public async Task <Nonce> Get(KeyId clientId, string nonceValue)
{
if (clientId == KeyId.Empty)
{
throw new ArgumentException("Value cannot be null or empty.", nameof(clientId));
}
if (string.IsNullOrEmpty(nonceValue))
{
throw new ArgumentException("Value cannot be null or empty.", nameof(nonceValue));
}
var cacheKey = CacheKeyFactory(clientId, nonceValue);
var isInCache = _cache.TryGetValue <Nonce>(cacheKey, out var cachedNonce);
if (isInCache && cachedNonce != null)
{
return(cachedNonce);
}
var nonce = await _decorated.Get(clientId, nonceValue);
if (nonce != null)
{
_cache.Set(cacheKey, nonce, nonce.Expiration);
}
return(nonce);
}
public override async Task <SignatureVerificationFailure> Verify(HttpRequestForSigning signedRequest, Signature signature, Client client)
{
if (string.IsNullOrEmpty(signature.Nonce))
{
return(null);
}
var previousNonce = await _nonceStore.Get(client.Id, signature.Nonce).ConfigureAwait(false);
if (previousNonce != null && previousNonce.Expiration >= _systemClock.UtcNow)
{
return(SignatureVerificationFailure.ReplayedRequest($"The nonce '{previousNonce.Value}' for client {client.Id} ({client.Name}) is not unique and has been used before. It expires at {previousNonce.Expiration:R}."));
}
var nonce = new Nonce(
clientId: client.Id,
value: signature.Nonce,
expiration: _systemClock.UtcNow.Add(client.NonceLifetime));
await _nonceStore.Register(nonce).ConfigureAwait(false);
return(null);
}
public async Task <Nonce> Get(KeyId clientId, string nonceValue)
{
using (await _lock.ReaderLockAsync()) {
return(await _decorated.Get(clientId, nonceValue));
}
}