Exemplo n.º 1
0
            public ID_Claim getEntry(string IdPSessionSecret, string client_id)
            {
                AuthorizationCodeEntry entry = Dictionary[IdPSessionSecret][client_id];

                Contract.Assume(entry.GetType() == typeof(AuthorizationCodeEntry));

                return(entry);
            }
Exemplo n.º 2
0
        internal override AuthorizationCodeEntry createAuthorizationCodeEntry(AuthorizationRequest req)
        {
            AuthorizationCodeEntry entry = Nondet.AuthorizationCodeEntry();

            entry.redirect_uri = req.redirect_uri;
            entry.scope        = req.scope;
            entry.state        = req.state;
            return(entry);
        }
Exemplo n.º 3
0
            public bool setEntry(string IdPSessionSecret, string client_id, _ID_Claim Entry)
            {
                AuthorizationCodeEntry AuthorizationCodeEntry = (AuthorizationCodeEntry)Entry;

                if (AuthorizationCodeEntry == null)
                {
                    return(false);
                }
                Dictionary[IdPSessionSecret]            = new Dictionary <string, AuthorizationCodeEntry>();
                Dictionary[IdPSessionSecret][client_id] = AuthorizationCodeEntry;
                return(true);
            }
Exemplo n.º 4
0
            public string findISSByClientIDAndCode(string client_id, string authorization_code)
            {
                string IdPSessinSecret       = Nondet.String();
                AuthorizationCodeEntry entry = (AuthorizationCodeEntry)getEntry(IdPSessinSecret, client_id);

                Contract.Assume(entry.code == authorization_code);

                /*This is an assumption implicitly in the definition of the notion of "code lookup" and "AuthReq redirection"*/
                Contract.Assume(IdPSessinSecret == GlobalObjects_base.SignInIdP_Req.IdPSessionSecret &&
                                client_id == GlobalObjects_base.SignInIdP_Req.Realm &&
                                client_id == GlobalObjects_base.RP.Realm);
                /*********************************************************************************/

                return(IdPSessinSecret);
            }
        public TokenResponse TokenEndpoint(TokenRequest req)
        {
            IDTokenAndAccessTokenEntry IDTokenAndAccessTokenEntry;
            TokenResponse resp = new TokenResponse();

            CST_Ops.recordme(this, req, resp, false, false);
            string IdPSessionSecret;

            if (req == null)
            {
                return(null);
            }
            switch (req.grant_type)
            {
            case "authorization_code":
                IdPSessionSecret = AuthorizationCodeRecs.findISSByClientIDAndCode(req.client_id /*, req.UserID*/, req.code);
                if (IdPSessionSecret == null)
                {
                    return(null);
                }
                AuthorizationCodeEntry AuthCodeEntry = (AuthorizationCodeEntry)AuthorizationCodeRecs.getEntry(IdPSessionSecret, req.client_id);

                if (AuthCodeEntry.Redir_dest != req.redirect_uri)
                {
                    return(null);
                }

                IDTokenAndAccessTokenEntry = (IDTokenAndAccessTokenEntry)createAccessTokenEntry(AuthCodeEntry.redirect_uri, AuthCodeEntry.scope, AuthCodeEntry.state);
                if (IDTokenAndAccessTokenRecs.setEntry(req.access_token, req.client_id, AuthCodeEntry.UserID, IDTokenAndAccessTokenEntry) == false)
                {
                    return(null);
                }

                resp.access_token           = IDTokenAndAccessTokenEntry.access_token;
                resp.refresh_token          = IDTokenAndAccessTokenEntry.refresh_token;
                resp.scope                  = IDTokenAndAccessTokenEntry.scope;
                resp.id_token               = IDTokenAndAccessTokenEntry.id_token;
                resp.id_token.Claims.UserId = AuthCodeEntry.UserID;
                return(resp);
            }
            return(null);
        }