Deserialize() public static method

public static Deserialize ( byte data ) : AuthenticationCookie
data byte
return AuthenticationCookie
Esempio n. 1
0
        public byte[] GetTagData()
        {
            var cookie = _context.Request.Cookies[_configuration.CookieName];

            if (cookie != null)
            {
                using (var protector = new CookieProtector(_configuration))
                {
                    byte[] data;
                    protector.Validate(cookie.Value, out data);
                    var authenticationCookie = AuthenticationCookie.Deserialize(data);
                    return(authenticationCookie.Tag);
                }
            }

            return(null);
        }
Esempio n. 2
0
        private void OnAuthenticateRequest(object sender, EventArgs e)
        {
            var context = ((HttpApplication)sender).Context;
            var cookie  = context.Request.Cookies[_configuration.CookieName];

            if (cookie != null)
            {
                var protector = new CookieProtector(_configuration);
                try
                {
                    byte[] data;
                    var    cookieData           = protector.Validate(cookie.Value, out data);
                    var    authenticationCookie = AuthenticationCookie.Deserialize(data);
                    if (!authenticationCookie.IsExpired(_configuration.Timeout))
                    {
                        context.User = authenticationCookie.GetPrincipal();
                        RenewCookieIfExpiring(context, protector, authenticationCookie);
                    }
                }
                catch
                {
                    // do not leak any information if an exception was thrown.
                    // simply don't set the context.User property.
                }
                finally
                {
                    if (protector != null)
                    {
                        protector.Dispose();
                    }
                }
            }

            if (IsLoginPage(context.Request))
            {
                context.SkipAuthorization = true;
            }
        }