public AuthenticationToken GenerateAuthenticationToken(GetAuthenticationTokenRequest request)
{
// TODO: Ensure the underlying AWS credential does not need renewed also
var date = DateTime.UtcNow;
var scope = new CredentialScope(date, AwsRegion.USEast1, AwsService.RdsDb);
// TODO: Avoid this allocation by extending presign...
var httpRequest = new HttpRequestMessage(
HttpMethod.Get,
$"https://{request.HostName}:{request.Port}?Action=connect&DBUser={request.UserName}"
);
SignerV4.Default.Presign(credential, scope, date, TimeSpan.FromMinutes(15), httpRequest);
var url = httpRequest.RequestUri;
return(new AuthenticationToken(
value: url.Host + ":" + url.Port.ToString() + "/" + url.Query,
issued: date,
expires: date.AddMinutes(15)
));
}
public async Task <AuthenticationToken> GetAuthenticationTokenAsync(GetAuthenticationTokenRequest request)
{
// Ensure the underlying credential is renewed
if (credential.ShouldRenew)
{
await credential.RenewAsync().ConfigureAwait(false);
}
var date = DateTime.UtcNow;
var scope = new CredentialScope(date, region, AwsService.RdsDb);
var httpRequest = new HttpRequestMessage(
HttpMethod.Get,
$"https://{request.HostName}:{request.Port}?Action=connect&DBUser={request.UserName}"
);
SignerV4.Default.Presign(credential, scope, date, request.Expires, httpRequest);
Uri url = httpRequest.RequestUri;
return(new AuthenticationToken(
value: url.Host + ":" + url.Port.ToString() + "/" + url.Query,
issued: date,
expires: date + request.Expires
));
}
public static ShCredential GenerateCredential(long memberId, CredentialScope scope)
{
var token = Guid.NewGuid().ToString();
return(new ShCredential()
{
Token = token,
AccessToken = token,
RefreshToken = Guid.NewGuid().ToString(),
MemberId = memberId,
CredentialScope = scope,
CreatedAd = DateTime.Now,
ExpriredAd = DateTime.Now.AddDays(7),
UpdatedAt = DateTime.Now,
Status = CredentialStatus.Activated,
});
}
public static Credential GenerateCridential(long memberId, CredentialScope credentialScope)
{
var token = Guid.NewGuid().ToString();
var timeNow = DateTime.Now;
return(new Credential
{
Token = token,
AccessToken = token,
MemberId = memberId,
RefreshToken = Guid.NewGuid().ToString(),
CredentialScope = CredentialScope.Basic,
CreatedAt = timeNow,
UpdatedAt = timeNow,
ExpiredAt = timeNow.AddDays(7),
Status = CredentialStatus.Activated
});
}
public static string GetPresignedUrl(GetPresignedUrlRequest request, IAwsCredential credential, DateTime now)
{
var scope = new CredentialScope(now, request.Region, AwsService.S3);
var urlBuilder = StringBuilderCache.Aquire()
.Append("https://")
.Append(request.Host)
.Append('/')
.Append(request.BucketName)
.Append('/')
.Append(request.Key);
// TODO: support version querystring
var message = new HttpRequestMessage(new HttpMethod(request.Method), StringBuilderCache.ExtractAndRelease(urlBuilder));
SignerV4.Default.Presign(credential, scope, now, request.ExpiresIn, message, "UNSIGNED-PAYLOAD");
string signedUrl = message.RequestUri.ToString();
return(signedUrl);
}
