public bool Validate(ProofKeyValidationInput testCase)
{
// Encode values from headers into byte[]
var accessTokenBytes = Encoding.UTF8.GetBytes(testCase.AccessToken);
var hostUrlBytes = Encoding.UTF8.GetBytes(testCase.Url.ToUpperInvariant());
var timeStampBytes = EncodeNumber(testCase.Timestamp);
// prepare a list that will be used to combine all those arrays together
List<byte> expectedProof = new List<byte>(
4 + accessTokenBytes.Length +
4 + hostUrlBytes.Length +
4 + timeStampBytes.Length);
expectedProof.AddRange(EncodeNumber(accessTokenBytes.Length));
expectedProof.AddRange(accessTokenBytes);
expectedProof.AddRange(EncodeNumber(hostUrlBytes.Length));
expectedProof.AddRange(hostUrlBytes);
expectedProof.AddRange(EncodeNumber(timeStampBytes.Length));
expectedProof.AddRange(timeStampBytes);
// create another byte[] from that list
byte[] expectedProofArray = expectedProof.ToArray();
// validate it against current and old keys in proper combinations
bool validationResult =
TryVerification(expectedProofArray, testCase.Proof, _currentKey) ||
TryVerification(expectedProofArray, testCase.OldProof, _currentKey) ||
TryVerification(expectedProofArray, testCase.Proof, _oldKey);
// TODO:
// in real code you should also check that TimeStamp header is no more than 20 minutes old
// but because we're using predefined test cases to validate that the method works
// we can't do it here.
return validationResult;
}
public bool Validate(ProofKeyValidationInput testCase)
{
// Encode values from headers into byte[]
var accessTokenBytes = Encoding.UTF8.GetBytes(testCase.AccessToken);
var hostUrlBytes = Encoding.UTF8.GetBytes(testCase.Url.ToUpperInvariant());
var timeStampBytes = EncodeNumber(testCase.Timestamp);
// prepare a list that will be used to combine all those arrays together
List <byte> expectedProof = new List <byte>(
4 + accessTokenBytes.Length +
4 + hostUrlBytes.Length +
4 + timeStampBytes.Length);
expectedProof.AddRange(EncodeNumber(accessTokenBytes.Length));
expectedProof.AddRange(accessTokenBytes);
expectedProof.AddRange(EncodeNumber(hostUrlBytes.Length));
expectedProof.AddRange(hostUrlBytes);
expectedProof.AddRange(EncodeNumber(timeStampBytes.Length));
expectedProof.AddRange(timeStampBytes);
// create another byte[] from that list
byte[] expectedProofArray = expectedProof.ToArray();
// validate it against current and old keys in proper combinations
bool validationResult =
TryVerification(expectedProofArray, testCase.Proof, _currentKey.CspBlob) ||
TryVerification(expectedProofArray, testCase.OldProof, _currentKey.CspBlob) ||
TryVerification(expectedProofArray, testCase.Proof, _oldKey.CspBlob);
// TODO:
// in real code you should also check that TimeStamp header is no more than 20 minutes old
// but because we're using predefined test cases to validate that the method works
// we can't do it here.
return(validationResult);
}
