/// <summary>
/// Validate the given ticket and return the corresponding user, or an error code and message
/// </summary>
/// <param name="strTicketRequest"> </param>
/// <param name="strUserName"> </param>
/// <param name="strErrorCode"> </param>
/// <param name="strErrorMsg"> </param>
/// <param name="strServiceRequest"> </param>
/// <returns> Returns true when the ticket is valid. </returns>
private bool ValidateTicket(string strServiceRequest, string strTicketRequest, out string strUserName,
out string strErrorCode, out string strErrorMsg)
{
strUserName = strErrorCode = strErrorMsg = "";
// Documentation: http://www.jasig.org/cas/protocol
//string strServiceRequest = httpContext.Request.QueryString["service"];
if (String.IsNullOrEmpty(strServiceRequest))
{
strErrorCode = "INVALID_REQUEST";
Trace.TraceError("CAS validate request violation - service missing");
return(false);
}
// string strTicketRequest = httpContext.Request.QueryString["ticket"];
if (String.IsNullOrEmpty(strTicketRequest))
{
strErrorCode = "INVALID_REQUEST";
Trace.TraceError("CAS validate request violation - ticket missing");
return(false);
}
var strService = "";
strUserName = CasTicket.CheckAndPunch(strTicketRequest, ref strService);
if (strUserName == "")
{
strErrorCode = "INVALID_TICKET";
strErrorMsg = "CAS ticket violation - requested service '" + strServiceRequest + "'";
Trace.TraceError(strErrorMsg);
return(false);
}
strServiceRequest = this.TranslateService(strServiceRequest);
if (strService != strServiceRequest)
{
strErrorCode = "INVALID_SERVICE";
strErrorMsg = "CAS service violation - requested service '" + strServiceRequest + "' aviable service '" +
strService + "' user '" + strUserName + "'";
Trace.TraceError(strErrorMsg);
return(false);
}
return(true);
}
/// <summary>
/// Issue a CAS ticket and store it temporarily in the context cache
/// </summary>
/// <param name="httpContext"> </param>
/// <param name="strUserName"> </param>
/// <param name="strService"> </param>
/// <returns> Returns the corresponding ticket string. </returns>
public static string Issue(string strUserName, string strService)
{
// create the ticket
var ticket = new CasTicket(strUserName, strService);
// create 120 bit random data
var rdata = new byte[15];
var random = new Random(DateTime.Now.Millisecond);
random.NextBytes(rdata);
// convert random data to an URL save token of 20 characters length
var strToken = HttpServerUtility.UrlTokenEncode(rdata);
// build the CAS ticket string
var strTicket = "ST-" + (++_nCounter).ToString() + "-" + strToken + "-cas";
ticketStorage.Add(strTicket, ticket, DateTime.Now.AddMinutes(1));
return strTicket;
}
/// <summary>
/// Issue a CAS ticket and store it temporarily in the context cache
/// </summary>
/// <param name="strUserName"> </param>
/// <param name="strService"> </param>
/// <returns> Returns the corresponding ticket string. </returns>
public static string Issue(string strUserName, string strService)
{
// create the ticket
var ticket = new CasTicket(strUserName, strService);
// create 120 bit random data
var rdata = new byte[15];
var random = new Random(DateTime.Now.Millisecond);
random.NextBytes(rdata);
// convert random data to an URL save token of 20 characters length
var strToken = HttpServerUtility.UrlTokenEncode(rdata);
// build the CAS ticket string
var strTicket = "ST-" + (++_nCounter).ToString() + "-" + strToken + "-cas";
TicketStorage.Add(strTicket, ticket, DateTime.Now.AddMinutes(1));
return(strTicket);
}
/// <summary>
/// Handle CAS login request: create a ticket and redirect to the requested service.
/// </summary>
/// <param name="strService"> </param>
/// <param name="strUserName"> </param>
/// <param name="doRemember"> </param>
private string HandleLoginRequest(string strService, string strUserName, bool doRemember)
{
var strRedirectUrl = strService;
if (!Dev.Comm.Web.UrlHelper.IsCurrentDomainUrl(strService) && !UrlHelper.IsCurrentDomainUrl(strService))
{
//取得Service
if (String.IsNullOrEmpty(strService))
{
return("");
}
// translate the service
strService = this.TranslateService(strService);
// call the check permission hook
if (!this._casAuthenticator.CasCheckPermission(strUserName, strService))
{
throw new ClientNoPermissionException("无权限的接入端:" + strService);
}
//return "";
// create the CAS ticket based on user name and service
var strTicket = CasTicket.Issue(strUserName, strService);
// build the redirection url
strRedirectUrl += strService.IndexOf('?') == -1 ? "?ticket=" : "&ticket=";
strRedirectUrl += strTicket;
}
return(strRedirectUrl);
// redirect to the requested service
// httpContext.Response.Redirect(strRedirectUrl);
}
