public override SignInIdP_Resp_SignInRP_Req SignInIdP(SignInIdP_Req req1)
{
AuthenticationRequest req = (AuthenticationRequest)req1;
Contract.Assume(GlobalObjects_base.SignInIdP_Req.IdPSessionSecret == req.IdPSessionSecret);
if (req == null)
{
return(null);
}
ID_Claim _ID_Claim = Process_SignInIdP_req(req);
if (_ID_Claim == null)
{
return(null);
}
AuthenticationResponse resp = (AuthenticationResponse)Redir(_ID_Claim.Redir_dest, _ID_Claim);
resp.realm = req.realm;
resp.identity = req.identity;
resp.ns = req.ns;
resp.mode = req.mode;
CST_Ops.recordme(this, req, resp, true, false);
return(resp);
}
public Message invoke(Message in_msg)
{
CST_Ops.recordme(this, in_msg, conclusion);
conclusion.value = in_msg.value;
conclusion.largestParty = in_msg.largestParty;
conclusion.SignedBy = in_msg.SignedBy;
if (conclusion.value < data)
{
conclusion.largestParty = "Charles";
conclusion.value = data;
}
conclusion.SignedBy = "Charles";
if (conclude(conclusion))
{
conclusion.certified = true;
Console.WriteLine("The largest party is " + conclusion.largestParty + ".");
}
else
{
conclusion.certified = false;
Console.WriteLine("Not verified.");
}
return(conclusion);
}
public override SignInRP_Resp SignInRP(SignInIdP_Resp_SignInRP_Req req1)
{
AuthenticationResponse req = (AuthenticationResponse)req1;
if (req == null)
{
return(null);
}
AuthenticationConclusion conclusion = Process_SignInRP_req(req);
if (conclusion == null)
{
return(null);
}
CST_Ops.recordme(this, req, conclusion, true);
if (AuthenticationDone(conclusion))
{
return(new SignInRP_Resp());
}
else
{
return(null);
}
}
public override TokenResponse callTokenEndpoint(TokenRequest req)
{
TokenResponse tr = base.callTokenEndpoint(req);
CST_Ops.recordme(new OpenIDConnectNameSpace.AuthorizationServerImpl(), req, tr, typeof(OpenIDProvider).GetMethod("TokenEndpoint"), "live.com", false, false);
return(tr);
}
protected AccessTokenResponse TokenEndpoint(AccessTokenRequest req)
{
AccessTokenEntry AccessTokenEntry;
string IdPSessionSecret;
if (req == null)
{
return(null);
}
AccessTokenResponse resp = new AccessTokenResponse();
CST_Ops.recordme(this, req, resp);
switch (req.grant_type)
{
case "authorization_code":
IdPSessionSecret = AuthorizationCodeRecs.findISSByClientIDAndCode(req.client_id /*, req.UserID*/, req.code);
if (IdPSessionSecret == null)
{
return(null);
}
AuthorizationCodeEntry AuthCodeEntry = (AuthorizationCodeEntry)AuthorizationCodeRecs.getEntry(IdPSessionSecret, req.client_id);
if (AuthCodeEntry.redirect_uri != req.redirect_uri)
{
return(null);
}
AccessTokenEntry = createAccessTokenEntry(AuthCodeEntry.redirect_uri, AuthCodeEntry.scope, AuthCodeEntry.state);
if (AccessTokenRecs.setEntry(AccessTokenEntry.access_token, req.client_id, req.UserID, AccessTokenEntry) == false)
{
return(null);
}
resp.access_token = AccessTokenEntry.access_token;
resp.refresh_token = AccessTokenEntry.refresh_token;
resp.scope = AccessTokenEntry.scope;
return(resp);
case "refresh_token":
IdPSessionSecret = AccessTokenRecs.findISSByClientIDAndRefreshToken(req.client_id, req.UserID, req.code);
if (IdPSessionSecret == null)
{
return(null);
}
AccessTokenEntry = (AccessTokenEntry)AccessTokenRecs.getEntry(req.access_token, req.client_id, req.UserID);
AccessTokenEntry newAccessTokenEntry = createAccessTokenEntry(AccessTokenEntry.redirect_uri, AccessTokenEntry.scope, AccessTokenEntry.state);
if (AccessTokenRecs.setEntry(newAccessTokenEntry.access_token, req.client_id, req.UserID, newAccessTokenEntry) == false)
{
return(null);
}
resp.access_token = AccessTokenEntry.access_token;
resp.refresh_token = AccessTokenEntry.refresh_token;
resp.scope = AccessTokenEntry.scope;
return(resp);
default:
return(null);
}
}
public Message invoke(Message in_msg)
{
Message out_msg = new Message();
CST_Ops.recordme(this, in_msg, out_msg);
out_msg.value = data;
out_msg.largestParty = "Alice";
out_msg.SignedBy = "Alice";
return(out_msg);
}
public bool conclude(ValidateTokenResponse tresq)
{
AuthorizationConclusion conclusion = new AuthorizationConclusion();
conclusion.UserID = tresq.UserID;
conclusion.Realm = tresq.Realm;
conclusion.permissions = tresq.claimed_scope;
CST_Ops.recordme(this, tresq, conclusion, false, true);
conclusion = pre_AuthDone(conclusion);
return(ResourceRequestDone(conclusion));
}
public TokenRequest constructTokenRequest(AuthenticationResponse codeResp)
{
TokenRequest tokenReq = new TokenRequest();
tokenReq.code = codeResp.code;
tokenReq.grant_type = "authorization_code";
tokenReq.redirect_uri = return_uri;
tokenReq.client_id = client_id;
tokenReq = pre_send_TokenRequest(tokenReq);
CST_Ops.recordme(this, codeResp, tokenReq);
return(tokenReq);
}
public virtual bool AuthenticationDone(AuthenticationConclusion conclusion)
{
bool CST_verified = CST_Ops.Certify(conclusion);
if (CurrentSession["UserID"] != null)
{
CurrentSession["UserID"] = CST_verified?conclusion.SessionUID:"";
}
else
{
CurrentSession.Add("UserID", CST_verified ? conclusion.SessionUID : "");
}
return(CST_verified);
}
public AuthenticationRequest RequestAuthentication(AuthenticationResponse resp)
{
var req = new AuthenticationRequest();
req.realm = this.Domain;
req.identity = "http://specs.openid.net/auth/2.0/identifier_select";
req.ns = "http://specs.openid.net/auth/2.0";
req.claimed_id = "http://specs.openid.net/auth/2.0/identifier_select";
req.mode = "checkid_setup";
req.return_to = this.Domain;
CST_Ops.recordme(this, resp, req);
return(req);
}
public AuthenticationConclusion conclude(TokenResponse tokenResp)
{
AuthenticationConclusion conclusion = new AuthenticationConclusion();
conclusion.SessionUID = tokenResp.id_token.Claims.UserId;
CST_Ops.recordme(this, tokenResp, conclusion, false, true);
conclusion = pre_AuthDone(conclusion);
if (AuthenticationDone(conclusion))
{
return(conclusion);
}
return(null);
}
public ValidateTokenRequest createValidateTokenRequest(ResourceRequest res_req)
{
ValidateTokenRequest vtreq = new ValidateTokenRequest();
vtreq.access_token = res_req.access_token;
vtreq.scope = res_req.scope;
vtreq.UserID = res_req.UserID;
vtreq.client_id = this.Realm;
vtreq = pre_ValidateTokenRequest(vtreq);
CST_Ops.recordme(this, res_req, vtreq);
return(vtreq);
}
public Message invoke(Message in_msg)
{
Message out_msg = new Message();
CST_Ops.recordme(this, in_msg, out_msg);
out_msg.value = in_msg.value;
out_msg.largestParty = in_msg.largestParty;
if (out_msg.value < data)
{
out_msg.value = data;
out_msg.largestParty = "Bob";
}
out_msg.SignedBy = "Bob";
return(out_msg);
}
public override AuthTicket_Resp ValidateTicket(AuthTicket_Req vtr)
{
Contract.Assume(vtr == GlobalObjects_base.AuthTicket_Req);
ValidateTokenRequest req = (ValidateTokenRequest)vtr;
AccessTokenEntry tokenEntry = (AccessTokenEntry)AccessTokenRecs.getEntry(req.access_token, req.client_id, req.UserID);
if (req.client_id != tokenEntry.Realm || req.UserID != tokenEntry.UserID || tokenEntry.permissions.permissionSet.IsSupersetOf(req.scope.permissionSet) == false)
{
return(null);
}
ValidateTokenResponse resp = (ValidateTokenResponse)Process_ValidateTicket(req, tokenEntry);
CST_Ops.recordme(this, req, resp, false, false);
return(resp);
}
public TokenResponse TokenEndpoint(TokenRequest req)
{
IDTokenAndAccessTokenEntry IDTokenAndAccessTokenEntry;
TokenResponse resp = new TokenResponse();
CST_Ops.recordme(this, req, resp, false, false);
string IdPSessionSecret;
if (req == null)
{
return(null);
}
switch (req.grant_type)
{
case "authorization_code":
IdPSessionSecret = AuthorizationCodeRecs.findISSByClientIDAndCode(req.client_id /*, req.UserID*/, req.code);
if (IdPSessionSecret == null)
{
return(null);
}
AuthorizationCodeEntry AuthCodeEntry = (AuthorizationCodeEntry)AuthorizationCodeRecs.getEntry(IdPSessionSecret, req.client_id);
if (AuthCodeEntry.Redir_dest != req.redirect_uri)
{
return(null);
}
IDTokenAndAccessTokenEntry = (IDTokenAndAccessTokenEntry)createAccessTokenEntry(AuthCodeEntry.redirect_uri, AuthCodeEntry.scope, AuthCodeEntry.state);
if (IDTokenAndAccessTokenRecs.setEntry(req.access_token, req.client_id, AuthCodeEntry.UserID, IDTokenAndAccessTokenEntry) == false)
{
return(null);
}
resp.access_token = IDTokenAndAccessTokenEntry.access_token;
resp.refresh_token = IDTokenAndAccessTokenEntry.refresh_token;
resp.scope = IDTokenAndAccessTokenEntry.scope;
resp.id_token = IDTokenAndAccessTokenEntry.id_token;
resp.id_token.Claims.UserId = AuthCodeEntry.UserID;
return(resp);
}
return(null);
}
public override ValidateTokenResponse callValidateTokenEndpoint(ValidateTokenRequest treq)
{
ValidateTokenResponse vtr = new ValidateTokenResponse();
FBPermssionData fbPermssionData = new FBPermssionData();
string url = TokenEndpointUrl + "/" + treq.UserID + "/permissions?access_token=" + treq.access_token.token;
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(FBPermssionData));
fbPermssionData = serializer.ReadObject(response.GetResponseStream()) as FBPermssionData;
CST_Ops.recordme(new OAuth20NameSpace.AuthorizationServerImpl(), treq, vtr, typeof(AuthorizationServer).GetMethod("ValidateTicket"), "facebook.com", false, false);
vtr.UserID = treq.UserID;
vtr.scope = treq.scope;
vtr.access_token = treq.access_token;
return(vtr);
}
protected void LoginBtn_Click(Object sender, EventArgs e)
{
expecting_redir = true;
YahooAuthenticationResponse req = new YahooAuthenticationResponse();
var resp = RP.RequestAuthentication(req);
/* HACK for Yahoo IdP */
YahooAuthenticationRequest new_resq = new YahooAuthenticationRequest();
new_resq.claimed_id = resp.claimed_id;
new_resq.identity = resp.identity;
new_resq.return_to = resp.return_to;
new_resq.realm = resp.realm;
new_resq.ns = resp.ns;
new_resq.mode = resp.mode;
CST_Ops.recordme(new OpenID20NameSpace.AuthorizationServerImpl(), resp, new_resq, typeof(AuthorizationServerImpl).GetMethod("SignInIdP"), "yahoo.com", true, false);
string final_url = RP.GenerateURL(new_resq);
Response.Redirect(final_url);
}
public FileResult Verify(string SymT, string token)
{
var user = UserManager.FindById(token);
if (user != null)
{
string vfolder = @"C:\CST\vprogram\";
if (Request.Files.Count > 0)
{
HttpPostedFileBase assertionFile = null, programFile = null;
string assertionFileName = "Assertion.cs", programFileName = "Program.cs";
for (int i = 0; i < Request.Files.Count; i++)
{
HttpPostedFileBase file = Request.Files[i];
if (file != null && file.ContentLength > 0)
{
var fileName = Path.GetFileName(file.FileName);
if (file.FileName.Equals(assertionFileName))
{
assertionFile = file;
}
else if (file.FileName.Equals(programFileName))
{
programFile = file;
}
}
}
if (assertionFile != null && programFile != null)
{
byte[] time = BitConverter.GetBytes(DateTime.UtcNow.ToBinary());
byte[] key = Guid.NewGuid().ToByteArray();
string rand_folder = Convert.ToBase64String(time.Concat(key).ToArray());
string vpath = Path.Combine(vfolder, rand_folder);
Directory.CreateDirectory(vpath);
VProgramGenerator.CreateTempVFolder(vpath);
vpath = Path.Combine(vpath, "VProgram");
string assertionPath = Path.Combine(vpath, assertionFileName);
string programPath = Path.Combine(vpath, programFileName);
var assertionFileOutStream = System.IO.File.Create(assertionPath);
assertionFile.InputStream.CopyTo(assertionFileOutStream);
assertionFileOutStream.Close();
var programFileOutStream = System.IO.File.Create(programPath);
programFile.InputStream.CopyTo(programFileOutStream);
programFileOutStream.Close();
bool result = CST_Ops.Certify(SymT, vpath);
if (result)
{
return(File(new byte[1], "application/octet-stream", "verified.txt"));
}
else
{
return(File(new byte[1], "application/octet-stream", "not_verified.txt"));
}
}
}
}
return(null);
}
public virtual bool ResourceRequestDone(AuthorizationConclusion conclusion)
{
bool CST_verified = CST_Ops.Certify(conclusion);
return(CST_verified);
}
public bool conclude(Message msg)
{
bool result = CST_Ops.CertifyLocally(msg);
return(result);
}
