/// <summary> /// Initializes an authorization grant. /// </summary> /// <param name="statePrefix">Data to prefix OAuth state with to allow disambiguation between multiple concurrent authorization requests</param> /// <param name="codeChallengeAlgorithm">Code challenge algorithm method</param> public AuthorizationGrant(byte[] statePrefix, CodeChallengeAlgorithmType codeChallengeAlgorithm = CodeChallengeAlgorithmType.S256) { CodeChallengeAlgorithm = codeChallengeAlgorithm; var rng = new RNGCryptoServiceProvider(); var random = new byte[32]; try { // Calculate random state. rng.GetBytes(random); var state = new byte[statePrefix.LongLength + random.LongLength]; try { Array.Copy(statePrefix, 0, state, 0, statePrefix.LongLength); Array.Copy(random, 0, state, statePrefix.LongLength, random.LongLength); State = new NetworkCredential("", Base64UrlEncodeNoPadding(state)).SecurePassword; State.MakeReadOnly(); } finally { // Sanitize! for (long i = 0, n = state.LongLength; i < n; i++) { state[i] = 0; } } // Calculate code verifier. rng.GetBytes(random); CodeVerifier = new NetworkCredential("", Base64UrlEncodeNoPadding(random)).SecurePassword; CodeVerifier.MakeReadOnly(); } finally { // Sanitize! for (long i = 0, n = random.LongLength; i < n; i++) { random[i] = 0; } } }
/// <summary> /// Initializes an authorization grant. /// </summary> /// <param name="authorizationEndpoint">Authorization endpoint base URI</param> /// <param name="redirectEndpoint">Redirection endpoint base URI</param> /// <param name="clientId">Should be populated before requesting authorization.</param> /// <param name="scope">Should be populated before requesting authorization. When empty, <c>scope</c> parameter is not included in authorization request URI.</param> /// <param name="codeChallengeAlgorithm">Code challenge algorithm method</param> public AuthorizationGrant(Uri authorizationEndpoint, Uri redirectEndpoint, string clientId, HashSet <string> scope, CodeChallengeAlgorithmType codeChallengeAlgorithm = CodeChallengeAlgorithmType.S256) : this(Array.Empty <byte>(), codeChallengeAlgorithm) { AuthorizationEndpoint = authorizationEndpoint; RedirectEndpoint = redirectEndpoint; ClientId = clientId; Scope = scope; }