Esempio n. 1
0
    /// <inheritdoc/>
    public AuthorityValidationResult IsEndpointValid(string endpoint, IEnumerable <string> allowedAuthorities)
    {
        if (string.IsNullOrEmpty(endpoint))
        {
            return(AuthorityValidationResult.CreateError("endpoint is empty"));
        }

        if (!Uri.TryCreate(endpoint.RemoveTrailingSlash(), UriKind.Absolute, out var endpointUrl))
        {
            return(AuthorityValidationResult.CreateError("Endpoint is not a valid URL"));
        }

        foreach (string authority in allowedAuthorities)
        {
            if (!Uri.TryCreate(authority.RemoveTrailingSlash(), UriKind.Absolute, out var authorityUrl))
            {
                throw new ArgumentOutOfRangeException("Authority must be a URL.", nameof(allowedAuthorities));
            }

            string expectedString = authorityUrl.ToString();
            string testString     = endpointUrl.ToString();

            if (testString.StartsWith(expectedString, StringComparison.Ordinal))
            {
                return(AuthorityValidationResult.SuccessResult);
            }
        }

        return(AuthorityValidationResult.CreateError($"Endpoint belongs to different authority: {endpoint}"));
    }
Esempio n. 2
0
    /// <summary>
    /// String comparison between issuer and authority (trailing slash ignored).
    /// </summary>
    /// <param name="issuerName"></param>
    /// <param name="expectedAuthority"></param>
    /// <returns></returns>
    public AuthorityValidationResult IsIssuerNameValid(string issuerName, string expectedAuthority)
    {
        if (string.IsNullOrWhiteSpace(issuerName))
        {
            return(AuthorityValidationResult.CreateError("Issuer name is missing"));
        }

        if (string.Equals(issuerName.RemoveTrailingSlash(), expectedAuthority.RemoveTrailingSlash(), _stringComparison))
        {
            return(AuthorityValidationResult.SuccessResult);
        }

        return(AuthorityValidationResult.CreateError("Issuer name does not match authority: " + issuerName));
    }
Esempio n. 3
0
    /// <summary>
    /// String "starts with" comparison between endpoint and allowed authorities.
    /// </summary>
    /// <param name="endpoint"></param>
    /// <param name="allowedAuthorities"></param>
    /// <returns></returns>
    public AuthorityValidationResult IsEndpointValid(string endpoint, IEnumerable <string> allowedAuthorities)
    {
        if (string.IsNullOrEmpty(endpoint))
        {
            return(AuthorityValidationResult.CreateError("endpoint is empty"));
        }

        foreach (string authority in allowedAuthorities)
        {
            if (endpoint.StartsWith(authority, _stringComparison))
            {
                return(AuthorityValidationResult.SuccessResult);
            }
        }

        return(AuthorityValidationResult.CreateError($"Endpoint belongs to different authority: {endpoint}"));
    }
Esempio n. 4
0
    /// <inheritdoc/>
    public AuthorityValidationResult IsIssuerNameValid(string issuerName, string expectedAuthority)
    {
        if (!Uri.TryCreate(expectedAuthority.RemoveTrailingSlash(), UriKind.Absolute, out var expectedAuthorityUrl))
        {
            throw new ArgumentOutOfRangeException("Authority must be a valid URL.", nameof(expectedAuthority));
        }

        if (string.IsNullOrWhiteSpace(issuerName))
        {
            return(AuthorityValidationResult.CreateError("Issuer name is missing"));
        }

        if (!Uri.TryCreate(issuerName.RemoveTrailingSlash(), UriKind.Absolute, out var issuerUrl))
        {
            return(AuthorityValidationResult.CreateError("Issuer name is not a valid URL"));
        }

        if (expectedAuthorityUrl.Equals(issuerUrl))
        {
            return(AuthorityValidationResult.SuccessResult);
        }

        return(AuthorityValidationResult.CreateError("Issuer name does not match authority: " + issuerName));
    }