private string EncryptValue(ImpersonationInfo impersonationInfo)
{
var json = JsonConvert.SerializeObject(impersonationInfo);
var protector = dataProtectionProvider.CreateProtector(CookiePurpose);
var encryptedValue = protector.Protect(json);
return(encryptedValue);
}
private void SetCookie(ImpersonationInfo impersonationInfo, bool expire)
{
var json = JsonConvert.SerializeObject(impersonationInfo);
var protector = dataProtectionProvider.CreateProtector(CookiePurpose);
var encryptedValue = protector.Protect(json);
var expires = expire ? DateTimeOffset.Now.AddDays(-10) : (DateTimeOffset?)null;
httpContextAccessor.HttpContext.Response.Cookies.Append(Impersonation, encryptedValue, new CookieOptions()
{
HttpOnly = true, Expires = expires
});
}
public void SetImpersonation(IUserInfo userInfo, string impersonatedUserName)
{
var authenticatedUserName = (userInfo as IImpersonationUserInfo)?.OriginalUsername ?? userInfo.UserName;
logger.LogTrace($"Impersonate: {authenticatedUserName} as {impersonatedUserName}");
var impersonationInfo = new ImpersonationInfo()
{
Authenticated = authenticatedUserName,
Impersonated = impersonatedUserName,
Expires = DateTime.Now.AddMinutes(CookieDurationMinutes)
};
SetCookie(impersonationInfo, false);
}
private void AppendCookie(ImpersonationInfo impersonationInfo, bool remove)
{
if (httpContextAccessor.HttpContext == null) // Unit tests or CLI utilities.
{
return;
}
string encryptedValue = EncryptValue(impersonationInfo);
var expires = remove ? DateTimeOffset.Now.AddDays(-10) : (DateTimeOffset?)null; // Marks cookie as expired. This instructs browser to remove the cookie from the client.
var cookieOptions = new CookieOptions()
{
HttpOnly = true, Expires = expires
};
httpContextAccessor.HttpContext.Response.Cookies.Append(CookieKey, encryptedValue, cookieOptions);
}
public void SetImpersonation(IUserInfo currentUserInfo, string impersonatedUserName)
{
if (!currentUserInfo.IsUserRecognized)
{
RemoveImpersonationCookie();
throw new UserException("You are not authorized for impersonation. Please log in first.");
}
var authenticatedUserName = (currentUserInfo as IImpersonationUserInfo)?.OriginalUsername ?? currentUserInfo.UserName;
logger.Trace(() => $"Impersonate: {authenticatedUserName} as {impersonatedUserName}");
var impersonationInfo = new ImpersonationInfo()
{
Authenticated = authenticatedUserName,
Impersonated = impersonatedUserName,
Expires = DateTime.Now.AddMinutes(options.CookieDurationMinutes)
};
SetCookie(impersonationInfo);
}
private void SetCookie(ImpersonationInfo impersonationInfo)
{
AppendCookie(impersonationInfo, remove: false);
}
public AuthenticationInfo(ImpersonationInfo impersonationInfo, IUserInfo originalUser, bool cookieRemoved)
{
ImpersonationInfo = impersonationInfo;
OriginalUser = originalUser;
CookieRemoved = cookieRemoved;
}