private static void ValidateSignatureParameters(OpenlogonSignature signature, string challenge, string logonto)
{
ValidateChallenge(signature, challenge);
if (logonto != null)
{
ValidateLogonto(signature, logonto);
}
}
private static void ValidateChallenge(OpenlogonSignature signature, string challenge)
{
ChallengeVerifier.VerifyChallenge(signature, challenge);
}
private static void ValidateLogonto(OpenlogonSignature signature, string logonto)
{
SignatureProperty logontoProperty = GetSignatureProperty(signature, "logonto");
SignatureProperty requestIssuerProperty = GetSignatureProperty(signature, "RequestIssuer");
if (logontoProperty != null && requestIssuerProperty != null)
{
throw new InvalidOperationException("Invalid signature logonto and RequestIssuer parameters cannot both be set");
}
if (logontoProperty == null && requestIssuerProperty == null)
{
throw new InvalidOperationException("Invalid signature either logonto or RequestIssuer parameters must be set");
}
if (logontoProperty != null)
{
String logontoPropertyValue = logontoProperty.Value;
if (logontoPropertyValue != logonto)
{
throw new ServiceProviderException("Invalid signature logonto parameter does not match expected value. Expected: "
+ logonto + " actual: " + logontoPropertyValue);
}
}
if (requestIssuerProperty != null)
{
String requestIssuerValue = requestIssuerProperty.Value;
if (requestIssuerValue != logonto)
{
throw new ServiceProviderException("Invalid signature RequestIssuer parameter does not match expected value. Expected: "
+ logonto + " actual: " + requestIssuerValue);
}
}
}
private static SignatureProperty GetSignatureProperty(OpenlogonSignature signature, string propertyKey)
{
try
{
return signature.SignatureProperties[propertyKey];
}
catch (KeyNotFoundException)
{
return null;
}
}
