public void Deserialize(T message, string value, IProtocolMessage containingMessage, string messagePartName)
{
Requires.NotNull(message, "message");
Requires.NotNullOrEmpty(value, "value");
string symmetricSecretHandle = null;
if (this.encrypted && this.cryptoKeyStore != null)
{
string valueWithoutHandle;
MessagingUtilities.ExtractKeyHandleAndPayload(messagePartName, value, out symmetricSecretHandle, out valueWithoutHandle);
value = valueWithoutHandle;
}
message.ContainingMessage = containingMessage;
byte[] data = MessagingUtilities.FromBase64WebSafeString(value);
byte[] signature = null;
if (this.signed)
{
using (var dataStream = new MemoryStream(data)) {
var dataReader = new BinaryReader(dataStream);
signature = dataReader.ReadBuffer();
data = dataReader.ReadBuffer();
}
// Verify that the verification code was issued by message authorization server.
ErrorUtilities.VerifyProtocol(this.IsSignatureValid(data, signature, symmetricSecretHandle), MessagingStrings.SignatureInvalid);
}
if (this.encrypted)
{
data = this.Decrypt(data, symmetricSecretHandle);
}
if (this.compressed)
{
data = MessagingUtilities.Decompress(data);
}
this.DeserializeCore(message, data);
message.Signature = signature; // TODO: we don't really need this any more, do we?
if (this.maximumAge.HasValue)
{
// Has message verification code expired?
DateTime expirationDate = message.UtcCreationDate + this.maximumAge.Value;
if (expirationDate < DateTime.UtcNow)
{
throw new ExpiredMessageException(expirationDate, containingMessage);
}
}
// Has message verification code already been used to obtain an access/refresh token?
if (this.decodeOnceOnly != null)
{
ErrorUtilities.VerifyInternal(this.maximumAge.HasValue, "Oops! How can we validate a nonce without a maximum message age?");
string context = "{" + GetType().FullName + "}";
if (!this.decodeOnceOnly.StoreNonce(context, Convert.ToBase64String(message.Nonce), message.UtcCreationDate))
{
Logger.OpenId.ErrorFormat("Replayed nonce detected ({0} {1}). Rejecting message.", message.Nonce, message.UtcCreationDate);
throw new ReplayedMessageException(containingMessage);
}
}
((IMessage)message).EnsureValidMessage();
}
/// <summary>
/// Initializes a new instance of the <see cref="ProtocolException"/> class
/// such that it can be sent as a protocol message response to a remote caller.
/// </summary>
/// <param name="message">The human-readable exception message.</param>
/// <param name="faultedMessage">The message that was the cause of the exception. Must not be null.</param>
protected internal ProtocolException(string message, IProtocolMessage faultedMessage)
: base(message)
{
ErrorUtilities.VerifyArgumentNotNull(faultedMessage, "faultedMessage");
this.FaultedMessage = faultedMessage;
}