public AuthenticateResult Authenticate(HttpContextBase contextBase)
{
if (!contextBase.Request.Browser.Cookies)
{
logger.LogWarning("This browser doesnot support cookies, so cookie based authentication is disabled");
return(AuthenticateResult.NoResult());
}
var authCookie = contextBase.Request.Cookies.Get(AuthConstants.AUTH_COOKIE_NM);
if (authCookie != null)
{
try
{
var unprotectedCookieBytes = dataProtector.UnProtect(Convert.FromBase64String(authCookie.Value));
var ticket = serializer.Deserialize(unprotectedCookieBytes);
logger.LogDebug("Cookie authentication succeeded");
return(AuthenticateResult.Success(ticket));
}
catch (Exception)
{
return(AuthenticateResult.Fail($"Unable to extract cookie '{AuthConstants.AUTH_COOKIE_NM}', cookie might be damaged/modified"));
}
}
logger.LogDebug("Cookie authentication failed");
return(AuthenticateResult.NoResult());
}
public void Test_SignIn_AddsCookie_IfAuthResultIsSuccess()
{
var serializer = new TicketSerializer();
var ticket = new AuthenticationTicket(
new ClaimsPrincipal(
new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, "Foo User"),
}, AuthConstants.SPNEGO_DEFAULT_SCHEME)),
AuthConstants.SPNEGO_DEFAULT_SCHEME);
var serializedTicket = serializer.Serialize(ticket);
var protectedTicket = dataProtector.Protect(serializedTicket);
var encodedTicket = Convert.ToBase64String(protectedTicket);
var cookie = new HttpCookie(AuthConstants.AUTH_COOKIE_NM)
{
Expires = DateTime.Now.AddDays(CookieAuthenticator.COOKIE_TIMEOUT_IN_MINUTES),
Value = encodedTicket
};
var authenticator = new CookieAuthenticator(dataProtector, logger.Object);
authenticator.SignIn(AuthenticateResult.Success(ticket), context.Object);
response.Verify(r => r.AppendCookie(It.Is <HttpCookie>(c => Convert.ToBase64String(dataProtector.UnProtect(Convert.FromBase64String(c.Value))) == Convert.ToBase64String(dataProtector.UnProtect(Convert.FromBase64String(encodedTicket))) &&
c.Expires.Date.Minute == DateTime.Now.AddMinutes(CookieAuthenticator.COOKIE_TIMEOUT_IN_MINUTES).Date.Minute)), Times.Once);
}
