/// <summary> /// Get Token /// </summary> /// <returns>Token</returns> public string GetAuthToken(string clientId) { //Delete all tokens for this client var context = new BrockSolutions.Core.Models.Model1Container(); var oldToken = (from t in context.DYN_SERVICE_ACCESS where t.Client_Id == clientId select t).FirstOrDefault(); if(oldToken != null) { //Delete token context.DYN_SERVICE_ACCESS.Context.DeleteObject(oldToken); context.SaveChanges(); } else { //No token, just continue } //Insert token var token = Guid.NewGuid().ToString().Replace("-", string.Empty); var serviceAccess = new Models.DYN_SERVICE_ACCESS() { Client_Id = clientId, Service_Auth_Token = token }; context.AddToDYN_SERVICE_ACCESS(serviceAccess); context.SaveChanges(); return token; }
/// <summary> /// Verify Signed Auth Token /// </summary> /// <returns>True: If signed auth token is verified, False: if signed auth token cannot be verified</returns> public string VerifySignedAuthToken(string clientId, string signedAuthToken) { var context = new BrockSolutions.Core.Models.Model1Container(); //Get key string key = (from c in context.CFG_CLIENT where c.Client_Id == clientId select c.Client_Public_Key).FirstOrDefault(); //Get token var serviceAccess = (from t in context.DYN_SERVICE_ACCESS where t.Client_Id == clientId select t).FirstOrDefault(); if (string.IsNullOrEmpty(key)) { //Client does not exist return null; } if (string.IsNullOrEmpty(serviceAccess.Service_Auth_Token)) { //There is no token for this client return null; } var encryptionProvider = new RSACryptoServiceProvider(); encryptionProvider.ImportCspBlob(Convert.FromBase64String(key)); var signedBytes = Convert.FromBase64String(signedAuthToken); var signedToken = Convert.FromBase64String(serviceAccess.Service_Auth_Token); var verified = encryptionProvider.VerifyData(signedToken, new SHA1CryptoServiceProvider(), signedBytes); if (!verified) { //Token could not be verified return null; } //Token was verified, client is authorized serviceAccess.Verified = true; context.SaveChanges(); return serviceAccess.Service_Auth_Token; }