public bool AuthorizeSession(Session session)
{
string xml="";
try
{
var request = (HttpWebRequest)WebRequest.Create(String.Concat(URI.RESTurl(), "IdCardAuthenticate/person_id/", session.PersonId));
request.Method = "GET";
nonceAuthenticationProvider.AuthenticateGetRequest(request);
request.Accept = "application/xml";
HttpWebResponse response = null;
using (response = (HttpWebResponse)request.GetResponse())
{
if (response.StatusCode == HttpStatusCode.OK)
{
Stream ReceiveStream = response.GetResponseStream();
StreamReader readStream = new StreamReader(ReceiveStream);
xml = readStream.ReadToEnd();
session.Authorized = (Authorized)_authorizeSerializer.Deserialize(new StringReader(xml));
if (session.Authorized.Authorize == null)
throw new ArgumentException("You are not authorized to use this application");
else
{
session.ApiKey = session.Authorized.apiKey;
session.SharedSecret = session.Authorized.sharedSecret;
}
}
}
}
catch (Exception e)
{
// System.Windows.Forms.MessageBox.Show(e.Message);
return false;
}
SecurityContextHolder.Credential = session;
return true;
}
public Session RenewSession(Session currentSession)
{
Session session = null;
try
{
var request = (HttpWebRequest)WebRequest.Create(URI.CASurl() + "/" + currentSession.ApiKey);
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.Accept = "application/xml";
const string postData = "timeout=480";
request.ContentLength = Encoding.UTF8.GetByteCount(postData);
AddAuthenticationToRequest(request, postData, currentSession);
using (var writer = new StreamWriter(request.GetRequestStream()))
{
writer.Write(postData);
}
using (var response = (HttpWebResponse)request.GetResponse())
{
if (response.StatusCode == HttpStatusCode.OK && response.ContentLength > 0 && response.GetResponseStream() != null)
{
session = (Session)_sessionSerializer.Deserialize(response.GetResponseStream());
}
}
}
catch (Exception e)
{
throw new SessionCreationException("User does not have rights to this program to renew the Session.", e);
}
return session;
}
private static void AddAuthenticationToRequest(HttpWebRequest request, string content, Session session)
{
request.Headers.Add("Authorization", session.DetermineAuthenticationHeaderValue(request, content));
}
public bool DestroySession(Session session)
{
session = null;
return true;
}