本文整理汇总了C#中System.Web.HttpContextBase.ReadClaim方法的典型用法代码示例。如果您正苦于以下问题:C# HttpContextBase.ReadClaim方法的具体用法?C# HttpContextBase.ReadClaim怎么用?C# HttpContextBase.ReadClaim使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类System.Web.HttpContextBase的用法示例。
在下文中一共展示了HttpContextBase.ReadClaim方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: IsAuthorized
private bool IsAuthorized(HttpContextBase context)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
var user = context.User as ClaimsPrincipal;
if (user?.Identity == null)
{
return false;
}
long loginId = context.ReadClaim<long>("loginid");
long userId = context.ReadClaim<int>("userid");
long officeId = context.ReadClaim<int>("officeid");
string email = context.ReadClaim<string>(ClaimTypes.Email);
var expriesOn = new DateTime(context.ReadClaim<long>("exp"), DateTimeKind.Utc);
string ipAddress = context.GetClientIpAddress();
string userAgent = context.GetUserAgent();
string clientToken = context.Request.GetClientToken();
if (string.IsNullOrWhiteSpace(clientToken))
{
return false;
}
if (loginId <= 0)
{
Log.Warning(
"Invalid login claims supplied. Access was denied to user {userId}/{email} for officeId {officeId} having the loginId {loginId}. Token: {clientToken}.",
userId, email, officeId, loginId, clientToken);
Thread.Sleep(new Random().Next(1, 60)*1000);
return false;
}
if (expriesOn <= DateTime.UtcNow)
{
Log.Debug(
"Token expired. Access was denied to user {userId}/{email} for officeId {officeId} having the loginId {loginId}. Token: {clientToken}.",
userId, email, officeId, loginId, clientToken);
return false;
}
bool isValid = AccessTokens.IsValid(clientToken, ipAddress, userAgent);
if (expriesOn <= DateTime.UtcNow)
{
Log.Debug(
"Token invalid. Access was denied to user {userId}/{email} for officeId {officeId} having the loginId {loginId}. Token: {clientToken}.",
userId, email, officeId, loginId, clientToken);
return false;
}
return isValid;
}