protected override void SaveSharePointContext(SharePointContext spContext, HttpContext httpContext)
{
SharePointAcsContext spAcsContext = spContext as SharePointAcsContext;
if (spAcsContext != null)
{
//Cookie spCacheKeyCookie = new Cookie(SPCacheKeyKey, spAcsContext.CacheKey)
//{
// Secure = true,
// HttpOnly = true
//};
httpContext.Response.Cookies.Append(SPCacheKeyKey, spAcsContext.CacheKey);
}
var serializedContext = JsonConvert.SerializeObject(spAcsContext);
httpContext.Session.SetString(SPContextKey, serializedContext);
}
protected override bool ValidateSharePointContext(SharePointContext spContext,
HttpContext httpContext)
{
SharePointAcsContext spAcsContext = spContext as SharePointAcsContext;
if (spAcsContext != null)
{
Uri spHostUrl = SharePointContext.GetSPHostUrl(httpContext.Request);
string contextToken = TokenHelper.GetContextTokenFromRequest(httpContext.Request);
//Cookie spCacheKeyCookie = httpContext.Request.Cookies[SPCacheKeyKey].ToString();
string spCacheKey = httpContext.Request.Cookies[SPCacheKeyKey].ToString(); //spCacheKeyCookie != null ? spCacheKeyCookie.Value : null;
return spHostUrl == spAcsContext.SPHostUrl &&
!string.IsNullOrEmpty(spAcsContext.CacheKey) &&
spCacheKey == spAcsContext.CacheKey &&
!string.IsNullOrEmpty(spAcsContext.ContextToken) &&
(string.IsNullOrEmpty(contextToken) || contextToken == spAcsContext.ContextToken);
}
return false;
}
protected override void SaveSharePointContext(SharePointContext spContext, HttpContext httpContext)
{
SharePointAcsContext spAcsContext = spContext as SharePointAcsContext;
//creates a cookie to store the SPCacheKey
if (spAcsContext != null)
{
var options = new CookieOptions() { HttpOnly = true, Secure = true };
httpContext.Response.Cookies.Append(SPCacheKeyKey, spAcsContext.CacheKey, options);
}
string output = JsonConvert.SerializeObject(spAcsContext);
byte[] bytes = new byte[output.Length * sizeof(char)];
System.Buffer.BlockCopy(output.ToCharArray(), 0, bytes, 0, bytes.Length);
httpContext.Session.Set(SPContextKey, bytes);
}
protected override bool ValidateSharePointContext(SharePointContext spContext, HttpContext httpContext)
{
SharePointAcsContext spAcsContext = spContext as SharePointAcsContext;
//Checks for the SPCacheKey cookie and gets the value
if (spAcsContext != null)
{
Uri spHostUrl = SharePointContext.GetUriFromQueryStringParameter
(httpContext.Request, SharePointContext.SPHostUrlKey);
string contextToken = TokenHandler.GetContextTokenFromRequest(httpContext.Request);
HttpCookie spCacheKeyCookie = new HttpCookie(SPCacheKeyKey, httpContext.Request.Cookies[SPCacheKeyKey]);
string spCacheKey = spCacheKeyCookie != null ? spCacheKeyCookie.Value : null;
return spHostUrl == spAcsContext.SPHostUrl &&
!string.IsNullOrEmpty(spAcsContext.CacheKey) &&
spCacheKey == spAcsContext.CacheKey &&
!string.IsNullOrEmpty(spAcsContext.ContextToken) &&
(string.IsNullOrEmpty(contextToken) || contextToken == spAcsContext.ContextToken);
}
return false;
}
/// <summary> /// Saves the specified SharePointContext instance associated with the specified HTTP context. /// <c>null</c> is accepted for clearing the SharePointContext instance associated with the HTTP context. /// </summary> /// <param name="spContext">The SharePointContext instance to be saved, or <c>null</c>.</param> /// <param name="httpContext">The HTTP context.</param> protected abstract void SaveSharePointContext(SharePointContext spContext, HttpContext httpContext);
/// <summary> /// Validates if the given SharePointContext can be used with the specified HTTP context. /// </summary> /// <param name="spContext">The SharePointContext.</param> /// <param name="httpContext">The HTTP context.</param> /// <returns>True if the given SharePointContext can be used with the specified HTTP context.</returns> protected abstract bool ValidateSharePointContext(SharePointContext spContext, HttpContext httpContext);
protected override bool ValidateSharePointContext(SharePointContext spContext, HttpContext httpContext)
{
throw new NotImplementedException();
}
protected override void SaveSharePointContext(SharePointContext spContext, HttpContext httpContext)
{
throw new NotImplementedException();
}
/// <summary> /// Saves the specified SharePointContext instance associated with the specified HTTP context. /// <c>null</c> is accepted for clearing the SharePointContext instance associated with the HTTP context. /// </summary> /// <param name="spContext">The SharePointContext instance to be saved, or <c>null</c>.</param> /// <param name="httpContext">The HTTP context.</param> protected abstract void SaveSharePointContext(SharePointContext spContext, HttpContext httpContext);
/// <summary> /// Validates if the given SharePointContext can be used with the specified HTTP context. /// </summary> /// <param name="spContext">The SharePointContext.</param> /// <param name="httpContext">The HTTP context.</param> /// <returns>True if the given SharePointContext can be used with the specified HTTP context.</returns> protected abstract bool ValidateSharePointContext(SharePointContext spContext, HttpContext httpContext);
/// <summary>
/// Checks if it is necessary to redirect to SharePoint for user to authenticate.
/// </summary>
/// <param name="httpContext">The HTTP context.</param>
/// <param name="redirectUrl">The redirect url to SharePoint if the status is ShouldRedirect. <c>Null</c> if the status is Ok or CanNotRedirect.</param>
/// <returns>Redirection status.</returns>
public static RedirectionStatus CheckRedirectionStatus(HttpContext httpContext, out Uri redirectUrl)
{
if (httpContext == null)
{
throw new ArgumentNullException(nameof(httpContext));
}
redirectUrl = null;
bool contextTokenExpired = false;
try
{
if (Current.GetSharePointContext(httpContext) != null)
{
return(RedirectionStatus.Ok);
}
}
catch (SecurityTokenExpiredException)
{
contextTokenExpired = true;
}
const string SPHasRedirectedToSharePointKey = "SPHasRedirectedToSharePoint";
if (!string.IsNullOrEmpty(httpContext.Request.Query[SPHasRedirectedToSharePointKey]) && !contextTokenExpired)
{
return(RedirectionStatus.CanNotRedirect);
}
Uri spHostUrl = SharePointContext.GetUriFromQueryStringParameter
(httpContext.Request, SharePointContext.SPHostUrlKey);
if (spHostUrl == null)
{
return(RedirectionStatus.CanNotRedirect);
}
if (StringComparer.OrdinalIgnoreCase.Equals(httpContext.Request.Method, "POST"))
{
return(RedirectionStatus.CanNotRedirect);
}
var uri = GetCurrentUrl(httpContext);
var queryNameValueCollection = Microsoft.AspNetCore.WebUtilities.QueryHelpers.ParseQuery(uri);
// Removes the values that are included in {StandardTokens}, as {StandardTokens} will be inserted at the beginning of the query string.
queryNameValueCollection.Remove(SharePointContext.SPHostUrlKey);
queryNameValueCollection.Remove(SharePointContext.SPAppWebUrlKey);
queryNameValueCollection.Remove(SharePointContext.SPLanguageKey);
queryNameValueCollection.Remove(SharePointContext.SPClientTagKey);
queryNameValueCollection.Remove(SharePointContext.SPProductNumberKey);
// Adds SPHasRedirectedToSharePoint=1.
queryNameValueCollection.Add(SPHasRedirectedToSharePointKey, "1");
UriBuilder returnUrlBuilder = new UriBuilder(uri);
returnUrlBuilder.Query = queryNameValueCollection.ToString();
// Inserts StandardTokens.
const string StandardTokens = "{StandardTokens}";
string returnUrlString = returnUrlBuilder.Uri.AbsoluteUri;
returnUrlString = returnUrlString.Insert(returnUrlString.IndexOf("?") + 1, StandardTokens + "&");
// Constructs redirect url.
string redirectUrlString = TokenHandler.GetAppContextTokenRequestUrl(spHostUrl.AbsoluteUri, Uri.EscapeDataString(returnUrlString));
redirectUrl = new Uri(redirectUrlString, UriKind.Absolute);
return(RedirectionStatus.ShouldRedirect);
}
protected override bool ValidateSharePointContext(SharePointContext spContext, HttpContext httpContext)
{
SharePointAcsContext spAcsContext = spContext as SharePointAcsContext;
//Checks for the SPCacheKey cookie and gets the value
if (spAcsContext != null)
{
//Uri spHostUrl = SharePointContext.GetUriFromQueryStringParameter
// (httpContext.Request, SharePointContext.SPHostUrlKey);
string contextToken = TokenHandler.GetContextTokenFromRequest(httpContext.Request);
//read the cookie value
var cookieCollection = httpContext.Request.Cookies;
if (!cookieCollection.ContainsKey(SPCacheKeyKey)) return false;
var spCacheKeyCookieValue = httpContext.Request.Cookies[SPCacheKeyKey];
string spCacheKey = spCacheKeyCookieValue != null ? spCacheKeyCookieValue : null;
//return spHostUrl == spAcsContext.SPHostUrl && (taken out)
return
!string.IsNullOrEmpty(spAcsContext.CacheKey) &&
spCacheKey == spAcsContext.CacheKey &&
!string.IsNullOrEmpty(spAcsContext.ContextToken) &&
(string.IsNullOrEmpty(contextToken) || contextToken == spAcsContext.ContextToken);
}
return false;
}