public static FlowToken Deserialize(string serialziedFlowToken, bool includeHashValue)
{
if (string.IsNullOrEmpty(serialziedFlowToken))
{
throw new ArgumentNullException("serialziedFlowToken");
}
Dictionary <string, string> dic = StringConversionServices.ParseKeyValueCollection(serialziedFlowToken);
if ((dic.ContainsKey("flowTokenType") == false) ||
(dic.ContainsKey("flowToken") == false) ||
((includeHashValue) && (dic.ContainsKey("flowTokenHash") == false)))
{
throw new ArgumentException("The serialziedFlowToken is not a serialized flowToken", "serialziedFlowToken");
}
string flowTokenTypeString = StringConversionServices.DeserializeValueString(dic["flowTokenType"]);
string flowTokenString = StringConversionServices.DeserializeValueString(dic["flowToken"]);
if (includeHashValue)
{
string flowTokenHash = StringConversionServices.DeserializeValueString(dic["flowTokenHash"]);
HashValue hashValue = HashValue.Deserialize(flowTokenHash);
if (HashSigner.ValidateSignedHash(flowTokenString, hashValue) == false)
{
throw new SecurityException("Serialized flow token is tampered");
}
}
Type flowType = TypeManager.GetType(flowTokenTypeString);
MethodInfo methodInfo = flowType.GetMethod("Deserialize", BindingFlags.Public | BindingFlags.Static);
if (methodInfo == null || !(typeof(FlowToken).IsAssignableFrom(methodInfo.ReturnType)))
{
throw new InvalidOperationException(string.Format("The flow token {0} is missing a public static Deserialize method taking a string as parameter and returning an {1}", flowType, typeof(FlowToken)));
}
FlowToken flowToken;
try
{
flowToken = (FlowToken)methodInfo.Invoke(null, new object[] { flowTokenString });
}
catch (Exception ex)
{
throw new InvalidOperationException(string.Format("The flow token {0} is missing a public static Deserialize method taking a string as parameter and returning an {1}", flowType, typeof(FlowToken)), ex);
}
if (flowToken == null)
{
throw new InvalidOperationException(string.Format("public static Deserialize method taking a string as parameter and returning an {1} on the flow token {0} did not return an object", flowType, typeof(FlowToken)));
}
return(flowToken);
}
/// <summary>
/// Deserialize strings into object with specified type from a hash signed wrapper
/// </summary>
/// <param name="str">Serialized string</param>
/// <param name="isSigned">Is signed</param>
/// <typeparam name="T">Type of returned object</typeparam>
/// <returns>The object</returns>
public static T Deserialize<T>(string str, bool isSigned)
{
var legacyStyleSerialized = str.StartsWith("{\"" + ObjectKeyString + "\":\"");
string obj;
var hash = 0;
var type = TypeManager.TryGetType(str.GetValue(TypeKeyString));
if (type == null)
{
throw new SerializationException();
}
if (isSigned)
{
if (!int.TryParse(str.GetValue(HashKeyString), out hash))
{
throw new SerializationException();
}
}
if (legacyStyleSerialized)
{
obj = str.GetValue(ObjectKeyString);
}
else
{
obj = "{" + str.Substring(1, str.LastIndexOf(TypeKeyString, StringComparison.InvariantCulture) - 3) + "}";
}
if (isSigned)
{
if (!HashSigner.ValidateSignedHash(obj, new HashValue(hash)))
{
throw new SecurityException($"Serialized {typeof(T).FullName} is tampered");
}
}
var methodInfo = type.GetMethod("Deserialize", BindingFlags.Public | BindingFlags.Static);
if (methodInfo == null)
{
return Deserialize<T>(obj);
}
if (!(typeof(T).IsAssignableFrom(methodInfo.ReturnType)))
{
var typeName = str.GetValue(TypeKeyString);
Log.LogWarning("CompositeJsonSerializer", $"The action {typeName} is missing a public static Deserialize method taking a string as parameter and returning an {typeof(T)}");
throw new InvalidOperationException($"The token {typeName} is missing a public static Deserialize method taking a string as parameter and returning an {typeof(T)}");
}
return (T)methodInfo.Invoke(null, new object[] { obj });
}
/// <summary>
/// Deserialize strings into object with specified type from a hash signed wrapper
/// </summary>
/// <param name="str">Serilaized string</param>
/// <param name="isSigned">Is signed</param>
/// <typeparam name="T">Type of returned object</typeparam>
/// <returns>The object</returns>
public static T Deserialize <T>(string str, bool isSigned)
{
var legacyStyleSerilized = str.StartsWith("{\"" + ObjectKeyString + "\":\"");
string obj;
var hash = 0;
var type = TypeManager.TryGetType(str.GetValue(TypeKeyString));
if (type == null)
{
throw new SerializationException();
}
if (isSigned)
{
if (!int.TryParse(str.GetValue(HashKeyString), out hash))
{
throw new SerializationException();
}
}
if (legacyStyleSerilized)
{
obj = str.GetValue(ObjectKeyString);
}
else
{
obj = "{" + str.Substring(1, str.LastIndexOf(TypeKeyString, StringComparison.InvariantCulture) - 3) + "}";
}
if (isSigned)
{
if (!HashSigner.ValidateSignedHash(obj, new HashValue(hash)))
{
throw new SecurityException($"Serialized {typeof(T).FullName} is tampered");
}
}
MethodInfo methodInfo = type.GetMethod("Deserialize", BindingFlags.Public | BindingFlags.Static);
if (methodInfo == null)
{
return(Deserialize <T>(obj));
}
return((T)methodInfo.Invoke(null, new object[] { obj }));
}
