Esempio n. 1
0
        public async Task <AntiCsrfNonce> Generate(Guid?sessionId = null)
        {
            if (!_configuration.Enabled)
            {
                return(null);
            }

            sessionId = sessionId ?? _guidFactory.Random();

            Guid     nonce            = _guidFactory.Random();
            DateTime currentTimestamp = _systemClock.UtcDateTime;

            await _nonceRepository.AddAsync(sessionId.Value, nonce, currentTimestamp, currentTimestamp + _configuration.NonceDuration);

            return(new AntiCsrfNonce(sessionId.Value, nonce));
        }
        public async Task <string> GenerateHiddenInputHtmlAsync(HttpResponseBase response)
        {
            if (!_configuration.Enabled)
            {
                return("");
            }

            Guid?sessionId = await _cookieManager.GetSessionIdAsync(response);

            if (sessionId == null)
            {
                return("");
            }

            Guid     nonce            = _guidFactory.Random();
            DateTime currentTimestamp = _systemClock.UtcDateTime;

            await _nonceRepository.AddAsync(sessionId.Value, nonce, currentTimestamp, currentTimestamp + _configuration.NonceDuration);

            return(String.Format(@"<input type=""hidden"" name=""{0}"" value=""{1}""/>", _configuration.FormFieldName, nonce.ToString("N")));
        }