/// <summary> /// Retrieves a token from the server, and decrypts it. /// </summary> /// <param name="passphrase">The passphrase to use to decrypt the client key.</param> /// <returns>The decrypted token.</returns> private async Task <GpgAuthToken> GetAndDecryptToken(SecureString passphrase) { var auth = new Dictionary <string, dynamic> { { "gpg_auth", new Dictionary <string, dynamic> { { "keyid", _clientKey.Fingerprint }, } } }; var result = await _session.Post(URL_LOGIN, auth).SendAsync(); GpgAuthHeaders.Validate(result.Response.Headers, GpgAuthState.DecryptToken); // Decrypt the token var encrypted = result.Response.Headers.GetValue("X-GPGAuth-User-Auth-Token"); var decoded = WebUtility.UrlDecode(encrypted.Replace("\\+", " ")); var decrypted = await _pgp.DecryptStringAsync(decoded, _clientKey, passphrase); // Validate the token var token = new GpgAuthToken(decrypted); return(token); }