internal static string DecryptBrokerResponse(string encryptedBrokerResponse, ICoreLogger logger) { byte[] outputBytes = Base64UrlHelpers.DecodeBytes(encryptedBrokerResponse); if (TryGetBrokerKey(out byte[] key)) { AesManaged algo = null; CryptoStream cryptoStream = null; MemoryStream memoryStream = null; try { memoryStream = new MemoryStream(outputBytes); algo = CreateSymmetricAlgorith(key); cryptoStream = new CryptoStream( memoryStream, algo.CreateDecryptor(), CryptoStreamMode.Read); using (StreamReader srDecrypt = new StreamReader(cryptoStream)) { string plaintext = srDecrypt.ReadToEnd(); return(plaintext); } } finally { memoryStream?.Dispose(); cryptoStream?.Dispose(); algo?.Dispose(); } } throw new MsalClientException( MsalError.BrokerKeyFetchFailed, MsalErrorMessage.iOSBrokerKeyFetchFailed); }
[InlineData("", "")] // Empty string public void DecodeToBytes_ValidBase64UrlString_ReturnsByteArray(string stringToDecode, string expectedDecodedString) { var expectedDecodedByteArray = Encoding.UTF8.GetBytes(expectedDecodedString); var actualDecodedByteArray = Base64UrlHelpers.DecodeBytes(stringToDecode); Assert.Equal(expectedDecodedByteArray, actualDecodedByteArray); }
public void DecodeToBytes_InvalidBase64UrlStringLength_ThrowsException() { var stringToDecodeWithInvalidLength = "MTIzNDU21"; Action decodeAction = () => Base64UrlHelpers.DecodeBytes(stringToDecodeWithInvalidLength); var exception = Assert.Throws <ArgumentException>(decodeAction); Assert.Equal(IDWebErrorMessage.InvalidBase64UrlString + " (Parameter 'str')", exception.Message); }
/// <summary> /// Creates a <see cref="KerberosSupplementalTicket"/> object from given ID token string.. /// </summary> /// <param name="idToken">ID token string.</param> /// <returns>A <see cref="KerberosSupplementalTicket"/> object if a Kerberos Ticket Claim exists in the given /// idToken parameter and is parsed correctly. Null, otherwise.</returns> public static KerberosSupplementalTicket FromIdToken(string idToken) { if (string.IsNullOrEmpty(idToken) || idToken.Length < 128) { // Token is empty or too short - ignore parsing. return(null); } string[] sections = idToken.Split('.'); if (sections.Length != 3) { // JWT should be consists of 3 parts separated with '.' return(null); } // decodes the second section containing the Kerberos Ticket claim if exists. byte[] payloadBytes = Base64UrlHelpers.DecodeBytes(sections[1]); string payload = Encoding.UTF8.GetString(payloadBytes); if (string.IsNullOrEmpty(payload)) { return(null); } // parse the JSON data and find the included Kerberos Ticket claim. JObject payloadJson = JObject.Parse(payload); JToken claimValue; if (!payloadJson.TryGetValue(KerberosClaimType, out claimValue)) { return(null); } // Kerberos Ticket claim found. // Parse the json and construct the KerberosSupplementalTicket object. string kerberosAsRep = claimValue.Value <string>(); return((KerberosSupplementalTicket)JsonConvert.DeserializeObject(kerberosAsRep, typeof(KerberosSupplementalTicket))); }
public void Decode_Bytes_New() { Base64UrlHelpers.DecodeBytes(s4); Base64UrlHelpers.DecodeBytes(s5); Base64UrlHelpers.DecodeBytes(s6); }