Пример #1
0
        public static HttpCookie CreateCookie(string identifier, out Guid authenticationToken, bool persistent = false)
        {
            using (var protector = new CookieProtector(Configuration))
            {
                authenticationToken = Guid.NewGuid();

                var authenticationCookie = new AuthenticationCookie(0, authenticationToken, persistent, identifier);
                return(authenticationCookie.CreateHttpCookie(protector, Configuration));
            }
        }
Пример #2
0
        private ActionResult AuthSucceeded(string userName, string userTimezoneOffset, InMemoryUser user)
        {
            var syncEveryTime = "true".Equals(MetadataProvider.GlobalProperty("ldap.synceverytime"));

            if (syncEveryTime)
            {
                user.DBUser = UserManager.SyncLdapUser(user.DBUser, _ldapManager.IsLdapSetup());
            }
            AuthenticationCookie.SetSessionCookie(userName, userTimezoneOffset, Response);
            Response.Redirect(FormsAuthentication.GetRedirectUrl(userName, false));
            System.Threading.Thread.CurrentPrincipal = user;
            return(null);
        }
        private async Task Authenticae(IOwinContext context)
        {
            var cookie = context.Request.Cookies[Configuration.CookieName];

            if (cookie == null)
            {
                return;
            }

            var protector = new CookieProtector(Configuration);

            try
            {
                byte[] data;
                if (!protector.Validate(cookie, out data))
                {
                    return;
                }

                var authenticationCookie = AuthenticationCookie.Deserialize(data);
                if (authenticationCookie.IsExpired(Configuration.Timeout))
                {
                    return;
                }

                var principal = authenticationCookie.GetPrincipal();

                var identity = principal.Identity as CookieIdentity;
                if (identity == null)
                {
                    return;
                }

                var user = await GetUser(context, identity.Name);

                if (user != null && user.AuthenticationToken == identity.AuthenticationToken)
                {
                    context.Request.User = ApplicationPrincipal <TUser> .Create(user);

                    RenewCookieIfExpiring(context.Response, protector, authenticationCookie);
                }
            }
            catch
            {
                // do not leak any information if an exception was thrown; simply don't set the IPrincipal.
            }
            finally
            {
                protector.Dispose();
            }
        }
Пример #4
0
        public bool Authenticate()
        {
            var cookie = httpContext.Request.Cookies[Configuration.CookieName];

            if (cookie != null)
            {
                var protector = new CookieProtector(Configuration);
                try
                {
                    byte[] data;
                    if (protector.Validate(cookie.Value, out data))
                    {
                        var authenticationCookie = AuthenticationCookie.Deserialize(data);
                        if (authenticationCookie.IsExpired(Configuration.Timeout))
                        {
                            return(false);
                        }

                        var principal = authenticationCookie.GetPrincipal();

                        var identity = principal.Identity as CookieIdentity;
                        if (identity == null)
                        {
                            return(false);
                        }

                        var user = GetUser(httpContext, identity.Name);
                        if (user != null && user.AuthenticationToken == identity.AuthenticationToken)
                        {
                            httpContext.User = ApplicationPrincipal <TUser> .Create(user);

                            RenewCookieIfExpiring(httpContext, protector, authenticationCookie);
                        }
                    }

                    return(true);
                }
                catch
                {
                    // do not leak any information if an exception was thrown; simply don't set the context.LumenUser property.
                }
                finally
                {
                    protector.Dispose();
                }
            }

            return(false);
        }
        public static HttpCookie CreateHttpCookie(this AuthenticationCookie authenticationCookie, CookieProtector protector, ConfigFileAuthenticationConfiguration configuration)
        {
            var cookie = new HttpCookie(configuration.CookieName, protector.Protect(authenticationCookie.Serialize()))
            {
                HttpOnly = true,
                Secure   = configuration.RequireSSL,
            };

            if (authenticationCookie.Persistent)
            {
                cookie.Expires = authenticationCookie.IssueDate + configuration.Timeout;
            }

            return(cookie);
        }
        private async Task OnSigningIn(CookieSigningInContext context)
        {
            if (!string.IsNullOrWhiteSpace(context.Properties.GetTokenValue(TOKEN_NAME)))
            {
                return;
            }

            var userId   = GetUserId(context.Principal);
            var cookieId = Guid.NewGuid();
            var cookie   = new AuthenticationCookie(userId, cookieId, context.Properties.ExpiresUtc.Value);

            var db = context.HttpContext.RequestServices.GetRequiredService <ApplicationDbContext>();
            await db.AuthenticationCookies.AddAsync(cookie);

            await db.SaveChangesAsync();

            context.Properties.StoreTokens(new[] { new AuthenticationToken()
                                                   {
                                                       Name = TOKEN_NAME, Value = cookieId.ToString()
                                                   } });
        }
Пример #7
0
        public ActionResult SignInReturningUserData(string userName, string password, string userTimezoneOffset)
        {
            userName = userName.ToLower();
            var user = SecurityFacade.GetInstance().Login(userName, password, userTimezoneOffset);

            if (user == null)
            {
                // We must end the response right now
                // otherwise the forms auth module will
                // intercept the response "in-flight"
                // and swap it for a 302.
                Response.StatusCode = (int)HttpStatusCode.Unauthorized;
                Response.End();

                // This result will never be
                // written to the response.
                return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized));
            }

            AuthenticationCookie.SetPersistentCookie(userName, userTimezoneOffset, Response);

            return(Json(new UserReturningData(user)));
        }
Пример #8
0
        private static void RenewCookieIfExpiring(HttpContextBase context, CookieProtector protector, AuthenticationCookie authenticationCookie)
        {
            if (!Configuration.SlidingExpiration || !authenticationCookie.IsExpired(TimeSpan.FromTicks(Configuration.Timeout.Ticks / 2)))
            {
                return;
            }

            authenticationCookie.Renew();
            context.Response.Cookies.Remove(Configuration.CookieName);

            var newCookie = authenticationCookie.CreateHttpCookie(protector, Configuration);

            context.Response.Cookies.Add(newCookie);
        }
        private static void RenewCookieIfExpiring(IOwinResponse response, CookieProtector protector, AuthenticationCookie authenticationCookie)
        {
            if (!Configuration.SlidingExpiration || !authenticationCookie.IsExpired(TimeSpan.FromTicks(Configuration.Timeout.Ticks / 2)))
            {
                return;
            }

            authenticationCookie.Renew();
            response.Cookies.Delete(Configuration.CookieName);

            var newCookie = authenticationCookie.CreateHttpCookie(protector, Configuration);

            response.Cookies.Append(Configuration.CookieName, newCookie.Value, new CookieOptions
            {
                Domain   = newCookie.Domain,
                Expires  = newCookie.Expires,
                HttpOnly = newCookie.HttpOnly,
                Path     = newCookie.Path,
                Secure   = newCookie.Secure
            });
        }