示例#1
0
        public bool ConsumeChallenge(string challenge)
        {
            CleanupExpiredTokens();

            DateTime existingChallengeTimestamp;

            // note that we remove the challenge if it exists: you get one shot
            if (!_activeChallenges.TryRemove(challenge, out existingChallengeTimestamp))
            {
                _logger?.ChallengeUnknown(challenge);
                return(false);                // challenge was unknown
            }

            // we know the token's timestamp was valid because we cleaned up expired tokens before getting it

            // we now know the challenge was valid.
            return(true);
        }
        public bool ConsumeChallenge(string challenge)
        {
            CleanupExpiredTokens();

            using (new SecurityDisabler())
            {
                var existingChallenge = RootItem.Children["AUTH" + challenge];

                if (existingChallenge == null)
                {
                    _challengeStoreLogger?.ChallengeUnknown(challenge);
                    return(false);
                }

                // we know the token's timestamp was valid because we cleaned up expired tokens before getting it

                existingChallenge.Delete(); // prevent reuse

                return(true);
            }
        }