/// <summary>
/// Check for existence and then content of our cookie and the information contained therein
/// </summary>
/// <param name="context">the HTTP context object of this request</param>
/// <param name="confidenceIn">Accumulating the confidence values</param>
/// <returns></returns>
public SSOConfidence CheckRequest(HttpContext context, SSOConfidence confidenceIn)
{
SSOConfidence retval = CheckInputs(context, confidenceIn);
if (retval.IsBadRequest())
{
return(retval);
}
int confidenceVal = 0;
//Check if we have cookies and if we have our cookie
//??? Will we ever want to check for other cookies?
if (CookieTools.HasIRCDACookie(context.Request.Cookies))
{
/*either High or PartialConfidence */
HttpCookie target = context.Request.Cookies[CookieTools.HobbesCookieName];
confidenceVal = calculateCookieConfidence(target);
}
else
{
confidenceVal = SSOConfidence.NoConfidence;
}
retval.SimpleValue = confidenceVal;
if (confidenceIn != null)
{
retval = retval.Accumulate(confidenceIn);
}
return(retval);
}
/// <summary>
/// Make an encrypted IRCDA cookie
/// </summary>
/// <param name="cookieName"></param>
/// <param name="value">if provided, is the Value (or Values [0]of the cookie)</param>
/// <returns>New Cookie, encrypted or null if no Cookie Name</returns>
public static HttpCookie MakeCookie(string cookieName, string value = null)
{
HttpCookie retCookie = null;
if (!string.IsNullOrEmpty(cookieName))
{
retCookie = new HttpCookie(HttpUtility.HtmlEncode(cookieName));
retCookie.Expires = CookieTools.NewExpiresTime();
if (!string.IsNullOrEmpty(value))
{
retCookie.Value = HttpUtility.HtmlEncode(value);
}
retCookie = CookieExtensions.EncryptCookie(retCookie);
}
return(retCookie);
}
private int calculateCookieConfidence(HttpCookie cookie)
{
int retVal = 0;
string userId = CookieTools.GetCookieValue(cookie, CookieTools.UserID); //$$$ Simplify this
if (!string.IsNullOrEmpty(userId))
{
UserManager mg = new UserManager();
Dictionary <string, string> usersfound = mg.GetUser(userId);
if (usersfound.Count > 0)
{
if (userId.Equals(usersfound["username"]))
{
retVal = 50;
}
}
}
return(retVal);
}
///<summary>Quick check if we have run past any expirations we are carrying around...</summary>
public bool IsSessionValid()
{
bool retval = false;
//Check times
string sessionExpires = CookieTools.GetCookieValue(MyCookie, CookieTools.SessionExpires);
//if session expiration is not defined - it's false, it's required
if (string.IsNullOrEmpty(sessionExpires))
{
return(retval);
}
DateTime sessionDT = Convert.ToDateTime(sessionExpires);
TimeSpan sessionTS = CookieTools.TimeTilExpires(sessionDT);
if (sessionTS > new TimeSpan(0))
{
retval = true;
}
//other tests that define valid session?
return(retval);
}
/// <summary>
/// Check if the user is in a particular role
/// </summary>
/// <param name="rolename"></param>
/// <returns></returns>
public bool IsInRole(string rolename)
{
bool retval = false;
string role = CookieTools.GetCookieValue(MyCookie, CookieTools.Roles);
if (string.IsNullOrEmpty(rolename))
{
return(retval); //false, no null roles
}
//possible that role is in one of two places
//return first match
if (!string.IsNullOrEmpty(role))
{
retval = role.Equals(rolename);
return(retval);
}
if (userData.ContainsKey(CookieTools.Roles))
{
retval = userData.Contains(new KeyValuePair <string, string>(CookieTools.Roles, role));
}
return(retval);
}
IRCDACookie()
{
HttpCookie cookie = CookieTools.MakeCookie(CookieTools.HobbesCookieName, null);
}