///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// private static AnonymousIdData GetDecodedValue(string data) { if (data == null || data.Length < 1 || data.Length > MAX_ENCODED_COOKIE_STRING) { return(null); } try { byte [] bBlob = CookieProtectionHelper.Decode(s_Protection, data, Purpose.AnonymousIdentificationModule_Ticket); if (bBlob == null || bBlob.Length < 13) { return(null); } DateTime expireDate = DateTime.FromFileTimeUtc(BitConverter.ToInt64(bBlob, 0)); if (expireDate < DateTime.UtcNow) { return(null); } int len = BitConverter.ToInt32(bBlob, 8); if (len < 0 || len > bBlob.Length - 12) { return(null); } string id = Encoding.UTF8.GetString(bBlob, 12, len); if (id.Length > MAX_ID_LENGTH) { return(null); } return(new AnonymousIdData(id, expireDate)); } catch {} return(null); }
private static AnonymousIdData GetDecodedValue(string data) { if (((data != null) && (data.Length >= 1)) && (data.Length <= 0x200)) { try { byte[] buffer = CookieProtectionHelper.Decode(s_Protection, data); if ((buffer == null) || (buffer.Length < 13)) { return(null); } DateTime dt = DateTime.FromFileTimeUtc(BitConverter.ToInt64(buffer, 0)); if (dt < DateTime.UtcNow) { return(null); } int count = BitConverter.ToInt32(buffer, 8); if ((count < 0) || (count > (buffer.Length - 12))) { return(null); } string id = Encoding.UTF8.GetString(buffer, 12, count); if (id.Length > 0x80) { return(null); } return(new AnonymousIdData(id, dt)); } catch { } } return(null); }
private void InitFromEncryptedTicket(string encryptedTicket) { if (HostingEnvironment.IsHosted && EtwTrace.IsTraceEnabled(4, 8)) { EtwTrace.Trace(EtwTraceType.ETW_TYPE_ROLE_BEGIN, HttpContext.Current.WorkerRequest); } if (!string.IsNullOrEmpty(encryptedTicket)) { byte[] buffer = CookieProtectionHelper.Decode(Roles.CookieProtectionValue, encryptedTicket); if (buffer != null) { RolePrincipal principal = null; MemoryStream serializationStream = null; try { serializationStream = new MemoryStream(buffer); principal = new BinaryFormatter().Deserialize(serializationStream) as RolePrincipal; } catch { } finally { serializationStream.Close(); } if (((principal != null) && StringUtil.EqualsIgnoreCase(principal._Username, this._Identity.Name)) && (StringUtil.EqualsIgnoreCase(principal._ProviderName, this._ProviderName) && (DateTime.UtcNow <= principal._ExpireDate))) { this._Version = principal._Version; this._ExpireDate = principal._ExpireDate; this._IssueDate = principal._IssueDate; this._IsRoleListCached = principal._IsRoleListCached; this._CachedListChanged = false; this._Username = principal._Username; this._Roles = principal._Roles; this.RenewIfOld(); if (HostingEnvironment.IsHosted && EtwTrace.IsTraceEnabled(4, 8)) { EtwTrace.Trace(EtwTraceType.ETW_TYPE_ROLE_END, HttpContext.Current.WorkerRequest, "RolePrincipal", this._Identity.Name); } return; } } } this.Init(); this._CachedListChanged = true; if (HostingEnvironment.IsHosted && EtwTrace.IsTraceEnabled(4, 8)) { EtwTrace.Trace(EtwTraceType.ETW_TYPE_ROLE_END, HttpContext.Current.WorkerRequest, "RolePrincipal", this._Identity.Name); } }
private static string GetEncodedValue(AnonymousIdData data) { if (data == null) { return(null); } byte[] bytes = Encoding.UTF8.GetBytes(data.AnonymousId); byte[] src = BitConverter.GetBytes(bytes.Length); byte[] buffer3 = BitConverter.GetBytes(data.ExpireDate.ToFileTimeUtc()); byte[] dst = new byte[12 + bytes.Length]; Buffer.BlockCopy(buffer3, 0, dst, 0, 8); Buffer.BlockCopy(src, 0, dst, 8, 4); Buffer.BlockCopy(bytes, 0, dst, 12, bytes.Length); return(CookieProtectionHelper.Encode(s_Protection, dst, dst.Length)); }
///////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////// private static string GetEncodedValue(AnonymousIdData data) { if (data == null) { return(null); } byte [] bufId = Encoding.UTF8.GetBytes(data.AnonymousId); byte [] bufIdLen = BitConverter.GetBytes(bufId.Length); byte [] bufDate = BitConverter.GetBytes(data.ExpireDate.ToFileTimeUtc()); byte [] buffer = new byte[12 + bufId.Length]; Buffer.BlockCopy(bufDate, 0, buffer, 0, 8); Buffer.BlockCopy(bufIdLen, 0, buffer, 8, 4); Buffer.BlockCopy(bufId, 0, buffer, 12, bufId.Length); return(CookieProtectionHelper.Encode(s_Protection, buffer, Purpose.AnonymousIdentificationModule_Ticket)); }
public string ToEncryptedTicket() { if (!Roles.Enabled) { return(null); } if (_Identity != null && !_Identity.IsAuthenticated) { return(null); } if (_Identity == null && string.IsNullOrEmpty(_Username)) { return(null); } if (_Roles.Count > Roles.MaxCachedResults) { return(null); } MemoryStream ms = new System.IO.MemoryStream(); byte[] buf = null; IIdentity id = _Identity; try { _Identity = null; BinaryFormatter bf = new BinaryFormatter(); bool originalSerializingForCookieValue = _serializingForCookie; try { // DevDiv 481327: ClaimsPrincipal is an expensive type to serialize and deserialize. If the developer is using // role management, then he is going to be querying regular ASP.NET membership roles rather than claims, so // we can cut back on the number of bytes sent across the wire by ignoring any claims in the underlying // identity. Otherwise we risk sending a cookie too large for the browser to handle. _serializingForCookie = true; bf.Serialize(ms, this); } finally { _serializingForCookie = originalSerializingForCookieValue; } buf = ms.ToArray(); } finally { ms.Close(); _Identity = id; } return(CookieProtectionHelper.Encode(Roles.CookieProtectionValue, buf, Purpose.RolePrincipal_Ticket)); }
public string ToEncryptedTicket() { if (!Roles.Enabled) { return(null); } if ((this._Identity != null) && !this._Identity.IsAuthenticated) { return(null); } if ((this._Identity == null) && string.IsNullOrEmpty(this._Username)) { return(null); } if (this._Roles.Count > Roles.MaxCachedResults) { return(null); } MemoryStream serializationStream = new MemoryStream(); byte[] buf = null; IIdentity identity = this._Identity; try { this._Identity = null; new BinaryFormatter().Serialize(serializationStream, this); buf = serializationStream.ToArray(); } finally { serializationStream.Close(); this._Identity = identity; } return(CookieProtectionHelper.Encode(Roles.CookieProtectionValue, buf, buf.Length)); }
private void InitFromEncryptedTicket(string encryptedTicket) { if (HostingEnvironment.IsHosted && EtwTrace.IsTraceEnabled(EtwTraceLevel.Information, EtwTraceFlags.AppSvc) && HttpContext.Current != null) { EtwTrace.Trace(EtwTraceType.ETW_TYPE_ROLE_BEGIN, HttpContext.Current.WorkerRequest); } if (string.IsNullOrEmpty(encryptedTicket)) { goto Exit; } byte[] bTicket = CookieProtectionHelper.Decode(Roles.CookieProtectionValue, encryptedTicket, Purpose.RolePrincipal_Ticket); if (bTicket == null) { goto Exit; } RolePrincipal rp = null; MemoryStream ms = null; try{ ms = new System.IO.MemoryStream(bTicket); rp = (new BinaryFormatter()).Deserialize(ms) as RolePrincipal; } catch { } finally { ms.Close(); } if (rp == null) { goto Exit; } if (!StringUtil.EqualsIgnoreCase(rp._Username, _Identity.Name)) { goto Exit; } if (!StringUtil.EqualsIgnoreCase(rp._ProviderName, _ProviderName)) { goto Exit; } if (DateTime.UtcNow > rp._ExpireDate) { goto Exit; } _Version = rp._Version; _ExpireDate = rp._ExpireDate; _IssueDate = rp._IssueDate; _IsRoleListCached = rp._IsRoleListCached; _CachedListChanged = false; _Username = rp._Username; _Roles = rp._Roles; // will it be the case that _Identity.Name != _Username? RenewIfOld(); if (HostingEnvironment.IsHosted && EtwTrace.IsTraceEnabled(EtwTraceLevel.Information, EtwTraceFlags.AppSvc) && HttpContext.Current != null) { EtwTrace.Trace(EtwTraceType.ETW_TYPE_ROLE_END, HttpContext.Current.WorkerRequest, "RolePrincipal", _Identity.Name); } return; Exit: Init(); _CachedListChanged = true; if (HostingEnvironment.IsHosted && EtwTrace.IsTraceEnabled(EtwTraceLevel.Information, EtwTraceFlags.AppSvc) && HttpContext.Current != null) { EtwTrace.Trace(EtwTraceType.ETW_TYPE_ROLE_END, HttpContext.Current.WorkerRequest, "RolePrincipal", _Identity.Name); } return; }