1 //----------------------------------------------------------------------
3 // Copyright (c) Microsoft Corporation.
4 // All rights reserved.
6 // This code is licensed under the MIT License.
8 // Permission is hereby granted, free of charge, to any person obtaining a copy
9 // of this software and associated documentation files(the "Software"), to deal
10 // in the Software without restriction, including without limitation the rights
11 // to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
12 // copies of the Software, and to permit persons to whom the Software is
13 // furnished to do so, subject to the following conditions :
15 // The above copyright notice and this permission notice shall be included in
16 // all copies or substantial portions of the Software.
18 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
21 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
26 //------------------------------------------------------------------------------
29 using System.Collections.Generic;
30 using System.Runtime.InteropServices;
31 using System.Security;
33 namespace Microsoft.IdentityModel.Clients.ActiveDirectory
36 /// This class allows to pass client secret as a SecureString to the API.
38 public class SecureClientSecret : ISecureClientSecret
40 private SecureString secureString;
43 /// Required Constructor
45 /// <param name="secret">SecureString secret. Required and cannot be null.</param>
46 public SecureClientSecret(SecureString secret)
50 throw new ArgumentNullException(nameof(secret));
53 this.secureString = secret;
57 /// Applies the secret to the dictionary.
59 /// <param name="parameters">Dictionary to which the securestring is applied to be sent to server</param>
60 public void ApplyTo(IDictionary<string, string> parameters)
62 var output = new char[secureString.Length];
63 IntPtr secureStringPtr = Marshal.SecureStringToCoTaskMemUnicode(secureString);
64 for (int i = 0; i < secureString.Length; i++)
66 output[i] = (char) Marshal.ReadInt16(secureStringPtr, i*2);
69 Marshal.ZeroFreeCoTaskMemUnicode(secureStringPtr);
70 parameters[OAuthParameter.ClientSecret] = new string(output);
72 if (secureString != null && !secureString.IsReadOnly())