public System.Security.Cryptography.HMACSHA256 HashSignature(ETextingDomainModel.ApiUser user, out string signature)
{
var secret = user.Secret;
// Simplistic implementation DO NOT USE
var key = Convert.FromBase64String(secret);
var provider = new System.Security.Cryptography.HMACSHA256(key);
// Compute Hash from API Key (NOT SECURE)
var hash = provider.ComputeHash(Encoding.UTF8.GetBytes(user.AppId));
signature = Convert.ToBase64String(hash);
return provider;
}
public ETextingDomainModel.AuthToken CreateAuthToken(ETextingDomainModel.ApiUser user, System.Security.Cryptography.HMACSHA256 provider)
{
var rawTokenInfo = string.Concat(user.AppId + DateTime.UtcNow.ToString("d"));
var rawTokenByte = Encoding.UTF8.GetBytes(rawTokenInfo);
var token = provider.ComputeHash(rawTokenByte);
var authToken = new AuthToken()
{
Token = Convert.ToBase64String(token),
Expiration = DateTime.UtcNow.AddDays(7),
ApiUser = user
};
return authToken;
}