SetCookie(null);
}
else
{
AppRequestState.AddNonTransactionalModificationMethod(clearFormsAuthCookie);
}
AppRequestState.Instance.SetUser(null);
}
protected override void loadData()
{
var userIsProfiling = AppMemoryCache.UserIsProfilingRequests(AppRequestState.Instance.ProfilingUserId);
ph.AddControlsReturnThis(
new Paragraph("Profiling is currently {0}.".FormatWith(userIsProfiling ? "ON" : "OFF")),
new Paragraph(
new PostBackButton(
PostBack.CreateFull(
id: "toggle",
firstModificationMethod:
() =>
AppRequestState.AddNonTransactionalModificationMethod(
() => AppMemoryCache.SetRequestProfilingForUser(AppRequestState.Instance.ProfilingUserId, userIsProfiling ? TimeSpan.Zero : TimeSpan.FromHours(1)))),
new ButtonActionControlStyle(userIsProfiling ? "Turn Profiling OFF" : "Turn Profiling ON"),
usesSubmitBehavior: false)));
}
protected override void loadData()
{
var userIsProfiling = AppMemoryCache.UserIsProfilingRequests(AppRequestState.Instance.ProfilingUserId);
ph.AddControlsReturnThis(
new Paragraph("Profiling is currently {0}.".FormatWith(userIsProfiling ? "ON" : "OFF").ToComponents()).Append(
new Paragraph(
new EwfButton(
new StandardButtonStyle(userIsProfiling ? "Turn Profiling OFF" : "Turn Profiling ON"),
behavior: new PostBackBehavior(
postBack: PostBack.CreateFull(
id: "toggle",
firstModificationMethod: () => AppRequestState.AddNonTransactionalModificationMethod(
() => AppMemoryCache.SetRequestProfilingForUser(
AppRequestState.Instance.ProfilingUserId,
userIsProfiling ? TimeSpan.Zero : TimeSpan.FromHours(1)))))).ToCollection()))
.GetControls());
}
/// <summary>
/// MVC and private use only.
/// </summary>
public static void SetFormsAuthCookieAndUser(FormsAuthCapableUser user)
{
if (AppRequestState.Instance.ImpersonatorExists)
{
UserImpersonationStatics.SetCookie(user);
}
else
{
var strictProvider = SystemProvider as StrictFormsAuthUserManagementProvider;
// If the user's role requires enhanced security, require re-authentication every 12 minutes. Otherwise, make it the same as a session timeout.
var authenticationDuration = (strictProvider?.AuthenticationTimeoutInMinutes).HasValue
? TimeSpan.FromMinutes(strictProvider.AuthenticationTimeoutInMinutes.Value)
: user.Role.RequiresEnhancedSecurity ? TimeSpan.FromMinutes(12) : SessionDuration;
var ticket = new FormsAuthenticationTicket(user.UserId.ToString(), false /*meaningless*/, (int)authenticationDuration.TotalMinutes);
AppRequestState.AddNonTransactionalModificationMethod(() => setFormsAuthCookie(ticket));
}
AppRequestState.Instance.SetUser(user);
}
protected override PageContent getContent()
{
var content = new UiPageContent();
var userIsProfiling = AppMemoryCache.UserIsProfilingRequests(AppRequestState.Instance.ProfilingUserId);
content.Add(
new Paragraph("Profiling is currently {0}.".FormatWith(userIsProfiling ? "ON" : "OFF").ToComponents()).Append(
new Paragraph(
new EwfButton(
new StandardButtonStyle(userIsProfiling ? "Turn Profiling OFF" : "Turn Profiling ON"),
behavior: new PostBackBehavior(
postBack: PostBack.CreateFull(
id: "toggle",
modificationMethod: () => AppRequestState.AddNonTransactionalModificationMethod(
() => AppMemoryCache.SetRequestProfilingForUser(
AppRequestState.Instance.ProfilingUserId,
userIsProfiling ? TimeSpan.Zero : TimeSpan.FromHours(1)))))).ToCollection()))
.Materialize());
return(content);
}
private static void clearFormsAuthCookie()
{
AppRequestState.AddNonTransactionalModificationMethod(() => CookieStatics.ClearCookie(FormsAuthCookieName));
}
private static void setCookie(string name, string value)
{
AppRequestState.AddNonTransactionalModificationMethod(
() => CookieStatics.SetCookie(name, value, null, EwfConfigurationStatics.AppSupportsSecureConnections, true));
}
