Using ASP.Net Identity 2 cookie in forms authentication

后端 未结 1 1287
天涯浪人
天涯浪人 2021-01-06 13:33

I have an Owin Identity application and another application set up in a virtual directory. The virtual app is set up using traditional forms authentication, and both Web.con

相关标签:
1条回答
  • 2021-01-06 14:12

    The cookie contains authentication ticket. The format of this ticket is different for cookie authentication middleware vs forms authentication. It is not possible to make FAM read the cookie created by the cookie authentication middleware. That said, you can write your own HTTP module, similar to FAM to read the cookie created by the cookie authentication middleware, like this.

    public class MyHttpModule : IHttpModule
    {
        public void Init(HttpApplication context)
        {
            context.AuthenticateRequest += OnApplicationAuthenticateRequest;
        }
        private static void OnApplicationAuthenticateRequest(object sender, EventArgs e)
        {
            var request = HttpContext.Current.Request;
            var cookie = request.Cookies.Get(".AspNet.ApplicationCookie");
            var ticket = cookie.Value;
            ticket = ticket.Replace('-', '+').Replace('_', '/');
    
            var padding = 3 - ((ticket.Length + 3) % 4);
            if (padding != 0)
                ticket = ticket + new string('=', padding);
    
            var bytes = Convert.FromBase64String(ticket);
    
            bytes = System.Web.Security.MachineKey.Unprotect(bytes,
                "Microsoft.Owin.Security.Cookies.CookieAuthenticationMiddleware",
                    "ApplicationCookie", "v1");
    
            using (var memory = new MemoryStream(bytes))
            {
                using (var compression = new GZipStream(memory, 
                                                    CompressionMode.Decompress))
                {
                    using (var reader = new BinaryReader(compression))
                    {
                        reader.ReadInt32();
                        string authenticationType = reader.ReadString();
                        reader.ReadString();
                        reader.ReadString();
    
                        int count = reader.ReadInt32();
    
                        var claims = new Claim[count];
                        for (int index = 0; index != count; ++index)
                        {
                            string type = reader.ReadString();
                            type = type == "\0" ? ClaimTypes.Name : type;
    
                            string value = reader.ReadString();
    
                            string valueType = reader.ReadString();
                            valueType = valueType == "\0" ? 
                                           "http://www.w3.org/2001/XMLSchema#string" : 
                                             valueType;
    
                            string issuer = reader.ReadString();
                            issuer = issuer == "\0" ? "LOCAL AUTHORITY" : issuer;
    
                            string originalIssuer = reader.ReadString();
                            originalIssuer = originalIssuer == "\0" ? 
                                                         issuer : originalIssuer;
    
                            claims[index] = new Claim(type, value, 
                                                   valueType, issuer, originalIssuer);
                        }
    
                        var identity = new ClaimsIdentity(claims, authenticationType, 
                                                      ClaimTypes.Name, ClaimTypes.Role);
    
                        var principal = new ClaimsPrincipal(identity);
    
                        System.Threading.Thread.CurrentPrincipal = principal;
                        HttpContext.Current.User = principal;
                    }
                }
            }
        }
    
    
        public void Dispose() { }
    }
    

    For the explanation of what I do here, please go to my blog entry.

    http://lbadri.wordpress.com/2014/11/23/reading-katana-cookie-authentication-middlewares-cookie-from-formsauthenticationmodule/

    It is too big to explain here.

    0 讨论(0)
提交回复
热议问题