protected bool ValidateCorrelationId(AuthenticationExtra extra, ILogger logger)
{
var correlationKey = Constants.CorrelationPrefix + BaseOptions.AuthenticationType;
string correlationCookie;
if (!Request.GetCookies().TryGetValue(
correlationKey,
out correlationCookie))
{
logger.WriteWarning(string.Format("{0} cookie not found", correlationKey));
return(false);
}
Response.DeleteCookie(correlationKey);
string correlationExtra;
if (!extra.Properties.TryGetValue(
correlationKey,
out correlationExtra))
{
logger.WriteWarning(string.Format("{0} state property not found", correlationKey));
return(false);
}
extra.Properties.Remove(correlationKey);
if (!string.Equals(correlationCookie, correlationExtra, StringComparison.Ordinal))
{
logger.WriteWarning(string.Format("{0} correlation cookie and state property mismatch", correlationKey));
return(false);
}
return(true);
}