public IdTokenResponse SVX_MakeIdTokenResponse(IdTokenRequest req, IdPAuthenticationEntry idpConc) { // In TokenEndpoint, we requested an IdPAuthenticationEntry for // req.SVX_sender, but SVX doesn't know that, so we have to do a // concrete check. VProgram_API.Assert(req.SVX_sender == idpConc.authenticatedClient); // Put this in a separate SVX method so "body" gets an active SymT. var body = SVX_Ops.Call(SVX_MakeIdTokenBody, req, idpConc); return(new IdTokenResponse { idToken = idTokenGenerator.Generate(body, SVX_Principal), // sign the token state = req.state }); }
public AuthorizationCodeResponse SVX_MakeAuthorizationCodeResponse(AuthorizationCodeRequest req, IdPAuthenticationEntry idpConc) { // In CodeEndpoint, we requested an IdPAuthenticationEntry for // req.SVX_sender, but SVX doesn't know that, so we have to do a // concrete check. VProgram_API.Assert(req.SVX_sender == idpConc.authenticatedClient); // With this expression inlined below, BCT silently mistranslated the code. var theParams = new AuthorizationCodeParams { rpPrincipal = req.rpPrincipal, googleUsername = idpConc.googleUsername }; var authorizationCode = authorizationCodeGenerator.Generate(theParams, googlePrincipal); return(new AuthorizationCodeResponse { authorizationCode = authorizationCode, state = req.state }); }