public AuthenticationResponse_with_id_token SVX_MakeAuthorizationResponse_with_id_token(AuthorizationRequest req, IdPAuthenticationEntry idpConc) { var JwtTokenBody = SVX_Ops.Call(SVX_MakeJwtTokenBody, req, idpConc); SVX.PayloadSecret <JwtTokenBody> id_token1 = getTokenGenerator().Generate(JwtTokenBody, SVX_Principal); AuthenticationResponse_with_id_token AuthenticationResponse_with_id_token = new AuthenticationResponse_with_id_token { access_token = SVX.VProgram_API.Nondet <String>(), id_token = id_token1, state = req.state }; return(AuthenticationResponse_with_id_token); }
public void FakeImplicitFlowIDTokenEndpoint(AuthorizationRequest req, AuthenticationResponse_with_id_token resp) { var producer = SVX.Channel.GenerateNew(SVX_Principal); var client = SVX.Channel.GenerateNew(SVX_Principal); messageStructures.authorizationRequest.FakeImport(req, producer, client); var idpConc = new IdPAuthenticationEntry(); // Nondet SVX.SVX_Ops.FakeCall(SVX_ConcludeClientAuthentication, idpConc, idpConc); SVX.SVX_Ops.FakeCall(SVX_MakeAuthorizationResponse_with_id_token, req, idpConc, resp); SVX.SVX_Ops.FakeCall(SVX_MakeJwtTokenBody, req, idpConc, resp.id_token.theParams); messageStructures.authenticationResponse_with_id_token.FakeExport(resp); }
public async Task ImplicitFlow_Login_CallbackAsync(HttpContext httpContext) { Trace.Write("ImplicitFlow_Login_CallbackAsync"); var context = new SVAuthRequestContext(SVX_Principal, httpContext); //REDACTED's original implementation, without detaching concdst_conckey /*AuthenticationResponse_with_id_token authenticationResponse_with_id_token= (AuthenticationResponse_with_id_token)Utils.ObjectFromFormPost * (context.http.Request.Form, typeof(AuthenticationResponse_with_id_token)); */ JObject jo = detach_concdst_conckey_formpost(ref context, " "); AuthenticationResponse_with_id_token authenticationResponse_with_id_token = (AuthenticationResponse_with_id_token)Utils.UnreflectObject(jo, typeof(AuthenticationResponse_with_id_token));; var idp = CreateModelOIDCAuthenticationServer(); var dummyAuthorizationRequest = new AuthorizationRequest(); GetMessageStructures().authenticationResponse_with_id_token.ImportWithModel(authenticationResponse_with_id_token, () => { idp.FakeImplicitFlowIDTokenEndpoint(dummyAuthorizationRequest, authenticationResponse_with_id_token); }, SVX.Channel.GenerateNew(SVX_Principal), // unknown producer context.channel); Trace.Write("Got Valid AuthenticationResponse"); if (!String.IsNullOrEmpty(authenticationResponse_with_id_token.id_token.theParams.nonce)) { HashAlgorithm hashAlgo = SHA1.Create(); string expected_nonce = BitConverter.ToString(hashAlgo.ComputeHash(System.Text.Encoding.UTF8.GetBytes(context.channel.id))); if (expected_nonce != authenticationResponse_with_id_token.id_token.theParams.nonce) { throw new Exception("invalid nonce"); } } GenericAuth.AuthenticationConclusion conclusion = SVX_Ops.Call(createConclusionOidcImplicit, authenticationResponse_with_id_token); if (conclusion == null) { context.http.Response.StatusCode = 303; context.http.Response.Redirect(context.http.Request.Cookies["LandingUrl"]); return; } await AuthenticationDone(conclusion, context); }
public virtual GenericAuth.AuthenticationConclusion createConclusionOidcImplicit( AuthenticationResponse_with_id_token authenticationResponse) { return(null); }