コード例 #1
0
        protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
        {
            var isAuthenticated = base.AuthorizeCore(httpContext);
            if (isAuthenticated)
            {
                string cookieName = FormsAuthentication.FormsCookieName;

                if (!httpContext.User.Identity.IsAuthenticated ||
                    httpContext.Request.Cookies == null ||
                    httpContext.Request.Cookies[cookieName] == null)
                {
                    return false;
                }
                
                var authCookie = httpContext.Request.Cookies[cookieName];
                var authTicket = FormsAuthentication.Decrypt(authCookie.Value);

                // This is where you can read the userData part of the authentication
                // cookie and fetch the token
                string webServiceToken = authTicket.UserData;
				if (string.IsNullOrEmpty(webServiceToken))
				{
					return false;
				}
                GenericIdentity identity = new TokenIdentity(httpContext.User.Identity.Name, httpContext.User.Identity.AuthenticationType, webServiceToken);

                IPrincipal userPrincipal = new GenericPrincipal(identity, null);

                // Inject the custom principal in the httpcontext
                httpContext.User = userPrincipal;
            }
            return isAuthenticated;

        }
コード例 #2
0
        protected override bool AuthorizeCore(System.Web.HttpContextBase httpContext)
        {
            var isAuthenticated = base.AuthorizeCore(httpContext);

            if (isAuthenticated)
            {
                string cookieName = FormsAuthentication.FormsCookieName;

                if (!httpContext.User.Identity.IsAuthenticated ||
                    httpContext.Request.Cookies == null ||
                    httpContext.Request.Cookies[cookieName] == null)
                {
                    return(false);
                }

                var authCookie = httpContext.Request.Cookies[cookieName];
                var authTicket = FormsAuthentication.Decrypt(authCookie.Value);

                // This is where you can read the userData part of the authentication
                // cookie and fetch the token
                string webServiceToken = authTicket.UserData;
                if (string.IsNullOrEmpty(webServiceToken))
                {
                    return(false);
                }
                GenericIdentity identity = new TokenIdentity(httpContext.User.Identity.Name, httpContext.User.Identity.AuthenticationType, webServiceToken);

                IPrincipal userPrincipal = new GenericPrincipal(identity, null);

                // Inject the custom principal in the httpcontext
                httpContext.User = userPrincipal;
            }
            return(isAuthenticated);
        }