示例#1
0
        internal static void RenewIfExpired(NSMessageHandler nsMessageHandler, SSOTicketType renew)
        {
            CheckCleanup();

            if (nsMessageHandler == null || nsMessageHandler.Credentials == null)
            {
                return;
            }

            string authUser     = nsMessageHandler.Credentials.Account;
            string authPassword = nsMessageHandler.Credentials.Password;

            if (String.IsNullOrEmpty(authUser) || String.IsNullOrEmpty(authPassword))
            {
                return;
            }

            string      sha256key = MSNTicket.ComputeSHA(authUser, authPassword);
            MSNTicket   ticket    = GetFromCacheOrCreateNewWithLock(sha256key, nsMessageHandler.Credentials);
            ExpiryState es        = ticket.Expired(renew);

            if (es == ExpiryState.NotExpired)
            {
                nsMessageHandler.MSNTicket = ticket;
            }
            else if (es == ExpiryState.Expired || es == ExpiryState.WillExpireSoon)
            {
                Trace.WriteLineIf(Settings.TraceSwitch.TraceInfo, "Re-new ticket: " + renew, "SingleSignOnManager");

                SingleSignOn sso = new SingleSignOn(nsMessageHandler, ticket.Policy);

                sso.AddAuths(renew);

                if (es == ExpiryState.WillExpireSoon)
                {
                    nsMessageHandler.MSNTicket = ticket;

                    // The ticket is in cache but it will expire soon.
                    // Do ASYNC call.
                    sso.Authenticate(ticket,
                                     delegate(object sender, EventArgs e)
                    {
                        AddToCacheWithLock(ticket);
                    },
                                     delegate(object sender, ExceptionEventArgs e)
                    {
                        DeleteFromCacheWithLock(sha256key);
                    }
                                     );
                }
                else
                {
                    // The ticket expired but we need this ticket absolutely.
                    // Do SYNC call.
                    AuthenticateRetryAndUpdateCacheSync(sso, ticket, sha256key, 3);

                    nsMessageHandler.MSNTicket = ticket;
                }
            }
        }
示例#2
0
 private static void AddToCacheWithLock(MSNTicket ticket)
 {
     try
     {
         lock (SyncObject)
         {
             if (ticket.SSOTickets.Count > 0 && false == String.IsNullOrEmpty(ticket.Sha256Key))
             {
                 authenticatedTicketsCache[ticket.Sha256Key] = ticket;
                 ticket.DeleteTick = MSNTicket.NextDeleteTick();
             }
         }
     }
     catch (Exception error)
     {
         Trace.WriteLineIf(Settings.TraceSwitch.TraceInfo, "Add to cache error: " + error.StackTrace, "SingleSignOnManager");
     }
 }
示例#3
0
        private static MSNTicket GetFromCacheOrCreateNewWithLock(string sha256key, Credentials creds)
        {
            MSNTicket ticket = null;

            lock (SyncObject)
            {
                if (authenticatedTicketsCache.ContainsKey(sha256key))
                {
                    // Hit delete tick
                    ticket            = authenticatedTicketsCache[sha256key];
                    ticket.DeleteTick = MSNTicket.NextDeleteTick();
                }
                else
                {
                    ticket = new MSNTicket(creds);
                }
            }

            return(ticket);
        }
示例#4
0
        private static void AuthenticateRetryAndUpdateCacheSync(SingleSignOn sso, MSNTicket ticket, string sha256key, int retryCount)
        {
            // NO TICKET. WE NEED SYNC CALL!
            // DILEMMA:
            // 1 - We need this ticket (absolutely)
            // 2 - What we do if connection error occured!
            // ANSWER: Try 3 times if it is soft error.
            int retries = retryCount;

            do
            {
                try
                {
                    sso.Authenticate(ticket);
                    AddToCacheWithLock(ticket);
                    break;
                }
                catch (AuthenticationException authExc)
                {
                    DeleteFromCacheWithLock(sha256key);
                    throw authExc;
                }
                catch (MSNPSharpException msnpExc)
                {
                    if (msnpExc.InnerException == null)
                    {
                        DeleteFromCacheWithLock(sha256key);
                        throw msnpExc;
                    }

                    WebException webExc = msnpExc.InnerException as WebException;
                    if (webExc == null)
                    {
                        DeleteFromCacheWithLock(sha256key);
                        throw msnpExc.InnerException;
                    }

                    // Handle soft errors
                    switch (webExc.Status)
                    {
                    case WebExceptionStatus.ConnectionClosed:
                    case WebExceptionStatus.KeepAliveFailure:
                    case WebExceptionStatus.ReceiveFailure:
                    case WebExceptionStatus.SendFailure:
                    case WebExceptionStatus.Timeout:
                    case WebExceptionStatus.UnknownError:
                    {
                        // Don't delete the ticket from cache
                        retries--;
                        break;
                    }

                    default:
                    {
                        DeleteFromCacheWithLock(sha256key);
                        throw msnpExc.InnerException;
                    }
                    }
                }
            }while (retries > 0);
        }
示例#5
0
        internal static void Authenticate(
            NSMessageHandler nsMessageHandler,
            string policy,
            EventHandler onSuccess,
            EventHandler <ExceptionEventArgs> onError)
        {
            CheckCleanup();

            if (nsMessageHandler == null || nsMessageHandler.Credentials == null)
            {
                return;
            }

            string authUser     = nsMessageHandler.Credentials.Account;
            string authPassword = nsMessageHandler.Credentials.Password;

            if (String.IsNullOrEmpty(authUser) || String.IsNullOrEmpty(authPassword))
            {
                return;
            }

            string    sha256key = MSNTicket.ComputeSHA(authUser, authPassword);
            MSNTicket ticket    = GetFromCacheOrCreateNewWithLock(sha256key, nsMessageHandler.Credentials);

            SSOTicketType[] ssos           = (SSOTicketType[])Enum.GetValues(typeof(SSOTicketType));
            SSOTicketType   expiredtickets = SSOTicketType.None;

            foreach (SSOTicketType ssot in ssos)
            {
                if (ExpiryState.NotExpired != ticket.Expired(ssot))
                {
                    expiredtickets |= ssot;
                }
            }

            if (expiredtickets == SSOTicketType.None)
            {
                nsMessageHandler.MSNTicket = ticket;

                if (onSuccess != null)
                {
                    onSuccess(nsMessageHandler, EventArgs.Empty);
                }
            }
            else
            {
                Trace.WriteLineIf(Settings.TraceSwitch.TraceInfo, "Request new tickets: " + expiredtickets, "SingleSignOnManager");

                SingleSignOn sso = new SingleSignOn(nsMessageHandler, policy);
                sso.AddAuths(expiredtickets);

                // ASYNC
                if (onSuccess != null && onError != null)
                {
                    try
                    {
                        sso.Authenticate(ticket,
                                         delegate(object sender, EventArgs e)
                        {
                            try
                            {
                                AddToCacheWithLock(ticket);

                                // Check Credentials again. Owner may sign off while SSOing.
                                if (nsMessageHandler.Credentials != null &&
                                    nsMessageHandler.Credentials.Account == authUser &&
                                    nsMessageHandler.Credentials.Password == authPassword &&
                                    nsMessageHandler.IsSignedIn == false)
                                {
                                    NSMessageProcessor nsmp = nsMessageHandler.MessageProcessor as NSMessageProcessor;

                                    if (nsmp != null && nsmp.Connected)
                                    {
                                        nsMessageHandler.MSNTicket = ticket;

                                        onSuccess(nsMessageHandler, e);
                                    }
                                }
                            }
                            catch (Exception ex)
                            {
                                DeleteFromCacheWithLock(sha256key);
                                onError(nsMessageHandler, new ExceptionEventArgs(ex));
                            }
                        },
                                         delegate(object sender, ExceptionEventArgs e)
                        {
                            DeleteFromCacheWithLock(sha256key);
                            onError(nsMessageHandler, e);
                        });
                    }
                    catch (Exception error)
                    {
                        DeleteFromCacheWithLock(sha256key);
                        onError(nsMessageHandler, new ExceptionEventArgs(error));
                    }
                }
                else
                {
                    // SYNC
                    AuthenticateRetryAndUpdateCacheSync(sso, ticket, sha256key, 3);

                    nsMessageHandler.MSNTicket = ticket;
                }
            }
        }
示例#6
0
        private static void AuthenticateRetryAndUpdateCacheSync(SingleSignOn sso, MSNTicket ticket, string sha256key, int retryCount)
        {
            // NO TICKET. WE NEED SYNC CALL!
            // DILEMMA:
            // 1 - We need this ticket (absolutely)
            // 2 - What we do if connection error occured!
            // ANSWER: Try 3 times if it is soft error.
            int retries = retryCount;
            do
            {
                try
                {
                    sso.Authenticate(ticket);
                    AddToCacheWithLock(ticket);
                    break;
                }
                catch (AuthenticationException authExc)
                {
                    DeleteFromCacheWithLock(sha256key);
                    throw authExc;
                }
                catch (MSNPSharpException msnpExc)
                {
                    if (msnpExc.InnerException == null)
                    {
                        DeleteFromCacheWithLock(sha256key);
                        throw msnpExc;
                    }

                    WebException webExc = msnpExc.InnerException as WebException;
                    if (webExc == null)
                    {
                        DeleteFromCacheWithLock(sha256key);
                        throw msnpExc.InnerException;
                    }

                    // Handle soft errors
                    switch (webExc.Status)
                    {
                        case WebExceptionStatus.ConnectionClosed:
                        case WebExceptionStatus.KeepAliveFailure:
                        case WebExceptionStatus.ReceiveFailure:
                        case WebExceptionStatus.SendFailure:
                        case WebExceptionStatus.Timeout:
                        case WebExceptionStatus.UnknownError:
                            {
                                // Don't delete the ticket from cache
                                retries--;
                                break;
                            }

                        default:
                            {
                                DeleteFromCacheWithLock(sha256key);
                                throw msnpExc.InnerException;
                            }
                    }
                }
            }
            while (retries > 0);
        }
示例#7
0
        private bool ProcessError(SecurityTokenService secureService, SoapException exception, MSNTicket msnticket, EventHandler onSuccess, EventHandler<ExceptionEventArgs> onError)
        {
            string errFedDirectLogin = @"Direct login to WLID is not allowed for this federated namespace";
            if (exception == null)
                return false;

            if (secureService.pp == null)
                return false;

            uint errorCode = uint.Parse(secureService.pp.reqstatus.Remove(0, "0x".Length), NumberStyles.HexNumber);

            if (errorCode == 0x800488ee)
            {
                if (exception.Detail.InnerXml.IndexOf(errFedDirectLogin) != -1)
                {
                    string fedLoginURL = string.Empty;
                    string fedAuthURL = string.Empty;
                    string fedBrandName = string.Empty;

                    foreach (extPropertyType extProperty in secureService.pp.extProperties)
                    {
                        switch (extProperty.Name)
                        {
                            case "STSAuthURL":    //STS means Security Token Service.
                                fedLoginURL = extProperty.Value;
                                break;
                            case "AuthURL":
                                fedAuthURL = extProperty.Value;
                                break;
                            case "AllowFedUsersWLIDSignIn":   //Is it allow to login by MSN ? Not all feduser can log in with a WLM client.
                                if (!bool.Parse(extProperty.Value))
                                    return false;
                                break;
                            case "FederationBrandName":
                                fedBrandName = extProperty.Value;
                                break;
                            case "IsFederatedNS":
                                if (!bool.Parse(extProperty.Value))
                                    return false;
                                break;
                        }
                    }

                    if (fedLoginURL == string.Empty)
                        return false;

                    Uri fedLoginURI = new Uri(fedLoginURL);
                    string strFedLoginURI = fedLoginURI.Scheme.ToUpperInvariant() + "://" + fedLoginURI.Host + (fedLoginURI.Scheme.ToLowerInvariant() == "https" ? ":443" : string.Empty) + "/" + fedLoginURI.PathAndQuery;
                    SecurityTokenService fedSecureService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", strFedLoginURI);
                    fedSecureService.Url = fedLoginURL;

                    RequestSecurityTokenType token = new RequestSecurityTokenType();
                    token.Id = "RST0";
                    token.RequestType = RequestTypeOpenEnum.httpschemasxmlsoaporgws200502trustIssue;

                    AppliesTo appliesTo = new AppliesTo();
                    appliesTo.EndpointReference = new EndpointReferenceType();
                    appliesTo.EndpointReference.Address = new AttributedURIType();
                    appliesTo.EndpointReference.Address.Value = strFedLoginURI.Remove(0, @"HTTPS://".Length);

                    token.AppliesTo = appliesTo;

                    RequestSecurityTokenResponseType response = null;

                    if (onSuccess != null && onError != null)
                    {
                        //Async request.
                        fedSecureService.RequestSecurityTokenCompleted += delegate(object sender, RequestSecurityTokenCompletedEventArgs e)
                        {
                            if (!e.Cancelled)
                            {
                                if (e.Error != null)
                                {
                                    MSNPSharpException sexp = new MSNPSharpException(e.Error.Message + ". See innerexception for detail.", e.Error);
                                    onError(this, new ExceptionEventArgs(sexp));
                                    return;
                                }

                                response = e.Result;

                                if (response.RequestedSecurityToken == null || response.RequestedSecurityToken.Assertion == null)
                                    return;

                                AssertionType assertion = response.RequestedSecurityToken.Assertion;
                                secureService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", @"HTTPS://login.live.com:443//RST2.srf");
                                secureService.Security.Assertion = assertion;

                                if (response.Lifetime != null)
                                {
                                    secureService.Security.Timestamp.Created = response.Lifetime.Created;
                                    secureService.Security.Timestamp.Expires = response.Lifetime.Expires;
                                }

                                Authenticate(secureService, msnticket, onSuccess, onError);
                            }
                        };

                        fedSecureService.RequestSecurityTokenAsync(token, new object());
                        return true;
                    }
                    else
                    {
                        //Sync request.
                        try
                        {
                            response = fedSecureService.RequestSecurityToken(token);
                        }
                        catch (Exception ex)
                        {
                            MSNPSharpException sexp = new MSNPSharpException(ex.Message + ". See innerexception for detail.", ex);

                            throw sexp;
                        }

                        if (response.RequestedSecurityToken == null)
                            return false;
                        if (response.RequestedSecurityToken.Assertion == null)
                            return false;

                        AssertionType assertion = response.RequestedSecurityToken.Assertion;
                        secureService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", @"HTTPS://login.live.com:443//RST2.srf");
                        secureService.Security.Assertion = assertion;

                        Authenticate(secureService, msnticket, onSuccess, onError);
                        return true;
                    }
                }
            }

            return false;
        }
示例#8
0
        private void Authenticate(SecurityTokenService securService, MSNTicket msnticket, EventHandler onSuccess, EventHandler <ExceptionEventArgs> onError)
        {
            if (user.Split('@').Length > 1)
            {
                if (user.Split('@')[1].ToLower(CultureInfo.InvariantCulture) == "msn.com")
                {
                    securService.Url = @"https://msnia.login.live.com/RST2.srf";
                }
            }
            else
            {
                AuthenticationException authenticationException = new AuthenticationException("Invalid account. The account must contain @ char");
                if (onError != null && onSuccess != null)
                {
                    onError(this, new ExceptionEventArgs(authenticationException));
                }
                else
                {
                    throw authenticationException;
                }
            }

            RequestMultipleSecurityTokensType mulToken = new RequestMultipleSecurityTokensType();

            mulToken.Id = "RSTS";
            mulToken.RequestSecurityToken = auths.ToArray();

            // ASYNC
            if (onSuccess != null && onError != null)
            {
                securService.RequestMultipleSecurityTokensCompleted += delegate(object sender, RequestMultipleSecurityTokensCompletedEventArgs e)
                {
                    if (!e.Cancelled)
                    {
                        if (e.Error != null)
                        {
                            SoapException sex = e.Error as SoapException;
                            if (sex != null && ProcessError(securService, sex, msnticket, onSuccess, onError))
                            {
                                return;
                            }

                            MSNPSharpException sexp = new MSNPSharpException(e.Error.Message + ". See innerexception for detail.", e.Error);
                            if (securService.pp != null)
                            {
                                sexp.Data["Code"] = securService.pp.reqstatus;  //Error code
                            }
                            onError(this, new ExceptionEventArgs(sexp));
                        }
                        else if (e.Result != null)
                        {
                            GetTickets(e.Result, securService, msnticket);

                            onSuccess(this, EventArgs.Empty);
                        }
                        else
                        {
                            // Is this possible? Answer: No.
                        }
                    }
                };
                securService.RequestMultipleSecurityTokensAsync(mulToken, new object());
            }
            else
            {
                try
                {
                    RequestSecurityTokenResponseType[] result = securService.RequestMultipleSecurityTokens(mulToken);

                    if (result != null)
                    {
                        GetTickets(result, securService, msnticket);
                    }
                }
                catch (SoapException sex)
                {
                    if (ProcessError(securService, sex, msnticket, onSuccess, onError))
                    {
                        return;
                    }

                    throw sex;
                }
                catch (Exception ex)
                {
                    MSNPSharpException sexp = new MSNPSharpException(ex.Message + ". See innerexception for detail.", ex);

                    if (securService.pp != null)
                    {
                        sexp.Data["Code"] = securService.pp.reqstatus;  //Error code
                    }
                    throw sexp;
                }
            }
        }
示例#9
0
        private void Authenticate(SecurityTokenService securService, MSNTicket msnticket, EventHandler onSuccess, EventHandler<ExceptionEventArgs> onError)
        {
            if (user.Split('@').Length > 1)
            {
                if (user.Split('@')[1].ToLower(CultureInfo.InvariantCulture) == "msn.com")
                {
                    securService.Url = @"https://msnia.login.live.com/RST2.srf";
                }
            }
            else
            {
                AuthenticationException authenticationException = new AuthenticationException("Invalid account. The account must contain @ char");
                if (onError != null && onSuccess != null)
                    onError(this, new ExceptionEventArgs(authenticationException));
                else
                    throw authenticationException;
            }

            RequestMultipleSecurityTokensType mulToken = new RequestMultipleSecurityTokensType();
            mulToken.Id = "RSTS";
            mulToken.RequestSecurityToken = auths.ToArray();

            // ASYNC
            if (onSuccess != null && onError != null)
            {
                securService.RequestMultipleSecurityTokensCompleted += delegate(object sender, RequestMultipleSecurityTokensCompletedEventArgs e)
                {
                    if (!e.Cancelled)
                    {
                        if (e.Error != null)
                        {
                            SoapException sex = e.Error as SoapException;
                            if (sex != null && ProcessError(securService, sex, msnticket, onSuccess, onError))
                                return;

                            MSNPSharpException sexp = new MSNPSharpException(e.Error.Message + ". See innerexception for detail.", e.Error);
                            if (securService.pp != null)
                                sexp.Data["Code"] = securService.pp.reqstatus;  //Error code

                            onError(this, new ExceptionEventArgs(sexp));
                        }
                        else if (e.Result != null)
                        {
                            GetTickets(e.Result, securService, msnticket);

                            onSuccess(this, EventArgs.Empty);
                        }
                        else
                        {
                            // Is this possible? Answer: No.
                        }
                    }
                };
                securService.RequestMultipleSecurityTokensAsync(mulToken, new object());
            }
            else
            {
                try
                {
                    RequestSecurityTokenResponseType[] result = securService.RequestMultipleSecurityTokens(mulToken);

                    if (result != null)
                    {
                        GetTickets(result, securService, msnticket);
                    }
                }
                catch (SoapException sex)
                {
                    if (ProcessError(securService, sex, msnticket, onSuccess, onError))
                        return;

                    throw sex;
                }
                catch (Exception ex)
                {
                    MSNPSharpException sexp = new MSNPSharpException(ex.Message + ". See innerexception for detail.", ex);

                    if (securService.pp != null)
                        sexp.Data["Code"] = securService.pp.reqstatus;  //Error code

                    throw sexp;
                }
            }
        }
示例#10
0
        private void GetTickets(RequestSecurityTokenResponseType[] result, SecurityTokenService securService, MSNTicket msnticket)
        {
            if (securService.pp != null)
            {
                if (securService.pp.credProperties != null)
                {
                    foreach (credPropertyType credproperty in securService.pp.credProperties)
                    {
                        if (credproperty.Name == "MainBrandID")
                        {
                            msnticket.MainBrandID = credproperty.Value;
                        }
                        if (credproperty.Name == "CID" && !String.IsNullOrEmpty(credproperty.Value))
                        {
                            msnticket.OwnerCID = long.Parse(credproperty.Value, NumberStyles.HexNumber);
                        }
                    }
                }
                if (securService.pp.extProperties != null)
                {
                    foreach (extPropertyType extproperty in securService.pp.extProperties)
                    {
                        if (extproperty.Name == "CID" && !String.IsNullOrEmpty(extproperty.Value))
                        {
                            msnticket.OwnerCID = long.Parse(extproperty.Value, NumberStyles.HexNumber);
                        }
                    }
                }
            }

            foreach (RequestSecurityTokenResponseType token in result)
            {
                SSOTicketType ticketype = SSOTicketType.None;
                switch (token.AppliesTo.EndpointReference.Address.Value)
                {
                    case "contacts.msn.com":
                        ticketype = SSOTicketType.Contact;
                        break;
                    case "messengerclear.live.com":
                        ticketype = SSOTicketType.Clear;
                        break;
                    case "storage.msn.com":
                        ticketype = SSOTicketType.Storage;
                        break;
                    case "sup.live.com":
                        ticketype = SSOTicketType.WhatsUp;
                        break;
                    case "directory.services.live.com":
                        ticketype = SSOTicketType.Directory;
                        break;
                    case "rpstauth.live.com":
                        ticketype = SSOTicketType.RPST;
                        break;
                }

                SSOTicket ssoticket = new SSOTicket(ticketype);

                if (token.AppliesTo != null)
                    ssoticket.Domain = token.AppliesTo.EndpointReference.Address.Value;

                if (token.RequestedSecurityToken.BinarySecurityToken != null)
                    ssoticket.Ticket = token.RequestedSecurityToken.BinarySecurityToken.Value;

                if (token.RequestedProofToken != null && token.RequestedProofToken.BinarySecret != null)
                {
                    ssoticket.BinarySecret = token.RequestedProofToken.BinarySecret.Value;
                }

                if (token.Lifetime != null)
                {
                    ssoticket.Created = XmlConvert.ToDateTime(token.Lifetime.Created.Value, "yyyy-MM-ddTHH:mm:ssZ");
                    ssoticket.Expires = XmlConvert.ToDateTime(token.Lifetime.Expires.Value, "yyyy-MM-ddTHH:mm:ssZ");
                }

                lock (msnticket.SSOTickets)
                {
                    msnticket.SSOTickets[ticketype] = ssoticket;
                }
            }
        }
示例#11
0
 /// <summary>
 /// Authenticate the specified user. By asynchronous or synchronous ways.
 /// </summary>
 /// <param name='msnticket'>
 /// Msnticket.
 /// </param>
 /// <param name='onSuccess'>
 /// Callback when the authentication was passed.
 /// </param>
 /// <param name='onError'>
 /// Callback when the authentication encounts errors.
 /// </param>
 /// <exception cref='AuthenticationException'>
 /// Is thrown when the authentication failed and the request is a synchronous request.
 /// Or the <paramref name="onError"/> callback will be called.
 /// </exception>
 /// <remarks>
 /// The method is asynchronous only when both <paramref name="onSuccess"/> and <paramref name="onError"/> are not null.
 /// Otherwise it will perform a synchronous request.
 /// </remarks>
 public void Authenticate(MSNTicket msnticket, EventHandler onSuccess, EventHandler<ExceptionEventArgs> onError)
 {
     SecurityTokenService securService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", @"HTTPS://login.live.com:443//RST2.srf");
     Authenticate(securService, msnticket, onSuccess, onError);
 }
示例#12
0
 public void Authenticate(MSNTicket msnticket)
 {
     Authenticate(msnticket, null, null);
 }
示例#13
0
        private static MSNTicket GetFromCacheOrCreateNewWithLock(string sha256key, Credentials creds)
        {
            MSNTicket ticket = null;

            lock (SyncObject)
            {
                if (authenticatedTicketsCache.ContainsKey(sha256key))
                {
                    // Hit delete tick
                    ticket = authenticatedTicketsCache[sha256key];
                    ticket.DeleteTick = MSNTicket.NextDeleteTick();
                }
                else
                {
                    ticket = new MSNTicket(creds);
                }
            }

            return ticket;
        }
示例#14
0
 public void Authenticate(MSNTicket msnticket)
 {
     Authenticate(msnticket, null, null);
 }
示例#15
0
        /// <summary>
        /// Clears all resources associated with a nameserver session.
        /// </summary>
        /// <remarks>
        /// Called after we the processor has disconnected. This will clear the contactlist and free other resources.
        /// </remarks>
        protected virtual bool Clear()
        {
            // 0. Remove pong
            if (pong != null)
            {
                pong.Elapsed -= pong_Elapsed;
                try
                {
                    if (pong.Enabled)
                        pong.Enabled = false;

                    pong.Dispose();
                }
                catch (ObjectDisposedException)
                {
                }
                finally
                {
                    pong = null;
                }
            }

            // 1. Cancel transfers
            p2pHandler.Dispose();

            // 2. Cancel web services. MSNTicket must be here.
            msnTicket = MSNTicket.Empty;
            ContactService.Clear();
            StorageService.Clear();
            WhatsUpService.Clear();
            DirectoryService.Clear();

            // 3. isSignedIn must be here...
            // a) ContactService.Clear() merges and saves addressbook if isSignedIn=true.
            // b) Owner.ClientCapabilities = ClientCapabilities.None doesn't send CHG command if isSignedIn=false.
            bool signInStatus = IsSignedIn;
            isSignedIn = false;
            externalEndPoint = null;
            adlState.Reset();

            // 4. Clear contact lists and circle list.
            ContactList.Reset();
            CircleList.Clear();
            ContactGroups.Clear();

            //5. Reset contact manager.
            ContactManager.Reset();

            //6. Reset censor words
            CensorWords.Clear();

            //7. Clear multiparties
            lock (multiParties)
                multiParties.Clear();

            return signInStatus;
        }
示例#16
0
        /// <summary>
        /// Authenticate the specified user. By asynchronous or synchronous ways.
        /// </summary>
        /// <param name='msnticket'>
        /// Msnticket.
        /// </param>
        /// <param name='onSuccess'>
        /// Callback when the authentication was passed.
        /// </param>
        /// <param name='onError'>
        /// Callback when the authentication encounts errors.
        /// </param>
        /// <exception cref='AuthenticationException'>
        /// Is thrown when the authentication failed and the request is a synchronous request.
        /// Or the <paramref name="onError"/> callback will be called.
        /// </exception>
        /// <remarks>
        /// The method is asynchronous only when both <paramref name="onSuccess"/> and <paramref name="onError"/> are not null.
        /// Otherwise it will perform a synchronous request.
        /// </remarks>
        public void Authenticate(MSNTicket msnticket, EventHandler onSuccess, EventHandler <ExceptionEventArgs> onError)
        {
            SecurityTokenService securService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", @"HTTPS://login.live.com:443//RST2.srf");

            Authenticate(securService, msnticket, onSuccess, onError);
        }
示例#17
0
        private void GetTickets(RequestSecurityTokenResponseType[] result, SecurityTokenService securService, MSNTicket msnticket)
        {
            if (securService.pp != null)
            {
                if (securService.pp.credProperties != null)
                {
                    foreach (credPropertyType credproperty in securService.pp.credProperties)
                    {
                        if (credproperty.Name == "MainBrandID")
                        {
                            msnticket.MainBrandID = credproperty.Value;
                        }
                        if (credproperty.Name == "CID" && !String.IsNullOrEmpty(credproperty.Value))
                        {
                            msnticket.OwnerCID = long.Parse(credproperty.Value, NumberStyles.HexNumber);
                        }
                    }
                }
                if (securService.pp.extProperties != null)
                {
                    foreach (extPropertyType extproperty in securService.pp.extProperties)
                    {
                        if (extproperty.Name == "CID" && !String.IsNullOrEmpty(extproperty.Value))
                        {
                            msnticket.OwnerCID = long.Parse(extproperty.Value, NumberStyles.HexNumber);
                        }
                    }
                }
            }

            foreach (RequestSecurityTokenResponseType token in result)
            {
                SSOTicketType ticketype = SSOTicketType.None;
                switch (token.AppliesTo.EndpointReference.Address.Value)
                {
                case "contacts.msn.com":
                    ticketype = SSOTicketType.Contact;
                    break;

                case "messengerclear.live.com":
                    ticketype = SSOTicketType.Clear;
                    break;

                case "storage.msn.com":
                    ticketype = SSOTicketType.Storage;
                    break;

                case "sup.live.com":
                    ticketype = SSOTicketType.WhatsUp;
                    break;

                case "directory.services.live.com":
                    ticketype = SSOTicketType.Directory;
                    break;

                case "rpstauth.live.com":
                    ticketype = SSOTicketType.RPST;
                    break;
                }

                SSOTicket ssoticket = new SSOTicket(ticketype);

                if (token.AppliesTo != null)
                {
                    ssoticket.Domain = token.AppliesTo.EndpointReference.Address.Value;
                }

                if (token.RequestedSecurityToken.BinarySecurityToken != null)
                {
                    ssoticket.Ticket = token.RequestedSecurityToken.BinarySecurityToken.Value;
                }

                if (token.RequestedProofToken != null && token.RequestedProofToken.BinarySecret != null)
                {
                    ssoticket.BinarySecret = token.RequestedProofToken.BinarySecret.Value;
                }

                if (token.Lifetime != null)
                {
                    ssoticket.Created = XmlConvert.ToDateTime(token.Lifetime.Created.Value, "yyyy-MM-ddTHH:mm:ssZ");
                    ssoticket.Expires = XmlConvert.ToDateTime(token.Lifetime.Expires.Value, "yyyy-MM-ddTHH:mm:ssZ");
                }

                lock (msnticket.SSOTickets)
                {
                    msnticket.SSOTickets[ticketype] = ssoticket;
                }
            }
        }
示例#18
0
        private bool ProcessError(SecurityTokenService secureService, SoapException exception, MSNTicket msnticket, EventHandler onSuccess, EventHandler <ExceptionEventArgs> onError)
        {
            string errFedDirectLogin = @"Direct login to WLID is not allowed for this federated namespace";

            if (exception == null)
            {
                return(false);
            }

            if (secureService.pp == null)
            {
                return(false);
            }

            uint errorCode = uint.Parse(secureService.pp.reqstatus.Remove(0, "0x".Length), NumberStyles.HexNumber);

            if (errorCode == 0x800488ee)
            {
                if (exception.Detail.InnerXml.IndexOf(errFedDirectLogin) != -1)
                {
                    string fedLoginURL  = string.Empty;
                    string fedAuthURL   = string.Empty;
                    string fedBrandName = string.Empty;

                    foreach (extPropertyType extProperty in secureService.pp.extProperties)
                    {
                        switch (extProperty.Name)
                        {
                        case "STSAuthURL":        //STS means Security Token Service.
                            fedLoginURL = extProperty.Value;
                            break;

                        case "AuthURL":
                            fedAuthURL = extProperty.Value;
                            break;

                        case "AllowFedUsersWLIDSignIn":       //Is it allow to login by MSN ? Not all feduser can log in with a WLM client.
                            if (!bool.Parse(extProperty.Value))
                            {
                                return(false);
                            }
                            break;

                        case "FederationBrandName":
                            fedBrandName = extProperty.Value;
                            break;

                        case "IsFederatedNS":
                            if (!bool.Parse(extProperty.Value))
                            {
                                return(false);
                            }
                            break;
                        }
                    }

                    if (fedLoginURL == string.Empty)
                    {
                        return(false);
                    }

                    Uri    fedLoginURI    = new Uri(fedLoginURL);
                    string strFedLoginURI = fedLoginURI.Scheme.ToUpperInvariant() + "://" + fedLoginURI.Host + (fedLoginURI.Scheme.ToLowerInvariant() == "https" ? ":443" : string.Empty) + "/" + fedLoginURI.PathAndQuery;
                    SecurityTokenService fedSecureService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", strFedLoginURI);
                    fedSecureService.Url = fedLoginURL;

                    RequestSecurityTokenType token = new RequestSecurityTokenType();
                    token.Id          = "RST0";
                    token.RequestType = RequestTypeOpenEnum.httpschemasxmlsoaporgws200502trustIssue;

                    AppliesTo appliesTo = new AppliesTo();
                    appliesTo.EndpointReference               = new EndpointReferenceType();
                    appliesTo.EndpointReference.Address       = new AttributedURIType();
                    appliesTo.EndpointReference.Address.Value = strFedLoginURI.Remove(0, @"HTTPS://".Length);

                    token.AppliesTo = appliesTo;

                    RequestSecurityTokenResponseType response = null;

                    if (onSuccess != null && onError != null)
                    {
                        //Async request.
                        fedSecureService.RequestSecurityTokenCompleted += delegate(object sender, RequestSecurityTokenCompletedEventArgs e)
                        {
                            if (!e.Cancelled)
                            {
                                if (e.Error != null)
                                {
                                    MSNPSharpException sexp = new MSNPSharpException(e.Error.Message + ". See innerexception for detail.", e.Error);
                                    onError(this, new ExceptionEventArgs(sexp));
                                    return;
                                }

                                response = e.Result;

                                if (response.RequestedSecurityToken == null || response.RequestedSecurityToken.Assertion == null)
                                {
                                    return;
                                }

                                AssertionType assertion = response.RequestedSecurityToken.Assertion;
                                secureService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", @"HTTPS://login.live.com:443//RST2.srf");
                                secureService.Security.Assertion = assertion;

                                if (response.Lifetime != null)
                                {
                                    secureService.Security.Timestamp.Created = response.Lifetime.Created;
                                    secureService.Security.Timestamp.Expires = response.Lifetime.Expires;
                                }

                                Authenticate(secureService, msnticket, onSuccess, onError);
                            }
                        };

                        fedSecureService.RequestSecurityTokenAsync(token, new object());
                        return(true);
                    }
                    else
                    {
                        //Sync request.
                        try
                        {
                            response = fedSecureService.RequestSecurityToken(token);
                        }
                        catch (Exception ex)
                        {
                            MSNPSharpException sexp = new MSNPSharpException(ex.Message + ". See innerexception for detail.", ex);

                            throw sexp;
                        }

                        if (response.RequestedSecurityToken == null)
                        {
                            return(false);
                        }
                        if (response.RequestedSecurityToken.Assertion == null)
                        {
                            return(false);
                        }

                        AssertionType assertion = response.RequestedSecurityToken.Assertion;
                        secureService = CreateSecurityTokenService(@"http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue", @"HTTPS://login.live.com:443//RST2.srf");
                        secureService.Security.Assertion = assertion;

                        Authenticate(secureService, msnticket, onSuccess, onError);
                        return(true);
                    }
                }
            }

            return(false);
        }
示例#19
0
 private static void AddToCacheWithLock(MSNTicket ticket)
 {
     try
     {
         lock (SyncObject)
         {
             if (ticket.SSOTickets.Count > 0 && false == String.IsNullOrEmpty(ticket.Sha256Key))
             {
                 authenticatedTicketsCache[ticket.Sha256Key] = ticket;
                 ticket.DeleteTick = MSNTicket.NextDeleteTick();
             }
         }
     }
     catch (Exception error)
     {
         Trace.WriteLineIf(Settings.TraceSwitch.TraceInfo, "Add to cache error: " + error.StackTrace, "SingleSignOnManager");
     }
 }