C# (CSharp) StringEncryptionHelper.GetHashの例

コード例 #1

        public async Task ReceiveAsync(AuthenticationTokenReceiveContext context)
        {
            var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");

            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });

            string hashedTokenId = StringEncryptionHelper.GetHash(context.Token);


            var refreshToken = await ContainerManager.Resolve <IAuthRepository>().FindRefreshToken(hashedTokenId);

            if (refreshToken != null)
            {
                //Get protectedTicket from refreshToken class
                context.DeserializeTicket(refreshToken.ProtectedTicket);
                var result = await ContainerManager.Resolve <IAuthRepository>().RemoveRefreshToken(hashedTokenId);
            }
        }

コード例 #2

ファイル: YsOAuthorizationServerProvider.cs プロジェクト: eternalphp/SSPC_One_HCP

        public override Task ValidateClientAuthentication(OAuthValidateClientAuthenticationContext context)
        {
            string        clientId     = string.Empty;
            string        clientSecret = string.Empty;
            AppClientInfo client       = null;

            if (!context.TryGetBasicCredentials(out clientId, out clientSecret))
            {
                context.TryGetFormCredentials(out clientId, out clientSecret);
            }

            if (context.ClientId == null)
            {
                //Remove the comments from the below line context.SetError, and invalidate context
                //if you want to force sending clientId/secrects once obtain access tokens.
                context.Validated();
                //context.SetError("invalid_clientId", "ClientId should be sent.");
                return(Task.FromResult <object>(null));
            }


            client = ContainerManager.Resolve <IAuthRepository>().FindClient(context.ClientId);


            if (client == null)
            {
                context.SetError("invalid_clientId", $"Client '{context.ClientId}' is not registered in the system.");
                context.SetError("res_code", "60004");
                context.SetError("res_msg", "登录失败");
                return(Task.FromResult <object>(null));
            }

            if (!(client.ApplicationType == 1))
            {
                if (string.IsNullOrWhiteSpace(clientSecret))
                {
                    context.SetError("invalid_clientId", "Client secret should be sent.");
                    context.SetError("res_code", "60003");
                    context.SetError("res_msg", "登录失败");
                    return(Task.FromResult <object>(null));
                }
                else
                {
                    if (client.Secret != StringEncryptionHelper.GetHash(clientSecret))
                    {
                        context.SetError("invalid_clientId", "Client secret is invalid.");
                        context.SetError("res_code", "60002");
                        context.SetError("res_msg", "登录失败");
                        return(Task.FromResult <object>(null));
                    }
                }
            }

            if (!client.Active)
            {
                context.SetError("invalid_clientId", "Client is inactive.");
                context.SetError("res_code", "60001");
                context.SetError("res_msg", "登录失败");
                return(Task.FromResult <object>(null));
            }

            context.OwinContext.Set <string>("as:clientAllowedOrigin", client.AllowedOrigin);
            context.OwinContext.Set <string>("as:clientRefreshTokenLifeTime", client.RefreshTokenLifeTime.ToString());
            context.Validated();
            return(base.ValidateClientAuthentication(context));
        }