blob: 3853693c8dca07044356ec57e2bd51eedef69e58 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
namespace DotNetOpenAuth.OpenId.Messages {
class CheckAuthenticationResponseProvider : CheckAuthenticationResponse {
/// <summary>
/// Initializes a new instance of the <see cref="CheckAuthenticationResponse"/> class
/// for use by the Provider.
/// </summary>
/// <param name="request">The request that this message is responding to.</param>
/// <param name="provider">The OpenID Provider that is preparing to send this response.</param>
internal CheckAuthenticationResponseProvider(CheckAuthenticationRequest request, OpenIdProvider provider)
: base(request.Version, request) {
Contract.Requires<ArgumentNullException>(provider != null);
// The channel's binding elements have already set the request's IsValid property
// appropriately. We just copy it into the response message.
this.IsValid = request.IsValid;
// Confirm the RP should invalidate the association handle only if the association
// is not valid (any longer). OpenID 2.0 section 11.4.2.2.
IndirectSignedResponse signedResponse = new IndirectSignedResponse(request, provider.Channel);
string invalidateHandle = ((ITamperResistantOpenIdMessage)signedResponse).InvalidateHandle;
if (!string.IsNullOrEmpty(invalidateHandle) && !provider.AssociationStore.IsValid(signedResponse, false, invalidateHandle)) {
this.InvalidateHandle = invalidateHandle;
}
}
}
}
|
