private MsalTokenResponse ResultFromBrokerResponse(Dictionary <string, string> responseDictionary)
{
MsalTokenResponse brokerTokenResponse;
if (responseDictionary.ContainsKey(iOSBrokerConstants.Error) || responseDictionary.ContainsKey(iOSBrokerConstants.ErrorDescription))
{
return(MsalTokenResponse.CreateFromBrokerResponse(responseDictionary));
}
string expectedHash = responseDictionary[iOSBrokerConstants.ExpectedHash];
string encryptedResponse = responseDictionary[iOSBrokerConstants.EncryptedResponsed];
string decryptedResponse = BrokerKeyHelper.DecryptBrokerResponse(encryptedResponse, _serviceBundle.DefaultLogger);
string responseActualHash = _serviceBundle.PlatformProxy.CryptographyManager.CreateSha256Hash(decryptedResponse);
byte[] rawHash = Convert.FromBase64String(responseActualHash);
string hash = BitConverter.ToString(rawHash);
if (expectedHash.Equals(hash.Replace("-", ""), StringComparison.OrdinalIgnoreCase))
{
responseDictionary = CoreHelpers.ParseKeyValueList(decryptedResponse, '&', false, null);
brokerTokenResponse = MsalTokenResponse.CreateFromBrokerResponse(responseDictionary);
}
else
{
brokerTokenResponse = new MsalTokenResponse
{
Error = MsalError.BrokerResponseHashMismatch,
ErrorDescription = MsalErrorMessage.BrokerResponseHashMismatch
};
}
return(brokerTokenResponse);
}
private MsalTokenResponse ResultFromBrokerResponse(Dictionary <string, string> responseDictionary)
{
MsalTokenResponse brokerTokenResponse;
string expectedHash = responseDictionary[iOSBrokerConstants.ExpectedHash];
string encryptedResponse = responseDictionary[iOSBrokerConstants.EncryptedResponsed];
string decryptedResponse = BrokerKeyHelper.DecryptBrokerResponse(encryptedResponse, _logger);
string responseActualHash = _cryptoManager.CreateSha256Hash(decryptedResponse);
byte[] rawHash = Convert.FromBase64String(responseActualHash);
string hash = BitConverter.ToString(rawHash);
if (expectedHash.Equals(hash.Replace("-", ""), StringComparison.OrdinalIgnoreCase))
{
responseDictionary = CoreHelpers.ParseKeyValueList(decryptedResponse, '&', false, null);
if (!ValidateBrokerResponseNonceWithRequestNonce(responseDictionary))
{
return(new MsalTokenResponse
{
Error = MsalError.BrokerNonceMismatch,
ErrorDescription = MsalErrorMessage.BrokerNonceMismatch
});
}
if (responseDictionary.ContainsKey(iOSBrokerConstants.ApplicationToken))
{
TryWriteBrokerApplicationTokenToKeychain(
responseDictionary[BrokerResponseConst.ClientId],
responseDictionary[iOSBrokerConstants.ApplicationToken]);
}
brokerTokenResponse = MsalTokenResponse.CreateFromiOSBrokerResponse(responseDictionary);
if (responseDictionary.TryGetValue(BrokerResponseConst.BrokerErrorCode, out string errCode))
{
if (errCode == BrokerResponseConst.iOSBrokerUserCancellationErrorCode)
{
responseDictionary[BrokerResponseConst.BrokerErrorCode] = MsalError.AuthenticationCanceledError;
}
else if (errCode == BrokerResponseConst.iOSBrokerProtectionPoliciesRequiredErrorCode)
{
responseDictionary[BrokerResponseConst.BrokerErrorCode] = MsalError.ProtectionPolicyRequired;
}
}
}
else
{
brokerTokenResponse = new MsalTokenResponse
{
Error = MsalError.BrokerResponseHashMismatch,
ErrorDescription = MsalErrorMessage.BrokerResponseHashMismatch
};
}
return(brokerTokenResponse);
}
private MsalTokenResponse ResultFromBrokerResponse(Dictionary <string, string> responseDictionary)
{
MsalTokenResponse brokerTokenResponse;
string expectedHash = responseDictionary[iOSBrokerConstants.ExpectedHash];
string encryptedResponse = responseDictionary[iOSBrokerConstants.EncryptedResponsed];
string decryptedResponse = BrokerKeyHelper.DecryptBrokerResponse(encryptedResponse, _logger);
string responseActualHash = _cryptoManager.CreateSha256Hash(decryptedResponse);
byte[] rawHash = Convert.FromBase64String(responseActualHash);
string hash = BitConverter.ToString(rawHash);
if (!ValidateBrokerResponseNonceWithRequestNonce(responseDictionary))
{
return(new MsalTokenResponse
{
Error = MsalError.BrokerNonceMismatch,
ErrorDescription = MsalErrorMessage.BrokerNonceMismatch
});
}
if (expectedHash.Equals(hash.Replace("-", ""), StringComparison.OrdinalIgnoreCase))
{
responseDictionary = CoreHelpers.ParseKeyValueList(decryptedResponse, '&', false, null);
brokerTokenResponse = MsalTokenResponse.CreateFromBrokerResponse(responseDictionary);
}
else
{
brokerTokenResponse = new MsalTokenResponse
{
Error = MsalError.BrokerResponseHashMismatch,
ErrorDescription = MsalErrorMessage.BrokerResponseHashMismatch
};
}
return(brokerTokenResponse);
}
