/// <summary>
/// Override the mechanism that saves the Owin Cookie (issue where the nonce is repeatly set, overflowing the request handler)
/// </summary>
/// <param name="message">The OpenId Request message</param>
/// <param name="nonce">The nonce value, typically a secure cookie</param>
protected override void RememberNonce(OpenIdConnectMessage message, string nonce)
{
var oldNonces = Request.Cookies.Where(kvp => kvp.Key.StartsWith(OpenIdConnectAuthenticationDefaults.CookiePrefix + "nonce"));
if (oldNonces.Any())
{
var cookieOptions = new Microsoft.Owin.CookieOptions
{
HttpOnly = true,
Secure = Request.IsSecure
};
foreach (var oldNonce in oldNonces)
{
Response.Cookies.Delete(oldNonce.Key, cookieOptions);
}
}
base.RememberNonce(message, nonce);
}
private void IssueLastUsernameCookie(string username)
{
if (this._options.AuthenticationOptions.RememberLastUsername)
{
var ctx = Request.GetOwinContext();
var cookieName = _options.AuthenticationOptions.CookieOptions.Prefix + "username";
var secure = ctx.Request.Scheme == Uri.UriSchemeHttps;
var path = ctx.Request.Environment.GetIdentityServerBasePath();
if (path.EndsWith("/"))
{
path = path.Substring(0, path.Length - 1);
}
if (String.IsNullOrWhiteSpace(path))
{
path = "/";
}
var options = new Microsoft.Owin.CookieOptions
{
HttpOnly = true,
Secure = secure,
Path = path
};
if (!String.IsNullOrWhiteSpace(username))
{
var bytes = Encoding.UTF8.GetBytes(username);
bytes = _options.DataProtector.Protect(bytes, cookieName);
username = Base64Url.Encode(bytes);
options.Expires = DateTime.UtcNow.AddYears(1);
}
else
{
username = "******";
options.Expires = DateTime.UtcNow.AddYears(-1);
}
ctx.Response.Cookies.Append(cookieName, username, options);
}
}
private void IssueLastUsernameCookie(string username)
{
if (this._options.AuthenticationOptions.RememberLastUsername)
{
var ctx = Request.GetOwinContext();
var cookieName = _options.AuthenticationOptions.CookieOptions.Prefix + "username";
var secure = ctx.Request.Scheme == Uri.UriSchemeHttps;
var path = ctx.Request.Environment.GetIdentityServerBasePath();
if (path.EndsWith("/")) path = path.Substring(0, path.Length - 1);
if (String.IsNullOrWhiteSpace(path)) path = "/";
var options = new Microsoft.Owin.CookieOptions
{
HttpOnly = true,
Secure = secure,
Path = path
};
if (!String.IsNullOrWhiteSpace(username))
{
var bytes = Encoding.UTF8.GetBytes(username);
bytes = _options.DataProtector.Protect(bytes, cookieName);
username = Base64Url.Encode(bytes);
options.Expires = DateTime.UtcNow.AddYears(1);
}
else
{
username = "******";
options.Expires = DateTime.UtcNow.AddYears(-1);
}
ctx.Response.Cookies.Append(cookieName, username, options);
}
}
