protected virtual string BuildChallengeUrl(AuthenticationProperties properties, string redirectUrl)
        {
            var bytes = new byte[16];

            RandomNumberGenerator.Fill(bytes);
            var nonce = Base64UrlTextEncoder.Encode(bytes);

            properties.Items.Add("nonce", nonce);

            string payload = Convert.ToBase64String(Encoding.UTF8.GetBytes($"nonce={nonce}&return_sso_url={redirectUrl}?returnUrl={properties.RedirectUri}"));

            using var sha256mac = new HMACSHA256(Encoding.UTF8.GetBytes(Options.AuthenticationSecret));
            var challengeBytes = sha256mac.ComputeHash(Encoding.UTF8.GetBytes(payload));
            var codeChallenge  = BitConverter.ToString(challengeBytes).Replace("-", "").ToLower();

            var parameters = new Dictionary <string, string>
            {
                { "sso", Uri.EscapeUriString(payload) },
                { "sig", codeChallenge },
            };

            Response.Cookies.Append("StateCookie", Options.StateDataFormat.Protect(properties));

            return(QueryHelpers.AddQueryString(Options.AuthorizationEndpoint, parameters));
        }
Esempio n. 2
0
        public void DataOfVariousLengthRoundTripCorrectly()
        {
            for (int length = 0; length != 256; ++length)
            {
                var data = new byte[length];
                for (int index = 0; index != length; ++index)
                {
                    data[index] = (byte)(5 + length + (index * 23));
                }
                string text   = Base64UrlTextEncoder.Encode(data);
                byte[] result = Base64UrlTextEncoder.Decode(text);

                for (int index = 0; index != length; ++index)
                {
                    Assert.Equal(data[index], result[index]);
                }
            }
        }