/// <summary>
/// Respond to this request.
/// </summary>
internal EncodableResponse Answer()
{
EncodableResponse response = EncodableResponse.PrepareDirectMessage(Protocol);
bool validSignature = Provider.Signatory.Verify(AssociationHandle, signature, signedFields, signedKeyOrder);
response.Fields[Protocol.openidnp.is_valid] = validSignature ?
Protocol.Args.IsValid.True : Protocol.Args.IsValid.False;
// By invalidating our dumb association, we make it impossible to
// verify the same authentication again, making a response_nonce check
// to protect against replay attacks unnecessary.
Provider.Signatory.Invalidate(AssociationHandle, AssociationRelyingPartyType.Dumb);
// The RP may be asking for confirmation that an association should
// be invalidated. If so, double-check and send a reply in our response.
string invalidate_handle = Util.GetOptionalArg(Query, Protocol.openid.invalidate_handle);
if (invalidate_handle != null)
{
Association assoc = Provider.Signatory.GetAssociation(invalidate_handle, AssociationRelyingPartyType.Smart);
if (assoc == null)
{
Logger.Warn("No matching association found. Returning invalidate_handle. ");
response.Fields[Protocol.openidnp.invalidate_handle] = invalidate_handle;
}
}
return(response);
}
public EncodableResponse Answer()
{
Association assoc = Provider.Signatory.CreateAssociation(AssociationRelyingPartyType.Smart, Provider);
EncodableResponse response = EncodableResponse.PrepareDirectMessage(Protocol);
response.Fields[Protocol.openidnp.expires_in] = assoc.SecondsTillExpiration.ToString(CultureInfo.InvariantCulture);
response.Fields[Protocol.openidnp.assoc_type] = assoc.GetAssociationType(Protocol);
response.Fields[Protocol.openidnp.assoc_handle] = assoc.Handle;
response.Fields[Protocol.openidnp.session_type] = session.SessionType;
IDictionary <string, string> nvc = session.Answer(assoc.SecretKey);
foreach (var pair in nvc)
{
response.Fields[pair.Key] = nvc[pair.Key];
}
Logger.InfoFormat("Association {0} created.", assoc.Handle);
return(response);
}