public IdTokenResponse SVX_MakeIdTokenResponse(IdTokenRequest req, IdPAuthenticationEntry idpConc)
{
// In TokenEndpoint, we requested an IdPAuthenticationEntry for
// req.SVX_sender, but SVX doesn't know that, so we have to do a
// concrete check.
VProgram_API.Assert(req.SVX_sender == idpConc.authenticatedClient);
// Put this in a separate SVX method so "body" gets an active SymT.
var body = SVX_Ops.Call(SVX_MakeIdTokenBody, req, idpConc);
return(new IdTokenResponse
{
idToken = idTokenGenerator.Generate(body, SVX_Principal), // sign the token
state = req.state
});
}
public AuthorizationCodeResponse SVX_MakeAuthorizationCodeResponse(AuthorizationCodeRequest req, IdPAuthenticationEntry idpConc)
{
// In CodeEndpoint, we requested an IdPAuthenticationEntry for
// req.SVX_sender, but SVX doesn't know that, so we have to do a
// concrete check.
VProgram_API.Assert(req.SVX_sender == idpConc.authenticatedClient);
// With this expression inlined below, BCT silently mistranslated the code.
var theParams = new AuthorizationCodeParams
{
rpPrincipal = req.rpPrincipal,
googleUsername = idpConc.googleUsername
};
var authorizationCode = authorizationCodeGenerator.Generate(theParams, googlePrincipal);
return(new AuthorizationCodeResponse
{
authorizationCode = authorizationCode,
state = req.state
});
}