public string GenerateKey([FromBody] SignKeyRequest keyData)
{
SignedKeyData data = new SignedKeyData();
data.roles = keyData.roles;
data.name = keyData.name;
if (keyData.expiresInSecs.HasValue)
{
data.expiresAt = DateTime.Now.AddSeconds(keyData.expiresInSecs.Value).ToFileTimeUtc();
}
var json_data = JsonConvert.SerializeObject(data);
var encrypted_buff = rsaProvider.EncryptData(Encoding.UTF8.GetBytes(json_data));
return(Convert.ToBase64String(encrypted_buff));
}
protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
return(Task.Run(() =>
{
try {
if (!Context.Request.Headers.ContainsKey("APIKey"))
{
return AuthenticateResult.NoResult();
}
var APIKey = Context.Request.Headers["APIKey"];
var encrypted_buff = Convert.FromBase64String(APIKey);
var DecryptedAPIKey = apiKeyProvider.DecryptData(encrypted_buff);
SignedKeyData signedData = JsonConvert.DeserializeObject <SignedKeyData>(Encoding.ASCII.GetString(DecryptedAPIKey));
if (signedData.expiresAt.HasValue)
{
DateTime expireTime = DateTime.FromFileTimeUtc(signedData.expiresAt.Value);
if (DateTime.Now > expireTime)
{
return AuthenticateResult.Fail("Expired Token");
}
}
var identity = new GenericIdentity("API");
identity.AddClaim(new System.Security.Claims.Claim("Origin", "Api"));
foreach (var role in signedData.roles)
{
identity.AddClaim(new System.Security.Claims.Claim("role", role));
}
var principal = new GenericPrincipal(identity, new[] { signedData.name });
var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), Scheme.Name);
return AuthenticateResult.Success(ticket);
}
catch (System.Exception e)
{
return AuthenticateResult.Fail(e);
}
}));
}
