public bool ValidateAuthToken(AuthTokenValidator request)
{
bool validateAuthToken = _cryptographyService.ValidateHash(request.AuthToken, request.AuthTokenSalt, request.AuthTokenHash);
bool validateRefreshToken = _cryptographyService.ValidateHash(request.RefreshToken, request.RefreshTokenSalt, request.RefreshTokenHash);
if (validateAuthToken && validateRefreshToken)
{
return(true);
}
return(false);
}
void context_AuthenticateRequest(object sender, EventArgs e)
{
HttpApplication app = (HttpApplication)sender;
string authID = app.Request.Headers["AuthID"];
string recievedAuthTokenType = app.Request.Headers["AuthTokenType"];
if (String.IsNullOrEmpty(authID))
{
AccessDenied(app);
return;
}
#region Caching for Auth Token
if (lastCacheRefreshedTime < DateTime.Now.AddHours(-1))// Local Cache reset interval - 1hr
{
AuthCache.Clear();
lastCacheRefreshedTime = DateTime.Now;
}
string userID = string.Empty;
if (AuthCache.TryGetValue(authID, out userID))
{
if (userID == string.Empty)
{
AccessDenied(app);
}
else
{
app.Request.Headers.Add("LiveUserID", userID);
}
return;
}
#endregion
AuthTokenValidator.AuthTokenType currentAuthTokenType = AuthTokenValidator.AuthTokenType.LiveAuthToken;
if (!string.IsNullOrEmpty(recievedAuthTokenType))
{
currentAuthTokenType = (AuthTokenValidator.AuthTokenType)Convert.ToInt32(recievedAuthTokenType);
}
AuthTokenValidator atv = new AuthTokenValidator(authID, currentAuthTokenType);
AuthTokenValidationResult result = atv.Result;
if (!result.IsValid)
{
AuthCache.TryAdd(authID, string.Empty);
AccessDenied(app);
}
//else if (!app.Request.RawUrl.Contains("PostMyLocation") && !app.Request.RawUrl.Contains("ReportIncident"))
//{
// if (result.IsExpired)
// {
// AuthCache.TryAdd(authID, string.Empty);
// AccessDenied(app);
// }
//}
AuthCache.TryAdd(authID, result.UserID);
app.Request.Headers.Add("LiveUserID", result.UserID);
}
