public async Task <AuthenticateResponse> CredentialSignOn(string UserName, string password, bool rememberLogin = true)
{
InnerCredentials credentials = new InnerCredentials()
{
Username = UserName, Password = password
};
if (!credentials.IsValid)
{
credentials = DecodeUserCredentials();
}
AuthenticateResponse authRes = null;
if (credentials.IsValid)
{
authRes = await AuthClient.PostAsync(new Authenticate { provider = "credentials", UserName = credentials.Username, Password = credentials.Password, RememberMe = rememberLogin });
}
if (authRes != null)
{
EncodeUserCredentials(credentials);
}
return(authRes);
}
/// <summary>
/// Decrypts the credentials saved in the settings of the client user.
/// </summary>
/// <returns>it returns the decrypted credentials if they were found</returns>
private InnerCredentials DecodeUserCredentials()
{
InnerCredentials resCredentials = new InnerCredentials();
//read the file as bytes
try
{
if (UserClientSettings == null || UserClientSettings.Salt.IsNullOrEmpty())
{
return(resCredentials);
}
byte[] entropy = Encoding.Default.GetBytes(UserClientSettings.Salt);
//utf8 breaks things as the check is done in bytes not utf bytes
byte[] ciphBytes = Encoding.Default.GetBytes(UserClientSettings.Credentials);//.ToUtf8Bytes();
byte[] credBytes = ProtectedData.Unprotect(ciphBytes, entropy, DataProtectionScope.CurrentUser);
string credString = Encoding.Default.GetString(credBytes);//.FromUtf8Bytes();
resCredentials = credString.FromJsv <InnerCredentials>();
//clear the bytes so they are empty in memory
Array.Clear(entropy, 0, entropy.Length);
entropy = null;
Array.Clear(credBytes, 0, credBytes.Length);
credBytes = null;
Array.Clear(ciphBytes, 0, ciphBytes.Length);
ciphBytes = null;
return(resCredentials);
}
catch (Exception ex)
{
Logger.Error("Login credentials not valid.", ex);
return(new InnerCredentials());
}
}
/// <summary>
/// Encodes the Credentials passes through the authenticator.
/// </summary>
/// <param name="credentials"></param>
private void EncodeUserCredentials(InnerCredentials credentials)
{
if (UserClientSettings == null)
{
LoadUserClientSettings();
}
// Generate additional entropy (will be used as the Initialization vector)
byte[] entropy = new byte[24];
using (RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider())
{ rng.GetBytes(entropy); }
//set the settings salt value
UserClientSettings.Salt = Encoding.Default.GetString(entropy);
// Data to protect. Convert a to string and encrypt.
string credJson = credentials.ToSafeJsv();
byte[] credBytes = Encoding.Default.GetBytes(credJson);
//encrypt
byte[] cipherCred = ProtectedData.Protect(credBytes, entropy, DataProtectionScope.CurrentUser);
//string the cipher to save in file
UserClientSettings.Credentials = Encoding.Default.GetString(cipherCred);
SaveUserClientSettings();
//clear the bytes so they are empty in memory
Array.Clear(entropy, 0, entropy.Length);
entropy = null;
Array.Clear(credBytes, 0, credBytes.Length);
credBytes = null;
Array.Clear(cipherCred, 0, cipherCred.Length);
cipherCred = null;
}