public override Guid StoreTokenCookie(TokenCookie cookie)
{
Log.Debug("Using inner store to persist cookie");
var key = m_InnerStore.StoreTokenCookie(cookie);
Log.DebugFormat("Cache key: {0}", key);
CacheCookie(key, cookie);
return key;
}
public override Guid StoreTokenCookie(TokenCookie cookie)
{
Log.Debug("Storing token cookie");
var key = cookie.GetKey();
Log.DebugFormat("Storage key is '{0}'", key);
string serializedCookie = Serialize(cookie);
if (serializedCookie.Length > ValueLimit)
{
throw new InvalidOperationException(
string.Format("Value size {0} is greater than the DB allowed limit of {1}", serializedCookie.Length,
ValueLimit));
}
Log.DebugFormat("Token cookie serialized ({0} chars)", serializedCookie.Length);
using (var scope = new TransactionScope(TransactionScopeOption.Required))
{
using (var connection = new SqlConnection(m_ConnectionString))
{
connection.Open();
using (var command = new SqlCommand("DELETE FROM CookieCache WHERE ([key] = @key)", connection))
{
var keyParam = new SqlParameter("key", SqlDbType.UniqueIdentifier) {Value = key};
command.Parameters.Add(keyParam);
command.ExecuteNonQuery();
}
using (
var command = new SqlCommand("INSERT INTO CookieCache ([key],value) VALUES (@key,@value)",
connection))
{
var keyParam = new SqlParameter("key", SqlDbType.UniqueIdentifier) {Value = key};
command.Parameters.Add(keyParam);
var valueParam = new SqlParameter("value", SqlDbType.VarChar, ValueLimit)
{Value = serializedCookie};
command.Parameters.Add(valueParam);
command.ExecuteNonQuery();
}
}
scope.Complete();
}
Log.Debug("Token cookie persisted)");
return key;
}
public void SwapSessionSecurityTokenCookieWithReference()
{
HttpResponse response = m_HttpApplication.Response;
HttpCookieCollection cookies = response.Cookies;
LogCookies("SwapSessionSecurityTokenCookieWithReference cookies pre-replacement", cookies);
IEnumerable<HttpCookie> msisAuthCookies = GetMsisCookies(cookies);
if (!msisAuthCookies.Any())
{
Log.Debug("No MSISAuth cookies found");
return;
}
var tokenCookie = new TokenCookie(msisAuthCookies);
Guid cookieKeyValue = m_SessionSessionSecurityTokenCookieStore.StoreTokenCookie(tokenCookie);
HttpCookie templateCookie = msisAuthCookies.First();
var keyCookie = new HttpCookie(SessionCookieReferenceKeyName, cookieKeyValue.ToString())
{
Domain = templateCookie.Domain,
Expires = templateCookie.Expires,
HttpOnly = templateCookie.HttpOnly,
Path = templateCookie.Path,
Secure = templateCookie.Secure
};
cookies.Add(keyCookie);
foreach (HttpCookie cookie in msisAuthCookies)
{
cookies.Remove(cookie.Name);
}
LogCookies("SwapSessionSecurityTokenCookieWithReference cookies post-replacement", cookies);
}
public abstract Guid StoreTokenCookie(TokenCookie cookie);
private void CacheCookie(Guid key, TokenCookie cookie)
{
var expirationDate = DateTime.Now.Add(m_WebSsoLifeTime);
Log.DebugFormat("Caching cookie (expiration {0})", expirationDate);
m_Cache.Insert(key.ToString(), cookie, null, expirationDate, Cache.NoSlidingExpiration);
}
private string Serialize(TokenCookie cookie)
{
var serializer = new DataContractSerializer(typeof (TokenCookie), new[] {typeof (SerializableCookie)});
var buffer = new StringBuilder();
using (var sw = new StringWriter(buffer))
{
using (var xtw = new XmlTextWriter(sw))
{
serializer.WriteObject(xtw, cookie);
xtw.Flush();
}
sw.Flush();
}
return buffer.ToString();
}