public void WhenHashedValueMatchesVerifyReturnsTrue(string plaintextApiKey, string hash) { // Arrange Assert.True(ApiKeyV3.TryParse(plaintextApiKey, out var apiKeyV3)); // Act & Assert Assert.True(apiKeyV3.Verify(hash)); }
public void VerifySucceedsForApiKeysCreatedByCreateFromV1V2ApiKey(string v1v2ApiKey) { // Arrange var createdApiKeyV3 = ApiKeyV3.CreateFromV1V2ApiKey(v1v2ApiKey); ApiKeyV3.TryParse(v1v2ApiKey, out var parsedApiKeyV3); // Act & Assert Assert.True(parsedApiKeyV3.Verify(createdApiKeyV3.HashedApiKey)); }
public void TryParseSucceedsForValidApiKey(string plaintextApiKey, string expectedIdPart, string expectedPasswordPart) { // Act bool result = ApiKeyV3.TryParse(plaintextApiKey, out ApiKeyV3 apiKeyV3); // Assert Assert.True(result); Assert.Equal(plaintextApiKey.ToLower(), apiKeyV3.PlaintextApiKey); Assert.Equal(expectedIdPart, apiKeyV3.IdPart); Assert.Equal(expectedPasswordPart, apiKeyV3.PasswordPart); }
public void CreatesAValidApiKeyFromV1V2ApiKey(string plaintextApiKey, string expectedIdPart, string expectedPasswordPart) { // Act var apiKeyV3 = ApiKeyV3.CreateFromV1V2ApiKey(plaintextApiKey); // Assert Assert.Equal(plaintextApiKey.ToLower(), apiKeyV3.PlaintextApiKey); Assert.Equal(expectedIdPart, apiKeyV3.IdPart); Assert.Equal(expectedPasswordPart, apiKeyV3.PasswordPart); Assert.Equal(ApiKeyV3.IdAndPasswordHashedLength, apiKeyV3.HashedApiKey.Length); }
public IList <Credential> GetValidCredentialsForApiKey(IQueryable <Credential> allCredentials, string providedApiKey) { var results = new List <Credential>(); if (ApiKeyV4.TryParse(providedApiKey, out ApiKeyV4 apiKeyV4)) { var foundApiKeys = allCredentials.Where(c => c.Type == CredentialTypes.ApiKey.V4 && c.Value.StartsWith(apiKeyV4.IdPart)).ToList(); // There shouldn't be duplications in the id part because it's long enough, but we shouldn't assume that. results = foundApiKeys.Where(c => apiKeyV4.Verify(c.Value)).ToList(); } else { // Try to authenticate as APIKey V1/V2/V3/Verify if (ApiKeyV3.TryParse(providedApiKey, out var v3ApiKey)) { results = allCredentials.Where(c => c.Type.StartsWith(CredentialTypes.ApiKey.Prefix) && (c.Value == providedApiKey || c.Value.StartsWith(v3ApiKey.IdPart))).ToList(); results = results.Where(credential => { switch (credential.Type) { case CredentialTypes.ApiKey.V1: case CredentialTypes.ApiKey.V2: case CredentialTypes.ApiKey.VerifyV1: { return(credential.Value == providedApiKey); } case CredentialTypes.ApiKey.V3: { return(v3ApiKey.Verify(credential.Value)); } default: { return(false); } } }).ToList(); } } return(results); }
/// <summary> /// Parses the provided string and creates an ApiKeyV3 if it's successful. /// The plaintext string is expected to be a GUID. /// </summary> public static bool TryParse(string plaintextApiKey, out ApiKeyV3 apiKey) { apiKey = new ApiKeyV3(); return(apiKey.TryParseInternal(plaintextApiKey)); }
public void WhenTryParseIsCalledWithInvalidApiKeyReturnsFalse(string input) { Assert.False(ApiKeyV3.TryParse(input, out _)); }
public void WhenCreateFromV1V2ApiKeyIsCalledWithInvalidPlaintextApiKeyItThrows(string input) { Assert.Throws <ArgumentException>(() => ApiKeyV3.CreateFromV1V2ApiKey(input)); }