| public static RenewTicketIfOld ( FormsAuthenticationTicket tOld ) : FormsAuthenticationTicket | ||
| tOld | FormsAuthenticationTicket | |
| return | FormsAuthenticationTicket | |
void OnAuthenticateRequest(object sender, EventArgs args)
{
HttpApplication app = (HttpApplication)sender;
HttpContext context = app.Context;
string cookieName;
string cookiePath;
string loginPage;
bool slidingExpiration;
InitConfig(context);
if (_config == null || _config.Mode != AuthenticationMode.Forms)
{
return;
}
#if NET_2_0
cookieName = _config.Forms.Name;
cookiePath = _config.Forms.Path;
loginPage = _config.Forms.LoginUrl;
slidingExpiration = _config.Forms.SlidingExpiration;
#else
cookieName = _config.CookieName;
cookiePath = _config.CookiePath;
loginPage = _config.LoginUrl;
slidingExpiration = _config.SlidingExpiration;
#endif
if (!VirtualPathUtility.IsRooted(loginPage))
{
loginPage = "~/" + loginPage;
}
string reqPath = String.Empty;
string loginPath = null;
try {
reqPath = context.Request.PhysicalPath;
loginPath = context.Request.MapPath(loginPage);
} catch {} // ignore
context.SkipAuthorization = String.Compare(reqPath, loginPath, RuntimeHelpers.CaseInsensitive, Helpers.InvariantCulture) == 0;
#if NET_2_0
//TODO: need to check that the handler is System.Web.Handlers.AssemblyResourceLoader type
string filePath = context.Request.FilePath;
if (filePath.Length > 15 && String.CompareOrdinal("WebResource.axd", 0, filePath, filePath.Length - 15, 15) == 0)
{
context.SkipAuthorization = true;
}
#endif
FormsAuthenticationEventArgs formArgs = new FormsAuthenticationEventArgs(context);
FormsAuthenticationEventHandler eh = events [authenticateEvent] as FormsAuthenticationEventHandler;
if (eh != null)
{
eh(this, formArgs);
}
bool contextUserNull = (context.User == null);
if (formArgs.User != null || !contextUserNull)
{
if (contextUserNull)
{
context.User = formArgs.User;
}
return;
}
HttpCookie cookie = context.Request.Cookies [cookieName];
if (cookie == null || (cookie.Expires != DateTime.MinValue && cookie.Expires < DateTime.Now))
{
return;
}
FormsAuthenticationTicket ticket = null;
try {
ticket = FormsAuthentication.Decrypt(cookie.Value);
}
catch (ArgumentException) {
// incorrect cookie value, suppress the exception
return;
}
if (ticket == null || (!ticket.IsPersistent && ticket.Expired))
{
return;
}
FormsAuthenticationTicket oldticket = ticket;
if (slidingExpiration)
{
ticket = FormsAuthentication.RenewTicketIfOld(ticket);
}
context.User = new GenericPrincipal(new FormsIdentity(ticket), new string [0]);
if (cookie.Expires == DateTime.MinValue && oldticket == ticket)
{
return;
}
cookie.Value = FormsAuthentication.Encrypt(ticket);
cookie.Path = cookiePath;
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
context.Response.Cookies.Add(cookie);
}
private void OnAuthenticate(FormsAuthenticationEventArgs e)
{
HttpCookie cookie = null;
if (this._eventHandler != null)
{
this._eventHandler(this, e);
}
if (e.Context.User == null)
{
if (e.User != null)
{
e.Context.SetPrincipalNoDemand(e.User);
}
else
{
bool cookielessTicket = false;
FormsAuthenticationTicket tOld = ExtractTicketFromCookie(e.Context, FormsAuthentication.FormsCookieName, out cookielessTicket);
if ((tOld != null) && !tOld.Expired)
{
FormsAuthenticationTicket ticket = tOld;
if (FormsAuthentication.SlidingExpiration)
{
ticket = FormsAuthentication.RenewTicketIfOld(tOld);
}
e.Context.SetPrincipalNoDemand(new GenericPrincipal(new FormsIdentity(ticket), new string[0]));
if (!cookielessTicket && !ticket.CookiePath.Equals("/"))
{
cookie = e.Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null)
{
cookie.Path = ticket.CookiePath;
}
}
if (ticket != tOld)
{
if ((cookielessTicket && (ticket.CookiePath != "/")) && (ticket.CookiePath.Length > 1))
{
ticket = FormsAuthenticationTicket.FromUtc(ticket.Version, ticket.Name, ticket.IssueDateUtc, ticket.ExpirationUtc, ticket.IsPersistent, ticket.UserData, "/");
}
string cookieValue = FormsAuthentication.Encrypt(ticket);
if (cookielessTicket)
{
e.Context.CookielessHelper.SetCookieValue('F', cookieValue);
e.Context.Response.Redirect(e.Context.Request.RawUrl);
}
else
{
if (cookie != null)
{
cookie = e.Context.Request.Cookies[FormsAuthentication.FormsCookieName];
}
if (cookie == null)
{
cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieValue)
{
Path = ticket.CookiePath
};
}
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
cookie.Value = cookieValue;
cookie.Secure = FormsAuthentication.RequireSSL;
cookie.HttpOnly = true;
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
e.Context.Response.Cookies.Remove(cookie.Name);
e.Context.Response.Cookies.Add(cookie);
}
}
}
}
}
}
////////////////////////////////////////////////////////////
// OnAuthenticate: Forms Authentication modules can override
// this method to create a Forms IPrincipal object from
// a WindowsIdentity
private void OnAuthenticate(FormsAuthenticationEventArgs e)
{
HttpCookie cookie = null;
////////////////////////////////////////////////////////////
// Step 1: If there are event handlers, invoke the handlers
if (_eventHandler != null)
{
_eventHandler(this, e);
}
////////////////////////////////////////////////////////////
// Step 2: Check if the event handler created a user-object
if (e.Context.User != null)
{
// do nothing because someone else authenticated
return;
}
if (e.User != null)
{
// the event handler created a user
e.Context.SetPrincipalNoDemand(e.User);
return;
}
////////////////////////////////////////////////////////////
// Step 3: Extract the cookie and create a ticket from it
bool cookielessTicket = false;
FormsAuthenticationTicket ticket = ExtractTicketFromCookie(e.Context, FormsAuthentication.FormsCookieName, out cookielessTicket);
////////////////////////////////////////////////////////////
// Step 4: See if the ticket was created: No => exit immediately
if (ticket == null || ticket.Expired)
{
return;
}
////////////////////////////////////////////////////////////
// Step 5: Renew the ticket
FormsAuthenticationTicket ticket2 = ticket;
if (FormsAuthentication.SlidingExpiration)
{
ticket2 = FormsAuthentication.RenewTicketIfOld(ticket);
}
////////////////////////////////////////////////////////////
// Step 6: Create a user object for the ticket
e.Context.SetPrincipalNoDemand(new GenericPrincipal(new FormsIdentity(ticket2), new String[0]));
////////////////////////////////////////////////////////////
// Step 7: Browser does not send us the correct cookie-path
// Update the cookie to show the correct path
if (!cookielessTicket && !ticket2.CookiePath.Equals("/"))
{
cookie = e.Context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (cookie != null)
{
cookie.Path = ticket2.CookiePath;
}
}
////////////////////////////////////////////////////////////
// Step 8: If the ticket was renewed, save the ticket in the cookie
if (ticket2 != ticket)
{
if (cookielessTicket && ticket2.CookiePath != "/" && ticket2.CookiePath.Length > 1)
{
FormsAuthenticationTicket tempTicket = FormsAuthenticationTicket.FromUtc(ticket2.Version, ticket2.Name, ticket2.IssueDateUtc,
ticket2.ExpirationUtc, ticket2.IsPersistent, ticket2.UserData,
"/");
ticket2 = tempTicket;
}
String strEnc = FormsAuthentication.Encrypt(ticket2, !cookielessTicket);
if (cookielessTicket)
{
e.Context.CookielessHelper.SetCookieValue('F', strEnc);
e.Context.Response.Redirect(e.Context.Request.RawUrl);
}
else
{
if (cookie != null)
{
cookie = e.Context.Request.Cookies[FormsAuthentication.FormsCookieName];
}
if (cookie == null)
{
cookie = new HttpCookie(FormsAuthentication.FormsCookieName, strEnc);
cookie.Path = ticket2.CookiePath;
}
if (ticket2.IsPersistent)
{
cookie.Expires = ticket2.Expiration;
}
cookie.Value = strEnc;
cookie.Secure = FormsAuthentication.RequireSSL;
cookie.HttpOnly = true;
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
e.Context.Response.Cookies.Remove(cookie.Name);
e.Context.Response.Cookies.Add(cookie);
}
}
}
////////////////////////////////////////////////////////////
// OnAuthenticate: Forms Authentication modules can override
// this method to create a Forms IPrincipal object from
// a WindowsIdentity
private void OnAuthenticate(FormsAuthenticationEventArgs e)
{
HttpCookie cookie = null;
////////////////////////////////////////////////////////////
// Step 1: If there are event handlers, invoke the handlers
if (_eventHandler != null)
{
_eventHandler(this, e);
}
////////////////////////////////////////////////////////////
// Step 2: Check if the event handler create a user-object
if (e.Context.User != null || e.User != null)
{ // It did
e.Context.User = (e.Context.User == null ? e.User : e.Context.User);
return;
}
////////////////////////////////////////////////////////////
// Step 3: Extract the cookie and create a ticket from it
FormsAuthenticationTicket ticket = null;
try {
ticket = ExtractTicketFromCookie(e.Context, _FormsName);
} catch (Exception) {
ticket = null;
}
////////////////////////////////////////////////////////////
// Step 4: See if the ticket was created: No => exit immediately
if (ticket == null || ticket.Expired)
{
return;
}
////////////////////////////////////////////////////////////
// Step 5: Renew the ticket
FormsAuthenticationTicket ticket2 = ticket;
if (FormsAuthentication.SlidingExpiration)
{
ticket2 = FormsAuthentication.RenewTicketIfOld(ticket);
}
////////////////////////////////////////////////////////////
// Step 6: Create a user object for the ticket
e.Context.User = new GenericPrincipal(new FormsIdentity(ticket2), new String[0]);
////////////////////////////////////////////////////////////
// Step 7: Browser does not send us the correct cookie-path
// Update the cookie to show the correct path
if (!ticket2.CookiePath.Equals("/"))
{
cookie = e.Context.Request.Cookies[_FormsName];
if (cookie != null)
{
cookie.Path = ticket2.CookiePath;
if (ticket2.IsPersistent)
{
cookie.Expires = ticket2.Expiration;
}
}
}
////////////////////////////////////////////////////////////
// Step 8: If the ticket was renewed, save the ticket in the cookie
if (ticket2 != ticket)
{
String strEnc = FormsAuthentication.Encrypt(ticket2);
if (cookie != null)
{
cookie = e.Context.Request.Cookies[_FormsName];
}
if (cookie == null)
{
cookie = new HttpCookie(_FormsName, strEnc);
cookie.Path = ticket2.CookiePath;
}
if (ticket2.IsPersistent)
{
cookie.Expires = ticket2.Expiration;
}
cookie.Value = strEnc;
cookie.Secure = FormsAuthentication.RequireSSL;
}
if (cookie != null)
{
e.Context.Response.Cookies.Add(cookie);
}
}