public static void Serialize(AntiForgeryToken token, Stream stream)
{
using (BinaryWriter writer = new BinaryWriter(stream))
{
writer.Write(token.Username);
writer.Write(token.IPAddress);
writer.Write(token.ExpiresOn.Ticks);
writer.Write(token.Random);
}
}
public static void Serialize(AntiForgeryToken token, Stream stream)
{
using (BinaryWriter writer = new BinaryWriter(stream))
{
writer.Write(token.Username);
writer.Write(token.IPAddress);
writer.Write(token.ExpiresOn.Ticks);
writer.Write(token.Random);
}
}
public static bool ValidateAuthToken(AntiForgeryToken antiForgeryToken, TimeSpan validityPeriod)
{
if (DateTime.UtcNow > antiForgeryToken.ExpiresOn)
{
return false;
}
string callerIPAddress = GetCallerIPAddress();
if (!string.Equals(callerIPAddress, antiForgeryToken.IPAddress))
{
return false;
}
return true;
}
public static bool ValidateAntiForgeryToken(string token, out AntiForgeryToken antiForgeryToken)
{
byte[] tokenBytes = EncryptionHelper.DecryptAntiForgeryToken(Convert.FromBase64String(token));
using (MemoryStream memoryStream = new MemoryStream(tokenBytes))
{
antiForgeryToken = AntiForgeryToken.Deserialize(memoryStream);
}
return ValidateAuthToken(antiForgeryToken, Settings.Default.AntiForgeryTokenExpiryInterval);
}
public static string NewAntiForgeryToken(string username)
{
AntiForgeryToken antiForgeryToken = new AntiForgeryToken(username, GetCallerIPAddress(),
DateTime.UtcNow + Settings.Default.AntiForgeryTokenExpiryInterval,
Common.Helpers.RandomHelper.RandomLong());
return Convert.ToBase64String(EncryptionHelper.EncryptAntiForgeryToken(antiForgeryToken.AsBytes()));
}