Case sensitive matching

DavidChristiansen · DavidChristiansen · commit c889428926f2 · 2012-07-28T14:42:14.000+01:00
diff --git a/source/DotNetOpenAuth.WebAPI.HostSample/Infrastructure/OAuth/DatabaseKeyNonceStore.cs b/source/DotNetOpenAuth.WebAPI.HostSample/Infrastructure/OAuth/DatabaseKeyNonceStore.cs
@@ -1,10 +1,10 @@
-﻿using System;
-using System.Collections.Generic;
-using System.Data.SqlClient;
-using System.Linq;
-using DotNetOpenAuth.Messaging.Bindings;
-
-namespace DotNetOpenAuth.WebAPI.HostSample.Infrastructure.OAuth {
+﻿using System;
+using System.Collections.Generic;
+using System.Data.SqlClient;
+using System.Linq;
+using DotNetOpenAuth.Messaging.Bindings;
+
+namespace DotNetOpenAuth.WebAPI.HostSample.Infrastructure.OAuth {
     /// <summary>
 	/// A database-persisted nonce store.
 	/// </summary>
@@ -57,11 +57,12 @@ public bool StoreNonce(string context, string nonce, DateTime timestampUtc) {
 		#region ICryptoKeyStore Members
 
 		public CryptoKey GetKey(string bucket, string handle) {
-			// It is critical that this lookup be case-sensitive, which can only be configured at the database.
-			var matches = from key in MvcApplication.DataContext.SymmetricCryptoKeys
-						  where key.Bucket == bucket && key.Handle == handle
-						  select new CryptoKey(key.Secret, key.ExpiresUtc.AsUtc());
-
+            var _db = MvcApplication.DataContext.SymmetricCryptoKeys.Where(k => k.Bucket == bucket && k.Handle == handle).ToList();
+            // Perform a case senstive match
+            var matches = from key in _db
+                          where string.Equals(key.Bucket, bucket, StringComparison.Ordinal) && 
+                          string.Equals(key.Handle, handle, StringComparison.Ordinal)
+                          select new CryptoKey(key.Secret, key.ExpiresUtc.AsUtc());
 			return matches.FirstOrDefault();
 		}
 
