protected CasAuthFlow WriteFlowCookie(HttpContext context)
{
// generate state and nonce
CasAuthFlow flow = new CasAuthFlow()
{
idp = this.Id,
state = this.GenerateSafeRandomString(32),
nonce = this.GenerateSafeRandomString(32)
};
// determine redirect
string redirect = context.Request.Query["redirecturi"];
if (!string.IsNullOrEmpty(redirect))
{
flow.redirecturi = redirect;
}
else if (!string.IsNullOrEmpty(CasConfig.DefaultRedirectUrl))
{
flow.redirecturi = CasConfig.DefaultRedirectUrl;
}
// store the authflow for validating state and nonce later
// NOTE: this has to be SameSite=none because it is being POSTed from an external IDP
context.Response.Cookies.Append("authflow", JsonConvert.SerializeObject(flow), new CookieOptions()
{
Expires = DateTimeOffset.Now.AddMinutes(10),
HttpOnly = true,
Secure = CasConfig.RequireSecureForCookies,
SameSite = SameSiteMode.None
});
return(flow);
}
protected async Task Redirect(HttpContext context, CasAuthFlow flow)
{
if (!string.IsNullOrEmpty(flow.redirecturi))
{
context.Response.Redirect(flow.redirecturi);
}
await context.Response.CompleteAsync();
}