/// <summary> /// Creates a token from a JWT or regular access response. /// </summary> /// <param name="data">The token data from the server.</param> /// <param name="isJWT">true if a JWT response is expected, or false if a straight JSON response is expected.</param> /// <param name="obtained">The time when this token was first obtained</param> /// <returns>The token, or null if none could be parsed.</returns> private AccessResponse TokenFromString(string data, bool isJWT, DateTime obtained) { AccessResponse response = null; if (isJWT) { JwtSecurityToken token; try { token = new JwtSecurityToken(data); } catch (ArgumentException e) { // JwtSecurityToken constructor throws this exception if the token is // invalid ExceptionHandler.LogException(e, true); token = null; } if (token != null) { var intendedURI = new Uri(NetworkConstants.SSOBaseV2); string issuer = token.Issuer; // Validate ISSuer if (issuer == intendedURI.Host || issuer == intendedURI.GetLeftPart( UriPartial.Authority)) { response = Util.DeserializeJson <AccessResponse>(token.RawPayload); } else { EveMonClient.Trace("Rejecting invalid SSO token issuer: " + issuer); } } } else { response = Util.DeserializeJson <AccessResponse>(data); } if (response != null) { // Initialize time since deserializer does not call the constructor response.Obtained = obtained; } return(response); }
/// <summary> /// Retrieves a token from the server with the specified authentication data. /// </summary> /// <param name="data">The POST data, either an auth code or a refresh token.</param> /// <param name="callback">A callback to receive the new token.</param> /// <param name="isJWT">true if a JWT response is expected, or false if a straight JSON response is expected.</param> private void FetchToken(string data, Action <AccessResponse> callback, bool isJWT) { var obtained = DateTime.UtcNow; var url = new Uri(NetworkConstants.SSOBaseV2 + NetworkConstants.SSOToken); var rp = new RequestParams() { Content = data, Method = HttpMethod.Post }; if (!string.IsNullOrEmpty(m_secret)) { // Non-PKCE rp.Authentication = GetBasicAuthHeader(); } HttpWebClientService.DownloadStringAsync(url, rp).ContinueWith((result) => { AccessResponse response = null; DownloadResult <string> taskResult; string encodedToken; // It must be completed or failed if ContinueWith is reached if (result.IsFaulted) { ExceptionHandler.LogException(result.Exception, true); } else if ((taskResult = result.Result) != null) { // Log HTTP error if it occurred if (taskResult.Error != null) { ExceptionHandler.LogException(taskResult.Error, true); } else if (!string.IsNullOrEmpty(encodedToken = taskResult.Result)) { // For some reason the JWT token is not returned according to the ESI // spec response = TokenFromString(encodedToken, false, obtained); } } Dispatcher.Invoke(() => callback?.Invoke(response)); }); }