/// <summary> /// Gets the PersonToken by impersonation token (rckipid) /// </summary> /// <param name="impersonationToken">The impersonation token.</param> /// <returns></returns> public PersonToken GetByImpersonationToken(string impersonationToken) { // the impersonationToken should normally be a UrlEncoded string, but it is possible that the caller already UrlDecoded it, so first try without UrlDecoding it var decryptedToken = Rock.Security.Encryption.DecryptString(impersonationToken); if (decryptedToken == null) { // do a Replace('!', '%') on the token before UrlDecoding because we did a Replace('%', '!') after we UrlEncoded it (to make it embeddable in HTML and cross browser compatible) string urlDecodedKey = System.Web.HttpUtility.UrlDecode(impersonationToken.Replace('!', '%')); decryptedToken = Rock.Security.Encryption.DecryptString(urlDecodedKey); } var personToken = this.Queryable().Include(pt => pt.PersonAlias).FirstOrDefault(a => a.Token == decryptedToken); if (personToken == null) { bool tokenUseLegacyFallback = GlobalAttributesCache.Get().GetValue("core.PersonTokenUseLegacyFallback").AsBoolean(); if (tokenUseLegacyFallback) { var legacyPerson = new PersonService(this.Context as Data.RockContext).GetByLegacyEncryptedKey(impersonationToken, true); if (legacyPerson == null || !legacyPerson.IsPersonTokenUsageAllowed()) { return(null); } if (legacyPerson != null) { // if LegacyFallback is enabled, and we found a person, create a fake PersonToken personToken = new PersonToken { PersonAlias = legacyPerson.PrimaryAlias, ExpireDateTime = null, PageId = null, LastUsedDateTime = RockDateTime.Now, UsageLimit = null }; } } else { return(null); } } var person = new PersonService(this.Context as Data.RockContext).Get(personToken.PersonAlias.PersonId); if (!person.IsPersonTokenUsageAllowed()) { return(null); } return(personToken); }