public async Task AddSecretProtectedValue(ProtectedSecretHandle protectedSecretHandle,
CancellationToken cancellationToken = default(CancellationToken))
{
try
{
cancellationToken.ThrowIfCancellationRequested();
var session = CassandraSession;
IMapper mapper = new Mapper(session);
await mapper.InsertAsync(protectedSecretHandle);
}
catch (Exception e)
{
throw;
}
}
public async Task <ActionResult> Secret(SecretViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var adminStore = new IdentityServer3AdminStore();
var myCrypto = new TripleDesEncryption(model.PassCode);
var protectedClientSecret = myCrypto.Encrypt(model.OpenClientSecret);
Secret secret = null;
if (string.Compare(model.SecretType, "SharedSecret", StringComparison.OrdinalIgnoreCase) == 0)
{
var hashedClientSecret = model.OpenClientSecret.Sha256();
secret = new Secret(hashedClientSecret)
{
Type = model.SecretType
};
ProtectedSecretHandle protectedSecretHandle = new ProtectedSecretHandle()
{
ClientId = model.ClientId,
Value = hashedClientSecret,
ProtectedValue = protectedClientSecret
};
await adminStore.AddSecretProtectedValue(protectedSecretHandle);
}
if (string.Compare(model.SecretType, "X509Thumbprint", StringComparison.OrdinalIgnoreCase) == 0)
{
secret = new Secret(model.ThumbPrint)
{
Type = model.SecretType
};
}
var secrets = new List <Secret> {
secret
};
await adminStore.AddClientSecretsToClientAsync(model.ClientId, secrets);
return(RedirectToAction("Index"));
}
public async Task Test_Add_Protected_Secret_Async()
{
var dao = new IdentityServer3CassandraDao();
await dao.EstablishConnectionAsync();
var value = Guid.NewGuid().ToString();
var valueProtected = Guid.NewGuid().ToString();
TripleDesEncryption tde = new TripleDesEncryption("test");
var eValueProtected = tde.Encrypt(valueProtected);
ProtectedSecretHandle handle = new ProtectedSecretHandle()
{
ClientId = Guid.NewGuid().ToString(),
Value = value,
ProtectedValue = eValueProtected
};
await dao.AddSecretProtectedValue(handle);
ProtectedSecretQueryValues queryValues = new ProtectedSecretQueryValues()
{
ClientId = handle.ClientId,
Value = handle.Value
};
var record = await dao.FindSecretProtectedValue(queryValues);
var fetchedValueProtected = tde.Decrypt(record.ProtectedValue);
Assert.AreEqual(valueProtected, fetchedValueProtected);
await dao.DeleteSecretProtectedValue(queryValues);
record = await dao.FindSecretProtectedValue(queryValues);
Assert.IsNull(record);
}
