/// <summary> /// Verifies API access token against token hashes in database /// </summary> /// <param name="apiToken">API access token for verification</param> /// <param name="requiredPermission"></param> /// <returns>True if token was verified, false otherwise</returns> public bool VerifyApplicationToken(string apiToken, ApiAccessPermissionEnumModel requiredPermission) { if (string.IsNullOrEmpty(apiToken)) { return(false); } var hashedKeys = GetAllHashedKeys(); foreach (var hashedKey in hashedKeys) { var hashingAlgorithm = hashedKey.HashAlgorithm; if (m_hasher.ValidateHash(apiToken, hashedKey.ApiKeyHash, hashingAlgorithm)) { var requiredPermissionInt = Convert.ToInt32(requiredPermission); if (hashedKey.Permissions.Any(x => x.Permission == requiredPermissionInt)) { return(true); } } //TODO implement other algorithms } return(false); }
public RequireApiAccessTokenAttribute(ApiAccessPermissionEnumModel requiredPermission = ApiAccessPermissionEnumModel.Internal) : base(typeof(RequireApiTokenAttributeImpl)) { Arguments = new object[] { requiredPermission }; }
public RequireApiTokenAttributeImpl( ApiAccessKeyManager accessKeyManager, ApiAccessPermissionEnumModel requiredPermission, ILogger <RequireApiTokenAttributeImpl> logger) { m_accessKeyManager = accessKeyManager; m_requiredPermission = requiredPermission; m_logger = logger; }