private static Canary15Cookie TryCreateFromHttpCookie(HttpCookie cookie, string logonUniqueKey, Canary15Profile profile) { string text = null; Canary15 canary = null; if (cookie == null) { ExTraceGlobals.CoreTracer.TraceDebug <string>(21L, "Http cookie is null, Name={0}", profile.Name); } else if (string.IsNullOrEmpty(cookie.Value)) { ExTraceGlobals.CoreTracer.TraceDebug <string, string, string>(21L, "Http cookie value is null, Name={0}, Domain={1}, Path={2}", cookie.Name, cookie.Domain, cookie.Path); } else if (!Canary15Cookie.TryGetCookieValue(cookie.Value, out text)) { ExTraceGlobals.CoreTracer.TraceDebug(21L, "TryParseCookeValue failed, Name={0}, Domain={1}, Path={2}, Value={3}", new object[] { cookie.Name, cookie.Domain, cookie.Path, cookie.Value }); } else { canary = Canary15.RestoreCanary15(text, logonUniqueKey); } if (canary == null) { if (cookie != null) { ExTraceGlobals.CoreTracer.TraceDebug(21L, "restoredCanary==null, Name={0}, Domain={1}, Path={2}, Value={3}, canaryString={4}, logonUniqueKey={5}", new object[] { cookie.Name, cookie.Domain, cookie.Path, cookie.Value, text, logonUniqueKey }); } canary = new Canary15(logonUniqueKey); ExTraceGlobals.CoreTracer.TraceDebug <string, string, string>(21L, "Canary is recreated, userContextId={0}, logonUniqueKey={1}, canaryString={2}", canary.UserContextId, canary.LogonUniqueKey, canary.ToString()); } return(Canary15Cookie.Create(canary, profile)); }
public static bool ValidateCanaryInHeaders(HttpContext httpContext, string userSid, Canary15Profile profile, out Canary15Cookie.CanaryValidationResult result) { string text = httpContext.Request.Headers[profile.Name]; bool flag = true; if (Canary15.RestoreCanary15(text, userSid) != null) { result = Canary15Cookie.CanaryValidationResult.HeaderMatch; } else { string text2; try { string components = httpContext.Request.Url.GetComponents(UriComponents.Query, UriFormat.Unescaped); string query = HttpUtility.HtmlDecode(components); NameValueCollection nameValueCollection = HttpUtility.ParseQueryString(query); text2 = nameValueCollection[profile.Name]; } catch { text2 = null; } if (Canary15.RestoreCanary15(text2, userSid) != null) { result = Canary15Cookie.CanaryValidationResult.UrlParameterMatch; } else { string text3 = httpContext.Request.Form[profile.Name]; if (Canary15.RestoreCanary15(text3, userSid) != null) { result = Canary15Cookie.CanaryValidationResult.FormParameterMatch; } else { flag = false; result = Canary15Cookie.CanaryValidationResult.NotFound; if (ExTraceGlobals.CoreCallTracer.IsTraceEnabled(TraceType.DebugTrace)) { StringBuilder stringBuilder = new StringBuilder(); for (int i = 0; i < httpContext.Request.Cookies.Count; i++) { HttpCookie httpCookie = httpContext.Request.Cookies.Get(i); if (string.Equals(httpCookie.Name, profile.Name, StringComparison.OrdinalIgnoreCase)) { stringBuilder.AppendFormat("[{0}]", httpCookie.Value); } } ExTraceGlobals.CoreTracer.TraceDebug(11L, "Canary15Cookie='{0}',HttpHeader.Canary='{1}', UrlParam.Canary='{2}', Form.Canary='{3}', success={4}, result={5}", new object[] { stringBuilder.ToString(), text, text2, text3, flag, result.ToString() }); } } } } return(flag); }