public void Obfuscate_Succeeds() { var clearTextSecrets = new List <string> { Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }; var secrets = clearTextSecrets.Select(s => new Secret(s)).ToList(); var apiResource = new ApiResource { ApiSecrets = secrets, Name = "test-api" }; var createdAuditEvent = new EntityCreatedAuditEvent <ApiResource>("username", "clientid", "subject", apiResource.Name, apiResource, new SerializationSettings()); foreach (var secret in clearTextSecrets) { //Make sure that the secrets haven't been changed in the original reference Assert.True(apiResource.ApiSecrets.Any(s => s.Value == secret)); //Make sure that the secrets in the object that gets serialized have been obfuscated Assert.True(createdAuditEvent.Entity.ApiSecrets.Any(s => s.Value == $"****{secret.Substring(secret.Length-4)}")); } }
public async Task StoreAsync(IdentityServer4.Models.PersistedGrant grant) { var existingGrant = IdentityDbContext.PersistedGrants.SingleOrDefault(pg => pg.Key == grant.Key); Event evt; if (existingGrant == null) { var persistedGrantEntity = grant.ToEntity(); IdentityDbContext.PersistedGrants.Add(persistedGrantEntity); evt = new EntityCreatedAuditEvent <PersistedGrant>( UserResolverService.Username, UserResolverService.ClientId, UserResolverService.Subject, persistedGrantEntity.Key, persistedGrantEntity, SerializationSettings); } else { grant.ToEntity(existingGrant); evt = new EntityUpdatedAuditEvent <PersistedGrant>( UserResolverService.Username, UserResolverService.ClientId, UserResolverService.Subject, existingGrant.Key, existingGrant, SerializationSettings); } try { await IdentityDbContext.SaveChangesAsync(); await EventService.RaiseAsync(evt); } catch (DbUpdateConcurrencyException ex) { _logger.Warning("Exception updating {grantKey}. Error: {error}", grant.Key, ex.Message); } }