private MsalTokenResponse ResultFromBrokerResponse(Dictionary <string, string> responseDictionary) { MsalTokenResponse brokerTokenResponse; if (responseDictionary.ContainsKey(iOSBrokerConstants.Error) || responseDictionary.ContainsKey(iOSBrokerConstants.ErrorDescription)) { return(MsalTokenResponse.CreateFromBrokerResponse(responseDictionary)); } string expectedHash = responseDictionary[iOSBrokerConstants.ExpectedHash]; string encryptedResponse = responseDictionary[iOSBrokerConstants.EncryptedResponsed]; string decryptedResponse = BrokerKeyHelper.DecryptBrokerResponse(encryptedResponse, _serviceBundle.DefaultLogger); string responseActualHash = _serviceBundle.PlatformProxy.CryptographyManager.CreateSha256Hash(decryptedResponse); byte[] rawHash = Convert.FromBase64String(responseActualHash); string hash = BitConverter.ToString(rawHash); if (expectedHash.Equals(hash.Replace("-", ""), StringComparison.OrdinalIgnoreCase)) { responseDictionary = CoreHelpers.ParseKeyValueList(decryptedResponse, '&', false, null); brokerTokenResponse = MsalTokenResponse.CreateFromBrokerResponse(responseDictionary); } else { brokerTokenResponse = new MsalTokenResponse { Error = MsalError.BrokerResponseHashMismatch, ErrorDescription = MsalErrorMessage.BrokerResponseHashMismatch }; } return(brokerTokenResponse); }
private void AddIosSpecificParametersToPayload(Dictionary <string, string> brokerPayload) { string encodedBrokerKey = Base64UrlHelpers.Encode(BrokerKeyHelper.GetRawBrokerKey(_logger)); brokerPayload[iOSBrokerConstants.BrokerKey] = encodedBrokerKey; brokerPayload[iOSBrokerConstants.MsgProtocolVer] = BrokerParameter.MsgProtocolVersion3; if (_brokerV3Installed) { _brokerRequestNonce = Guid.NewGuid().ToString(); brokerPayload[iOSBrokerConstants.BrokerNonce] = _brokerRequestNonce; string applicationToken = TryReadBrokerApplicationTokenFromKeychain(brokerPayload); if (!string.IsNullOrEmpty(applicationToken)) { brokerPayload[iOSBrokerConstants.ApplicationToken] = applicationToken; } } if (brokerPayload.ContainsKey(iOSBrokerConstants.Claims)) { brokerPayload[iOSBrokerConstants.SkipCache] = BrokerParameter.SkipCache; string claims = Base64UrlHelpers.Encode(brokerPayload[BrokerParameter.Claims]); brokerPayload[BrokerParameter.Claims] = claims; } }
private MsalTokenResponse ResultFromBrokerResponse(Dictionary <string, string> responseDictionary) { MsalTokenResponse brokerTokenResponse; string expectedHash = responseDictionary[iOSBrokerConstants.ExpectedHash]; string encryptedResponse = responseDictionary[iOSBrokerConstants.EncryptedResponsed]; string decryptedResponse = BrokerKeyHelper.DecryptBrokerResponse(encryptedResponse, _logger); string responseActualHash = _cryptoManager.CreateSha256Hash(decryptedResponse); byte[] rawHash = Convert.FromBase64String(responseActualHash); string hash = BitConverter.ToString(rawHash); if (expectedHash.Equals(hash.Replace("-", ""), StringComparison.OrdinalIgnoreCase)) { responseDictionary = CoreHelpers.ParseKeyValueList(decryptedResponse, '&', false, null); if (!ValidateBrokerResponseNonceWithRequestNonce(responseDictionary)) { return(new MsalTokenResponse { Error = MsalError.BrokerNonceMismatch, ErrorDescription = MsalErrorMessage.BrokerNonceMismatch }); } if (responseDictionary.ContainsKey(iOSBrokerConstants.ApplicationToken)) { TryWriteBrokerApplicationTokenToKeychain( responseDictionary[BrokerResponseConst.ClientId], responseDictionary[iOSBrokerConstants.ApplicationToken]); } brokerTokenResponse = MsalTokenResponse.CreateFromiOSBrokerResponse(responseDictionary); if (responseDictionary.TryGetValue(BrokerResponseConst.BrokerErrorCode, out string errCode)) { if (errCode == BrokerResponseConst.iOSBrokerUserCancellationErrorCode) { responseDictionary[BrokerResponseConst.BrokerErrorCode] = MsalError.AuthenticationCanceledError; } else if (errCode == BrokerResponseConst.iOSBrokerProtectionPoliciesRequiredErrorCode) { responseDictionary[BrokerResponseConst.BrokerErrorCode] = MsalError.ProtectionPolicyRequired; } } } else { brokerTokenResponse = new MsalTokenResponse { Error = MsalError.BrokerResponseHashMismatch, ErrorDescription = MsalErrorMessage.BrokerResponseHashMismatch }; } return(brokerTokenResponse); }
private void AddIosSpecificParametersToPayload(Dictionary <string, string> brokerPayload) { string encodedBrokerKey = Base64UrlHelpers.Encode(BrokerKeyHelper.GetRawBrokerKey(_serviceBundle.DefaultLogger)); brokerPayload[iOSBrokerConstants.BrokerKey] = encodedBrokerKey; brokerPayload[iOSBrokerConstants.MsgProtocolVer] = BrokerParameter.MsgProtocolVersion3; if (brokerPayload.ContainsKey(iOSBrokerConstants.Claims)) { brokerPayload.Add(iOSBrokerConstants.SkipCache, BrokerParameter.SkipCache); string claims = Base64UrlHelpers.Encode(brokerPayload[BrokerParameter.Claims]); brokerPayload[BrokerParameter.Claims] = claims; } }
private void AddCommunicationParams(Dictionary <string, string> brokerRequest) { string encodedBrokerKey = Base64UrlHelpers.Encode(BrokerKeyHelper.GetRawBrokerKey(_logger)); brokerRequest[iOSBrokerConstants.BrokerKey] = encodedBrokerKey; brokerRequest[iOSBrokerConstants.MsgProtocolVer] = BrokerParameter.MsgProtocolVersion3; if (_brokerV3Installed) { _brokerRequestNonce = Guid.NewGuid().ToString(); brokerRequest[iOSBrokerConstants.BrokerNonce] = _brokerRequestNonce; string applicationToken = TryReadBrokerApplicationTokenFromKeychain(brokerRequest); if (!string.IsNullOrEmpty(applicationToken)) { brokerRequest[iOSBrokerConstants.ApplicationToken] = applicationToken; } } }
private void AddIosSpecificParametersToPayload(Dictionary <string, string> brokerPayload) { string encodedBrokerKey = Base64UrlHelpers.Encode(BrokerKeyHelper.GetRawBrokerKey(_logger)); brokerPayload[iOSBrokerConstants.BrokerKey] = encodedBrokerKey; brokerPayload[iOSBrokerConstants.MsgProtocolVer] = BrokerParameter.MsgProtocolVersion3; if (_brokerV3Installed) { _brokerRequestNonce = Guid.NewGuid().ToString(); brokerPayload[iOSBrokerConstants.BrokerNonce] = _brokerRequestNonce; } if (brokerPayload.ContainsKey(iOSBrokerConstants.Claims)) { brokerPayload.Add(iOSBrokerConstants.SkipCache, BrokerParameter.SkipCache); string claims = Base64UrlHelpers.Encode(brokerPayload[BrokerParameter.Claims]); brokerPayload[BrokerParameter.Claims] = claims; } }
private MsalTokenResponse ResultFromBrokerResponse(Dictionary <string, string> responseDictionary) { MsalTokenResponse brokerTokenResponse; string expectedHash = responseDictionary[iOSBrokerConstants.ExpectedHash]; string encryptedResponse = responseDictionary[iOSBrokerConstants.EncryptedResponsed]; string decryptedResponse = BrokerKeyHelper.DecryptBrokerResponse(encryptedResponse, _logger); string responseActualHash = _cryptoManager.CreateSha256Hash(decryptedResponse); byte[] rawHash = Convert.FromBase64String(responseActualHash); string hash = BitConverter.ToString(rawHash); if (!ValidateBrokerResponseNonceWithRequestNonce(responseDictionary)) { return(new MsalTokenResponse { Error = MsalError.BrokerNonceMismatch, ErrorDescription = MsalErrorMessage.BrokerNonceMismatch }); } if (expectedHash.Equals(hash.Replace("-", ""), StringComparison.OrdinalIgnoreCase)) { responseDictionary = CoreHelpers.ParseKeyValueList(decryptedResponse, '&', false, null); brokerTokenResponse = MsalTokenResponse.CreateFromBrokerResponse(responseDictionary); } else { brokerTokenResponse = new MsalTokenResponse { Error = MsalError.BrokerResponseHashMismatch, ErrorDescription = MsalErrorMessage.BrokerResponseHashMismatch }; } return(brokerTokenResponse); }