IAccountResult IIdSiteSyncCallbackHandler.GetAccountResult()
{
var signingKeyBytes = Encoding.UTF8.GetBytes(
this.internalDataStore.ApiKey.GetSecret());
IJwtParser parser = new DefaultJwtParser(this.internalDataStore.Serializer);
var jwt = parser
.SetSigningKey(signingKeyBytes)
.Parse(this.jwtResponse);
HandlerShared.ThrowIfRequiredParametersMissing(jwt.Body);
string apiKeyFromJwt = null;
if (HandlerShared.IsError(jwt.Body))
{
jwt.Header.TryGetValueAsString(JwtHeaderParameters.KeyId, out apiKeyFromJwt);
}
else
{
apiKeyFromJwt = (string)jwt.Body.GetClaim(DefaultJwtClaims.Audience);
}
HandlerShared.ThrowIfJwtSignatureInvalid(apiKeyFromJwt, this.internalDataStore.ApiKey, jwt);
HandlerShared.ThrowIfJwtIsExpired(jwt.Body);
HandlerShared.IfErrorThrowIdSiteException(jwt.Body);
if (!this.nonceStore.IsAsynchronousSupported || this.syncNonceStore == null)
{
throw new ApplicationException("The current nonce store does not support synchronous operations.");
}
var responseNonce = (string)jwt.Body.GetClaim(IdSiteClaims.ResponseId);
this.ThrowIfNonceIsAlreadyUsed(responseNonce);
this.syncNonceStore.PutNonce(responseNonce);
HandlerShared.ThrowIfSubjectIsMissing(jwt.Body);
var accountResult = HandlerShared.CreateAccountResult(jwt.Body, this.internalDataStore);
var resultStatus = HandlerShared.GetResultStatus(jwt.Body);
if (this.resultListener != null)
{
this.DispatchResponseStatus(resultStatus, accountResult);
}
return(accountResult);
}
public DefaultIdSiteSyncCallbackHandler(IInternalDataStore internalDataStore, IHttpRequest httpRequest)
{
if (internalDataStore == null)
{
throw new ArgumentNullException(nameof(internalDataStore));
}
if (httpRequest == null)
{
throw new ArgumentNullException(nameof(httpRequest));
}
this.internalDataStore = internalDataStore;
this.jwtResponse = HandlerShared.GetJwtResponse(httpRequest);
this.nonceStore = new DefaultNonceStore(internalDataStore.CacheResolver);
this.syncNonceStore = this.nonceStore as ISynchronousNonceStore;
}
