public Google_RP(SVX.Entity rpPrincipal, string client_id1 = null, string return_uri1 = null, string client_secret1 = null,
string AuthorizationEndpointUrl1 = null, string UserProfileUrl1 = null, string SignatureValidationUrl1 = null, string stateKey = null)
: base(rpPrincipal, client_id1, return_uri1, client_secret1, AuthorizationEndpointUrl1, null, stateKey)
{
//BypassCertification = true;
UserProfileUrl = UserProfileUrl1;
SignatureValidationUrl = SignatureValidationUrl1;
}
public MessageStructures(SVX.Entity idpPrincipal)
{
authenticationRequest = new SVX.MessageStructure <AuthenticationRequest> {
BrowserOnly = true
};
authenticationRequest.AddSecret(nameof(AuthenticationRequest.CSRF_state),
(msg) => new SVX.Principal[] { GenericAuth.GenericAuthStandards.GetUrlTargetPrincipal(msg.openid__return_to) });
authenticationResponse = new SVX.MessageStructure <AuthenticationResponse> {
BrowserOnly = true
};
authenticationResponse.AddMessagePayloadSecret(nameof(AuthenticationResponse.FieldsExpectedToBeSigned),
(msg) => new SVX.Principal[] { },
getOpenID20SignedFieldsVerifier(),
true);
}
public MessageStructures(SVX.Entity idpPrincipal) : base(idpPrincipal)
{
authenticationResponse_with_id_token = new SVX.MessageStructure <AuthenticationResponse_with_id_token> {
BrowserOnly = true
};
authenticationResponse_with_id_token.AddMessagePayloadSecret(nameof(AuthenticationResponse_with_id_token.id_token),
(msg) => new SVX.Principal[] { },
getTokenVerifier(),
true);
authenticationResponse_with_id_token.AddSecret(nameof(AuthenticationResponse_with_id_token.state),
(msg) => new SVX.Principal[] { });
tokenResponse = new SVX.MessageStructure <TokenResponse>();
tokenResponse.AddMessagePayloadSecret(nameof(TokenResponse.id_token),
(msg) => new SVX.Principal[] { },
getTokenVerifier(),
false);
}
public RelyingParty(SVX.Entity rpPrincipal, string IdP_OpenID20_Uri1, string return_to_uri1, string stateKey = null)
: base(rpPrincipal)
{
// Give this a valid value in the vProgram. FIXME: Doing observably
// different things in the vProgram is unsound if we aren't careful
// and poor practice in general. Once SVX supports passing
// configuration other than just a principal, use that instead.
if (return_to_uri1 == null)
{
return_to_uri1 = $"https://{rpPrincipal.name}/dummy";
}
Uri uri = new Uri(return_to_uri1);
realm = uri.Host;
return_to_uri = return_to_uri1;
IdP_OpenID20_Uri = IdP_OpenID20_Uri1;
stateGenerator = new StateGenerator(rpPrincipal, stateKey);
SVX.VProgram_API.AssumeActsFor(GenericAuth.GenericAuthStandards.GetUrlTargetPrincipal(return_to_uri), rpPrincipal);
}
public ModelOIDCAuthenticationServer(SVX.Entity idpPrincipal)
: base(idpPrincipal)
{
// Initialization order restriction
authorizationCodeGenerator = new AuthorizationCodeGenerator(SVX_Principal);
}
public RelyingParty(SVX.Entity rpPrincipal, string client_id1, string redierct_uri1, string client_secret1,
string AuthorizationEndpointUrl1, string TokenEndpointUrl1, string stateKey = null)
: base(rpPrincipal, client_id1, redierct_uri1, client_secret1, AuthorizationEndpointUrl1, TokenEndpointUrl1, stateKey)
{
}
public Yahoo_RP(SVX.Entity rpPrincipal, string Yahoo_Endpoint = null, string return_to_uri1 = null, string stateKey = null)
: base(rpPrincipal, Yahoo_Endpoint, return_to_uri1, stateKey)
{
}
public MessageStructures(SVX.Entity idpPrincipal) : base(idpPrincipal)
{
}
public Microsoft_RP(SVX.Entity rpPrincipal, string client_id1 = null, string redierct_uri1 = null, string client_secret1 = null, string AuthorizationEndpointUrl1 = null, string TokenEndpointUrl1 = null, string stateKey = null)
: base(rpPrincipal, client_id1, redierct_uri1, client_secret1, AuthorizationEndpointUrl1, TokenEndpointUrl1, stateKey)
{
}
// TODO: Get the key lazily once SVX supports the "prod context".
internal StateGenerator(SVX.Entity rpPrincipal, string key)
{
this.rpPrincipal = rpPrincipal;
this.key = key;
}
public ModelOpenID20AuthenticationServer(SVX.Entity idpPrincipal)
: base(idpPrincipal)
{
}
public static SVX.Entity OpenID20ClientIDPrincipal(SVX.Entity idpPrincipal, string realm) => SVX.Entity.Of(idpPrincipal.name + ":" + realm);