public byte[] GetTagData() { var cookie = _context.Request.Cookies[_configuration.CookieName]; if (cookie != null) { using (var protector = new CookieProtector(_configuration)) { byte[] data; protector.Validate(cookie.Value, out data); var authenticationCookie = AuthenticationCookie.Deserialize(data); return(authenticationCookie.Tag); } } return(null); }
private void OnAuthenticateRequest(object sender, EventArgs e) { var context = ((HttpApplication)sender).Context; var cookie = context.Request.Cookies[_configuration.CookieName]; if (cookie != null) { var protector = new CookieProtector(_configuration); try { byte[] data; var cookieData = protector.Validate(cookie.Value, out data); var authenticationCookie = AuthenticationCookie.Deserialize(data); if (!authenticationCookie.IsExpired(_configuration.Timeout)) { context.User = authenticationCookie.GetPrincipal(); RenewCookieIfExpiring(context, protector, authenticationCookie); } } catch { // do not leak any information if an exception was thrown. // simply don't set the context.User property. } finally { if (protector != null) { protector.Dispose(); } } } if (IsLoginPage(context.Request)) { context.SkipAuthorization = true; } }
public byte[] GetTagData() { var cookie = _context.Request.Cookies[_configuration.CookieName]; if (cookie != null) { using(var protector = new CookieProtector(_configuration)) { byte[] data; protector.Validate(cookie.Value, out data); var authenticationCookie = AuthenticationCookie.Deserialize(data); return authenticationCookie.Tag; } } return null; }