static void verifyNonceUnused(IDictionary <string, string> query, ServiceEndpoint endpoint, IRelyingPartyApplicationStore store)
{
if (endpoint.Protocol.Version.Major < 2)
{
return; // nothing to validate
}
if (store == null)
{
return; // we'll pass verifying the nonce responsibility to the OP
}
Logger.Debug("Verifying nonce is unused...");
var nonce = new Nonce(Util.GetRequiredArg(query, endpoint.Protocol.openid.response_nonce), true);
nonce.Consume(store);
}
/// <summary>
/// Deserializes a token returned to us from the provider and verifies its integrity.
/// </summary>
/// <remarks>
/// As part of deserialization, the signature is verified to check
/// for tampering, and the nonce (if included by the RP) is also checked.
/// If no signature is present (due to stateless mode), the endpoint is verified
/// by discovery (slow but secure).
/// </remarks>
public static Token Deserialize(string token, INonceStore store)
{
byte[] tok;
try {
tok = Convert.FromBase64String(token);
} catch (FormatException ex) {
throw new OpenIdException(string.Format(CultureInfo.CurrentCulture,
Strings.ExpectedBase64OpenIdQueryParameter, token), null, ex);
}
if (tok.Length < 1)
{
throw new OpenIdException(Strings.InvalidSignature);
}
bool signaturePresent = tok[0] == 1;
bool signatureVerified = false;
MemoryStream dataStream;
if (signaturePresent)
{
if (persistSignature(store))
{
// Verify the signature to guarantee that our state hasn't been
// tampered with in transit or on the provider.
HashAlgorithm hmac = createHashAlgorithm(store);
int signatureLength = hmac.HashSize / 8;
dataStream = new MemoryStream(tok, 1 + signatureLength, tok.Length - 1 - signatureLength);
byte[] newSig = hmac.ComputeHash(dataStream);
dataStream.Position = 0;
if (tok.Length - 1 < newSig.Length)
{
throw new OpenIdException(Strings.InvalidSignature);
}
for (int i = 0; i < newSig.Length; i++)
{
if (tok[i + 1] != newSig[i])
{
throw new OpenIdException(Strings.InvalidSignature);
}
}
signatureVerified = true;
}
else
{
// Oops, we have no application state, so we have no way of validating the signature.
throw new OpenIdException(Strings.InconsistentAppState);
}
}
else
{
dataStream = new MemoryStream(tok, 1, tok.Length - 1);
}
StreamReader reader = new StreamReader(dataStream);
ServiceEndpoint endpoint = ServiceEndpoint.Deserialize(reader);
Nonce nonce = null;
if (signatureVerified && persistNonce(endpoint, store))
{
nonce = new Nonce(reader.ReadLine(), false);
nonce.Consume(store);
}
if (!signatureVerified)
{
verifyEndpointByDiscovery(endpoint);
}
return(new Token(nonce, endpoint));
}
/// <summary>
/// Deserializes a token returned to us from the provider and verifies its integrity.
/// </summary>
/// <remarks>
/// As part of deserialization, the signature is verified to check
/// for tampering, and the nonce (if included by the RP) is also checked.
/// If no signature is present (due to stateless mode), the endpoint is verified
/// by discovery (slow but secure).
/// </remarks>
public static Token Deserialize(string token, INonceStore store) {
byte[] tok = Convert.FromBase64String(token);
if (tok.Length < 1) throw new OpenIdException(Strings.InvalidSignature);
bool signaturePresent = tok[0] == 1;
bool signatureVerified = false;
MemoryStream dataStream;
if (signaturePresent) {
if (persistSignature(store)) {
// Verify the signature to guarantee that our state hasn't been
// tampered with in transit or on the provider.
HashAlgorithm hmac = createHashAlgorithm(store);
int signatureLength = hmac.HashSize / 8;
dataStream = new MemoryStream(tok, 1 + signatureLength, tok.Length - 1 - signatureLength);
byte[] newSig = hmac.ComputeHash(dataStream);
dataStream.Position = 0;
if (tok.Length - 1 < newSig.Length)
throw new OpenIdException(Strings.InvalidSignature);
for (int i = 0; i < newSig.Length; i++)
if (tok[i + 1] != newSig[i])
throw new OpenIdException(Strings.InvalidSignature);
signatureVerified = true;
} else {
// Oops, we have no application state, so we have no way of validating the signature.
throw new OpenIdException(Strings.InconsistentAppState);
}
} else {
dataStream = new MemoryStream(tok, 1, tok.Length - 1);
}
StreamReader reader = new StreamReader(dataStream);
ServiceEndpoint endpoint = ServiceEndpoint.Deserialize(reader);
Nonce nonce = null;
if (signatureVerified && persistNonce(endpoint, store)) {
nonce = new Nonce(reader.ReadLine(), false);
nonce.Consume(store);
}
if (!signatureVerified) {
verifyEndpointByDiscovery(endpoint);
}
return new Token(nonce, endpoint);
}