private MsalTokenResponse ResultFromBrokerResponse(Dictionary <string, string> responseDictionary) { MsalTokenResponse brokerTokenResponse; if (responseDictionary.ContainsKey(iOSBrokerConstants.Error) || responseDictionary.ContainsKey(iOSBrokerConstants.ErrorDescription)) { return(MsalTokenResponse.CreateFromBrokerResponse(responseDictionary)); } string expectedHash = responseDictionary[iOSBrokerConstants.ExpectedHash]; string encryptedResponse = responseDictionary[iOSBrokerConstants.EncryptedResponsed]; string decryptedResponse = BrokerKeyHelper.DecryptBrokerResponse(encryptedResponse, _serviceBundle.DefaultLogger); string responseActualHash = _serviceBundle.PlatformProxy.CryptographyManager.CreateSha256Hash(decryptedResponse); byte[] rawHash = Convert.FromBase64String(responseActualHash); string hash = BitConverter.ToString(rawHash); if (expectedHash.Equals(hash.Replace("-", ""), StringComparison.OrdinalIgnoreCase)) { responseDictionary = CoreHelpers.ParseKeyValueList(decryptedResponse, '&', false, null); brokerTokenResponse = MsalTokenResponse.CreateFromBrokerResponse(responseDictionary); } else { brokerTokenResponse = new MsalTokenResponse { Error = MsalError.BrokerResponseHashMismatch, ErrorDescription = MsalErrorMessage.BrokerResponseHashMismatch }; } return(brokerTokenResponse); }
private MsalTokenResponse ResultFromBrokerResponse(Dictionary <string, string> responseDictionary) { MsalTokenResponse brokerTokenResponse; string expectedHash = responseDictionary[iOSBrokerConstants.ExpectedHash]; string encryptedResponse = responseDictionary[iOSBrokerConstants.EncryptedResponsed]; string decryptedResponse = BrokerKeyHelper.DecryptBrokerResponse(encryptedResponse, _logger); string responseActualHash = _cryptoManager.CreateSha256Hash(decryptedResponse); byte[] rawHash = Convert.FromBase64String(responseActualHash); string hash = BitConverter.ToString(rawHash); if (expectedHash.Equals(hash.Replace("-", ""), StringComparison.OrdinalIgnoreCase)) { responseDictionary = CoreHelpers.ParseKeyValueList(decryptedResponse, '&', false, null); if (!ValidateBrokerResponseNonceWithRequestNonce(responseDictionary)) { return(new MsalTokenResponse { Error = MsalError.BrokerNonceMismatch, ErrorDescription = MsalErrorMessage.BrokerNonceMismatch }); } if (responseDictionary.ContainsKey(iOSBrokerConstants.ApplicationToken)) { TryWriteBrokerApplicationTokenToKeychain( responseDictionary[BrokerResponseConst.ClientId], responseDictionary[iOSBrokerConstants.ApplicationToken]); } brokerTokenResponse = MsalTokenResponse.CreateFromiOSBrokerResponse(responseDictionary); if (responseDictionary.TryGetValue(BrokerResponseConst.BrokerErrorCode, out string errCode)) { if (errCode == BrokerResponseConst.iOSBrokerUserCancellationErrorCode) { responseDictionary[BrokerResponseConst.BrokerErrorCode] = MsalError.AuthenticationCanceledError; } else if (errCode == BrokerResponseConst.iOSBrokerProtectionPoliciesRequiredErrorCode) { responseDictionary[BrokerResponseConst.BrokerErrorCode] = MsalError.ProtectionPolicyRequired; } } } else { brokerTokenResponse = new MsalTokenResponse { Error = MsalError.BrokerResponseHashMismatch, ErrorDescription = MsalErrorMessage.BrokerResponseHashMismatch }; } return(brokerTokenResponse); }
private MsalTokenResponse ResultFromBrokerResponse(Dictionary <string, string> responseDictionary) { MsalTokenResponse brokerTokenResponse; string expectedHash = responseDictionary[iOSBrokerConstants.ExpectedHash]; string encryptedResponse = responseDictionary[iOSBrokerConstants.EncryptedResponsed]; string decryptedResponse = BrokerKeyHelper.DecryptBrokerResponse(encryptedResponse, _logger); string responseActualHash = _cryptoManager.CreateSha256Hash(decryptedResponse); byte[] rawHash = Convert.FromBase64String(responseActualHash); string hash = BitConverter.ToString(rawHash); if (!ValidateBrokerResponseNonceWithRequestNonce(responseDictionary)) { return(new MsalTokenResponse { Error = MsalError.BrokerNonceMismatch, ErrorDescription = MsalErrorMessage.BrokerNonceMismatch }); } if (expectedHash.Equals(hash.Replace("-", ""), StringComparison.OrdinalIgnoreCase)) { responseDictionary = CoreHelpers.ParseKeyValueList(decryptedResponse, '&', false, null); brokerTokenResponse = MsalTokenResponse.CreateFromBrokerResponse(responseDictionary); } else { brokerTokenResponse = new MsalTokenResponse { Error = MsalError.BrokerResponseHashMismatch, ErrorDescription = MsalErrorMessage.BrokerResponseHashMismatch }; } return(brokerTokenResponse); }