/// <summary>
/// Creates a token from a JWT or regular access response.
/// </summary>
/// <param name="data">The token data from the server.</param>
/// <param name="isJWT">true if a JWT response is expected, or false if a straight JSON response is expected.</param>
/// <param name="obtained">The time when this token was first obtained</param>
/// <returns>The token, or null if none could be parsed.</returns>
private AccessResponse TokenFromString(string data, bool isJWT, DateTime obtained)
{
AccessResponse response = null;
if (isJWT)
{
JwtSecurityToken token;
try
{
token = new JwtSecurityToken(data);
}
catch (ArgumentException e)
{
// JwtSecurityToken constructor throws this exception if the token is
// invalid
ExceptionHandler.LogException(e, true);
token = null;
}
if (token != null)
{
var intendedURI = new Uri(NetworkConstants.SSOBaseV2);
string issuer = token.Issuer;
// Validate ISSuer
if (issuer == intendedURI.Host || issuer == intendedURI.GetLeftPart(
UriPartial.Authority))
{
response = Util.DeserializeJson <AccessResponse>(token.RawPayload);
}
else
{
EveMonClient.Trace("Rejecting invalid SSO token issuer: " + issuer);
}
}
}
else
{
response = Util.DeserializeJson <AccessResponse>(data);
}
if (response != null)
{
// Initialize time since deserializer does not call the constructor
response.Obtained = obtained;
}
return(response);
}
/// <summary>
/// Retrieves a token from the server with the specified authentication data.
/// </summary>
/// <param name="data">The POST data, either an auth code or a refresh token.</param>
/// <param name="callback">A callback to receive the new token.</param>
/// <param name="isJWT">true if a JWT response is expected, or false if a straight JSON response is expected.</param>
private void FetchToken(string data, Action <AccessResponse> callback, bool isJWT)
{
var obtained = DateTime.UtcNow;
var url = new Uri(NetworkConstants.SSOBaseV2 + NetworkConstants.SSOToken);
var rp = new RequestParams()
{
Content = data,
Method = HttpMethod.Post
};
if (!string.IsNullOrEmpty(m_secret))
{
// Non-PKCE
rp.Authentication = GetBasicAuthHeader();
}
HttpWebClientService.DownloadStringAsync(url, rp).ContinueWith((result) =>
{
AccessResponse response = null;
DownloadResult <string> taskResult;
string encodedToken;
// It must be completed or failed if ContinueWith is reached
if (result.IsFaulted)
{
ExceptionHandler.LogException(result.Exception, true);
}
else if ((taskResult = result.Result) != null)
{
// Log HTTP error if it occurred
if (taskResult.Error != null)
{
ExceptionHandler.LogException(taskResult.Error, true);
}
else if (!string.IsNullOrEmpty(encodedToken = taskResult.Result))
{
// For some reason the JWT token is not returned according to the ESI
// spec
response = TokenFromString(encodedToken, false, obtained);
}
}
Dispatcher.Invoke(() => callback?.Invoke(response));
});
}