コード例 #1
0
        public IToken Parse(string[] tokens)
        {
            var paramValues = new Dictionary <ParamValue.Param, ParamValue>();

            for (int i = 0; i < tokens.Length; i++)
            {
                var chunkParser = new ChunkParser(tokens[i], i == 0 ? AUTH_SCHEME : null);
                do
                {
                    var currentParamValue = chunkParser.Current;
                    if (currentParamValue == null)
                    {
                        continue;
                    }

                    if (paramValues.ContainsKey(currentParamValue.Key))
                    {
                        paramValues[currentParamValue.Key] = paramValues[currentParamValue.Key].Concat(currentParamValue);
                    }
                    else
                    {
                        paramValues[currentParamValue.Key] = currentParamValue;
                    }
                } while (chunkParser.MoveNext());
            }

            CheckMissingParams(paramValues);

            var samlToken = Encoding.UTF8.GetString(
                Decompress(
                    Convert.FromBase64String(
                        paramValues[ParamValue.Param.token].Value)));

            var nonce = Nonce.FromString(paramValues[ParamValue.Param.nonce].Value);

            var signAlgorithm = SigningAlgorithmConverter.StringToEnum(paramValues[ParamValue.Param.signature_alg].Value);

            byte[] bodyHash = null;
            if (paramValues.ContainsKey(ParamValue.Param.bodyhash))
            {
                bodyHash = Convert.FromBase64String(paramValues[ParamValue.Param.bodyhash].Value);
            }

            var signature = Convert.FromBase64String(paramValues[ParamValue.Param.signature].Value);

            return(new Token(samlToken, nonce, signAlgorithm, bodyHash, signature));
        }
コード例 #2
0
        public void VerifyAgeAndRepeatOnNewRequest(Nonce nonce)
        {
            Nonce notPreviousThan =
                Nonce.FromDate(DateTime.Now.Subtract(new TimeSpan(0, 0, 0, _maxRequestAgeSec + _clockToleranceSec)));

            if (nonce.CompareTo(notPreviousThan) < 0)
            {
                throw new AuthException(Resources.Request_Is_Quite_Old);
            }

            lock (_lastIds) {
                PurgeOlder(notPreviousThan);
                if (_lastIds.Contains(nonce))
                {
                    throw new AuthException(Resources.Repeat_Attack_Alert);
                }
                _lastIds.Add(nonce);
            }
        }
コード例 #3
0
 private void PurgeOlder(Nonce notPreviousThan)
 {
     _lastIds.RemoveWhere(current => current.CompareTo(notPreviousThan) < 0);
 }