internal void Consume(INonceStore store)
{
if (IsExpired)
{
throw new OpenIdException(string.Format(CultureInfo.CurrentCulture,
Strings.ExpiredNonce, ExpirationDate, DateTime.UtcNow));
}
// We could store unused nonces and remove them as they are used, or
// we could store used nonces and check that they do not previously exist.
// To protect against DoS attacks, it's cheaper to store fully-used ones
// than half-used ones because it costs the user agent more to get that far.
// Replay detection
if (!store.TryStoreNonce(this))
{
// We've used this nonce before! Replay attack!
throw new OpenIdException(Strings.ReplayAttackDetected);
}
store.ClearExpiredNonces();
}
internal void Consume(INonceStore store) {
if (IsExpired)
throw new OpenIdException(string.Format(CultureInfo.CurrentCulture,
Strings.ExpiredNonce, ExpirationDate, DateTime.UtcNow));
// We could store unused nonces and remove them as they are used, or
// we could store used nonces and check that they do not previously exist.
// To protect against DoS attacks, it's cheaper to store fully-used ones
// than half-used ones because it costs the user agent more to get that far.
// Replay detection
if (!store.TryStoreNonce(this)) {
// We've used this nonce before! Replay attack!
throw new OpenIdException(Strings.ReplayAttackDetected);
}
store.ClearExpiredNonces();
}
