public ID_Claim getEntry(string IdPSessionSecret, string client_id) { AuthorizationCodeEntry entry = Dictionary[IdPSessionSecret][client_id]; Contract.Assume(entry.GetType() == typeof(AuthorizationCodeEntry)); return(entry); }
internal override AuthorizationCodeEntry createAuthorizationCodeEntry(AuthorizationRequest req) { AuthorizationCodeEntry entry = Nondet.AuthorizationCodeEntry(); entry.redirect_uri = req.redirect_uri; entry.scope = req.scope; entry.state = req.state; return(entry); }
public bool setEntry(string IdPSessionSecret, string client_id, _ID_Claim Entry) { AuthorizationCodeEntry AuthorizationCodeEntry = (AuthorizationCodeEntry)Entry; if (AuthorizationCodeEntry == null) { return(false); } Dictionary[IdPSessionSecret] = new Dictionary <string, AuthorizationCodeEntry>(); Dictionary[IdPSessionSecret][client_id] = AuthorizationCodeEntry; return(true); }
public string findISSByClientIDAndCode(string client_id, string authorization_code) { string IdPSessinSecret = Nondet.String(); AuthorizationCodeEntry entry = (AuthorizationCodeEntry)getEntry(IdPSessinSecret, client_id); Contract.Assume(entry.code == authorization_code); /*This is an assumption implicitly in the definition of the notion of "code lookup" and "AuthReq redirection"*/ Contract.Assume(IdPSessinSecret == GlobalObjects_base.SignInIdP_Req.IdPSessionSecret && client_id == GlobalObjects_base.SignInIdP_Req.Realm && client_id == GlobalObjects_base.RP.Realm); /*********************************************************************************/ return(IdPSessinSecret); }
public TokenResponse TokenEndpoint(TokenRequest req) { IDTokenAndAccessTokenEntry IDTokenAndAccessTokenEntry; TokenResponse resp = new TokenResponse(); CST_Ops.recordme(this, req, resp, false, false); string IdPSessionSecret; if (req == null) { return(null); } switch (req.grant_type) { case "authorization_code": IdPSessionSecret = AuthorizationCodeRecs.findISSByClientIDAndCode(req.client_id /*, req.UserID*/, req.code); if (IdPSessionSecret == null) { return(null); } AuthorizationCodeEntry AuthCodeEntry = (AuthorizationCodeEntry)AuthorizationCodeRecs.getEntry(IdPSessionSecret, req.client_id); if (AuthCodeEntry.Redir_dest != req.redirect_uri) { return(null); } IDTokenAndAccessTokenEntry = (IDTokenAndAccessTokenEntry)createAccessTokenEntry(AuthCodeEntry.redirect_uri, AuthCodeEntry.scope, AuthCodeEntry.state); if (IDTokenAndAccessTokenRecs.setEntry(req.access_token, req.client_id, AuthCodeEntry.UserID, IDTokenAndAccessTokenEntry) == false) { return(null); } resp.access_token = IDTokenAndAccessTokenEntry.access_token; resp.refresh_token = IDTokenAndAccessTokenEntry.refresh_token; resp.scope = IDTokenAndAccessTokenEntry.scope; resp.id_token = IDTokenAndAccessTokenEntry.id_token; resp.id_token.Claims.UserId = AuthCodeEntry.UserID; return(resp); } return(null); }