internal void Consume(INonceStore store) { if (IsExpired) { throw new OpenIdException(string.Format(CultureInfo.CurrentCulture, Strings.ExpiredNonce, ExpirationDate, DateTime.UtcNow)); } // We could store unused nonces and remove them as they are used, or // we could store used nonces and check that they do not previously exist. // To protect against DoS attacks, it's cheaper to store fully-used ones // than half-used ones because it costs the user agent more to get that far. // Replay detection if (!store.TryStoreNonce(this)) { // We've used this nonce before! Replay attack! throw new OpenIdException(Strings.ReplayAttackDetected); } store.ClearExpiredNonces(); }
internal void Consume(INonceStore store) { if (IsExpired) throw new OpenIdException(string.Format(CultureInfo.CurrentCulture, Strings.ExpiredNonce, ExpirationDate, DateTime.UtcNow)); // We could store unused nonces and remove them as they are used, or // we could store used nonces and check that they do not previously exist. // To protect against DoS attacks, it's cheaper to store fully-used ones // than half-used ones because it costs the user agent more to get that far. // Replay detection if (!store.TryStoreNonce(this)) { // We've used this nonce before! Replay attack! throw new OpenIdException(Strings.ReplayAttackDetected); } store.ClearExpiredNonces(); }