public static string GerarToken(DataSet info) { byte[] _publicKey = HexToBytes(ConfigurationManager.AppSettings["chavePublica"]); byte[] _privateKey = HexToBytes(ConfigurationManager.AppSettings["chavePrivada"]); var date = DateTime.UtcNow; var claims = new PasetoInstance { Issuer = "http://api.passcenter.com.br", Subject = "Token de autenticacao", Audience = "http://passcenter.com.br", Expiration = date.AddMinutes(30), NotBefore = date.AddMinutes(-30), IssuedAt = date, AdditionalClaims = new Dictionary <string, object> { ["usu_codigo"] = new object[] { Convert.ToInt32(info.Tables[0].Rows[0]["usu_codigo"]) }, ["pes_codigo"] = new object[] { Convert.ToInt32(info.Tables[0].Rows[0]["pes_codigo"]) }, ["end_codigo"] = new object[] { Convert.ToInt32(info.Tables[0].Rows[0]["end_codigo"]) }, ["ins_codigo"] = new object[] { Convert.ToInt32(info.Tables[0].Rows[0]["ins_codigo"]) }, ["tus_codigo"] = new object[] { Convert.ToInt32(info.Tables[0].Rows[0]["tus_codigo"]) } }, }; return(PasetoUtility.Sign(_publicKey, _privateKey, claims)); }
public void JsonDataRoundTrip() { var date = DateTime.UtcNow; var claims = new PasetoInstance { Issuer = "http://auth.example.com", Subject = "2986689", Audience = "audience", Expiration = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind).AddMinutes(10), NotBefore = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind).AddMinutes(-10), IssuedAt = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind), AdditionalClaims = new Dictionary <string, object> { ["roles"] = new[] { "Admin", "User" } }, Footer = new Dictionary <string, object> { ["kid"] = "dpm0" }, }; string token = PasetoUtility.Encrypt(_symmetricKey, claims); var parsedToken = PasetoUtility.Decrypt(_symmetricKey, token, validateTimes: true); Assert.Equal(claims.Issuer, parsedToken.Issuer); Assert.Equal(claims.Subject, parsedToken.Subject); Assert.Equal(claims.Audience, parsedToken.Audience); Assert.Equal(claims.Expiration, parsedToken.Expiration); Assert.Equal(claims.NotBefore, parsedToken.NotBefore); Assert.Equal(claims.IssuedAt, parsedToken.IssuedAt); Assert.Equal(claims.AdditionalClaims, parsedToken.AdditionalClaims); Assert.Equal(claims.Footer, parsedToken.Footer); }
public void RoundTrip() { const string payload = "Frank Denis rocks"; string signature = PasetoUtility.SignBytes(_publicKey, _privateKey, Encoding.UTF8.GetBytes(payload)); Assert.Equal(payload, Encoding.UTF8.GetString(PasetoUtility.ParseBytes(_publicKey, signature).Payload)); }
public void RoundTripPrivate() { const string payload = "Love is stronger than hate or fear"; string encrypted = PasetoUtility.EncryptBytes(_symmetricKey, Encoding.UTF8.GetBytes(payload), nonce: new byte[24]); Assert.Equal(payload, Encoding.UTF8.GetString(PasetoUtility.DecryptBytes(_symmetricKey, encrypted).Payload)); }
protected string autenticarToken(string token, string chavePublica) { byte[] _publicKey = HexToBytes(chavePublica); if (Object.Equals(PasetoUtility.Parse(_publicKey, token, validateTimes: true), null)) { return("Token NÃO autenticado/válido!"); } return("Token autenticado/válido!"); }
public void Parse(string message, string payload, string footer = "") { var parsed = PasetoUtility.ParseBytes(_publicKey, message); Assert.Equal(payload, Encoding.UTF8.GetString(parsed.Payload)); Assert.Equal(footer, Encoding.UTF8.GetString(parsed.Footer)); Assert.Null(PasetoUtility.Parse(new byte[32], message)); }
public void FutureTokenDoesNotParse() { var testClaims = new PasetoInstance { NotBefore = DateTime.UtcNow.AddMinutes(1), Subject = "2986689", }; Assert.NotNull(PasetoUtility.Parse(_publicKey, PasetoUtility.Sign(_publicKey, _privateKey, claims: testClaims), validateTimes: false)); Assert.Null(PasetoUtility.Parse(_publicKey, PasetoUtility.Sign(_publicKey, _privateKey, claims: testClaims))); testClaims.NotBefore = DateTime.UtcNow.AddMinutes(-1); Assert.NotNull(PasetoUtility.Parse(_publicKey, PasetoUtility.Sign(_publicKey, _privateKey, claims: testClaims))); }
public void FooterCanBeParsed() { string footerText = "Hello friend"; Assert.Equal(footerText, PasetoUtility.ParseFooter(PasetoUtility.EncryptBytes(_symmetricKey, new byte[0], footerText))); var footerJson = new Dictionary <string, object> { ["hello"] = "friend" }; Assert.Equal(footerJson, PasetoUtility.ParseFooterJson(PasetoUtility.Encrypt(_symmetricKey, new PasetoInstance { Footer = footerJson }))); }
public static Indentificacao ValidarToken(string token) { byte[] _publicKey = HexToBytes(ConfigurationManager.AppSettings["chavePublica"]); var tokenDescodificado = PasetoUtility.Parse(_publicKey, token, validateTimes: true); if (Object.Equals(tokenDescodificado, null)) { return(null); } Indentificacao ident = new Indentificacao(); ident.Usu_codigo = converteObjStr(tokenDescodificado.AdditionalClaims["usu_codigo"]); ident.Pes_codigo = converteObjStr(tokenDescodificado.AdditionalClaims["pes_codigo"]); ident.End_codigo = converteObjStr(tokenDescodificado.AdditionalClaims["end_codigo"]); ident.Ins_codigo = converteObjStr(tokenDescodificado.AdditionalClaims["ins_codigo"]); ident.Tus_codigo = Convert.ToInt32(converteObjStr(tokenDescodificado.AdditionalClaims["tus_codigo"])); return(ident); }
protected string criarToken(string chavePublica, string chavePrivada) { byte[] _publicKey = HexToBytes(chavePublica); byte[] _privateKey = HexToBytes(chavePrivada); var date = DateTime.UtcNow; var claims = new PasetoInstance { Issuer = "http://auth.example.com", Subject = "2986689", Audience = "audience", Expiration = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind).AddMinutes(10), NotBefore = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind).AddMinutes(-10), IssuedAt = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind), AdditionalClaims = new Dictionary <string, object> { ["roles"] = new[] { "Admin", "User" } }, Footer = new Dictionary <string, object> { ["kid"] = "dpm0" }, }; return(PasetoUtility.Sign(_publicKey, _privateKey, claims)); }
public void Encrypt(string payload, string message, string footer = "") { var nonce = new byte[24]; Assert.Equal(message, PasetoUtility.EncryptBytes(_symmetricKey, Encoding.UTF8.GetBytes(payload), footer, nonce)); }
public void EncryptWithNullKey(string payload, string message) { Assert.Equal(message, PasetoUtility.EncryptBytes(new byte[32], Encoding.UTF8.GetBytes(payload), nonce: new byte[24])); }
public void EmptyTokenRoundTrip() { PasetoUtility.Parse(_publicKey, PasetoUtility.SignBytes(_publicKey, _privateKey, Encoding.UTF8.GetBytes("{}"))); Assert.Equal("{}", Encoding.UTF8.GetString(PasetoUtility.ParseBytes(_publicKey, PasetoUtility.Sign(_publicKey, _privateKey, new PasetoInstance())).Payload)); }
public void PAE() { Assert.Equal("\x00\x00\x00\x00\x00\x00\x00\x00", Encoding.UTF8.GetString(PasetoUtility.PreAuthEncode(new List <byte[]>()))); Assert.Equal("\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", Encoding.UTF8.GetString(PasetoUtility.PreAuthEncode(new[] { Encoding.UTF8.GetBytes("") }))); Assert.Equal("\x01\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00test", Encoding.UTF8.GetString(PasetoUtility.PreAuthEncode(new[] { Encoding.UTF8.GetBytes("test") }))); }
public void InvalidTokenThrows(string token) { Assert.Throws <PasetoFormatException>(() => PasetoUtility.ParseBytes(_publicKey, token)); }
public void InvalidJsonThrows(string str) { string token = PasetoUtility.SignBytes(_publicKey, _privateKey, Encoding.UTF8.GetBytes(str)); Assert.Throws <PasetoFormatException>(() => PasetoUtility.Parse(_publicKey, token)); }
public void TimezonesAreAllowed(string tokenJson) { var signedBytes = PasetoUtility.SignBytes(_publicKey, _privateKey, Encoding.UTF8.GetBytes(tokenJson)); Assert.Equal("2018-03-20T07:00:00+00:00", PasetoUtility.Parse(_publicKey, signedBytes, validateTimes: false).Expiration.Value.ToString(Iso8601Format)); }