public void UsageTest()
{
// Invoke class, can use Machine.Key in ASP.Net or some other controlled key.
var apiTokenService = new ApiTokenService("your-key-here");
// Expiration, allow some time for drift, but not enough for a replay attack
var expiration = DateTime.Now.AddMinutes(5);
// Generate token
// Example: uid=username-to-send&ex=2006-01-02T12:28:46.1769043-05:00&sn=sCpjZ4YehdIDebSdC4NJxGf0yfYE/dtUA4Xk/HKFXCA7IrQ38cI6xyejiBIKXfg35rOYN+DzsLF7ZLXTjtxE9w==
var token = apiTokenService.GenerateToken("username-to-send", expiration);
// Encode Token in URL Safe Base64, obuscates values if desired.
// Example: dWlkPXVzZXJuYW1lLXRvLXNlbmQmZXg9MjAxNy0wMS0wOVQxMjoyODo0Ni4xNzY5MDQzLTA1OjAwJnNuPXNDcGpaNFllaGRJRGViU2RDNE5KeEdmMHlmWUUvZHRVQTRYay9IS0ZYQ0E3SXJRMzhjSTZ4eWVqaUJJS1hmZzM1ck9ZTitEenNMRjdaTFhUanR4RTl3PT0
var encodedToken = apiTokenService.UrlEncodeToken(token);
// *** Transmit token (unencoded or encoded)
// Verify Token
var validToken = apiTokenService.ValidateToken(token);
Assert.IsTrue(validToken);
// Verify Encoded Token
var plainToken = apiTokenService.UrlDecodeToken(encodedToken);
var validEnCodedToken = apiTokenService.ValidateToken(plainToken);
Assert.IsTrue(validToken);
// Get user name from token
var username = apiTokenService.GetUidFromToken(token);
Assert.AreEqual("username-to-send", username);
}
public AuthFilter(
ApiTokenService apiTokenService,
UserService userService,
ILogger <AuthFilter> logger
)
{
this.apiTokenService = apiTokenService;
this.userService = userService;
this.logger = logger;
}
public void TestInitialize()
{
_apiTokenService = new ApiTokenService("n)4]0ummyrhvg9bLOa~Mzrr*u8[dDJFhC3RMB/a6IuiImf96KA0?mZ+5RfIgCXO");
// test with all ascii chars https://en.wikipedia.org/wiki/ASCII
for (var i = 32; i <= 126; i++)
{
_username += new string(new [] { (char)i });
}
}
public UtilitiesController(ApiTokenService apiTokenService, StravaApiService stravaApiService, AthleteService athleteService)
{
_stravaApiService = stravaApiService;
_apiTokenService = apiTokenService;
_athleteService = athleteService;
}
