101 lines
3.4 KiB
C#
101 lines
3.4 KiB
C#
//------------------------------------------------------------------------------
|
|
// <copyright file="AuthenticationConfig.cs" company="Microsoft">
|
|
// Copyright (c) Microsoft Corporation. All rights reserved.
|
|
// </copyright>
|
|
//------------------------------------------------------------------------------
|
|
|
|
/*
|
|
* AuthenticationConfigHandler class
|
|
*
|
|
* Copyright (c) 1999 Microsoft Corporation
|
|
*/
|
|
|
|
namespace System.Web.Configuration {
|
|
using System.Runtime.Serialization;
|
|
using System.Web.Util;
|
|
using System.Collections;
|
|
using System.IO;
|
|
using System.Security.Principal;
|
|
using System.Xml;
|
|
using System.Security.Cryptography;
|
|
using System.Configuration;
|
|
using System.Globalization;
|
|
using System.Web.Hosting;
|
|
using System.Web.Compilation;
|
|
|
|
static internal class AuthenticationConfig {
|
|
private static AuthenticationMode? s_explicitMode;
|
|
|
|
internal static AuthenticationMode Mode {
|
|
get {
|
|
if (s_explicitMode.HasValue) {
|
|
return s_explicitMode.Value;
|
|
}
|
|
else {
|
|
AuthenticationSection settings = RuntimeConfig.GetAppConfig().Authentication;
|
|
settings.ValidateAuthenticationMode();
|
|
return settings.Mode;
|
|
}
|
|
}
|
|
set {
|
|
Debug.Assert(BuildManager.PreStartInitStage == PreStartInitStage.DuringPreStartInit);
|
|
Debug.Assert(value == AuthenticationMode.Forms, "Only Forms mode can be set to override config");
|
|
s_explicitMode = value;
|
|
}
|
|
}
|
|
|
|
internal static String GetCompleteLoginUrl(HttpContext context, String loginUrl) {
|
|
if (String.IsNullOrEmpty(loginUrl)) {
|
|
return String.Empty;
|
|
}
|
|
|
|
if (UrlPath.IsRelativeUrl(loginUrl)) {
|
|
loginUrl = UrlPath.Combine(HttpRuntime.AppDomainAppVirtualPathString, loginUrl);
|
|
}
|
|
|
|
return loginUrl;
|
|
}
|
|
|
|
internal static bool AccessingLoginPage(HttpContext context, String loginUrl) {
|
|
if (String.IsNullOrEmpty(loginUrl)) {
|
|
return false;
|
|
}
|
|
|
|
loginUrl = GetCompleteLoginUrl(context, loginUrl);
|
|
if (String.IsNullOrEmpty(loginUrl)) {
|
|
return false;
|
|
}
|
|
|
|
// Ignore query string
|
|
int iqs = loginUrl.IndexOf('?');
|
|
if (iqs >= 0) {
|
|
loginUrl = loginUrl.Substring(0, iqs);
|
|
}
|
|
|
|
String requestPath = context.Request.Path;
|
|
|
|
if (StringUtil.EqualsIgnoreCase(requestPath, loginUrl)) {
|
|
return true;
|
|
}
|
|
|
|
// It could be that loginUrl in config was UrlEncoded (ASURT 98932)
|
|
if (loginUrl.IndexOf('%') >= 0) {
|
|
String decodedLoginUrl;
|
|
// encoding is unknown try UTF-8 first, then request encoding
|
|
|
|
decodedLoginUrl = HttpUtility.UrlDecode(loginUrl);
|
|
if (StringUtil.EqualsIgnoreCase(requestPath, decodedLoginUrl)) {
|
|
return true;
|
|
}
|
|
|
|
decodedLoginUrl = HttpUtility.UrlDecode(loginUrl, context.Request.ContentEncoding);
|
|
if (StringUtil.EqualsIgnoreCase(requestPath, decodedLoginUrl)) {
|
|
return true;
|
|
}
|
|
}
|
|
|
|
return false;
|
|
}
|
|
}
|
|
}
|