Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can I get the OWIN cookie and decrypt it to get claims from it in BeginRequest?

Tags:

asp.net

cookies

asp.net-identity

owin

httpmodule

I am implementing the new ASP.NET Identity 2.0 Framework in an existing website uses CA's Identity Minder which primarily uses Request.ServerVariables to power all the controls.

What I am trying to do is populate the Request Headers with the same variables that CA does on every request in the BeginRequest event with an HTTP Handler, but using the new Identity Provider.

I know that in the BeginRequest event I have access to read cookies from the client, and I know that I can check if the OWIN cookie is there (named .AspNet.ApplicationCookie) but I don't know how I can decrypt the cookie to get the claims out of it.

I have also tried doing this to read the claims:

Dim identity = CType(Thread.CurrentPrincipal, ClaimsPrincipal)
Dim claim = identity.Claims.SingleOrDefault(Function(c) c.Type = ClaimTypes.Name)

When I do this, however, I get nothing for the value so I am assuming that the Thread.CurrentPrincipal isn't populated this early in the request pipeline.

This code does work, however

Dim application As HttpApplication = DirectCast(sender, HttpApplication)
Dim cookie = application.Context.Request.Cookies(".AspNet.ApplicationCookie")
If cookie Is Nothing Then
    HttpContext.Current.Request.Headers.Add("SM_SERVERSESSIONID", "NOT Logged in")
Else
    HttpContext.Current.Request.Headers.Add("SM_SERVERSESSIONID", "Logged in")
End If

So considering that I DO have access to the cookie, I was wondering if there was any way that I could decrypt it so I can read the claims that I have set inside of it.

Here is how I am setting my claims on the login page:

Dim claims = New List(Of Claim)()
claims.Add(New Claim(ClaimTypes.Name, user.UserName))
claims.Add(New Claim(ClaimTypes.Email, user.Email))
Dim id = New ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie)
authenticationManager.SignIn(id)
like image 201
vipergtsrz Avatar asked Jul 30 '14 17:07

vipergtsrz

1 Answers

You don't need to decrypt the cookie by yourself. You just need to check if user is authorised and get existed claims.

Please, try something like this:

var claimsIdentity = User.Identity as ClaimsIdentity;
if (claimsIdentity != null)
{
    Claim providerKeyClaim = identity.FindFirst(ClaimTypes.NameIdentifier);
    if (providerKeyClaim != null)
    {
        var name = claimsIdentity.FindFirstValue(ClaimTypes.Name);
        var email = claimsIdentity.FindFirstValue(ClaimTypes.Email);
    }
}
like image 133
Yuriy A. Avatar answered Nov 12 '22 04:11

Yuriy A.
Sign in to Comment

Related questions

Adding Querystring Parameter to GridView ItemTemplate
strange issue when opening jquery dialog for first time (within asp.net gridview)
How to deploy ASP.NET webservice to IIS 7?
UnauthorizedAccessException after using LogonUser
How to add config transform for custom config file?
How do I insert inner text into empty xml element?
How to add entity-framework to console application (images are included)
Zip file with utf-8 file names
In SignalR, is it possible to simulate a reconnect for testing?
How to binary serialize a class in a Portable Class Library?
Which code component in an ASP.NET (WebForms or MVC) application serves website resources such as images?
Very lengthy stored procedure status
Kendo MVC ToDataSourceResult extremly slow with large IQueryable
ASP .Net Entity Framework .tt Files Not Nesting Under .edmx
Why are my cookie settings not being applied?
Get Parameter Names from SQL Query
Upload images from ASP.NET to godaddy file system
ASP.NET Error:The state information is invalid for this page and might be corrupted
TFS Build Issues With Multiple Versions of the Same Assembly in Different Projects
Disable button on update progress in ASP.net Ajax

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!