public void LoginCallback(Principal client, string idTokenResponseStr, Google_IdP idp) { var authorizationCodeResponse = JsonConvert.DeserializeObject <AuthorizationCodeResponse>(idTokenResponseStr); authorizationCodeResponseStructure.Import(authorizationCodeResponse, // We don't know who produced the redirection. Channel.GenerateNew(SVX_Principal), client); var validationRequest = SVX_Ops.Call(SVX_MakeValidationRequest, authorizationCodeResponse); validationRequestStructure.Export(validationRequest, googlePrincipal, null); var validationRequestStr = JsonConvert.SerializeObject(validationRequest); var validationResponseStr = idp.ValidationEndpoint(validationRequestStr); var validationResponse = JsonConvert.DeserializeObject <ValidationResponse>(validationResponseStr); validationResponseStructure.ImportDirectResponse(validationResponse, googlePrincipal, SVX_Principal); // SVX will automatically detect using message IDs that // validationResponse actually resulted from // authorizationCodeResponse and not merely another message with // the same SymT. This is essential for us to establish the // relationship between authorizationCodeResponse.SVX_sender and // validationResponse.googleUsername. var conc = SVX_Ops.Call(SVX_SignInRP, authorizationCodeResponse, validationResponse); SVX_Ops.Certify(conc, LoginSafety); SVX_Ops.Certify(conc, LoginXSRFPrevention, new ParticipantId(googlePrincipal, typeof(Google_IdP))); // AbandonAndCreateSession... }
public static void Test() { var alice = Entity.Of("Alice"); var bob = Entity.Of("Bob"); var p = new SVX_Test_Concat(alice); var req1 = new Concat2Request("A", "B"); var resp1 = SVX_Ops.Call(p.Concat2, req1); var req2 = new Concat2Request(resp1.output, "C"); var resp2 = SVX_Ops.Call(p.Concat2, req2); var chainResp = SVX_Ops.Call(p.Chain, resp1, resp2); var producer = Channel.GenerateNew(bob); var sender = Channel.GenerateNew(bob); SVX_Ops.TransferForTesting(chainResp, producer, sender); // Demonstrate that we can assume acts-for relationships and that // we've axiomatized that acts-for is transitive. Of course, the // acts-for relationships in this example do not represent the ones // we would assume in any real protocol. var respWithAssumption = SVX_Ops.Call(p.AssumeProducerActsForAlice, chainResp); SVX_Ops.Certify(respWithAssumption, p.Predicate); }
public void LoginCallback(Principal client, string idTokenResponseStr) { var idTokenResponse = JsonConvert.DeserializeObject <IdTokenResponse>(idTokenResponseStr); idTokenResponseStructure.Import(idTokenResponse, // We don't know who produced the redirection. Channel.GenerateNew(SVX_Principal), client); var conc = SVX_Ops.Call(SVX_SignInRP, idTokenResponse); SVX_Ops.Certify(conc, LoginSafety); SVX_Ops.Certify(conc, LoginXSRFPrevention, new ParticipantId(googlePrincipal, typeof(Google_IdP))); // AbandonAndCreateSession... }
public static void Test() { var idp = new IdP(idpPrincipal); var rp = new RP(rpPrincipal); var aliceIdP = Channel.GenerateNew(idpPrincipal); var aliceRP = Channel.GenerateNew(rpPrincipal); var idpReq = new SignInIdPReq { username = "******", password = "******", SVX_sender = aliceIdP }; var rpReq = SVX_Ops.Call(idp.SignInIdP, idpReq); // Imagine the SignInRPReq was signed by the IdP. SVX_Ops.TransferForTesting(rpReq, idpPrincipal, aliceRP); var conc = SVX_Ops.Call(rp.SignInRP, rpReq); SVX_Ops.Certify(conc, rp.LoginSafety); }