/// <summary>
/// Protect and url-encode the specified token secret.
/// </summary>
/// <param name="token">The token to be used as a key.</param>
/// <param name="tokenSecret">The token secret to be protected</param>
/// <returns>The encrypted and protected string.</returns>
protected static string ProtectAndEncodeToken(string token, string tokenSecret)
{
byte[] cookieBytes = Encoding.UTF8.GetBytes(tokenSecret);
var secretBytes = MachineKeyUtil.Protect(cookieBytes, TokenCookieKey, "Token:" + token);
return(HttpServerUtility.UrlTokenEncode(secretBytes));
}
/// <summary>
/// Stores the request token together with its secret.
/// </summary>
/// <param name="requestToken">The request token.</param>
/// <param name="requestTokenSecret">The request token secret.</param>
public void StoreRequestToken(string requestToken, string requestTokenSecret)
{
var cookie = new HttpCookie(TokenCookieKey)
{
HttpOnly = true
};
if (FormsAuthentication.RequireSSL)
{
cookie.Secure = true;
}
byte[] cookieBytes = Encoding.UTF8.GetBytes(requestTokenSecret);
var secretBytes = MachineKeyUtil.Protect(cookieBytes, TokenCookieKey, "Token:" + requestToken);
cookie.Values[requestToken] = HttpServerUtility.UrlTokenEncode(secretBytes);
this.Context.Response.Cookies.Set(cookie);
}