public static void Main(string[] args) { // create a protector for my application var provider = new DataProtectionProvider(new DirectoryInfo(@"c:\myapp-keys\")); var baseProtector = provider.CreateProtector("Contoso.TimeLimitedSample"); // convert the normal protector into a time-limited protector var timeLimitedProtector = baseProtector.ToTimeLimitedDataProtector(); // get some input and protect it for five seconds Console.Write("Enter input: "); string input = Console.ReadLine(); string protectedData = timeLimitedProtector.Protect(input, lifetime: TimeSpan.FromSeconds(5)); Console.WriteLine($"Protected data: {protectedData}"); // unprotect it to demonstrate that round-tripping works properly string roundtripped = timeLimitedProtector.Unprotect(protectedData); Console.WriteLine($"Round-tripped data: {roundtripped}"); // wait 6 seconds and perform another unprotect, demonstrating that the payload self-expires Console.WriteLine("Waiting 6 seconds..."); Thread.Sleep(6000); timeLimitedProtector.Unprotect(protectedData); }
public static void Main(string[] args) { // get the path to %LOCALAPPDATA%\myapp-keys string destFolder = Path.Combine( Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData), "myapp-keys"); // instantiate the data protection system at this folder var dataProtectionProvider = new DataProtectionProvider( new DirectoryInfo(destFolder), configuration => { configuration.SetApplicationName("my app name"); configuration.ProtectKeysWithDpapi(); }); var protector = dataProtectionProvider.CreateProtector("Program.No-DI"); Console.Write("Enter input: "); string input = Console.ReadLine(); // protect the payload string protectedPayload = protector.Protect(input); Console.WriteLine($"Protect returned: {protectedPayload}"); // unprotect the payload string unprotectedPayload = protector.Unprotect(protectedPayload); Console.WriteLine($"Unprotect returned: {unprotectedPayload}"); }
public DiscourseAuthenticationOptions() { CallbackPath = "/auth-discourse"; _nonceCookieBuilder = new DiscourseNonceCookieBuilder(this) { Name = ".CitizenFX.Discourse.Nonce.", HttpOnly = true, SameSite = SameSiteMode.None, SecurePolicy = CookieSecurePolicy.SameAsRequest, IsEssential = true, }; DataProtectionProvider = Microsoft.AspNetCore.DataProtection.DataProtectionProvider.Create("FXServer"); var dataProtector = DataProtectionProvider.CreateProtector( typeof(DiscourseAuthenticationHandler).FullName, typeof(string).FullName, "DAO", "v1"); StringDataFormat = new SecureDataFormat <string>(new StringSerializer(), dataProtector); StateDataFormat = new PropertiesDataFormat(dataProtector); }
public ActionResult <Student> Get(string id) { //var protector = DataProtectionProvider.CreateProtector("ProtectResourceId"); var protector = DataProtectionProvider.CreateProtector("A", "B", "C"); var rawId = protector.Unprotect(id); var targetItem = students.FirstOrDefault(s => s.Id == rawId); return(new Student { Id = id, Name = targetItem.Name }); }
public static IAppBuilder UseCookieAuthentication( this IAppBuilder app, CookieAuthenticationOptions options, DataProtectionProvider dataProtectionProvider, PipelineStage stage = PipelineStage.Authenticate) { var dataProtector = dataProtectionProvider.CreateProtector( "Microsoft.AspNet.Authentication.Cookies.CookieAuthenticationMiddleware", // full name of the ASP.NET 5 type options.AuthenticationType, "v2"); options.TicketDataFormat = new AspNetTicketDataFormat(new DataProtectorShim(dataProtector)); return(app.UseCookieAuthentication(options, stage)); }
private void StoreTokenCookie(HttpContext httpContext, T token) { NullGuard.NotNull(httpContext, nameof(httpContext)) .NotNull(token, nameof(token)); IDataProtector dataProtector = DataProtectionProvider.CreateProtector("TokenProtection"); byte[] tokenByteArray = dataProtector.Protect(token.ToByteArray()); TimeSpan expireTimeSpan = (token.Expires.Kind == DateTimeKind.Utc ? token.Expires.ToLocalTime() : token.Expires).Subtract(DateTime.Now); httpContext.Response.Cookies.Append(TokenCookieName, Convert.ToBase64String(tokenByteArray), new CookieOptions { Expires = DateTimeOffset.Now.Add(expireTimeSpan).AddDays(1), Secure = IsHttpRequestSecure(httpContext.Request), SameSite = SameSiteMode.None }); }
public ActionResult <IEnumerable <Student> > Get() { //var protector = DataProtectionProvider.CreateProtector("ProtectResourceId"); var protectorA = DataProtectionProvider.CreateProtector("A"); var protectorB = DataProtectionProvider.CreateProtector("B"); var protector = DataProtectionProvider.CreateProtector("C"); var result = students.Select(s => new Student { Id = protector.Protect(s.Id), Name = s.Name }); return(result.ToList()); }
private void TimeLimitedDataProtectorTest() { //当使用Unprotect方法解密时,如果密文已经过期,则同样会抛出CryptographicException异常 var protector = DataProtectionProvider.CreateProtector("testing").ToTimeLimitedDataProtector(); var content = protector.Protect("Hello", DateTimeOffset.Now.AddMinutes(10)); try { var rawContent = protector.Unprotect(content, out DateTimeOffset expiration); } catch (CryptographicException ex) { Logger.LogError(ex.Message, ex); } /* * Microsoft.AspNetCore.DataProtection包中还提供了EphemeralDataProtectionProvider类,作为IDataProtectionProvider接口的一个实现, * 它的加密和解密功能具有“一次性”的特点,当密文不需要持久化时,可以使用这种方式。所有的键都存储在内存中,且每个EphemeralDataProtectionProvider实例都有自己的主键。 */ }