public void LoginCallback(Principal client, string idTokenResponseStr, Google_IdP idp)
{
var authorizationCodeResponse = JsonConvert.DeserializeObject <AuthorizationCodeResponse>(idTokenResponseStr);
authorizationCodeResponseStructure.Import(authorizationCodeResponse,
// We don't know who produced the redirection.
Channel.GenerateNew(SVX_Principal),
client);
var validationRequest = SVX_Ops.Call(SVX_MakeValidationRequest, authorizationCodeResponse);
validationRequestStructure.Export(validationRequest, googlePrincipal, null);
var validationRequestStr = JsonConvert.SerializeObject(validationRequest);
var validationResponseStr = idp.ValidationEndpoint(validationRequestStr);
var validationResponse = JsonConvert.DeserializeObject <ValidationResponse>(validationResponseStr);
validationResponseStructure.ImportDirectResponse(validationResponse, googlePrincipal, SVX_Principal);
// SVX will automatically detect using message IDs that
// validationResponse actually resulted from
// authorizationCodeResponse and not merely another message with
// the same SymT. This is essential for us to establish the
// relationship between authorizationCodeResponse.SVX_sender and
// validationResponse.googleUsername.
var conc = SVX_Ops.Call(SVX_SignInRP, authorizationCodeResponse, validationResponse);
SVX_Ops.Certify(conc, LoginSafety);
SVX_Ops.Certify(conc, LoginXSRFPrevention, new ParticipantId(googlePrincipal, typeof(Google_IdP)));
// AbandonAndCreateSession...
}
public static void Test()
{
var alice = Entity.Of("Alice");
var bob = Entity.Of("Bob");
var p = new SVX_Test_Concat(alice);
var req1 = new Concat2Request("A", "B");
var resp1 = SVX_Ops.Call(p.Concat2, req1);
var req2 = new Concat2Request(resp1.output, "C");
var resp2 = SVX_Ops.Call(p.Concat2, req2);
var chainResp = SVX_Ops.Call(p.Chain, resp1, resp2);
var producer = Channel.GenerateNew(bob);
var sender = Channel.GenerateNew(bob);
SVX_Ops.TransferForTesting(chainResp, producer, sender);
// Demonstrate that we can assume acts-for relationships and that
// we've axiomatized that acts-for is transitive. Of course, the
// acts-for relationships in this example do not represent the ones
// we would assume in any real protocol.
var respWithAssumption = SVX_Ops.Call(p.AssumeProducerActsForAlice, chainResp);
SVX_Ops.Certify(respWithAssumption, p.Predicate);
}
public void LoginCallback(Principal client, string idTokenResponseStr)
{
var idTokenResponse = JsonConvert.DeserializeObject <IdTokenResponse>(idTokenResponseStr);
idTokenResponseStructure.Import(idTokenResponse,
// We don't know who produced the redirection.
Channel.GenerateNew(SVX_Principal),
client);
var conc = SVX_Ops.Call(SVX_SignInRP, idTokenResponse);
SVX_Ops.Certify(conc, LoginSafety);
SVX_Ops.Certify(conc, LoginXSRFPrevention, new ParticipantId(googlePrincipal, typeof(Google_IdP)));
// AbandonAndCreateSession...
}
public static void Test()
{
var idp = new IdP(idpPrincipal);
var rp = new RP(rpPrincipal);
var aliceIdP = Channel.GenerateNew(idpPrincipal);
var aliceRP = Channel.GenerateNew(rpPrincipal);
var idpReq = new SignInIdPReq {
username = "******",
password = "******",
SVX_sender = aliceIdP
};
var rpReq = SVX_Ops.Call(idp.SignInIdP, idpReq);
// Imagine the SignInRPReq was signed by the IdP.
SVX_Ops.TransferForTesting(rpReq, idpPrincipal, aliceRP);
var conc = SVX_Ops.Call(rp.SignInRP, rpReq);
SVX_Ops.Certify(conc, rp.LoginSafety);
}
