static void InitializeMessageStructures()
{
// In all cases, we only bother declaring the secret readers we
// actually need for the protocol flow. Maybe this is a bad habit.
authorizationCodeRequestStructure = new MessageStructure <AuthorizationCodeRequest>()
{
BrowserOnly = true
};
authorizationCodeRequestStructure.AddSecret(nameof(AuthorizationCodeRequest.state),
// The sender (the client) gets implicitly added.
(msg) => new Principal[] { msg.rpPrincipal });
authorizationCodeResponseStructure = new MessageStructure <AuthorizationCodeResponse>()
{
BrowserOnly = true
};
authorizationCodeResponseStructure.AddSecret(nameof(AuthorizationCodeRequest.state),
(msg) => new Principal[] { });
authorizationCodeResponseStructure.AddSecret(nameof(AuthorizationCodeResponse.authorizationCode),
(msg) => new Principal[] { googlePrincipal });
validationRequestStructure = new MessageStructure <ValidationRequest>();
validationRequestStructure.AddSecret(nameof(AuthorizationCodeResponse.authorizationCode),
(msg) => new Principal[] { });
// Nothing interesting here.
validationResponseStructure = new MessageStructure <ValidationResponse>();
}
static void InitializeMessageStructures()
{
idTokenRequestStructure = new MessageStructure <IdTokenRequest>()
{
BrowserOnly = true
};
idTokenRequestStructure.AddSecret(nameof(IdTokenRequest.state),
// The sender (the client) gets implicitly added.
// It doesn't matter whether we add the IdP here. Convention?
(msg) => new Principal[] { msg.rpPrincipal });
idTokenResponseStructure = new MessageStructure <IdTokenResponse>()
{
BrowserOnly = true
};
idTokenResponseStructure.AddSecret(nameof(IdTokenRequest.state),
// We're not passing the state along further, so we don't have to declare any readers.
(msg) => new Principal[] { });
idTokenResponseStructure.AddMessagePayloadSecret(nameof(IdTokenResponse.idToken),
(msg) => new Principal[] { },
new GoogleIdTokenVerifier(),
true);
}
