private static void SetupApiClient()
{
var signingKey = AuthenticationUtils.LoadSigningKey(SigningKeyPkcs12FilePath, SigningKeyAlias, SigningKeyPassword, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.Exportable);
var encryptionCertificate = EncryptionUtils.LoadEncryptionCertificate(EncryptionCertificateFilePath);
var decryptionKey = EncryptionUtils.LoadDecryptionKey(DecryptionKeyFilePath);
var fieldLevelEncryptionConfig = FieldLevelEncryptionConfigBuilder.AFieldLevelEncryptionConfig()
.WithEncryptionPath("$.fundingAccountInfo.encryptedPayload.encryptedData", "$.fundingAccountInfo.encryptedPayload")
.WithEncryptionPath("$.encryptedPayload.encryptedData", "$.encryptedPayload")
.WithDecryptionPath("$.tokenDetail", "$.tokenDetail.encryptedData")
.WithDecryptionPath("$.encryptedPayload", "$.encryptedPayload.encryptedData")
.WithEncryptionCertificate(encryptionCertificate)
.WithDecryptionKey(decryptionKey)
.WithOaepPaddingDigestAlgorithm("SHA-512")
.WithEncryptedValueFieldName("encryptedData")
.WithEncryptedKeyFieldName("encryptedKey")
.WithIvFieldName("iv")
.WithOaepPaddingDigestAlgorithmFieldName("oaepHashingAlgorithm")
.WithEncryptionCertificateFingerprintFieldName("publicKeyFingerprint")
.WithValueEncoding(FieldValueEncoding.Hex)
.Build();
var config = Configuration.Default;
config.BasePath = "https://sandbox.api.mastercard.com/mdes/";
config.ApiClient.RestClient.Authenticator = new RestSharpOAuth1Authenticator(ConsumerKey, signingKey, new Uri(config.BasePath));
config.ApiClient.EncryptionInterceptor = new RestSharpFieldLevelEncryptionInterceptor(fieldLevelEncryptionConfig);
}
public static void AddMastercardApi(this IServiceCollection services, MastercardApiConfig rateApiConfig)
{
services.AddSingleton <IDateTimeProvider, DateTimeProvider>();
var signingKey = AuthenticationUtils.LoadSigningKey(
rateApiConfig.CertPath,
rateApiConfig.KeyAlias,
rateApiConfig.KeyPassword);
services.AddSingleton(new SigningKey {
Key = signingKey
});
services.AddSingleton(rateApiConfig);
services.AddScoped <RequestSignerHandler>();
services.AddRefitClient <ICurrencyRateService>()
.ConfigureHttpClient(c =>
{
c.BaseAddress = new Uri(rateApiConfig.Url);
c.Timeout = TimeSpan.FromSeconds(rateApiConfig.CurrencyRateServiceTimeoutInSeconds);
}).AddHttpMessageHandler <RequestSignerHandler>();
services.AddRefitClient <ISettlementCurrenciesService>()
.ConfigureHttpClient(c =>
{
c.BaseAddress = new Uri(rateApiConfig.Url);
c.Timeout = TimeSpan.FromSeconds(rateApiConfig.SettlementCurrenciesServiceTimeoutInSeconds);
}).AddHttpMessageHandler <RequestSignerHandler>();
}
public Services(string consumerKey, string fullCertificatePath, string signingKeyAlias, string signingKeyPassword, string baseURL)
{
_consumerKey = consumerKey;
_baseUri = new Uri(baseURL + "/mastercom/v6/queues/names");
_signingKey = AuthenticationUtils.LoadSigningKey(
fullCertificatePath,
signingKeyAlias,
signingKeyPassword,
X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.Exportable);
}
public void TestLoadSigningKey_ShouldReturnKey()
{
// GIVEN
const string keyContainerPath = "./_Resources/test_key_container.p12";
const string keyAlias = "mykeyalias";
const string keyPassword = "******";
// WHEN
const X509KeyStorageFlags flags = X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.Exportable; // https://github.com/dotnet/corefx/issues/14745
var privateKey = AuthenticationUtils.LoadSigningKey(keyContainerPath, keyAlias, keyPassword, flags);
// THEN
Assert.AreEqual(2048, privateKey.KeySize);
Assert.AreEqual("RSA", privateKey.KeyExchangeAlgorithm);
}
internal static RSA GetTestSigningKey() => AuthenticationUtils.LoadSigningKey(
"./_Resources/test_key_container.p12",
"mykeyalias",
"Password1",
X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.Exportable // https://github.com/dotnet/corefx/issues/14745
);