Sample implementation of Web Authentication and Delegated Authentication protocol. Also includes trusted sign-in and application verification sample implementations.
예제 #1
0
        private bool HandleLiveId(string token, string host)
        {
            Tuple<bool, bool> inCache = IsInCache(host, token);
                if (inCache.Item1)
                    return inCache.Item2;

                WindowsLiveLogin wll = new WindowsLiveLogin(Constants.LiveIdappId, Constants.LiveIdappsecret, Constants.LiveIdsecurityAlgorithm, true, Constants.LiveIdpolicyURL, Constants.LiveIdreturnURL);
                WindowsLiveLogin.User user = wll.ProcessToken(token);

                if (user == null)
                    ThrowRejection(HttpStatusCode.Unauthorized, "Invalid user token in authorization header.");

                if (DateTime.UtcNow.Subtract(user.Timestamp).TotalMilliseconds > Constants.PrivilegeLevelTokenExpiry[Constants.LiveId] * 1000)
                    ThrowRejection(HttpStatusCode.Unauthorized, "Expired token being presented. Token Expiry: " + Constants.PrivilegeLevelTokenExpiry[Constants.LiveId] + " seconds");

                bool retVal = IsValidAccess(host, Constants.LiveId, user.Id);

                UpdateCache(host, token, user.Timestamp, retVal); // *** updating cache

                return retVal;
        }
        private string GetUserName(string scheme,string  stoken)
        {
            // if this is a liveID authenticated user. he must have a name associated with this token
            if (scheme.Equals(Constants.LiveId, StringComparison.CurrentCultureIgnoreCase))
            {
                WindowsLiveLogin wll = new WindowsLiveLogin(Constants.LiveIdappId, Constants.LiveIdappsecret, Constants.LiveIdsecurityAlgorithm, true, Constants.LiveIdpolicyURL, Constants.LiveIdreturnURL);
                WindowsLiveLogin.User windowsliveiduser = wll.ProcessToken(stoken);
                string name = platform.GetLiveIdUserName(windowsliveiduser.Id);
                if (string.IsNullOrEmpty(name))
                    return "unknown";
                else
                    return name;
            }

            
            return scheme;
        }
예제 #3
0
 /// <summary>
 /// Initialize the ConsentToken.
 /// </summary>
 /// <param name="wll">WindowsLiveLogin</param>
 /// <param name="delegationToken">Delegation token</param>
 /// <param name="refreshToken">Refresh token</param>
 /// <param name="sessionKey">Session key</param>
 /// <param name="expiry">Expiry</param>
 /// <param name="offers">Offers</param>
 /// <param name="locationID">Location ID</param>
 /// <param name="context">Application context</param>
 /// <param name="decodedToken">Decoded token</param>
 /// <param name="token">Raw token</param>
 public ConsentToken(WindowsLiveLogin wll, string delegationToken, string refreshToken, string sessionKey, string expiry, string offers, string locationID, string context, string decodedToken, string token)
 {
     this.wll = wll;
     setDelegationToken(delegationToken);
     setRefreshToken(refreshToken);
     setSessionKey(sessionKey);
     setExpiry(expiry);
     setOffers(offers);
     setLocationID(locationID);
     setContext(context);
     setDecodedToken(decodedToken);
     setToken(token);
 }
        private string HandleAddUserGuiWebPage(string stoken, Dictionary<string,string> dict)
        {
            string html="";
            try
            {
                WindowsLiveLogin wll = new WindowsLiveLogin(Constants.LiveIdappId, Constants.LiveIdappsecret, Constants.LiveIdsecurityAlgorithm, true, Constants.LiveIdpolicyURL, Constants.LiveIdreturnURL);
                WindowsLiveLogin.User windowsliveiduser = wll.ProcessToken(stoken);

                if (windowsliveiduser == null)
                    throw new Exception("unable to decrypt liveid token");
                else if (DateTime.UtcNow.Subtract(windowsliveiduser.Timestamp).TotalMilliseconds <= Constants.PrivilegeLevelTokenExpiry[Constants.LiveId] * 1000)
                {
                    dict["liveIdUniqueUserToken"] = windowsliveiduser.Id;
                    string redirectTo = "../" + Constants.GuiServiceSuffixWeb + "/" + GuiWebAddLiveIdUserPage;

                    foreach (string param in dict.Keys)
                    {
                        redirectTo += param + "=" + dict[param] + ",";
                    }
                    redirectTo = redirectTo.TrimEnd(',');

                    html += "<html> " + redirectJS + "<script type='text/javascript'>redirect(\"" + redirectTo + "\");</script>";
                }
                else
                    throw new Exception("Token provided is expired.");
            }
            catch (Exception e)
            {
                logger.Log("Unable to add user. Exception : " + e);
                string redirectTo = "../" + Constants.GuiServiceSuffixWeb + "/" + GuiWebAddLiveIdUserPage + "?function=message,message= User add failed! " + e.Message;
                html += "<html> " + redirectJS + "<script type='text/javascript'>redirect(\"" + redirectTo + "\");</script>";
            }
            return html;

        }