public void AccessToken_Get_ForUser()
{
var userId = 42;
var timeout = TimeSpan.FromMinutes(10);
var savedToken = AccessTokenVault.CreateToken(userId, timeout);
// ACTION
var token = AccessTokenVault.GetToken(savedToken.Value);
// ASSERT
AssertTokensAreEqual(savedToken, token);
}
public void AccessToken_Get_Expired()
{
var userId = 42;
var timeout = TimeSpan.FromMilliseconds(1);
var savedToken = AccessTokenVault.CreateToken(userId, timeout);
// ACTION
Thread.Sleep(10);
var token = AccessTokenVault.GetToken(savedToken.Value);
// ASSERT
Assert.IsNull(token);
}
public void AccessToken_Get_ForUserAndFeature()
{
var userId = 42;
var feature = "Feature1";
var timeout = TimeSpan.FromMinutes(10);
var savedToken = AccessTokenVault.CreateToken(userId, timeout, 0, feature);
// ACTION
var token = AccessTokenVault.GetToken(savedToken.Value, 0, feature);
// ASSERT
AssertTokensAreEqual(savedToken, token);
Assert.IsNull(AccessTokenVault.GetToken(savedToken.Value));
}
public void AccessToken_Get_ForUserAndContent()
{
var userId = 42;
var contentId = 142;
var timeout = TimeSpan.FromMinutes(10);
var savedToken = AccessTokenVault.CreateToken(userId, timeout, contentId);
// ACTION
var token = AccessTokenVault.GetToken(savedToken.Value, contentId);
// ASSERT
AssertTokensAreEqual(savedToken, token);
Assert.IsNull(AccessTokenVault.GetToken(savedToken.Value));
}
public void AccessToken_Update()
{
var userId = 42;
var timeout = TimeSpan.FromMinutes(10.0d);
var savedToken = AccessTokenVault.CreateToken(userId, timeout);
Assert.IsTrue(savedToken.ExpirationDate < DateTime.UtcNow.AddMinutes(20.0d));
// ACTION
AccessTokenVault.UpdateToken(savedToken.Value, DateTime.UtcNow.AddMinutes(30.0d));
// ASSERT
var loadedToken = AccessTokenVault.GetToken(savedToken.Value);
Assert.IsNotNull(loadedToken);
Assert.IsTrue(loadedToken.ExpirationDate > DateTime.UtcNow.AddMinutes(20.0d));
}
public void OnAuthenticateRequest(object sender, EventArgs e)
{
var application = sender as HttpApplication;
var context = AuthenticationHelper.GetContext(sender); //HttpContext.Current;
var basicAuthenticated = DispatchBasicAuthentication(context, out var anonymAuthenticated);
var tokenAuthentication = new TokenAuthentication(new LogoutExecutor());
var tokenAuthenticated = tokenAuthentication.Authenticate(application, basicAuthenticated, anonymAuthenticated);
if (!tokenAuthenticated)
{
tokenAuthenticated = OAuthManager.Instance.Authenticate(application, tokenAuthentication);
}
// if it is a simple basic authentication case or authenticated with a token
if (basicAuthenticated || tokenAuthenticated)
{
return;
}
string authenticationType = null;
string repositoryPath = string.Empty;
// Get the current PortalContext
var currentPortalContext = PortalContext.Current;
if (currentPortalContext != null)
{
authenticationType = currentPortalContext.AuthenticationMode;
}
// default authentication mode
if (string.IsNullOrEmpty(authenticationType))
{
authenticationType = WebApplication.DefaultAuthenticationMode;
}
// if no site auth mode, no web.config default, then exception...
if (string.IsNullOrEmpty(authenticationType))
{
throw new ApplicationException(
"The engine could not determine the authentication mode for this request. This request does not belong to a site, and there was no default authentication mode set in the web.config.");
}
if (currentPortalContext.IsWopiRequest)
{
var wopiRequest = currentPortalContext.WopiRequest;
var tokenValue = wopiRequest.AccessTokenValue;
var contentId = wopiRequest is FilesRequest fileRequest?int.Parse(fileRequest.FileId) : 0;
var token = AccessTokenVault.GetToken(tokenValue, contentId, WopiHandler.AccessTokenFeatureName);
if (token == null)
{
throw new UnauthorizedAccessException(); // 404
}
using (new SystemAccount())
{
if (Node.LoadNode(token.UserId) is IUser user)
{
// Authenticate user
application.Context.User = new PortalPrincipal(user);
SetApplicationUser(application, authenticationType);
}
}
return;
}
switch (authenticationType)
{
case "Windows":
EmulateWindowsAuthentication(application);
SetApplicationUser(application, authenticationType);
break;
case "Forms":
application.Context.User = null;
CallInternalOnEnter(sender, e);
SetApplicationUser(application, authenticationType);
break;
case "None":
// "None" authentication: set the Visitor Identity
application.Context.User = new PortalPrincipal(User.Visitor);
break;
default:
Site site = null;
var problemNode = Node.LoadNode(repositoryPath);
if (problemNode != null)
{
site = Site.GetSiteByNode(problemNode);
if (site != null)
{
authenticationType = site.GetAuthenticationType(application.Context.Request.Url);
}
}
var message = site == null
? string.Format(
HttpContext.GetGlobalResourceObject("Portal", "DefaultAuthenticationNotSupported") as string,
authenticationType)
: string.Format(
HttpContext.GetGlobalResourceObject("Portal", "AuthenticationNotSupportedOnSite") as string,
site.Name, authenticationType);
throw new NotSupportedException(message);
}
}