OpenId.AspNet.Authentication/AuthorizationData.cs at master · gitrealname/OpenId.AspNet.Authentication · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.IO;
using System.Net;
using System.Runtime.Serialization.Formatters.Binary;
using System.Web.Security;
using IdentityModel;
using IdentityModel.Client;

namespace OpenId.AspNet.Authentication
{
    internal class AuthorizationData
    {
        public Dictionary<string,string> Values { get; }

        public AuthorizationData(AuthorizeResponse response, JwtSecurityToken securityToken)
        {
            Values = response.Values;
            _securityToken = securityToken;
            Values.Remove(OidcConstants.AuthorizeResponse.Error);
            Values.Remove(OidcConstants.AuthorizeResponse.ErrorDescription);
        }

        private AuthorizationData(Dictionary<string,string> values)
        {
            Values = values;
        }

        public string Scope => TryGet(OidcConstants.AuthorizeResponse.Scope);
        public string Code
        {
            get { return TryGet(OidcConstants.AuthorizeResponse.Code); }
            set { Values[OidcConstants.AuthorizeResponse.Code] = value; }
        }
        public string AccessToken
        {
            get { return TryGet(OidcConstants.AuthorizeResponse.AccessToken); }
            internal set { Values[OidcConstants.AuthorizeResponse.AccessToken] = value; }
        }

        public DateTime AccessTokenExpirationTime
        {
            get
            {
                long filetime;
                long.TryParse(this.TryGet("AccessTokenExpirationTime"), out filetime);
                return DateTime.FromFileTime(filetime);
            }
            set
            {
                var str = value.ToFileTime().ToString();
                Values["AccessTokenExpirationTime"] = str;
            }
        }

        public string TokenType => TryGet(OidcConstants.AuthorizeResponse.TokenType);
        public string RefreshToken
        {
            get { return TryGet(OidcConstants.AuthorizeResponse.RefreshToken); }
            internal set { Values[OidcConstants.AuthorizeResponse.RefreshToken] = value; }
        }

        public string IdentityToken => TryGet(OidcConstants.AuthorizeResponse.IdentityToken);
        public long ExpiresIn
        {
            get
            {
                long result;
                long.TryParse(this.TryGet(OidcConstants.AuthorizeResponse.ExpiresIn), out result);
                return result;
            }
        }

        private JwtSecurityToken _securityToken;
        public JwtSecurityToken SecurityToken
        {
            get
            {
                if(_securityToken == null)
                {
                    var encodedToken = IdentityToken;
                    if(encodedToken != null)
                    {
                        var tokenHandler = new JwtSecurityTokenHandler();
                        _securityToken = tokenHandler.ReadJwtToken(encodedToken);
                    }
                }
                return _securityToken;
            }
        }

        public string TryGet(string type)
        {
            string encodedValue;
            if(this.Values.TryGetValue(type, out encodedValue))
            {
                return WebUtility.UrlDecode(encodedValue);

            }
            return (string)null;
        }

        /// <summary>
        /// Encrypts this instance for further storage in the cookie or session
        /// </summary>
        /// <returns></returns>
        public string Encrypt()
        {
            var bf = new BinaryFormatter();
            byte[] bytes;
            using(MemoryStream ms = new MemoryStream())
            {
                bf.Serialize(ms, Values);
                bytes =  ms.ToArray();
            }
            var encryptedBytes = MachineKey.Protect(bytes, Const.MachineKeyProtectPurpose);
            var result = Convert.ToBase64String(encryptedBytes);
            return result;
        }

        /// <summary>
        /// Creates instance from encrypted string.
        /// </summary>
        /// <param name="encryptedString">The encrypted string. <see cref="Encrypt"/></param>
        /// <returns></returns>
        public static AuthorizationData CreateFromEncryptedString(string encryptedString)
        {
            if(encryptedString == null)
            {
                return null;
            }
            var encryptedBytes = Convert.FromBase64String(encryptedString);
            var bytes = MachineKey.Unprotect(encryptedBytes, Const.MachineKeyProtectPurpose);
            Dictionary<string, string> values;
            using(MemoryStream ms = new MemoryStream(bytes))
            {
                var br = new BinaryFormatter();
                values = (Dictionary<string,string>)br.Deserialize(ms);
            }

            var result = new AuthorizationData(values);
            return result;
        }
    }
}