Exemple #1
0
        public async Task <AuthenticationResult> TryAuthenticateAsync(string key, string secret)
        {
            ApiClientSecret   apiClientSecret;
            ApiClientIdentity apiClientIdentity;

            try
            {
                apiClientIdentity = await _apiClientIdentityProvider.GetApiClientIdentityAsync(key);

                apiClientSecret = new ApiClientSecret
                {
                    Secret   = apiClientIdentity.Secret,
                    IsHashed = apiClientIdentity.IsHashed
                };
            }
            catch (ArgumentException)
            {
                return(new AuthenticationResult {
                    IsAuthenticated = false
                });
            }

            if (!_secretVerifier.VerifySecret(key, secret, apiClientSecret))
            {
                return(new AuthenticationResult {
                    IsAuthenticated = false
                });
            }

            return(new AuthenticationResult
            {
                IsAuthenticated = true,
                ApiClientIdentity = apiClientIdentity
            });
        }
Exemple #2
0
        public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret)
        {
            if (actualSecret.IsHashed)
            {
                throw new ArgumentException("Password is hashed.");
            }

            return(presentedSecret == actualSecret.Secret);
        }
Exemple #3
0
        public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret)
        {
            if (!actualSecret.IsHashed)
            {
                return(presentedSecret == actualSecret.Secret);
            }

            var actualHash = _packedHashConverter.GetPackedHash(actualSecret.Secret);
            var hasher     = _secureHasherProvider.GetHasher(actualHash.HashAlgorithm);

            var presentedHash = hasher.ComputeHash(
                presentedSecret, actualHash.HashAlgorithm, actualHash.Iterations, actualHash.Salt);

            return(ByteArraysEqual(actualHash.HashBytes, presentedHash.HashBytes));
        }
Exemple #4
0
        public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret)
        {
            if (!_next.VerifySecret(key, presentedSecret, actualSecret))
            {
                _logger.Warn(
                    $"Unable to decode the secret for vendor \"{key}\" using the secret verifier \"{_next.GetType().Name}\". You may need to reset the secret for this vendor.");

                return(false);
            }

            var hashAlgorithm = _hashConfiguration.GetAlgorithmHashCode();

            if (actualSecret.IsHashed)
            {
                var packedHash = _packedHashConverter.GetPackedHash(actualSecret.Secret);

                if (packedHash.HashAlgorithm == hashAlgorithm &&
                    packedHash.Iterations == _hashConfiguration.Iterations &&
                    packedHash.Salt.Length == _hashConfiguration.GetSaltSizeInBytes())
                {
                    return(true);
                }
            }

            actualSecret.Secret = _securePackedHashProvider.ComputePackedHashString(
                presentedSecret,
                hashAlgorithm,
                _hashConfiguration.Iterations,
                _hashConfiguration.GetSaltSizeInBytes());

            actualSecret.IsHashed = true;

            _apiClientSecretProvider.SetSecret(key, actualSecret);

            return(true);
        }