public async Task <ActionResult> ShowSecret(ShowSecretViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var adminStore = new IdentityServer3AdminStore();
ProtectedSecretQueryValues queryValues = new ProtectedSecretQueryValues()
{
ClientId = model.ClientId,
Value = model.Hash
};
var record = await adminStore.FindSecretProtectedValue(queryValues);
var myCrypto = new TripleDesEncryption(model.PassCode);
model.OpenSecret = myCrypto.Decrypt(record.ProtectedValue);
return(RedirectToAction("ShowOpenSecret",
new { clientId = model.ClientId, hash = model.Hash, openSecret = model.OpenSecret, passCode = model.PassCode }));
}
public async Task DeleteSecretProtectedValue(ProtectedSecretQueryValues queryValues,
CancellationToken cancellationToken = default(CancellationToken))
{
cancellationToken.ThrowIfCancellationRequested();
var session = CassandraSession;
IMapper mapper = new Mapper(session);
AppliedInfo <ProtectedSecretHandle> appliedInfo;
if (string.IsNullOrEmpty(queryValues.Value))
{
appliedInfo = await
mapper.DeleteIfAsync <ProtectedSecretHandle>(
"Where clientid = ?", queryValues.ClientId);
}
else
{
appliedInfo = await
mapper.DeleteIfAsync <ProtectedSecretHandle>(
"Where clientid = ? AND value=?", queryValues.ClientId, queryValues.Value);
}
}
public async Task <ProtectedSecretHandle> FindSecretProtectedValue(ProtectedSecretQueryValues queryValues,
CancellationToken cancellationToken = default(CancellationToken))
{
try
{
cancellationToken.ThrowIfCancellationRequested();
var session = CassandraSession;
IMapper mapper = new Mapper(session);
var result = await mapper.FirstAsync <ProtectedSecretHandle>("Where clientid = ? AND value=?",
queryValues.ClientId, queryValues.Value);
return(result);
}
catch (Exception e)
{
if (e.Message == "Sequence contains no elements")
{
return(null);
}
throw;
}
}
public async Task Test_Add_Protected_Secret_Async()
{
var dao = new IdentityServer3CassandraDao();
await dao.EstablishConnectionAsync();
var value = Guid.NewGuid().ToString();
var valueProtected = Guid.NewGuid().ToString();
TripleDesEncryption tde = new TripleDesEncryption("test");
var eValueProtected = tde.Encrypt(valueProtected);
ProtectedSecretHandle handle = new ProtectedSecretHandle()
{
ClientId = Guid.NewGuid().ToString(),
Value = value,
ProtectedValue = eValueProtected
};
await dao.AddSecretProtectedValue(handle);
ProtectedSecretQueryValues queryValues = new ProtectedSecretQueryValues()
{
ClientId = handle.ClientId,
Value = handle.Value
};
var record = await dao.FindSecretProtectedValue(queryValues);
var fetchedValueProtected = tde.Decrypt(record.ProtectedValue);
Assert.AreEqual(valueProtected, fetchedValueProtected);
await dao.DeleteSecretProtectedValue(queryValues);
record = await dao.FindSecretProtectedValue(queryValues);
Assert.IsNull(record);
}
