public bool ValidateAuthToken(AuthTokenValidator request) { bool validateAuthToken = _cryptographyService.ValidateHash(request.AuthToken, request.AuthTokenSalt, request.AuthTokenHash); bool validateRefreshToken = _cryptographyService.ValidateHash(request.RefreshToken, request.RefreshTokenSalt, request.RefreshTokenHash); if (validateAuthToken && validateRefreshToken) { return(true); } return(false); }
void context_AuthenticateRequest(object sender, EventArgs e) { HttpApplication app = (HttpApplication)sender; string authID = app.Request.Headers["AuthID"]; string recievedAuthTokenType = app.Request.Headers["AuthTokenType"]; if (String.IsNullOrEmpty(authID)) { AccessDenied(app); return; } #region Caching for Auth Token if (lastCacheRefreshedTime < DateTime.Now.AddHours(-1))// Local Cache reset interval - 1hr { AuthCache.Clear(); lastCacheRefreshedTime = DateTime.Now; } string userID = string.Empty; if (AuthCache.TryGetValue(authID, out userID)) { if (userID == string.Empty) { AccessDenied(app); } else { app.Request.Headers.Add("LiveUserID", userID); } return; } #endregion AuthTokenValidator.AuthTokenType currentAuthTokenType = AuthTokenValidator.AuthTokenType.LiveAuthToken; if (!string.IsNullOrEmpty(recievedAuthTokenType)) { currentAuthTokenType = (AuthTokenValidator.AuthTokenType)Convert.ToInt32(recievedAuthTokenType); } AuthTokenValidator atv = new AuthTokenValidator(authID, currentAuthTokenType); AuthTokenValidationResult result = atv.Result; if (!result.IsValid) { AuthCache.TryAdd(authID, string.Empty); AccessDenied(app); } //else if (!app.Request.RawUrl.Contains("PostMyLocation") && !app.Request.RawUrl.Contains("ReportIncident")) //{ // if (result.IsExpired) // { // AuthCache.TryAdd(authID, string.Empty); // AccessDenied(app); // } //} AuthCache.TryAdd(authID, result.UserID); app.Request.Headers.Add("LiveUserID", result.UserID); }