/// <summary>
/// Initializes a new instance of the AuthenticatorProxy class.
/// </summary>
/// <param name="serverDomain">
/// The domain of the authenticator.
/// </param>
/// <param name="clientIdentifier">
/// The PKI-identifier of the client using the proxy.
/// </param>
/// <param name="clientPrivateKey">
/// The private key of the client.
/// </param>
public AuthenticatorProxy(string serverDomain, string clientIdentifier, byte[] clientPrivateKey)
{
Contract.Requires(MessageProcessingUtility.IsValidUrl(serverDomain));
Contract.Requires(Cryptograph.KeyExists(clientIdentifier));
Contract.Requires(Cryptograph.CheckConsistency(clientPrivateKey, clientIdentifier));
this.socket = new ClientSocket(serverDomain, clientIdentifier, clientPrivateKey);
}
/// <summary>
/// Processes a client's requested recokeAccount-operation.
/// </summary>
/// <param name="processedRequest">
/// The Request-struct representing properties of the client's
/// request.
/// </param>
/// <param name="validRequest">
/// A bool reference indicating succss of the client's request.
/// </param>
private void ProcessRevokeAccount(Request processedRequest, ref bool validRequest)
{
// The parameters for the requested operation.
string userName = processedRequest.Parameters[0];
// Check if it is legal to call this operation
ClientSession userSession = this.userSessions[userName];
bool validOperation = userSession.IsOperationValid("revokeAccount");
// If the requested operation is valid...
if (validOperation)
{
// ...check if the request is valid.
validRequest = this.authenticator.DeleteUser(userName);
if (validRequest)
{
// The user has been deleted from the authenticator database, and must
// also be deleted from the client sessions.
this.userSessions.Remove(userName);
// Multicast new user account to trusted third parties.
foreach (string trustedThirdPartyURI in this.authenticator.TrustedThirdPartyURIs)
{
ClientSocket socket = new ClientSocket(trustedThirdPartyURI, StringData.AuthUri, this.authenticatorPrivateKey);
socket.SendMessage("userdeleted", "userName=" + userName);
}
return;
}
}
validRequest = false;
}
/// <summary>
/// Processes a client's requested proceed-operation.
/// </summary>
/// <param name="processedRequest">
/// The Request-struct representing properties of the client's
/// request.
/// </param>
/// <param name="validRequest">
/// A bool reference indicating succss of the client's request.
/// </param>
/// <returns>
/// The shared secret between the client and the third party.
/// </returns>
private string ProcessProceed(Request processedRequest, ref bool validRequest)
{
// The parameters for the requested operation.
string userName = processedRequest.Parameters[0];
// Check if it is legal to call this operation
ClientSession userSession = this.userSessions[userName];
bool validOperation = userSession.IsOperationValid("proceed");
// If the requested operation is valid...
if (validOperation)
{
// ...the request is valid.
validRequest = true;
// Update the state of the client session.
userSession.ChangeStateTo(ClientSession.SessionState.AwaitRedirection);
// Generate session token for client and third party.
string sessionToken = this.GenerateToken();
Console.WriteLine("Authenticator generated session token with value: " + sessionToken);
Console.WriteLine("Authenticator sending session token to third party.");
// Send session token to third party:
ClientSocket thirdPartyClient = new ClientSocket(
userSession.ThirdPartyDomain, StringData.AuthUri, this.authenticatorPrivateKey);
thirdPartyClient.SendMessage("authtoken", "username="******"&token=" + sessionToken);
return sessionToken;
}
validRequest = false;
return null;
}
/// <summary>
/// Processes a client's requested submitKey-operation.
/// </summary>
/// <param name="processedRequest">
/// The Request-struct representing properties of the client's
/// request.
/// </param>
/// <param name="validRequest">
/// A bool reference indicating succss of the client's request.
/// </param>
private void ProcessCreateAccount(Request processedRequest, ref bool validRequest)
{
// The parameters for the requested operation.
string userName = processedRequest.Parameters[0];
string password = processedRequest.Parameters[1];
string cprNumber = processedRequest.Parameters[2];
string email = processedRequest.Parameters[3];
// ...check if the request is valid.
validRequest = this.authenticator.AddNewUser(userName, password, cprNumber, email);
if (validRequest)
{
// The new account must be added to client sessions.
this.userSessions.Add(userName, new ClientSession());
Console.WriteLine("Authenticator server multicasting new user to registered third parties.");
// Multicast new user account to trusted third parties.
foreach (string trustedThirdPartyURI in this.authenticator.TrustedThirdPartyURIs)
{
ClientSocket socket = new ClientSocket(trustedThirdPartyURI, StringData.AuthUri, this.authenticatorPrivateKey);
socket.SendMessage("newuseradded",
"userName="******"&email=" + email);
}
return;
}
validRequest = false;
}
/// <summary>
/// Initializes a new instance of the ThirdPartyHttpGenerator class.
/// </summary>
/// <param name="serverUri">The URI of the third party server.</param>
/// <param name="clientPkiId">The PKI identifier of the client sending the messages.</param>
/// <param name="clientPrivKey">The private key of the client sending the messages.</param>
public ThirdPartyHttpGenerator(string serverUri, string clientPkiId, byte[] clientPrivKey)
{
this.clientSocket = new ClientSocket(serverUri, clientPkiId, clientPrivKey);
}