public string SerializeToString(byte[] aesKey)
{
string payloadString = SerializePayload(SecurePayload);
byte[] payloadData = Encoding.UTF8.GetBytes(payloadString);
DataProtector dataProtector = new DataProtector(aesKey, IV);
byte[] encryptedPayloadData = dataProtector.Protect(payloadData);
string base64encryptedPayload = EncodingHelper.Base64Encode(encryptedPayloadData);
string base64iv = EncodingHelper.Base64Encode(IV);
return EncodingHelper.Base64CustomUrlEncode(EncodingHelper.Base64StringsConcat(base64iv, base64encryptedPayload));
}
public static OpaqueSecurityToken Parse(byte[] aesKey, string serializedToken)
{
try
{
serializedToken = EncodingHelper.Base64CustomUrlDecode(serializedToken);
string[] splittedIVandPayload = EncodingHelper.SplitConcatenatedBase64Strings(serializedToken, 2);
byte[] iv = EncodingHelper.Base64Decode(splittedIVandPayload[0]);
DataProtector dataProtector = new DataProtector(aesKey, iv);
byte[] payloadProtected = EncodingHelper.Base64Decode(splittedIVandPayload[1]);
byte[] payloadData = dataProtector.Unprotect(payloadProtected);
string payloadString = Encoding.UTF8.GetString(payloadData);
Dictionary<string, string> payload = DeserializePayload(payloadString);
return new OpaqueSecurityToken(iv, payload);
}
catch (Exception ex)
{
throw new SecurityException(string.Format("Unable to parse security key: '{0}'", serializedToken), ex);
}
}