/// <summary> /// Gets the token secret from the specified token. /// </summary> /// <param name="token">The token.</param> /// <returns> /// The token's secret /// </returns> public string GetTokenSecret(string token) { HttpCookie cookie = this.Context.Request.Cookies[TokenCookieKey]; if (cookie == null || string.IsNullOrEmpty(cookie.Values[token])) { return(null); } byte[] cookieBytes = HttpServerUtility.UrlTokenDecode(cookie.Values[token]); byte[] clearBytes = MachineKeyUtil.Unprotect(cookieBytes, TokenCookieKey, "Token:" + token); string secret = Encoding.UTF8.GetString(clearBytes); return(secret); }
/// <summary> /// Url-decode and unprotect the specified encrypted token string. /// </summary> /// <param name="token">The token to be used as a key.</param> /// <param name="encryptedToken">The encrypted token to be decrypted</param> /// <returns>The original token secret</returns> protected static string DecodeAndUnprotectToken(string token, string encryptedToken) { byte[] cookieBytes = HttpServerUtility.UrlTokenDecode(encryptedToken); byte[] clearBytes = MachineKeyUtil.Unprotect(cookieBytes, TokenCookieKey, "Token:" + token); return(Encoding.UTF8.GetString(clearBytes)); }