Added the possibility to configure the length of the nonce and the st…

…ate (#305) Added the raw response if HttpStatusCode is not OK (redeem code for tokens) Co-authored-by: Rémi Ollagnier <[email protected]>
IdentityModel · Jul 16, 2021 · 2798d22 · 2798d22
1 parent d21a580
commit 2798d22
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 10 deletions.
diff --git a/src/OidcClient/AuthorizeClient.cs b/src/OidcClient/AuthorizeClient.cs
@@ -93,7 +93,7 @@ public AuthorizeState CreateAuthorizeState(Parameters frontChannelParameters)
 
             var state = new AuthorizeState
             {
-                State = _crypto.CreateState(),
+                State = _crypto.CreateState(_options.StateLength),
                 RedirectUri = _options.RedirectUri,
                 CodeVerifier = pkce.CodeVerifier,
             };

diff --git a/src/OidcClient/CryptoHelper.cs b/src/OidcClient/CryptoHelper.cs
@@ -73,18 +73,11 @@ public bool ValidateHash(string data, string hashedData, string signatureAlgorit
             }
         }
 
-        public string CreateState()
+        public string CreateState(int length)
         {
             _logger.LogTrace("CreateState");
 
-            return CryptoRandom.CreateUniqueId(16);
-        }
-
-        public string CreateNonce()
-        {
-            _logger.LogTrace("CreateNonce");
-
-            return CryptoRandom.CreateUniqueId(16);
+            return CryptoRandom.CreateUniqueId(length);
         }
 
         public Pkce CreatePkceData()

diff --git a/src/OidcClient/OidcClientOptions.cs b/src/OidcClient/OidcClientOptions.cs
@@ -89,6 +89,14 @@ public class OidcClientOptions
         /// </value>
         public string PostLogoutRedirectUri { get; set; }
 
+        /// <summary>
+        /// Gets or sets the state length.
+        /// </summary>
+        /// <value>
+        /// The state length.
+        /// </value>
+        public int StateLength { get; set; } = 16;
+
         /// <summary>
         /// Gets or sets the browser implementation.
         /// </summary>

diff --git a/src/OidcClient/ResponseProcessor.cs b/src/OidcClient/ResponseProcessor.cs
@@ -8,6 +8,7 @@
 using Microsoft.Extensions.Logging;
 using System;
 using System.Collections.Generic;
+using System.Net;
 using System.Security.Claims;
 using System.Threading;
 using System.Threading.Tasks;
@@ -78,6 +79,10 @@ private async Task<ResponseValidationResult> ProcessCodeFlowResponseAsync(
             {
                 return new ResponseValidationResult($"Error redeeming code: {tokenResponse.Error ?? "no error code"} / {tokenResponse.ErrorDescription ?? "no description"}");
             }
+            if (tokenResponse.HttpStatusCode != HttpStatusCode.OK)
+            {
+                return new ResponseValidationResult($"Error redeeming code: {tokenResponse.Raw}");
+            }
 
             // validate token response
             var tokenResponseValidationResult = await ValidateTokenResponseAsync(tokenResponse, state, requireIdentityToken:false, cancellationToken: cancellationToken);