stabilizaiton work - projects rework for maintenanceability and ui livening

2026-02-03 23:40:04 +02:00
parent 074ce117ba
commit 557feefdc3
3305 changed files with 186813 additions and 107843 deletions
--- a/src/__Libraries/StellaOps.Auth.Security/Dpop/DpopProofValidator.Nonce.cs
+++ b/src/__Libraries/StellaOps.Auth.Security/Dpop/DpopProofValidator.Nonce.cs
@@ -0,0 +1,43 @@
+using System.Text.Json;
+
+namespace StellaOps.Auth.Security.Dpop;
+
+public sealed partial class DpopProofValidator
+{
+    private bool TryReadNonce(
+        JsonElement payloadElement,
+        string? expectedNonce,
+        out string? actualNonce,
+        out DpopValidationResult failure)
+    {
+        actualNonce = null;
+        failure = default!;
+
+        if (expectedNonce is not null)
+        {
+            if (!payloadElement.TryGetProperty("nonce", out var nonceElement) ||
+                nonceElement.ValueKind != JsonValueKind.String)
+            {
+                failure = DpopValidationResult.Failure("invalid_token", "DPoP proof missing nonce claim.");
+                return false;
+            }
+
+            actualNonce = nonceElement.GetString();
+            if (!string.Equals(actualNonce, expectedNonce, StringComparison.Ordinal))
+            {
+                failure = DpopValidationResult.Failure("invalid_token", "DPoP nonce mismatch.");
+                return false;
+            }
+
+            return true;
+        }
+
+        if (payloadElement.TryGetProperty("nonce", out var optionalNonce) &&
+            optionalNonce.ValueKind == JsonValueKind.String)
+        {
+            actualNonce = optionalNonce.GetString();
+        }
+
+        return true;
+    }
+}