public async Task CreateAsync(AuthenticationTokenCreateContext context)
{
try
{
var clientid = context.Ticket.Properties.Dictionary["as:client_id"];
if (string.IsNullOrEmpty(clientid))
return;
// Gera um ID unico para o RefreshToken
var refreshTokenId = Guid.NewGuid().ToString("n");
// Pega o tempo de expiração (em minuto) do token do contexto do Owin
var refreshTokenLifeTime = context.OwinContext.Get<string>("as:clientRefreshTokenLifeTime");
// Identifica o Browser
var userAgent = HttpContext.Current.Request.UserAgent;
var userBrowser = new HttpBrowserCapabilities { Capabilities = new Hashtable { { string.Empty, userAgent } } };
var factory = new BrowserCapabilitiesFactory();
factory.ConfigureBrowserCapabilities(new NameValueCollection(), userBrowser);
var browser = userBrowser.Browser;
var issuedUtc = DateTime.UtcNow;
var expiresUtc = issuedUtc.AddMinutes(3); //issuedUtc.AddMonths(Convert.ToInt32(refreshTokenLifeTime));
// Define os dados do RefreshToken
var token = new RefreshToken
{
Id = HashHelper.GetHash(refreshTokenId),
ClientId = clientid,
Browser = browser,
Subject = context.Ticket.Identity.Name,
IssuedUtc = issuedUtc,
ExpiresUtc = expiresUtc
};
// Define o IssuedUtc e o ExpiresUtc do ticket para determinar o quanto tempo o token vai ser válido
context.Ticket.Properties.IssuedUtc = token.IssuedUtc;
context.Ticket.Properties.ExpiresUtc = token.ExpiresUtc;
// Serializa o ticket para ser gravado na base de dados
var ticketSerializer = new TicketSerializer();
token.ProtectedTicket = ticketSerializer.Serialize(context.Ticket);
// Grava o ticket na base de dados
var refreshTokenDomain = DependecyConfig.Container.GetInstance<IRefreshTokenDomain>();
var result = await refreshTokenDomain.CreateAsync(token);
if (result)
context.SetToken(refreshTokenId);
}
catch (Exception ex)
{
throw ex;
}
}
/// <summary>
/// Returns a HttpBrowserCapabilities object from a UserAgent string
/// </summary>
/// <param name="userAgent">UserAgent from Browser</param>
public BrowserCap(string userAgent)
{
var browser = new HttpBrowserCapabilities
{
Capabilities = new Hashtable { { string.Empty, userAgent } }
};
var factory = new BrowserCapabilitiesFactory();
factory.ConfigureBrowserCapabilities(new NameValueCollection(), browser);
Browser = browser;
}
public static HttpBrowserCapabilities GetClientBrowser(this string useragent)
{
var browser = new HttpBrowserCapabilities
{
Capabilities = new Hashtable { { string.Empty, useragent } }
};
var factory = new BrowserCapabilitiesFactory();
factory.ConfigureBrowserCapabilities(new NameValueCollection(), browser);
return browser;
}
/// <summary>
/// Gets the browser capabilities.
/// </summary>
/// <param name="userAgent">The user agent.</param>
/// <param name="headers">The headers.</param>
/// <returns></returns>
public HttpBrowserCapabilities GetBrowserCapabilities(string userAgent, NameValueCollection headers)
{
HttpBrowserCapabilities browserCaps = new HttpBrowserCapabilities();
Hashtable hashtable = new Hashtable(180, StringComparer.OrdinalIgnoreCase);
hashtable[string.Empty] = userAgent; // The actual method uses client target
browserCaps.Capabilities = hashtable;
var capsFactory = new System.Web.Configuration.BrowserCapabilitiesFactory();
capsFactory.ConfigureBrowserCapabilities(headers, browserCaps);
capsFactory.ConfigureCustomCapabilities(headers, browserCaps);
return browserCaps;
}
// We need to call the .ctor of SimpleWorkerRequest that depends on HttpRuntime so for unit testing
// simply create the browser capabilities by going directly through the factory.
private static HttpBrowserCapabilitiesBase CreateBrowserThroughFactory(string userAgent)
{
HttpBrowserCapabilities browser = new HttpBrowserCapabilities
{
Capabilities = new Dictionary<string, string>
{
{ String.Empty, userAgent }
}
};
BrowserCapabilitiesFactory factory = new BrowserCapabilitiesFactory();
factory.ConfigureBrowserCapabilities(new NameValueCollection(), browser);
return new HttpBrowserCapabilitiesWrapper(browser);
}
public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
{
// define o cabecalho da resposta do contexto do Owin com a permição de origem
var allowedOrigin = context.OwinContext.Get<string>("as:clientAllowedOrigin");
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] {allowedOrigin});
// pega o Id do token pelo na requisição
var hashedTokenId = HashHelper.GetHash(context.Token);
// Identifica o Browser
var userAgent = HttpContext.Current.Request.UserAgent;
var userBrowser = new HttpBrowserCapabilities {Capabilities = new Hashtable {{string.Empty, userAgent}}};
var factory = new BrowserCapabilitiesFactory();
factory.ConfigureBrowserCapabilities(new NameValueCollection(), userBrowser);
var browser = userBrowser.Browser;
var refreshTokenDomain = new RefreshTokenDomain();
// busca o token na base de dados pelo id
var refreshToken = await refreshTokenDomain.ReadAsync(hashedTokenId, browser);
// se o token for encontrado
if (refreshToken != null)
{
// pega os dados do ticket para deserializar e gerar um novo ticket com
// as informações mapeadas do usuário que utiliza este token
var ticketSerializer = new TicketSerializer();
var ticket = ticketSerializer.Deserialize(refreshToken.ProtectedTicket);
context.SetTicket(ticket);
// remove o token da base de dados pois em nossa lógica, permitimos apenas
// um RefreshToken por usuário e aplicação cliente
await refreshTokenDomain.DeleteAsync(hashedTokenId, browser);
}
}
private UserAgentDetails GetActiveUserAgentInfo(HttpRequestMessage request = null)
{
if (request == null)
return null;
var details = new UserAgentDetails
{
IP = HttpContext.Current.Request.UserHostAddress,
Hostname = HttpContext.Current.Request.UserHostName
};
var userAgent = HttpContext.Current.Request.UserAgent;
var userBrowser = new HttpBrowserCapabilities
{
Capabilities = new Hashtable
{
{ string.Empty, userAgent }
}
};
var factory = new BrowserCapabilitiesFactory();
factory.ConfigureBrowserCapabilities(new NameValueCollection(), userBrowser);
details.BrowserBrand = userBrowser.Browser;
details.BrowserVersion = userBrowser.Version;
return details;
}
private static string GetBrowserVersionFromUserAgent(string userAgent)
{
string browserVersion = "unknown.unknown";
try
{
var browser = new HttpBrowserCapabilities
{
Capabilities = new Hashtable { { string.Empty, userAgent } }
};
var factory = new BrowserCapabilitiesFactory();
factory.ConfigureBrowserCapabilities(new NameValueCollection(), browser);
if (String.Compare(browser.Browser, "mozilla", StringComparison.OrdinalIgnoreCase) == 0)
{
if (userAgent.ToLowerInvariant().Contains("msie+10.0"))
{
browserVersion = "msie.10";
}
else if (userAgent.ToLowerInvariant().Contains("msie+9.0"))
{
browserVersion = "msie.9";
}
else if (userAgent.ToLowerInvariant().Contains("msie+8.0"))
{
browserVersion = "msie.8";
}
else if (userAgent.ToLowerInvariant().Contains("msie+7.0"))
{
browserVersion = "msie.7";
}
else if (userAgent.ToLowerInvariant().Contains("msie+6.0"))
{
browserVersion = "msie.6";
}
else if (userAgent.ToLowerInvariant().Contains("msie"))
{
browserVersion = "msie.unknown";
}
}
else
{
browserVersion = browser.Browser.ToLowerInvariant() + "." + browser.MajorVersion;
}
}
catch { }
return browserVersion;
}