예제 #1
0
        public void Deserialize(T message, IProtocolMessage containingMessage, string value, string messagePartName)
        {
            Requires.NotNull(message, "message");
            Requires.NotNull(containingMessage, "containingMessage");
            Requires.NotNullOrEmpty(value, "value");
            Requires.NotNullOrEmpty(messagePartName, "messagePartName");

            string symmetricSecretHandle = null;

            if (this.encrypted && this.cryptoKeyStore != null)
            {
                string valueWithoutHandle;
                MessagingUtilities.ExtractKeyHandleAndPayload(containingMessage, messagePartName, value, out symmetricSecretHandle, out valueWithoutHandle);
                value = valueWithoutHandle;
            }

            message.ContainingMessage = containingMessage;
            byte[] data = MessagingUtilities.FromBase64WebSafeString(value);

            byte[] signature = null;
            if (this.signed)
            {
                using (var dataStream = new MemoryStream(data)) {
                    var dataReader = new BinaryReader(dataStream);
                    signature = dataReader.ReadBuffer();
                    data      = dataReader.ReadBuffer();
                }

                // Verify that the verification code was issued by message authorization server.
                ErrorUtilities.VerifyProtocol(this.IsSignatureValid(data, signature, symmetricSecretHandle), MessagingStrings.SignatureInvalid);
            }

            if (this.encrypted)
            {
                data = this.Decrypt(data, symmetricSecretHandle);
            }

            if (this.compressed)
            {
                data = MessagingUtilities.Decompress(data);
            }

            this.DeserializeCore(message, data);
            message.Signature = signature;             // TODO: we don't really need this any more, do we?

            if (this.maximumAge.HasValue)
            {
                // Has message verification code expired?
                DateTime expirationDate = message.UtcCreationDate + this.maximumAge.Value;
                if (expirationDate < DateTime.UtcNow)
                {
                    throw new ExpiredMessageException(expirationDate, containingMessage);
                }
            }

            // Has message verification code already been used to obtain an access/refresh token?
            if (this.decodeOnceOnly != null)
            {
                ErrorUtilities.VerifyInternal(this.maximumAge.HasValue, "Oops!  How can we validate a nonce without a maximum message age?");
                string context = "{" + GetType().FullName + "}";
                if (!this.decodeOnceOnly.StoreNonce(context, Convert.ToBase64String(message.Nonce), message.UtcCreationDate))
                {
                    Logger.OpenId.ErrorFormat("Replayed nonce detected ({0} {1}).  Rejecting message.", message.Nonce, message.UtcCreationDate);
                    throw new ReplayedMessageException(containingMessage);
                }
            }

            ((IMessage)message).EnsureValidMessage();
        }
예제 #2
0
 /// <summary>
 /// Decodes the specified value.
 /// </summary>
 /// <param name="value">The string value carried by the transport.  Guaranteed to never be null, although it may be empty.</param>
 /// <returns>The deserialized form of the given string.</returns>
 /// <exception cref="FormatException">Thrown when the string value given cannot be decoded into the required object type.</exception>
 public object Decode(string value)
 {
     return(MessagingUtilities.FromBase64WebSafeString(value));
 }