public static void Test()
{
var alice = Entity.Of("Alice");
var bob = Entity.Of("Bob");
var p = new SVX_Test_Concat(alice);
var req1 = new Concat2Request("A", "B");
var resp1 = SVX_Ops.Call(p.Concat2, req1);
var req2 = new Concat2Request(resp1.output, "C");
var resp2 = SVX_Ops.Call(p.Concat2, req2);
var chainResp = SVX_Ops.Call(p.Chain, resp1, resp2);
var producer = Channel.GenerateNew(bob);
var sender = Channel.GenerateNew(bob);
SVX_Ops.TransferForTesting(chainResp, producer, sender);
// Demonstrate that we can assume acts-for relationships and that
// we've axiomatized that acts-for is transitive. Of course, the
// acts-for relationships in this example do not represent the ones
// we would assume in any real protocol.
var respWithAssumption = SVX_Ops.Call(p.AssumeProducerActsForAlice, chainResp);
SVX_Ops.Certify(respWithAssumption, p.Predicate);
}
public void LoginCallback(Principal client, string idTokenResponseStr, Google_IdP idp)
{
var authorizationCodeResponse = JsonConvert.DeserializeObject <AuthorizationCodeResponse>(idTokenResponseStr);
authorizationCodeResponseStructure.Import(authorizationCodeResponse,
// We don't know who produced the redirection.
Channel.GenerateNew(SVX_Principal),
client);
var validationRequest = SVX_Ops.Call(SVX_MakeValidationRequest, authorizationCodeResponse);
validationRequestStructure.Export(validationRequest, googlePrincipal, null);
var validationRequestStr = JsonConvert.SerializeObject(validationRequest);
var validationResponseStr = idp.ValidationEndpoint(validationRequestStr);
var validationResponse = JsonConvert.DeserializeObject <ValidationResponse>(validationResponseStr);
validationResponseStructure.ImportDirectResponse(validationResponse, googlePrincipal, SVX_Principal);
// SVX will automatically detect using message IDs that
// validationResponse actually resulted from
// authorizationCodeResponse and not merely another message with
// the same SymT. This is essential for us to establish the
// relationship between authorizationCodeResponse.SVX_sender and
// validationResponse.googleUsername.
var conc = SVX_Ops.Call(SVX_SignInRP, authorizationCodeResponse, validationResponse);
SVX_Ops.Certify(conc, LoginSafety);
SVX_Ops.Certify(conc, LoginXSRFPrevention, new ParticipantId(googlePrincipal, typeof(Google_IdP)));
// AbandonAndCreateSession...
}
public string CodeEndpoint(Principal client, string codeRequestStr)
{
var req = JsonConvert.DeserializeObject <AuthorizationCodeRequest>(codeRequestStr);
authorizationCodeRequestStructure.Import(req,
// We don't know who produced the request.
Channel.GenerateNew(SVX_Principal),
client);
// In reality, AuthenticateClient couldn't be done
// synchronously, so both CodeEndpoint and AuthenticateClient
// would be broken into a start and a callback.
var idpConc = AuthenticateClient(client);
var resp = SVX_Ops.Call(SVX_MakeAuthorizationCodeResponse, req, idpConc);
authorizationCodeParamsDict[resp.authorizationCode] = new AuthorizationCodeParams
{
rpPrincipal = req.rpPrincipal,
googleUsername = idpConc.googleUsername
};
authorizationCodeResponseStructure.Export(resp, client, req.rpPrincipal);
return(JsonConvert.SerializeObject(resp));
}
public IdPAuthenticationEntry SVX_ConcludeClientAuthentication(IdPAuthenticationEntry entry)
{
var d = new SignedInDeclarer {
outer = this, entry = entry
};
SVX_Ops.Ghost(d.Declare);
VProgram_API.AssumeActsFor(entry.authenticatedClient, GoogleUserPrincipal(entry.googleUsername));
// Reuse the message... Should be able to get away with it.
return(entry);
}
IdPAuthenticationEntry AuthenticateClient(Principal client)
{
// In reality, once the user logs in, we would store the
// IdPAuthenticationEntry in the session data structure of the
// web application framework.
var username = "******";
return(SVX_Ops.Call(SVX_ConcludeClientAuthentication, new IdPAuthenticationEntry {
authenticatedClient = client,
googleUsername = username,
}));
}
public AuthenticationResponse SVX_MakeAuthenticationResponse(AuthenticationRequest req, IdPAuthenticationEntry idpConc)
{
var SignedFieldsParams = SVX_Ops.Call(SVX_MakeSignedFields, req, idpConc);
SVX.PayloadSecret <FieldsExpectedToBeSigned> SignedFields = getSignedFieldsGenerator().Generate(SignedFieldsParams, SVX_Principal);
return(new AuthenticationResponse
{
openid__op_endpoint = SVX.VProgram_API.Nondet <String>(),
openid__response_nonce = SVX.VProgram_API.Nondet <String>(),
FieldsExpectedToBeSigned = SignedFields
});
}
public AuthenticationResponse_with_id_token SVX_MakeAuthorizationResponse_with_id_token(AuthorizationRequest req, IdPAuthenticationEntry idpConc)
{
var JwtTokenBody = SVX_Ops.Call(SVX_MakeJwtTokenBody, req, idpConc);
SVX.PayloadSecret <JwtTokenBody> id_token1 = getTokenGenerator().Generate(JwtTokenBody, SVX_Principal);
AuthenticationResponse_with_id_token AuthenticationResponse_with_id_token = new AuthenticationResponse_with_id_token
{
access_token = SVX.VProgram_API.Nondet <String>(),
id_token = id_token1,
state = req.state
};
return(AuthenticationResponse_with_id_token);
}
public void LoginCallback(Principal client, string idTokenResponseStr)
{
var idTokenResponse = JsonConvert.DeserializeObject <IdTokenResponse>(idTokenResponseStr);
idTokenResponseStructure.Import(idTokenResponse,
// We don't know who produced the redirection.
Channel.GenerateNew(SVX_Principal),
client);
var conc = SVX_Ops.Call(SVX_SignInRP, idTokenResponse);
SVX_Ops.Certify(conc, LoginSafety);
SVX_Ops.Certify(conc, LoginXSRFPrevention, new ParticipantId(googlePrincipal, typeof(Google_IdP)));
// AbandonAndCreateSession...
}
public IdTokenResponse SVX_MakeIdTokenResponse(IdTokenRequest req, IdPAuthenticationEntry idpConc)
{
// In TokenEndpoint, we requested an IdPAuthenticationEntry for
// req.SVX_sender, but SVX doesn't know that, so we have to do a
// concrete check.
VProgram_API.Assert(req.SVX_sender == idpConc.authenticatedClient);
// Put this in a separate SVX method so "body" gets an active SymT.
var body = SVX_Ops.Call(SVX_MakeIdTokenBody, req, idpConc);
return(new IdTokenResponse
{
idToken = idTokenGenerator.Generate(body, SVX_Principal), // sign the token
state = req.state
});
}
public string ValidationEndpoint(string validationRequestStr)
{
Principal producer = Channel.GenerateNew(googlePrincipal);
Principal client = Channel.GenerateNew(googlePrincipal);
var req = JsonConvert.DeserializeObject <ValidationRequest>(validationRequestStr);
validationRequestStructure.Import(req,
producer,
client);
var resp = SVX_Ops.Call(SVX_MakeValidationResponse, req,
authorizationCodeParamsDict[req.authorizationCode]);
validationResponseStructure.ExportDirectResponse(resp, client, producer);
return(JsonConvert.SerializeObject(resp));
}
public string TokenEndpoint(Principal client, string idTokenRequestStr)
{
var req = JsonConvert.DeserializeObject <IdTokenRequest>(idTokenRequestStr);
idTokenRequestStructure.Import(req,
// We don't know who produced the request.
Channel.GenerateNew(SVX_Principal),
client);
// In reality, AuthenticateClient couldn't be done
// synchronously, so both TokenEndpoint and AuthenticateClient
// would be broken into a start and a callback.
var idpConc = AuthenticateClient(client);
var resp = SVX_Ops.Call(SVX_MakeIdTokenResponse, req, idpConc);
idTokenResponseStructure.Export(resp, client, req.rpPrincipal);
return(JsonConvert.SerializeObject(resp));
}
public async Task ImplicitFlow_Login_CallbackAsync(HttpContext httpContext)
{
Trace.Write("ImplicitFlow_Login_CallbackAsync");
var context = new SVAuthRequestContext(SVX_Principal, httpContext);
//REDACTED's original implementation, without detaching concdst_conckey
/*AuthenticationResponse_with_id_token authenticationResponse_with_id_token= (AuthenticationResponse_with_id_token)Utils.ObjectFromFormPost
* (context.http.Request.Form, typeof(AuthenticationResponse_with_id_token));
*/
JObject jo = detach_concdst_conckey_formpost(ref context, " ");
AuthenticationResponse_with_id_token authenticationResponse_with_id_token = (AuthenticationResponse_with_id_token)Utils.UnreflectObject(jo, typeof(AuthenticationResponse_with_id_token));;
var idp = CreateModelOIDCAuthenticationServer();
var dummyAuthorizationRequest = new AuthorizationRequest();
GetMessageStructures().authenticationResponse_with_id_token.ImportWithModel(authenticationResponse_with_id_token,
() => { idp.FakeImplicitFlowIDTokenEndpoint(dummyAuthorizationRequest, authenticationResponse_with_id_token); },
SVX.Channel.GenerateNew(SVX_Principal), // unknown producer
context.channel);
Trace.Write("Got Valid AuthenticationResponse");
if (!String.IsNullOrEmpty(authenticationResponse_with_id_token.id_token.theParams.nonce))
{
HashAlgorithm hashAlgo = SHA1.Create();
string expected_nonce = BitConverter.ToString(hashAlgo.ComputeHash(System.Text.Encoding.UTF8.GetBytes(context.channel.id)));
if (expected_nonce != authenticationResponse_with_id_token.id_token.theParams.nonce)
{
throw new Exception("invalid nonce");
}
}
GenericAuth.AuthenticationConclusion conclusion = SVX_Ops.Call(createConclusionOidcImplicit, authenticationResponse_with_id_token);
if (conclusion == null)
{
context.http.Response.StatusCode = 303;
context.http.Response.Redirect(context.http.Request.Cookies["LandingUrl"]);
return;
}
await AuthenticationDone(conclusion, context);
}
public static void Test()
{
var idp = new IdP(idpPrincipal);
var rp = new RP(rpPrincipal);
var aliceIdP = Channel.GenerateNew(idpPrincipal);
var aliceRP = Channel.GenerateNew(rpPrincipal);
var idpReq = new SignInIdPReq {
username = "******",
password = "******",
SVX_sender = aliceIdP
};
var rpReq = SVX_Ops.Call(idp.SignInIdP, idpReq);
// Imagine the SignInRPReq was signed by the IdP.
SVX_Ops.TransferForTesting(rpReq, idpPrincipal, aliceRP);
var conc = SVX_Ops.Call(rp.SignInRP, rpReq);
SVX_Ops.Certify(conc, rp.LoginSafety);
}
public async Task Login_CallbackAsync(HttpContext httpContext)
{
var idp = CreateModelOpenID20AuthenticationServer();
var dummyAuthenticationRequest = new AuthenticationRequest();
Trace.Write("Login_CallbackAsync");
var context = new SVAuthRequestContext(SVX_Principal, httpContext);
AuthenticationResponse inputMSG = parse_AuthenticationResponse(context.http);
if (inputMSG.openid__ns != "http://specs.openid.net/auth/2.0")
{
throw new Exception("Openid.ns does not contain the expected value.");
}
GetMessageStructures().authenticationResponse.ImportWithModel(inputMSG,
() => { idp.FakeAuthenticationEndpoint(dummyAuthenticationRequest, inputMSG); },
SVX.Channel.GenerateNew(SVX_Principal), // unknown producer
context.channel);
Trace.Write("Got Valid AuthenticationResponse");
GenericAuth.AuthenticationConclusion conclusion = SVX_Ops.Call(createConclusion, inputMSG);
if (conclusion == null)
{
context.http.Response.StatusCode = 303;
context.http.Response.Redirect(context.http.Request.Cookies["LandingUrl"]);
return;
}
if (Config.config.AgentSettings.agentScope != "local")
{
string s = inputMSG.FieldsExpectedToBeSigned.theParams.openid__invalidate_handle;
int delim = s.IndexOf("++");
if (delim < 7)
{
throw new Exception("invalid conckey and concdst");
}
context.conckey = s.Substring(delim + 2);
context.concdst = System.Net.WebUtility.UrlDecode(s.Substring(0, delim));
}
await AuthenticationDone(conclusion, context);
}
