public IActionResult Login(LoginModel model) { var vm = new LoginViewModel(); vm.Model = model; if (!ModelState.IsValid) { vm.Result = OperationResult.ErrorResult("错误的请求"); return this.View(vm); } var result = this.AuthService.Login(model.UserName, model.Password); if (result.Success) { var option = new CookieOptions(); if (model.RememberMe) { option.Expires = DateTime.Now.AddMonths(6); } this.Response.Cookies.Append("token", result.Data, option); return RedirectToAction("Index", "Home"); } else { vm.Result = result; return this.View(vm); } }
public AppendCookieContext(HttpContext context, CookieOptions options, string name, string value) { Context = context; CookieOptions = options; CookieName = name; CookieValue = value; }
private CookieOptions CreateCookieOptions(bool? persistent, DateTimeOffset? expires = null) { var secure = _context.HttpContext.Request.IsHttps; var path = _context.GetBasePath().CleanUrlPath(); var options = new CookieOptions { HttpOnly = false, Secure = secure, Path = path }; // todo: load authN cookie and copy its values for persistent/expiration //if (persistent != false) //{ // if (persistent == true || _context.Options.AuthenticationOptions.CookieAuthenticationOptions.IsPersistent) // { // if (persistent == true) // { // expires = expires ?? DateTimeHelper.UtcNow.Add(this.identityServerOptions.AuthenticationOptions.CookieOptions.RememberMeDuration); // } // else // { // expires = expires ?? DateTimeHelper.UtcNow.Add(this.identityServerOptions.AuthenticationOptions.CookieOptions.ExpireTimeSpan); // } // options.Expires = expires.Value.UtcDateTime; // } //} return options; }
void SetCookie(string value) { DateTime? expires = null; if (String.IsNullOrWhiteSpace(value)) { var existingValue = GetCookie(); if (existingValue == null) { // no need to write cookie to clear if we don't already have one return; } value = "."; expires = DateTime.Now.AddYears(-1); } var opts = new CookieOptions { HttpOnly = true, Secure = false, Path = "/", Expires = expires }; Response.Cookies.Append(CookieName, value, opts); }
public static string Login(HttpContext context, Guid userId, DateTime? modifiedOn, bool rememberMe, IErpService service) { var identity = CreateIdentity(userId, service); if (identity == null) throw new Exception("Try to login with invalid user."); if (modifiedOn != identity.User.ModifiedOn) modifiedOn = identity.User.ModifiedOn; ErpUser user = new SecurityManager(service).GetUser(userId); string token = AuthToken.Create(user, rememberMe).Encrypt(); if (rememberMe) { CookieOptions options = new CookieOptions(); options.Expires = DateTime.Today.AddDays(AUTH_REMEMBER_IDENTITY_DAYS); context.Response.Cookies.Append(AUTH_TOKEN_KEY, token, options); } else context.Response.Cookies.Append(AUTH_TOKEN_KEY, token); context.User = new ErpPrincipal(identity); new SecurityManager(service).UpdateUserLastLoginTime(userId); return token; }
public HttpStatusCodeResult SignOut() { if (Request.Cookies.ContainsKey("user")) { var options = new CookieOptions(); options.Expires = DateTime.Now.AddDays(-1); Response.Cookies.Append("user", "", options); // HttpContext.Response.Cookies.Delete("user"); } return new HttpOkResult(); }
/// <summary> /// Creates a new instance of the context object. /// </summary> /// <param name="context">The HTTP request context</param> /// <param name="options">The middleware options</param> /// <param name="authenticationScheme">Initializes AuthenticationScheme property</param> /// <param name="principal">Initializes Principal property</param> /// <param name="properties">Initializes Extra property</param> /// <param name="cookieOptions">Initializes options for the authentication cookie.</param> public CookieSigningInContext( HttpContext context, CookieAuthenticationOptions options, string authenticationScheme, ClaimsPrincipal principal, AuthenticationProperties properties, CookieOptions cookieOptions) : base(context, options) { AuthenticationScheme = authenticationScheme; Principal = principal; Properties = properties; CookieOptions = cookieOptions; }
public void SaveCookieToken(HttpContext httpContext, AntiForgeryToken token) { var serializedToken = _serializer.Serialize(token); var options = new CookieOptions() { HttpOnly = true }; // Note: don't use "newCookie.Secure = _config.RequireSSL;" since the default // value of newCookie.Secure is poulated out of band. if (_config.RequireSSL) { options.Secure = true; } httpContext.Response.Cookies.Append(_config.CookieName, serializedToken, options); }
public void SaveCookieToken(HttpContext httpContext, AntiForgeryToken token) { // Add the cookie to the request based context. // This is useful if the cookie needs to be reloaded in the context of the same request. var contextAccessor = httpContext.RequestServices.GetRequiredService<IScopedInstance<AntiForgeryContext>>(); Debug.Assert(contextAccessor.Value == null, "AntiForgeryContext should be set only once per request."); contextAccessor.Value = new AntiForgeryContext() { CookieToken = token }; var serializedToken = _serializer.Serialize(token); var options = new CookieOptions() { HttpOnly = true }; // Note: don't use "newCookie.Secure = _config.RequireSSL;" since the default // value of newCookie.Secure is poulated out of band. if (_config.RequireSSL) { options.Secure = true; } httpContext.Response.Cookies.Append(_config.CookieName, serializedToken, options); }
public void SaveCookieToken(HttpContext httpContext, AntiforgeryToken token) { if (httpContext == null) { throw new ArgumentNullException(nameof(httpContext)); } if (token == null) { throw new ArgumentNullException(nameof(token)); } // Add the cookie to the request based context. // This is useful if the cookie needs to be reloaded in the context of the same request. var services = httpContext.RequestServices; var contextAccessor = services.GetRequiredService<IAntiforgeryContextAccessor>(); Debug.Assert(contextAccessor.Value == null, "AntiforgeryContext should be set only once per request."); contextAccessor.Value = new AntiforgeryContext() { CookieToken = token }; var serializedToken = _tokenSerializer.Serialize(token); var options = new CookieOptions() { HttpOnly = true }; // Note: don't use "newCookie.Secure = _options.RequireSSL;" since the default // value of newCookie.Secure is poulated out of band. if (_options.RequireSsl) { options.Secure = true; } httpContext.Response.Cookies.Append(_options.CookieName, serializedToken, options); }
private void SetCookie() { var cookieOptions = new CookieOptions { Domain = _options.CookieDomain, HttpOnly = _options.CookieHttpOnly, Path = _options.CookiePath ?? "/", }; _context.Response.Cookies.Append(_options.CookieName, _sessionKey, cookieOptions); _context.Response.Headers.Set( "Cache-Control", "no-cache"); _context.Response.Headers.Set( "Pragma", "no-cache"); _context.Response.Headers.Set( "Expires", "-1"); }
/// <summary> /// /// </summary> /// <param name="context"></param> /// <param name="options"></param> /// <param name="cookieOptions"></param> public CookieSigningOutContext(HttpContext context, CookieAuthenticationOptions options, CookieOptions cookieOptions) : base(context, options) { CookieOptions = cookieOptions; }
public void Delete(string key, CookieOptions options) { throw new NotImplementedException(); }
public void Append(string key, string value, CookieOptions options) { this.Key = key; this.Value = value; this.Options = options; this.Count++; }
/// <summary> /// Appends a new response cookie to the Set-Cookie header. If the cookie is larger than the given size limit /// then it will be broken down into multiple cookies as follows: /// Set-Cookie: CookieName=chunks:3; path=/ /// Set-Cookie: CookieNameC1=Segment1; path=/ /// Set-Cookie: CookieNameC2=Segment2; path=/ /// Set-Cookie: CookieNameC3=Segment3; path=/ /// </summary> /// <param name="context"></param> /// <param name="key"></param> /// <param name="value"></param> /// <param name="options"></param> public void AppendResponseCookie(HttpContext context, string key, string value, CookieOptions options) { if (context == null) { throw new ArgumentNullException(nameof(context)); } if (key == null) { throw new ArgumentNullException(nameof(key)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } var escapedKey = Encoder.UrlEncode(key); var template = new SetCookieHeaderValue(escapedKey) { Domain = options.Domain, Expires = options.Expires, HttpOnly = options.HttpOnly, Path = options.Path, Secure = options.Secure, }; var templateLength = template.ToString().Length; value = value ?? string.Empty; var quoted = false; if (IsQuoted(value)) { quoted = true; value = RemoveQuotes(value); } var escapedValue = Encoder.UrlEncode(value); // Normal cookie var responseHeaders = context.Response.Headers; if (!ChunkSize.HasValue || ChunkSize.Value > templateLength + escapedValue.Length + (quoted ? 2 : 0)) { template.Value = quoted ? Quote(escapedValue) : escapedValue; responseHeaders.Append(Constants.Headers.SetCookie, template.ToString()); } else if (ChunkSize.Value < templateLength + (quoted ? 2 : 0) + 10) { // 10 is the minimum data we want to put in an individual cookie, including the cookie chunk identifier "CXX". // No room for data, we can't chunk the options and name throw new InvalidOperationException(Resources.Exception_CookieLimitTooSmall); } else { // Break the cookie down into multiple cookies. // Key = CookieName, value = "Segment1Segment2Segment2" // Set-Cookie: CookieName=chunks:3; path=/ // Set-Cookie: CookieNameC1="Segment1"; path=/ // Set-Cookie: CookieNameC2="Segment2"; path=/ // Set-Cookie: CookieNameC3="Segment3"; path=/ var dataSizePerCookie = ChunkSize.Value - templateLength - (quoted ? 2 : 0) - 3; // Budget 3 chars for the chunkid. var cookieChunkCount = (int)Math.Ceiling(escapedValue.Length * 1.0 / dataSizePerCookie); template.Value = "chunks:" + cookieChunkCount.ToString(CultureInfo.InvariantCulture); responseHeaders.Append(Constants.Headers.SetCookie, template.ToString()); var chunks = new string[cookieChunkCount]; var offset = 0; for (var chunkId = 1; chunkId <= cookieChunkCount; chunkId++) { var remainingLength = escapedValue.Length - offset; var length = Math.Min(dataSizePerCookie, remainingLength); var segment = escapedValue.Substring(offset, length); offset += length; template.Name = escapedKey + "C" + chunkId.ToString(CultureInfo.InvariantCulture); template.Value = quoted ? Quote(segment) : segment; chunks[chunkId - 1] = template.ToString(); } responseHeaders.Append(Constants.Headers.SetCookie, chunks); } }
private void ApplyPolicy(CookieOptions options) { switch (Policy.Secure) { case SecurePolicy.Always: options.Secure = true; break; case SecurePolicy.SameAsRequest: options.Secure = Context.Request.IsHttps; break; case SecurePolicy.None: break; default: throw new InvalidOperationException(); } switch (Policy.HttpOnly) { case HttpOnlyPolicy.Always: options.HttpOnly = true; break; case HttpOnlyPolicy.None: break; default: throw new InvalidOperationException(); } }
private void SetCookie() { var cookieOptions = new CookieOptions { Domain = _options.CookieDomain, HttpOnly = _options.CookieHttpOnly, Path = _options.CookiePath ?? SessionDefaults.CookiePath, }; _context.Response.Cookies.Append(_options.CookieName, _sessionKey, cookieOptions); _context.Response.Headers["Cache-Control"] = "no-cache"; _context.Response.Headers["Pragma"] = "no-cache"; _context.Response.Headers["Expires"] = "-1"; }
protected bool ValidateCorrelationId([NotNull] AuthenticationProperties properties, [NotNull] ILogger logger) { var correlationKey = Constants.CorrelationPrefix + BaseOptions.AuthenticationScheme; var correlationCookie = Request.Cookies[correlationKey]; if (string.IsNullOrWhiteSpace(correlationCookie)) { logger.LogWarning("{0} cookie not found.", correlationKey); return false; } var cookieOptions = new CookieOptions { HttpOnly = true, Secure = Request.IsHttps }; Response.Cookies.Delete(correlationKey, cookieOptions); string correlationExtra; if (!properties.Dictionary.TryGetValue( correlationKey, out correlationExtra)) { logger.LogWarning("{0} state property not found.", correlationKey); return false; } properties.Dictionary.Remove(correlationKey); if (!string.Equals(correlationCookie, correlationExtra, StringComparison.Ordinal)) { logger.LogWarning("{0} correlation cookie and state property mismatch.", correlationKey); return false; } return true; }
protected void GenerateCorrelationId([NotNull] AuthenticationProperties properties) { var correlationKey = Constants.CorrelationPrefix + BaseOptions.AuthenticationScheme; var nonceBytes = new byte[32]; CryptoRandom.GetBytes(nonceBytes); var correlationId = TextEncodings.Base64Url.Encode(nonceBytes); var cookieOptions = new CookieOptions { HttpOnly = true, Secure = Request.IsHttps }; properties.Dictionary[correlationKey] = correlationId; Response.Cookies.Append(correlationKey, correlationId, cookieOptions); }
public void Append(string key, string value, CookieOptions options) { throw new NotImplementedException(); }
/// <summary> /// Deletes the cookie with the given key by setting an expired state. If a matching chunked cookie exists on /// the request, delete each chunk. /// </summary> /// <param name="context"></param> /// <param name="key"></param> /// <param name="options"></param> public void DeleteCookie(HttpContext context, string key, CookieOptions options) { if (context == null) { throw new ArgumentNullException(nameof(context)); } if (key == null) { throw new ArgumentNullException(nameof(key)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } var escapedKey = Encoder.UrlEncode(key); var keys = new List<string>(); keys.Add(escapedKey + "="); var requestCookie = context.Request.Cookies[key]; var chunks = ParseChunksCount(requestCookie); if (chunks > 0) { for (int i = 1; i <= chunks + 1; i++) { var subkey = escapedKey + "C" + i.ToString(CultureInfo.InvariantCulture); keys.Add(subkey + "="); } } var domainHasValue = !string.IsNullOrEmpty(options.Domain); var pathHasValue = !string.IsNullOrEmpty(options.Path); Func<string, bool> rejectPredicate; Func<string, bool> predicate = value => keys.Any(k => value.StartsWith(k, StringComparison.OrdinalIgnoreCase)); if (domainHasValue) { rejectPredicate = value => predicate(value) && value.IndexOf("domain=" + options.Domain, StringComparison.OrdinalIgnoreCase) != -1; } else if (pathHasValue) { rejectPredicate = value => predicate(value) && value.IndexOf("path=" + options.Path, StringComparison.OrdinalIgnoreCase) != -1; } else { rejectPredicate = value => predicate(value); } var responseHeaders = context.Response.Headers; var existingValues = responseHeaders[Constants.Headers.SetCookie]; if (!StringValues.IsNullOrEmpty(existingValues)) { responseHeaders[Constants.Headers.SetCookie] = existingValues.Where(value => !rejectPredicate(value)).ToArray(); } AppendResponseCookie( context, key, string.Empty, new CookieOptions() { Path = options.Path, Domain = options.Domain, Expires = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc), }); for (int i = 1; i <= chunks; i++) { AppendResponseCookie( context, key + "C" + i.ToString(CultureInfo.InvariantCulture), string.Empty, new CookieOptions() { Path = options.Path, Domain = options.Domain, Expires = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc), }); } }
private static void GenerateCorrelationId(HttpContext context, OpenIdConnectOptions options, AuthenticationProperties properties) { if (properties == null) { throw new ArgumentNullException(nameof(properties)); } var correlationKey = OpenIdConnectDefaults.CookieStatePrefix; var nonceBytes = new byte[32]; CryptoRandom.GetBytes(nonceBytes); var correlationId = Base64UrlTextEncoder.Encode(nonceBytes); var cookieOptions = new CookieOptions { HttpOnly = true, Secure = context.Request.IsHttps, Expires = DateTime.UtcNow + options.ProtocolValidator.NonceLifetime }; properties.Items[correlationKey] = correlationId; context.Response.Cookies.Append(correlationKey + correlationId, NonceProperty, cookieOptions); }
public DeleteCookieContext(HttpContext context, CookieOptions options, string name) { Context = context; CookieOptions = options; CookieName = name; }
public void Delete(string key, CookieOptions options) { if (options == null) { throw new ArgumentNullException(nameof(options)); } ApplyPolicy(options); if (Policy.OnDeleteCookie != null) { var context = new DeleteCookieContext(Context, options, key); Policy.OnDeleteCookie(context); key = context.CookieName; } Cookies.Delete(key, options); }
protected override void SaveSharePointContext(SharePointContext spContext, HttpContext httpContext) { SharePointAcsContext spAcsContext = spContext as SharePointAcsContext; //creates a cookie to store the SPCacheKey if (spAcsContext != null) { var options = new CookieOptions() { HttpOnly = true, Secure = true }; httpContext.Response.Cookies.Append(SPCacheKeyKey, spAcsContext.CacheKey, options); } string output = JsonConvert.SerializeObject(spAcsContext); byte[] bytes = new byte[output.Length * sizeof(char)]; System.Buffer.BlockCopy(output.ToCharArray(), 0, bytes, 0, bytes.Length); httpContext.Session.Set(SPContextKey, bytes); }
public void Append(string key, string value, CookieOptions options) { if (options == null) { throw new ArgumentNullException(nameof(options)); } ApplyPolicy(options); if (Policy.OnAppendCookie != null) { var context = new AppendCookieContext(Context, options, key, value); Policy.OnAppendCookie(context); key = context.CookieName; value = context.CookieValue; } Cookies.Append(key, value, options); }
public void Login(HttpContext context, Guid userId, DateTime? modifiedOn, bool rememberMe, IErpService service) { var identity = CreateIdentity(userId, service); if (identity == null) throw new Exception("Try to login with invalid user."); if (modifiedOn != identity.User.ModifiedOn) modifiedOn = identity.User.ModifiedOn; string token = AuthToken.Create(userId, modifiedOn, rememberMe).Encrypt(); if (rememberMe) { CookieOptions options = new CookieOptions(); options.Expires = DateTime.Today.AddDays(AUTH_REMEMBER_IDENTITY_DAYS); context.Response.Cookies.Append(AUTH_TOKEN_KEY, token, options); } else context.Response.Cookies.Append(AUTH_TOKEN_KEY, token); context.User = new ErpPrincipal(identity); //TODO //var dataGateway = new DataGateway(service); //dataGateway.UpdateUserLastLoginTime(userId); //dataGateway.CreateLoginLog(identity.User, identity.Customer); }