Beispiel #1
0
        /// <summary>
        /// Convert your data to multipass token and get redirect url for shopify mutipass
        /// </summary>
        /// <param name="data"></param>
        /// <returns></returns>
        public string GetMultipassRedirectUrl(ShopifyProfile data)
        {
            var token = GetMultipassToken(data);

            //build redirect url
            return(string.Format("https://{0}/account/login/multipass/{1}", _shopifyShopDomain, token));
        }
Beispiel #2
0
        public string GetMultipassToken(ShopifyProfile profile)
        {
            //Generate encryption key and signature key by SHA 256
            var keys = new MessageDigestContext(MessageDigest.SHA256).Digest(Encoding.UTF8.GetBytes(_shopifyMultipassSecret));

            //First 16 bytes will be encryption key and last 16 bytes will be signature key
            ArraySegment <byte> encryptionKeyArraySegmenet = new ArraySegment <byte>(keys, 0, 16);
            ArraySegment <byte> signatureKeyArraySegmenet  = new ArraySegment <byte>(keys, 16, 16);

            var encryptionKey = encryptionKeyArraySegmenet.ToArray();
            var signatureKey  = signatureKeyArraySegmenet.ToArray();


            var dataString = JsonConvert.SerializeObject(profile);
            var dataBytes  = Encoding.UTF8.GetBytes(dataString);

            //generate random 16 bytes for Init Vactor
            var iv = new byte[16];

            new RNGCryptoServiceProvider().GetBytes(iv);

            //Generate Cipher using AES-128-CBC algo and concat Init Vector with this.
            var cipher = Combine(iv, new CipherContext(Cipher.AES_128_CBC).Crypt(dataBytes, encryptionKey, iv, true));

            //Generate signature of Cipher
            HMACSHA256 hasher = new HMACSHA256(signatureKey);

            byte[] sing = hasher.ComputeHash(cipher);


            //append signature to cipher and convert it to URL safe base64 string
            var token = Convert.ToBase64String(Combine(cipher, sing)).Replace("+", "-").Replace("/", "_");

            return(token);
        }