public DataSet.TokenRow Publish() { TokenTableAdapter ta = new TokenTableAdapter(); DataSet.TokenDataTable dt = ta.GetDataBySubscriberId(subscriber.Id); if (dt.Count > 0) { if (dt.Count >= Constant.AuthTokenMaxCount) { if (dt[1].PublishedDate > now - Constant.AuthTokenDoubtLeakSpan && subscriber.AuthScheme == AuthScheme.Web.ToString()) { throw new DoubtfulAuthBehaviorException("�Z���Ԃɑ����̔F�g�[�N���̔��s��v������܂���"); } } DataSet.TokenRow r2 = dt[dt.Count - 1]; TokenVerifier v = new TokenVerifier(r2, now); if (v.IsFresh) { return r2; } } for (int i = 0; i < dt.Count - Constant.AuthTokenMaxCount + 1; i++) { dt[i].Delete(); } string tokenBody = Guid.NewGuid().ToString("N"); DataSet.TokenRow t = dt.AddTokenRow(subscriber, now, tokenBody); ta.Update(dt); return t; }
public override void AuthenticateRequest(HttpContext context) { if (context.Request.Cookies[SiteConstant.AuthTokenCookieName] == null) { WebUtil.RedirectToAskAuthPage(context); return; } string tokenBody = context.Request.Cookies[SiteConstant.AuthTokenCookieName].Value; TokenVerifier v = new TokenVerifier(tokenBody, now); if (!v.IsValid) { logger.Info("token invalid. RequestInfo: " + WebUtil.RequestInfo(context)); WebUtil.RedirectToAskAuthPage(context); return; } if (v.IsLockedOut) { logger.Info("token is locked out. RequestInfo: " + WebUtil.RequestInfo(context)); WebUtil.RedirectToLockout(context, v.Subscriber.LockoutUntil); return; } if (v.IsOutdated) { logger.Info("token is Outdated. RequestInfo: " + WebUtil.RequestInfo(context)); TokenPublisher p = new TokenPublisher(v.Subscriber, now); DataSet.TokenRow t; try { t = p.Publish(); } catch (DoubtfulAuthBehaviorException e) { p.LockOut(); logger.Info(e.Message); WebUtil.RedirectToLockout(context, v.Subscriber.LockoutUntil); return; } catch (Exception ex) { logger.Error("�F�g�[�N���̔��s�Ɏ��s���܂���", ex); context.Response.StatusCode = (int) HttpStatusCode.InternalServerError; context.Response.End(); return; } HttpCookie cookie = new HttpCookie(SiteConstant.AuthTokenCookieName, t.Body); cookie.Expires = DateTime.MaxValue; context.Response.Cookies.Add(cookie); } context.User = new GenericPrincipal(new GenericIdentity("user"), null); }
private bool AuthenticateRequestImpl(HttpContext context) { string tokenBody = context.Request.Headers[SiteConstant.AuthTokenRequestResposeHeaderName]; if (tokenBody == null) { logger.Info("�F�g�[�N���̂Ȃ����N�G�X�g������܂����BRequestInfo: " + WebUtil.RequestInfo(context)); return false; } logger.Info("token:" + tokenBody + " RequestInfo:" + WebUtil.RequestInfo(context)); TokenVerifier v = new TokenVerifier(tokenBody, now); if (!v.IsValid) { logger.Info("token invalid. RequestInfo: " + WebUtil.RequestInfo(context)); return false; } if (!v.IsAuthScheme(AuthScheme.iOS_APNs)) { logger.Info("scheme is not APNs. RequestInfo: " + WebUtil.RequestInfo(context)); // return false; } if (v.IsLockedOut) { logger.Info("token is locked out. RequestInfo: " + WebUtil.RequestInfo(context)); // return false; } if (!v.IsLiving) { logger.Info("token is not living. RequestInfo: " + WebUtil.RequestInfo(context)); // return false; } if (v.IsOutdated) { logger.Info("token is Outdated. RequestInfo: " + WebUtil.RequestInfo(context)); context.Response.Headers[SiteConstant.AuthStatusRequestResposeHeaderName] = "Outdated"; } APNsTableAdapter ata = new APNsTableAdapter(); DataSet.APNsDataTable adt = ata.GetDataBySubscriberId(v.Subscriber.Id); if (adt[0].UnreadRelease > 0) { adt[0].UnreadRelease = 0; ata.Update(adt); } context.User = new GenericPrincipal(new GenericIdentity("user"), null); return true; }
private bool AuthenticateRequestImpl(HttpContext context) { string tokenBody = context.Request.Headers[SiteConstant.AuthTokenRequestResposeHeaderName]; if (tokenBody == null) { logger.Info("�F�g�[�N���̂Ȃ����N�G�X�g������܂����BRequestInfo: " + WebUtil.RequestInfo(context)); return false; } TokenVerifier v = new TokenVerifier(tokenBody, now); if (!v.IsValid) { logger.Info("token invalid. RequestInfo: " + WebUtil.RequestInfo(context)); // return false; } if (!v.IsAuthScheme(AuthScheme.Android_LVL)) { logger.Info("scheme is not Android_LVL. RequestInfo: " + WebUtil.RequestInfo(context)); // return false; } if (v.IsLockedOut) { logger.Info("token is locked out. RequestInfo: " + WebUtil.RequestInfo(context)); // return false; } if (!v.IsLiving) { logger.Info("token is not living. RequestInfo: " + WebUtil.RequestInfo(context)); // return false; } if (v.IsOutdated) { logger.Info("token is Outdated. RequestInfo: " + WebUtil.RequestInfo(context)); context.Response.Headers[SiteConstant.AuthStatusRequestResposeHeaderName] = "Outdated"; } context.User = new GenericPrincipal(new GenericIdentity("user"), null); return true; }