// TODO make tests
public bool VerifyReceivedMessage(MessageToReceive messageToReceive)
{
Account.VerificationState verificationState = GetVerificationStateOfAccount(messageToReceive.legacyAddress);
if (verificationState != Account.VerificationState.verified)
{
// Bitlogin assumes an unverified account send unverified messages just for security
return(false);
}
return(SignatureVerifier.VerifyReceivedMessage(messageToReceive));
}
// TODO make tests
public bool VerifyReceivedMessage(MessageToReceive messageToReceive)
{
return(SignatureVerifier.VerifyReceivedMessage(messageToReceive));
}
public BitloginProtocolMessage LogOutRequest(LogOutRequestMessage logOutRequestMessage)
{
if (_accountsByLegacyAddress.TryGetValue(logOutRequestMessage.legacyAddress, out Account account))
{
SignatureVerifier.SignatureVerificationResult signatureVerificationResult = SignatureVerifier.Verify(
logOutRequestMessage.legacyAddress,
$"LogOut{logOutRequestMessage.legacyAddress}",
logOutRequestMessage.signature);
if (signatureVerificationResult == SignatureVerifier.SignatureVerificationResult.SignatureIsValid)
{
_accountsByLegacyAddress.Remove(logOutRequestMessage.legacyAddress);
return(new LogOutSuccessMessage());
}
if (signatureVerificationResult == SignatureVerifier.SignatureVerificationResult.SignatureDoesntMatchMessage)
{
return(new ErrorMessage(400));
}
if (signatureVerificationResult == SignatureVerifier.SignatureVerificationResult.StringSentIsNotASignature)
{
return(new ErrorMessage(500));
}
}
return(new ErrorMessage(600));
}
public BitloginProtocolMessage GetAuthenticationResult(VerifyMeMessage verifyMeMessage)
{
if (_accountsByLegacyAddress.TryGetValue(verifyMeMessage.legacyAddress, out Account accountToBeVerified))
{
if (accountToBeVerified.currentVerificationState == Account.VerificationState.verified)
{
return(new ErrorMessage(300));
}
SignatureVerifier.SignatureVerificationResult signatureVerificationResult = SignatureVerifier.Verify(
accountToBeVerified.LegacyAddress.ToString(),
accountToBeVerified.messageToBeSigned,
verifyMeMessage.signature);
if (signatureVerificationResult == SignatureVerifier.SignatureVerificationResult.SignatureIsValid)
{
accountToBeVerified.currentVerificationState = Account.VerificationState.verified;
accountToBeVerified.publicId = verifyMeMessage.publicIdIWantToHave;
return(new AuthenticationSuccess());
}
if (signatureVerificationResult == SignatureVerifier.SignatureVerificationResult.SignatureDoesntMatchMessage)
{
return(new ErrorMessage(400));
}
return(new ErrorMessage(500));
}
return(new ErrorMessage(200));
}
