コード例 #1
0
        /// <summary>
        /// Perform crossdomain single sing in.
        /// </summary>
        /// <param name="hc">HttpContext object.</param>
        /// <returns></returns>
        public static string DoCrossDomainSingleSingOn(HttpContext hc)
        {
            try
            {
                string Token   = Decrypt(hc.Request.QueryString["p1"]);
                string Email   = Decrypt(hc.Request.QueryString["p2"]);
                string BackUrl = hc.Request.QueryString["BackUrl"];

                // Receive sign in ticket view API call.
                SingInAuthTicket singInAuthTicket = SingInAuthTickets.GetSignInTicket(Email, Token);

                // Redirect to sign in page? because the session doesn't not exist.
                if (singInAuthTicket.EncrytedTicket == "")
                {
                    return(SingleSignOnRedirectUrl(SingleSignOnRedirectTo.SignIn, BackUrl));
                }

                FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(singInAuthTicket.EncrytedTicket);

                // Finalaze sing in via API call.
                HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, singInAuthTicket.EncrytedTicket);
                authCookie.Expires  = authTicket.Expiration;
                authCookie.HttpOnly = true;
                hc.Response.Cookies.Add(authCookie);

                return(hc.Request.QueryString["BackUrl"]);
            }
            catch (Exception ex)
            {
                string message = ex.Message;

                return("");  //return HttpUtility.UrlEncode(System.Web.VirtualPathUtility.ToAbsolute("/"));
            }
        }
        public ContentResult GetSignInAuthTicket(string Email, string AuthToken)
        {
            String           Json              = "";
            Member           Member            = Members.GetByEmail(Email);
            AuthMemberTicket _AuthMemberTicket = AuthMemberTickets.GetByMemberToken(Member.MemberID, AuthToken);

            // Check does session exists for requested token. If doesn't return emty object, so client will be redirected to sign in page.
            if (_AuthMemberTicket.AuthMemberTicketID <= 0)
            {
                Json = SingInAuthTickets.JsonItem(
                    new SingInAuthTicket()
                {
                    MemberName     = "",
                    MemberEmail    = "",
                    EncrytedTicket = "",
                    IsPersistant   = 0,
                }
                    );
            }
            else
            {
                string CookieName   = FormsAuthentication.FormsCookieName;
                string CookiePath   = FormsAuthentication.FormsCookiePath;
                int    IsPersistent = _AuthMemberTicket.IsPersistent;

                AuthMemberToken _ticketMemberSession = new AuthMemberToken()
                {
                    MemberID    = Member.MemberID,
                    MemberEmail = Member.Email,
                    MemberName  = Member.Name,
                    Token       = AuthToken,
                    Domain      = Request.Url.DnsSafeHost
                };

                FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,
                                                                                     Member.Email,
                                                                                     DateTime.Now,
                                                                                     _AuthMemberTicket.Expiration,
                                                                                     IsPersistent == 1 ? true : false,
                                                                                     ToJson(_ticketMemberSession),
                                                                                     CookiePath);

                string cookieEncrypted = FormsAuthentication.Encrypt(authTicket);

                Json = SingInAuthTickets.JsonItem(
                    new SingInAuthTicket()
                {
                    MemberName     = Member.Name,
                    MemberEmail    = Member.Email,
                    EncrytedTicket = cookieEncrypted,
                    IsPersistant   = IsPersistent
                }
                    );
            }

            return(Content(Json, TypeJson));
        }