protected override bool ValidateSharePointContext(SharePointContext spContext, HttpContext httpContext) { SharePointHighTrustContext spHighTrustContext = spContext as SharePointHighTrustContext; if (spHighTrustContext != null) { Uri spHostUrl = SharePointContext.GetSPHostUrl(httpContext.Request); IPrincipal logonUserIdentity = httpContext.User; return spHostUrl == spHighTrustContext.SPHostUrl && logonUserIdentity != null && logonUserIdentity.Identity.IsAuthenticated && //!logonUserIdentity.IsGuest && logonUserIdentity == spHighTrustContext.LogonUserIdentity; } return false; }
protected override void SaveSharePointContext(SharePointContext spContext, HttpContext httpContext) { //ASPNET5 session stores string and int only (2016.01.26) so we are using JsonConvert httpContext.Session.SetString(SPContextKey, JsonConvert.SerializeObject(spContext as SharePointHighTrustContext)); }
/// <summary> /// Validates if the given SharePointContext can be used with the specified HTTP context. /// </summary> /// <param name="spContext">The SharePointContext.</param> /// <param name="httpContext">The HTTP context.</param> /// <returns>True if the given SharePointContext can be used with the specified HTTP context.</returns> protected abstract bool ValidateSharePointContext(SharePointContext spContext, HttpContext httpContext);
/// <summary> /// Saves the specified SharePointContext instance associated with the specified HTTP context. /// <c>null</c> is accepted for clearing the SharePointContext instance associated with the HTTP context. /// </summary> /// <param name="spContext">The SharePointContext instance to be saved, or <c>null</c>.</param> /// <param name="httpContext">The HTTP context.</param> protected abstract void SaveSharePointContext(SharePointContext spContext, HttpContext httpContext);
protected override bool ValidateSharePointContext(SharePointContext spContext, HttpContext httpContext) { SharePointAcsContext spAcsContext = spContext as SharePointAcsContext; if (spAcsContext != null) { Uri spHostUrl = SharePointContext.GetSPHostUrl(httpContext.Request); string contextToken = TokenHelper.GetContextTokenFromRequest(httpContext.Request); //Cookie spCacheKeyCookie = httpContext.Request.Cookies[SPCacheKeyKey].ToString(); string spCacheKey = httpContext.Request.Cookies[SPCacheKeyKey].ToString(); //spCacheKeyCookie != null ? spCacheKeyCookie.Value : null; return spHostUrl == spAcsContext.SPHostUrl && !string.IsNullOrEmpty(spAcsContext.CacheKey) && spCacheKey == spAcsContext.CacheKey && !string.IsNullOrEmpty(spAcsContext.ContextToken) && (string.IsNullOrEmpty(contextToken) || contextToken == spAcsContext.ContextToken); } return false; }
protected override void SaveSharePointContext(SharePointContext spContext, HttpContext httpContext) { SharePointAcsContext spAcsContext = spContext as SharePointAcsContext; if (spAcsContext != null) { //Cookie spCacheKeyCookie = new Cookie(SPCacheKeyKey, spAcsContext.CacheKey) //{ // Secure = true, // HttpOnly = true //}; httpContext.Response.Cookies.Append(SPCacheKeyKey, spAcsContext.CacheKey); } var serializedContext = JsonConvert.SerializeObject(spAcsContext); httpContext.Session.SetString(SPContextKey, serializedContext); }