private static bool GetSignedUrl(HttpRequest Request, Guid UserContextIdGuid, string LogonUniqueKey, out string signedUrl) { string queryStringParameter = Utilities.GetQueryStringParameter(Request, "REF", false); bool legacy = false; if (queryStringParameter == null) { queryStringParameter = Utilities.GetQueryStringParameter(Request, "SURL", false); legacy = true; } if (queryStringParameter != null) { byte[] hiddenMessage = CryptoMessage.GetHiddenMessage(UserContextIdGuid, LogonUniqueKey); DateTime dateTime; byte[] message; if (CryptoMessage.ParseMessage(queryStringParameter, hiddenMessage, out dateTime, out message)) { signedUrl = CryptoMessage.DecodeToString(message, legacy); return(true); } ExTraceGlobals.CoreTracer.TraceDebug <string, Guid, string>(0L, "Invalid RedirSecUrl. HashAndMessage:'{0}', UserContextIdGuid:'{1}', UserLogonId:{2}", queryStringParameter, UserContextIdGuid, LogonUniqueKey); } signedUrl = null; return(false); }
private static string BuildSecUrl(string url, UserContext userContext) { CryptoMessage cryptoMessage = new CryptoMessage(ExDateTime.Now.UniversalTime, url, userContext.Key.Canary.UserContextIdGuid, userContext.Key.Canary.LogonUniqueKey); StringBuilder stringBuilder = new StringBuilder(); stringBuilder.Append("REF"); stringBuilder.Append("="); stringBuilder.Append(cryptoMessage.ToString()); return(stringBuilder.ToString()); }
private static void RestoreUrl(HtmlTagContextAttribute filterAttribute, HtmlWriter writer) { string value = filterAttribute.Value; if (!string.IsNullOrEmpty(value)) { int num = value.IndexOf("redir.aspx?", StringComparison.Ordinal); string text = null; if (num != -1) { string text2 = value.Substring(num + "redir.aspx?".Length); if (text2.StartsWith("URL=", StringComparison.Ordinal)) { text = text2.Substring("URL=".Length); } else { bool legacyFormat = true; string text3 = null; if (text2.StartsWith("SURL", StringComparison.Ordinal)) { text3 = text2.Substring("SURL".Length); } else if (text2.StartsWith("REF", StringComparison.Ordinal)) { text3 = text2.Substring("REF".Length); legacyFormat = false; } if (text3 != null) { text = CryptoMessage.ExtractUrl(text3, legacyFormat); } } } else { num = OwaSafeHtmlCallbackBase.JSLocalLink.Length + OwaSafeHtmlCallbackBase.JSMethodPrefix.Length; if (value.StartsWith(OwaSafeHtmlCallbackBase.JSLocalLink + OwaSafeHtmlCallbackBase.JSMethodPrefix, StringComparison.Ordinal) && value.EndsWith(OwaSafeHtmlCallbackBase.JSMethodSuffix, StringComparison.Ordinal)) { text = OwaSafeHtmlCallbackBase.LocalUrlPrefix + value.Substring(num, value.Length - OwaSafeHtmlCallbackBase.JSMethodSuffix.Length - num); } } if (text != null) { writer.WriteAttribute(filterAttribute.Id, HttpUtility.UrlDecode(text)); return; } filterAttribute.Write(); } }
public string Decrypt(byte[] privateKey, CryptoMessage message) { throw new NotImplementedException(); }