/// <summary>
/// Decrypts the user ID from a given authentication token.
/// </summary>
public bool GetUserId(string authenticationToken, out string userId, out LiveAuthException error)
{
Debug.Assert(!string.IsNullOrEmpty(authenticationToken));
return(LiveAuthWebUtility.ReadUserIdFromAuthenticationToken(
authenticationToken,
this.clientSecret,
out userId,
out error));
}
/// <summary>
/// Validate if the user Id from the received session matches the one from the refresh token and current session.
/// </summary>
private LiveAuthException ValidateSession(LiveConnectSession session)
{
Debug.Assert(session != null);
string currentUserId = null;
string userId;
LiveAuthException error = null;
LiveConnectSession currentSession = (this.loginStatus == null) ? null : this.loginStatus.Session;
// Read current session user Id, if available.
if (currentSession != null)
{
LiveAuthException currentSessionError;
LiveAuthWebUtility.ReadUserIdFromAuthenticationToken(
currentSession.AuthenticationToken,
this.clientSecret,
out currentUserId,
out currentSessionError);
}
// Read user Id from the new session received from the auth server.
LiveAuthWebUtility.ReadUserIdFromAuthenticationToken(session.AuthenticationToken, this.clientSecret, out userId, out error);
if (error == null)
{
if (!string.IsNullOrEmpty(currentUserId) &&
string.Compare(userId, currentUserId, StringComparison.InvariantCultureIgnoreCase) != 0)
{
// The user Id should match current session user Id
error = new LiveAuthException(AuthErrorCodes.InvalidRequest, ErrorText.NewSessionDoesNotMatchCurrentUserId);
}
else if (this.refreshTokenInfo != null &&
string.Compare(userId, this.refreshTokenInfo.UserId, StringComparison.InvariantCultureIgnoreCase) != 0)
{
// The user Id should match the uesr Id from the one in the refresh token if available.
error = new LiveAuthException(AuthErrorCodes.InvalidRequest, ErrorText.RefereshTokenNotMatchUserId);
}
}
return(error);
}
/// <summary>
/// Reads current user session.
/// </summary>
public static LiveLoginResult GetUserLoginStatus(HttpContextBase webContext)
{
Debug.Assert(webContext != null);
HttpCookie cookie = webContext.Request.Cookies[AuthCookie];
LiveConnectSession session = null;
LiveConnectSessionStatus status = LiveConnectSessionStatus.Unknown;
if (cookie != null && cookie.Values != null)
{
string accessToken = cookie[AuthConstants.AccessToken];
if (!string.IsNullOrEmpty(accessToken))
{
session = new LiveConnectSession();
session.AccessToken = UrlDataDecode(accessToken);
session.AuthenticationToken = UrlDataDecode(cookie[AuthConstants.AuthenticationToken]);
session.RefreshToken = UrlDataDecode(cookie[AuthConstants.RefreshToken]);
session.Scopes = LiveAuthUtility.ParseScopeString(UrlDataDecode(cookie[AuthConstants.Scope]));
session.Expires = LiveAuthWebUtility.ParseExpiresValue(UrlDataDecode(cookie[AuthConstants.Expires]));
status = session.IsValid ? LiveConnectSessionStatus.Connected : LiveConnectSessionStatus.Expired;
}
else
{
// If we previously recorded NotConnected, take that value.
// Ignore other values that may be set by JS library.
LiveConnectSessionStatus statusFromCookie;
if (Enum.TryParse <LiveConnectSessionStatus>(cookie[AuthConstants.Status],
true /*ignore case*/,
out statusFromCookie))
{
if (statusFromCookie == LiveConnectSessionStatus.NotConnected)
{
status = statusFromCookie;
}
}
}
}
return(new LiveLoginResult(status, session));
}
/// <summary>
/// Writes the user current session.
/// </summary>
public static void UpdateUserSession(HttpContextBase context, LiveLoginResult loginResult, string requestTs)
{
if (context == null)
{
return;
}
Debug.Assert(loginResult != null);
Dictionary <string, string> cookieValues = new Dictionary <string, string>();
HttpCookie cookie = context.Request.Cookies[AuthCookie];
HttpCookie newCookie = new HttpCookie(AuthCookie);
newCookie.Path = "/";
string host = context.Request.Headers["Host"];
newCookie.Domain = host.Split(':')[0];
if (cookie != null && cookie.Values != null)
{
foreach (string key in cookie.Values.AllKeys)
{
newCookie.Values[key] = cookie[key];
}
}
LiveConnectSession session = loginResult.Session;
if (session != null)
{
newCookie.Values[AuthConstants.AccessToken] = Uri.EscapeDataString(session.AccessToken);
newCookie.Values[AuthConstants.AuthenticationToken] = Uri.EscapeDataString(session.AuthenticationToken);
newCookie.Values[AuthConstants.Scope] = Uri.EscapeDataString(LiveAuthUtility.BuildScopeString(session.Scopes));
newCookie.Values[AuthConstants.ExpiresIn] = Uri.EscapeDataString(LiveAuthWebUtility.GetExpiresInString(session.Expires));
newCookie.Values[AuthConstants.Expires] = Uri.EscapeDataString(LiveAuthWebUtility.GetExpiresString(session.Expires));
}
LiveConnectSessionStatus status;
if (!string.IsNullOrEmpty(newCookie[AuthConstants.AccessToken]))
{
// We have an access token, so it is connected, regardless expired or not
// since it is handled after loading the session in both Asp.Net and JS library.
status = LiveConnectSessionStatus.Connected;
}
else
{
status = loginResult.Status;
if (loginResult.Status == LiveConnectSessionStatus.Unknown)
{
// If we recorded NotConnected previously, keep it.
LiveConnectSessionStatus statusFromCookie;
if (Enum.TryParse <LiveConnectSessionStatus>(
newCookie[AuthConstants.Status],
true /*ignore case*/,
out statusFromCookie))
{
if (statusFromCookie == LiveConnectSessionStatus.NotConnected)
{
status = statusFromCookie;
}
}
}
}
newCookie.Values[AuthConstants.Status] = GetStatusString(status);
// Needs to write error to inform the JS library.
LiveAuthException authError = loginResult.Error as LiveAuthException;
if (authError != null)
{
newCookie.Values[AuthConstants.Error] = Uri.EscapeDataString(authError.ErrorCode);
newCookie.Values[AuthConstants.ErrorDescription] = HttpUtility.UrlPathEncode(authError.Message);
}
else if (status != LiveConnectSessionStatus.Connected)
{
newCookie.Values[AuthConstants.Error] = Uri.EscapeDataString(AuthErrorCodes.AccessDenied);
newCookie.Values[AuthConstants.ErrorDescription] = HttpUtility.UrlPathEncode("Cannot retrieve access token.");
}
if (!string.IsNullOrEmpty(requestTs))
{
newCookie.Values[AuthConstants.ClientRequestTs] = requestTs;
}
context.Response.Cookies.Add(newCookie);
}
