private static string GetEncodedValue(AnonymousIdData data)
{
if (data == null)
{
return(null);
}
byte[] bytes = Encoding.UTF8.GetBytes(data.AnonymousId);
byte[] src = BitConverter.GetBytes(bytes.Length);
byte[] buffer3 = BitConverter.GetBytes(data.ExpireDate.ToFileTimeUtc());
byte[] dst = new byte[12 + bytes.Length];
Buffer.BlockCopy(buffer3, 0, dst, 0, 8);
Buffer.BlockCopy(src, 0, dst, 8, 4);
Buffer.BlockCopy(bytes, 0, dst, 12, bytes.Length);
return(CookieProtectionHelper.Encode(s_Protection, dst, dst.Length));
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
private static string GetEncodedValue(AnonymousIdData data)
{
if (data == null)
{
return(null);
}
byte [] bufId = Encoding.UTF8.GetBytes(data.AnonymousId);
byte [] bufIdLen = BitConverter.GetBytes(bufId.Length);
byte [] bufDate = BitConverter.GetBytes(data.ExpireDate.ToFileTimeUtc());
byte [] buffer = new byte[12 + bufId.Length];
Buffer.BlockCopy(bufDate, 0, buffer, 0, 8);
Buffer.BlockCopy(bufIdLen, 0, buffer, 8, 4);
Buffer.BlockCopy(bufId, 0, buffer, 12, bufId.Length);
return(CookieProtectionHelper.Encode(s_Protection, buffer, Purpose.AnonymousIdentificationModule_Ticket));
}
private static string GetEncodedValue(AnonymousIdData data)
{
if (data == null)
{
return null;
}
byte[] bytes = Encoding.UTF8.GetBytes(data.AnonymousId);
byte[] src = BitConverter.GetBytes(bytes.Length);
byte[] buffer3 = BitConverter.GetBytes(data.ExpireDate.ToFileTimeUtc());
byte[] dst = new byte[12 + bytes.Length];
Buffer.BlockCopy(buffer3, 0, dst, 0, 8);
Buffer.BlockCopy(src, 0, dst, 8, 4);
Buffer.BlockCopy(bytes, 0, dst, 12, bytes.Length);
return CookieProtectionHelper.Encode(s_Protection, dst, dst.Length);
}
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////
/// <devdoc>
/// <para>[To be supplied.]</para>
/// </devdoc>
private void OnEnter(Object source, EventArgs eventArgs)
{
if (!s_Initialized)
{
Initialize();
}
if (!s_Enabled)
{
return;
}
HttpApplication app;
HttpContext context;
HttpCookie cookie = null;
bool createCookie = false;
AnonymousIdData decodedValue = null;
bool cookieLess;
string encValue = null;
bool isAuthenticated = false;
app = (HttpApplication)source;
context = app.Context;
isAuthenticated = context.Request.IsAuthenticated;
if (isAuthenticated)
{
cookieLess = CookielessHelperClass.UseCookieless(context, false /* no redirect */, s_CookieMode);
}
else
{
cookieLess = CookielessHelperClass.UseCookieless(context, true /* do redirect */, s_CookieMode);
//if (!cookieLess && s_RequireSSL && !context.Request.IsSecureConnection)
// throw new HttpException(SR.GetString(SR.Connection_not_secure_creating_secure_cookie));
}
////////////////////////////////////////////////////////////////////////
// Handle secure-cookies over non SSL
if (s_RequireSSL && !context.Request.IsSecureConnection)
{
if (!cookieLess)
{
cookie = context.Request.Cookies[s_CookieName];
if (cookie != null)
{
cookie = new HttpCookie(s_CookieName, String.Empty);
cookie.HttpOnly = true;
cookie.Path = s_CookiePath;
cookie.Secure = s_RequireSSL;
if (s_Domain != null)
{
cookie.Domain = s_Domain;
}
cookie.Expires = new System.DateTime(1999, 10, 12);
if (context.Request.Browser["supportsEmptyStringInCookieValue"] == "false")
{
cookie.Value = "NoCookie";
}
context.Response.Cookies.Add(cookie);
}
return;
}
}
////////////////////////////////////////////////////////////
// Step 2: See if cookie, or cookie-header has the value
if (!cookieLess)
{
cookie = context.Request.Cookies[s_CookieName];
if (cookie != null)
{
encValue = cookie.Value;
cookie.Path = s_CookiePath;
if (s_Domain != null)
{
cookie.Domain = s_Domain;
}
}
}
else
{
encValue = context.CookielessHelper.GetCookieValue('A');
}
decodedValue = GetDecodedValue(encValue);
if (decodedValue != null && decodedValue.AnonymousId != null)
{
// Copy existing value in Request
context.Request.AnonymousID = decodedValue.AnonymousId;
}
if (isAuthenticated) // For the authenticated case, we are done
{
return;
}
if (context.Request.AnonymousID == null)
{
////////////////////////////////////////////////////////////
// Step 3: Create new Identity
// Raise event
if (_CreateNewIdEventHandler != null)
{
AnonymousIdentificationEventArgs e = new AnonymousIdentificationEventArgs(context);
_CreateNewIdEventHandler(this, e);
context.Request.AnonymousID = e.AnonymousID;
}
// Create from GUID
if (string.IsNullOrEmpty(context.Request.AnonymousID))
{
context.Request.AnonymousID = Guid.NewGuid().ToString("D", CultureInfo.InvariantCulture);
}
else
{
if (context.Request.AnonymousID.Length > MAX_ID_LENGTH)
{
throw new HttpException(SR.GetString(SR.Anonymous_id_too_long));
}
}
if (s_RequireSSL && !context.Request.IsSecureConnection && !cookieLess)
{
return; // Don't create secure-cookie in un-secured connection
}
createCookie = true;
}
////////////////////////////////////////////////////////////
// Step 4: Check if cookie has to be created
DateTime dtNow = DateTime.UtcNow;
if (!createCookie)
{
if (s_SlidingExpiration)
{
if (decodedValue == null || decodedValue.ExpireDate < dtNow)
{
createCookie = true;
}
else
{
double secondsLeft = (decodedValue.ExpireDate - dtNow).TotalSeconds;
if (secondsLeft < (double)((s_CookieTimeout * 60) / 2))
{
createCookie = true;
}
}
}
}
////////////////////////////////////////////////////////////
// Step 4: Create new cookie or cookieless header
if (createCookie)
{
DateTime dtExpireTime = dtNow.AddMinutes(s_CookieTimeout);
encValue = GetEncodedValue(new AnonymousIdData(context.Request.AnonymousID, dtExpireTime));
if (encValue.Length > MAX_ENCODED_COOKIE_STRING)
{
throw new HttpException(SR.GetString(SR.Anonymous_id_too_long_2));
}
if (!cookieLess)
{
cookie = new HttpCookie(s_CookieName, encValue);
cookie.HttpOnly = true;
cookie.Expires = dtExpireTime;
cookie.Path = s_CookiePath;
cookie.Secure = s_RequireSSL;
if (s_Domain != null)
{
cookie.Domain = s_Domain;
}
context.Response.Cookies.Add(cookie);
}
else
{
context.CookielessHelper.SetCookieValue('A', encValue);
context.Response.Redirect(context.Request.RawUrl);
}
}
}
/////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
private static string GetEncodedValue(AnonymousIdData data){
if (data == null)
return null;
byte [] bufId = Encoding.UTF8.GetBytes(data.AnonymousId);
byte [] bufIdLen = BitConverter.GetBytes(bufId.Length);
byte [] bufDate = BitConverter.GetBytes(data.ExpireDate.ToFileTimeUtc());
byte [] buffer = new byte[12 + bufId.Length];
Buffer.BlockCopy(bufDate, 0, buffer, 0, 8);
Buffer.BlockCopy(bufIdLen, 0, buffer, 8, 4);
Buffer.BlockCopy(bufId, 0, buffer, 12, bufId.Length);
return CookieProtectionHelper.Encode(s_Protection, buffer, Purpose.AnonymousIdentificationModule_Ticket);
}
private void OnEnter(object source, EventArgs eventArgs)
{
if (!s_Initialized)
{
Initialize();
}
if (s_Enabled)
{
bool flag2;
HttpCookie cookie = null;
bool flag = false;
AnonymousIdData decodedValue = null;
string cookieValue = null;
bool isAuthenticated = false;
HttpApplication application = (HttpApplication)source;
HttpContext context = application.Context;
isAuthenticated = context.Request.IsAuthenticated;
if (isAuthenticated)
{
flag2 = CookielessHelperClass.UseCookieless(context, false, s_CookieMode);
}
else
{
flag2 = CookielessHelperClass.UseCookieless(context, true, s_CookieMode);
}
if ((s_RequireSSL && !context.Request.IsSecureConnection) && !flag2)
{
if (context.Request.Cookies[s_CookieName] != null)
{
cookie = new HttpCookie(s_CookieName, string.Empty)
{
HttpOnly = true,
Path = s_CookiePath,
Secure = s_RequireSSL
};
if (s_Domain != null)
{
cookie.Domain = s_Domain;
}
cookie.Expires = new DateTime(0x7cf, 10, 12);
if (context.Request.Browser["supportsEmptyStringInCookieValue"] == "false")
{
cookie.Value = "NoCookie";
}
context.Response.Cookies.Add(cookie);
}
}
else
{
if (!flag2)
{
cookie = context.Request.Cookies[s_CookieName];
if (cookie != null)
{
cookieValue = cookie.Value;
cookie.Path = s_CookiePath;
if (s_Domain != null)
{
cookie.Domain = s_Domain;
}
}
}
else
{
cookieValue = context.CookielessHelper.GetCookieValue('A');
}
decodedValue = GetDecodedValue(cookieValue);
if ((decodedValue != null) && (decodedValue.AnonymousId != null))
{
context.Request._AnonymousId = decodedValue.AnonymousId;
}
if (!isAuthenticated)
{
if (context.Request._AnonymousId == null)
{
if (this._CreateNewIdEventHandler != null)
{
AnonymousIdentificationEventArgs e = new AnonymousIdentificationEventArgs(context);
this._CreateNewIdEventHandler(this, e);
context.Request._AnonymousId = e.AnonymousID;
}
if (string.IsNullOrEmpty(context.Request._AnonymousId))
{
context.Request._AnonymousId = Guid.NewGuid().ToString("D", CultureInfo.InvariantCulture);
}
else if (context.Request._AnonymousId.Length > 0x80)
{
throw new HttpException(System.Web.SR.GetString("Anonymous_id_too_long"));
}
if ((s_RequireSSL && !context.Request.IsSecureConnection) && !flag2)
{
return;
}
flag = true;
}
DateTime utcNow = DateTime.UtcNow;
if (!flag && s_SlidingExpiration)
{
if ((decodedValue == null) || (decodedValue.ExpireDate < utcNow))
{
flag = true;
}
else
{
TimeSpan span = (TimeSpan)(decodedValue.ExpireDate - utcNow);
if (span.TotalSeconds < ((s_CookieTimeout * 60) / 2))
{
flag = true;
}
}
}
if (flag)
{
DateTime dt = utcNow.AddMinutes((double)s_CookieTimeout);
cookieValue = GetEncodedValue(new AnonymousIdData(context.Request.AnonymousID, dt));
if (cookieValue.Length > 0x200)
{
throw new HttpException(System.Web.SR.GetString("Anonymous_id_too_long_2"));
}
if (!flag2)
{
cookie = new HttpCookie(s_CookieName, cookieValue)
{
HttpOnly = true,
Expires = dt,
Path = s_CookiePath,
Secure = s_RequireSSL
};
if (s_Domain != null)
{
cookie.Domain = s_Domain;
}
context.Response.Cookies.Add(cookie);
}
else
{
context.CookielessHelper.SetCookieValue('A', cookieValue);
context.Response.Redirect(context.Request.RawUrl);
}
}
}
}
}
}