public FormsAuthenticationFixture() { this.cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000))); this.config = new FormsAuthenticationConfiguration() { CryptographyConfiguration = this.cryptographyConfiguration, RedirectUrl = "/login", UserMapper = A.Fake<IUserMapper>(), RequiresSSL = false }; this.secureConfig = new FormsAuthenticationConfiguration() { CryptographyConfiguration = this.cryptographyConfiguration, RedirectUrl = "/login", UserMapper = A.Fake<IUserMapper>(), RequiresSSL = true }; this.context = new NancyContext { Request = new Request( "GET", new Url { Scheme = "http", BasePath = "/testing", HostName = "test.com", Path = "test" }) }; this.userGuid = new Guid("3D97EB33-824A-4173-A2C1-633AC16C1010"); }
public RavenDbSessionStore(CryptographyConfiguration cryptographyConfiguration, IDocumentStore documentStore) : base(cryptographyConfiguration) { Guard.NotNull(() => documentStore, documentStore); this.documentStore = documentStore; }
/// <summary> /// Initializes a new instance of the <see cref="DiagnosticsConfiguration"/> class, /// using the <paramref name="cryptographyConfiguration"/> cryptographic /// configuration. /// </summary> /// <param name="cryptographyConfiguration">The <see cref="CryptographyConfiguration"/> to use with diagnostics.</param> public DiagnosticsConfiguration(CryptographyConfiguration cryptographyConfiguration) { this.CookieName = "__ncd"; this.CryptographyConfiguration = cryptographyConfiguration; this.Path = "/_Nancy"; this.SlidingTimeout = 15; }
/// <summary> /// Initialise and add cookie based session hooks to the application pipeine /// </summary> /// <param name="applicationPipelines">Application pipelines</param> /// <param name="cryptographyConfiguration">Cryptography configuration</param> /// <returns>Formatter selector for choosing a non-default serializer</returns> public static IObjectSerializerSelector Enable(IApplicationPipelines applicationPipelines, CryptographyConfiguration cryptographyConfiguration) { var sessionStore = new CookieBasedSessions(cryptographyConfiguration.EncryptionProvider, cryptographyConfiguration.HmacProvider, new DefaultObjectSerializer()); applicationPipelines.BeforeRequest.AddItemToEndOfPipeline(ctx => LoadSession(ctx, sessionStore)); applicationPipelines.AfterRequest.AddItemToEndOfPipeline(ctx => SaveSession(ctx, sessionStore)); return sessionStore; }
/// <summary> /// Initializes a new instance of the <see cref="RedisBasedSessionsConfiguration"/> class. /// </summary> public RedisBasedSessionsConfiguration(CryptographyConfiguration cryptographyConfiguration) { CryptographyConfiguration = cryptographyConfiguration; CookieName = DefaultCookieName; ConnectionString = DefaultConnectionString; SessionDuration = DefaultSessionDuration; EnableSlidingSessions = DefaultEnableSlidingSessions; Prefix = DefaultPrefix; }
/// <summary> /// Initialise and add cookie based session hooks to the application pipeine /// </summary> /// <param name="pipelines">Application pipelines</param> /// <param name="cryptographyConfiguration">Cryptography configuration</param> /// <returns>Formatter selector for choosing a non-default serializer</returns> public static IObjectSerializerSelector Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration) { var sessionStore = new CookieBasedSessions(cryptographyConfiguration.EncryptionProvider, cryptographyConfiguration.HmacProvider, new DefaultObjectSerializer()); pipelines.BeforeRequest.AddItemToStartOfPipeline(ctx => LoadSession(ctx, sessionStore)); pipelines.AfterRequest.AddItemToEndOfPipeline(ctx => SaveSession(ctx, sessionStore)); return(sessionStore); }
/// <summary> /// Initialise and add cookie based session hooks to the application pipeine /// </summary> /// <param name="pipelines">Application pipelines</param> /// <param name="cryptographyConfiguration">Cryptography configuration</param> /// <returns>Formatter selector for choosing a non-default serializer</returns> public static IObjectSerializerSelector Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration) { var cookieBasedSessionsConfiguration = new CookieBasedSessionsConfiguration(cryptographyConfiguration) { Serializer = new DefaultObjectSerializer() }; return(Enable(pipelines, cookieBasedSessionsConfiguration)); }
/// <summary> /// Initialise and add RethinkDB session storage hooks to the application pipeline /// </summary> /// <param name="pipelines">Application pipelines</param> /// <param name="connection">The RethinkDB connection to use for session storage</param> /// <param name="cryptographyConfiguration">Cryptography configuration</param> public static void Enable(IPipelines pipelines, IConnection connection, CryptographyConfiguration cryptographyConfiguration) { var rethinkDbSessionConfiguration = new RethinkDbSessionConfiguration(connection, cryptographyConfiguration) { Serializer = new DefaultObjectSerializer() }; Enable(pipelines, rethinkDbSessionConfiguration); }
/// <summary> /// Initializes a new instance of the <see cref="BySessionIdCookieIdentificationMethod" /> class. /// </summary> public BySessionIdCookieIdentificationMethod(CryptographyConfiguration cryptoConfig) { if (cryptoConfig == null) throw new ArgumentNullException("cryptoConfig"); _encryptionProvider = cryptoConfig.EncryptionProvider; _hmacProvider = cryptoConfig.HmacProvider; _sessionIdentificationDataProvider = new SessionIdentificationDataProvider(cryptoConfig.HmacProvider); _hmacValidator = new HmacValidator(cryptoConfig.HmacProvider); _sessionIdFactory = new SessionIdFactory(); _cookieFactory = new CookieFactory(); CookieName = DefaultCookieName; }
/// <summary> /// Initializes a new instance of the <see cref="ByQueryStringParamIdentificationMethod" /> class. /// </summary> public ByQueryStringParamIdentificationMethod(CryptographyConfiguration cryptoConfig) { if (cryptoConfig == null) throw new ArgumentNullException("cryptoConfig"); _encryptionProvider = cryptoConfig.EncryptionProvider; _hmacProvider = cryptoConfig.HmacProvider; _sessionIdentificationDataProvider = new SessionIdentificationDataProvider(cryptoConfig.HmacProvider); _hmacValidator = new HmacValidator(cryptoConfig.HmacProvider); _sessionIdFactory = new SessionIdFactory(); _responseManipulatorForSession = new ResponseManipulatorForSession(); ParameterName = DefaultParameterName; }
/// <summary> /// Initializes static members of the <see cref="CryptographyConfiguration"/> class. /// </summary> static CryptographyConfiguration() { Default = new CryptographyConfiguration( new RijndaelEncryptionProvider(new RandomKeyGenerator()), new DefaultHmacProvider(new RandomKeyGenerator())); NoEncryption = new CryptographyConfiguration( new NoEncryptionProvider(), new DefaultHmacProvider(new RandomKeyGenerator())); }
/// <summary> /// Initializes a new instance of the <see cref="RethinkDbSessionConfiguration"/> class. /// </summary> /// <param name="connection">The RethinkDB connection to use for session storage</param> /// <param name="cryptographyConfiguration">Security configuration for the session cookie</param> public RethinkDbSessionConfiguration(IConnection connection, CryptographyConfiguration cryptographyConfiguration) : base(cryptographyConfiguration) { this.Connection = connection; this.Database = DefaultSessionDatabase; this.Table = DefaultSessionTable; this.Expiry = DefaultExpiry; this.ExpiryCheckFrequency = DefaultExpiryCheckFrequency; this.UseRollingSessions = DefaultRollingSessions; }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { Console.WriteLine("App startup"); base.ApplicationStartup(container, pipelines); CryptographyConfiguration defaultCc = CryptographyConfiguration.Default; var customEncryptionProvider = new RijndaelEncryptionProvider(new CustomKeyGenerator()); CryptographyConfiguration customCc = new CryptographyConfiguration(customEncryptionProvider, defaultCc.HmacProvider); CookieBasedSessions.Enable(pipelines, defaultCc); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); //need to replace default CryptographyConfiguration for the form authentication //because defaut KeyGenerator generate on each app startup new keys and cookies invalidate after that this._cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure1", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }))); CookieBasedSessions.Enable(pipelines); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { var category = new CategoryMap(); var author = new AuthorMap(); var topic = new TopicMap(); _cryptographyConfiguration = new CryptographyConfiguration( new AesEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }))); base.ApplicationStartup(container, pipelines); }
public CookieBasesSessionsConfigurationFixture() { var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }))); this.config = new CookieBasedSessionsConfiguration() { CryptographyConfiguration = cryptographyConfiguration, Serializer = A.Fake <IObjectSerializer>() }; }
public FormsAuthenticationConfigurationFixture() { var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }))); this.config = new FormsAuthenticationConfiguration() { CryptographyConfiguration = cryptographyConfiguration, RedirectUrl = "/login", UserMapper = A.Fake<IUserMapper>(), }; }
public FormsAuthenticationConfigurationFixture() { var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }))); this.config = new FormsAuthenticationConfiguration() { CryptographyConfiguration = cryptographyConfiguration, RedirectUrl = "/login", UserMapper = A.Fake <IUserMapper>(), }; }
public string[] GetCipherData(string cipher) { CryptographyConfiguration _crypto = new CryptographyConfiguration(); var keybytes = Encoding.UTF8.GetBytes(CryptographyConfiguration.AESKey); var iv = Encoding.UTF8.GetBytes(CryptographyConfiguration.AESIV); var encrypted = Convert.FromBase64String(cipher); var decriptedFromJavascript = _crypto.DecryptStringFromBytes(encrypted, keybytes, iv); string[] data = decriptedFromJavascript.Split(new string[] { "!@#" }, StringSplitOptions.None); return(data); }
/// <summary> /// Initializes a new instance of the <see cref="BySessionIdCookieIdentificationMethod" /> class. /// </summary> public BySessionIdCookieIdentificationMethod(CryptographyConfiguration cryptoConfig) { if (cryptoConfig == null) { throw new ArgumentNullException("cryptoConfig"); } _encryptionProvider = cryptoConfig.EncryptionProvider; _hmacProvider = cryptoConfig.HmacProvider; _sessionIdentificationDataProvider = new SessionIdentificationDataProvider(cryptoConfig.HmacProvider); _hmacValidator = new HmacValidator(cryptoConfig.HmacProvider); _sessionIdFactory = new SessionIdFactory(); _cookieFactory = new CookieFactory(); CookieName = DefaultCookieName; }
/// <summary> /// Creates a new csrf token with an optional salt. /// Does not store the token in context. /// </summary> /// <returns>The generated token</returns> internal static string GenerateTokenString(CryptographyConfiguration cryptographyConfiguration = null) { cryptographyConfiguration = cryptographyConfiguration ?? CsrfApplicationStartup.CryptographyConfiguration; var token = new CsrfToken { CreatedDate = DateTime.Now, }; token.CreateRandomBytes(); token.CreateHmac(cryptographyConfiguration.HmacProvider); var tokenString = CsrfApplicationStartup.ObjectSerializer.Serialize(token); return(tokenString); }
private void RegisterFormsAuth(IPipelines pipelines) { var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator(_configService.RijndaelPassphrase, Encoding.ASCII.GetBytes(_configService.RijndaelSalt))), new DefaultHmacProvider(new PassphraseKeyGenerator(_configService.HmacPassphrase, Encoding.ASCII.GetBytes(_configService.HmacSalt))) ); FormsAuthentication.Enable(pipelines, new FormsAuthenticationConfiguration { RedirectUrl = _configFileProvider.UrlBase + "/login", UserMapper = _authenticationService, CryptographyConfiguration = cryptographyConfiguration }); }
/// <summary> /// Initializes a new instance of the <see cref="ByQueryStringParamIdentificationMethod" /> class. /// </summary> public ByQueryStringParamIdentificationMethod(CryptographyConfiguration cryptoConfig) { if (cryptoConfig == null) { throw new ArgumentNullException("cryptoConfig"); } _encryptionProvider = cryptoConfig.EncryptionProvider; _hmacProvider = cryptoConfig.HmacProvider; _sessionIdentificationDataProvider = new SessionIdentificationDataProvider(cryptoConfig.HmacProvider); _hmacValidator = new HmacValidator(cryptoConfig.HmacProvider); _sessionIdFactory = new SessionIdFactory(); _responseManipulatorForSession = new ResponseManipulatorForSession(); ParameterName = DefaultParameterName; }
/// <summary> /// Creates a new csrf token for this response with an optional salt. /// Only necessary if a particular route requires a new token for each request. /// </summary> /// <param name="module">Nancy module</param> /// <returns></returns> public static void CreateNewCsrfToken(this INancyModule module, CryptographyConfiguration cryptographyConfiguration = null) { cryptographyConfiguration = cryptographyConfiguration ?? CsrfApplicationStartup.CryptographyConfiguration; var token = new CsrfToken { CreatedDate = DateTime.Now, }; token.CreateRandomBytes(); token.CreateHmac(cryptographyConfiguration.HmacProvider); var tokenString = CsrfApplicationStartup.ObjectSerializer.Serialize(token); module.Context.Items[CsrfToken.DEFAULT_CSRF_KEY] = tokenString; }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }))); var config = new FormsAuthenticationConfiguration() { CryptographyConfiguration = cryptographyConfiguration, RedirectUrl = "/login", UserMapper = container.Resolve <IUserDatabase>() as IUserMapper, }; FormsAuthentication.Enable(pipelines, config); }
/// <summary> /// Enables Csrf token generation. /// This is disabled by default. /// </summary> /// <param name="pipelines">Application pipelines</param> public static void Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration = null) { cryptographyConfiguration = cryptographyConfiguration ?? CsrfApplicationStartup.CryptographyConfiguration; var postHook = new PipelineItem <Action <NancyContext> >( CsrfHookName, context => { if (context.Response == null || context.Response.Cookies == null || context.Request.Method.Equals("OPTIONS", StringComparison.OrdinalIgnoreCase)) { return; } if (context.Items.ContainsKey(CsrfToken.DEFAULT_CSRF_KEY)) { context.Response.Cookies.Add(new NancyCookie(CsrfToken.DEFAULT_CSRF_KEY, (string)context.Items[CsrfToken.DEFAULT_CSRF_KEY], true)); return; } if (context.Request.Cookies.ContainsKey(CsrfToken.DEFAULT_CSRF_KEY)) { var decodedValue = HttpUtility.UrlDecode(context.Request.Cookies[CsrfToken.DEFAULT_CSRF_KEY]); var cookieToken = CsrfApplicationStartup.ObjectSerializer.Deserialize(decodedValue) as CsrfToken; if (CsrfApplicationStartup.TokenValidator.CookieTokenStillValid(cookieToken)) { context.Items[CsrfToken.DEFAULT_CSRF_KEY] = decodedValue; return; } } var token = new CsrfToken { CreatedDate = DateTime.Now, }; token.CreateRandomBytes(); token.CreateHmac(cryptographyConfiguration.HmacProvider); var tokenString = CsrfApplicationStartup.ObjectSerializer.Serialize(token); context.Items[CsrfToken.DEFAULT_CSRF_KEY] = tokenString; context.Response.Cookies.Add(new NancyCookie(CsrfToken.DEFAULT_CSRF_KEY, tokenString, true)); }); pipelines.AfterRequest.AddItemToEndOfPipeline(postHook); }
public CsrfStartupFixture() { this.pipelines = new MockPipelines(); this.cryptographyConfiguration = CryptographyConfiguration.Default; this.objectSerializer = new DefaultObjectSerializer(); var csrfStartup = new CsrfApplicationStartup( this.cryptographyConfiguration, this.objectSerializer, new DefaultCsrfTokenValidator(this.cryptographyConfiguration)); csrfStartup.Initialize(this.pipelines); this.request = new FakeRequest("GET", "/"); this.response = new Response(); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator(Configuration.EncryptionKey, new byte[] { 8, 2, 10, 4, 68, 120, 7, 14 })), new DefaultHmacProvider(new PassphraseKeyGenerator(Configuration.HmacKey, new byte[] { 1, 20, 73, 49, 25, 106, 78, 86 }))); var authenticationConfiguration = new FormsAuthenticationConfiguration() { CryptographyConfiguration = cryptographyConfiguration, RedirectUrl = "/login", UserMapper = container.Resolve<IUserMapper>(), }; FormsAuthentication.Enable(pipelines, authenticationConfiguration); }
public CsrfFixture() { this.pipelines = new MockPipelines(); this.cryptographyConfiguration = CryptographyConfiguration.Default; var csrfStartup = new CsrfApplicationStartup( this.cryptographyConfiguration, new DefaultCsrfTokenValidator(this.cryptographyConfiguration)); csrfStartup.Initialize(this.pipelines); Csrf.Enable(this.pipelines); this.request = new FakeRequest("GET", "/"); this.optionsRequest = new FakeRequest("OPTIONS", "/"); this.response = new Response(); }
public void Configuration(IAppBuilder builder) { var userManager = new UserManager(); var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000))); var formsAuthenticationConfiguration = new FormsAuthenticationConfiguration { RedirectUrl = "~/login", DisableRedirect = true, UserMapper = userManager, CryptographyConfiguration = cryptographyConfiguration }; builder .UseNancyAuth(formsAuthenticationConfiguration, userManager) .UseNancy(opt => opt.Bootstrapper = new AppBootstrapper(formsAuthenticationConfiguration, userManager)); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }))); var config = new FormsAuthenticationConfiguration() { CryptographyConfiguration = cryptographyConfiguration, RedirectUrl = "/login", UserMapper = container.Resolve<IUserMapper>(), }; FormsAuthentication.Enable(pipelines, config); }
private void RegisterFormsAuth(IPipelines pipelines) { FormsAuthentication.FormsAuthenticationCookieName = "ReadarrAuth"; var cryptographyConfiguration = new CryptographyConfiguration( new AesEncryptionProvider(new PassphraseKeyGenerator(_configService.RijndaelPassphrase, Encoding.ASCII.GetBytes(_configService.RijndaelSalt))), new DefaultHmacProvider(new PassphraseKeyGenerator(_configService.HmacPassphrase, Encoding.ASCII.GetBytes(_configService.HmacSalt)))); _formsAuthConfig = new FormsAuthenticationConfiguration { RedirectUrl = _configFileProvider.UrlBase + "/login", UserMapper = _authenticationService, Path = GetCookiePath(), CryptographyConfiguration = cryptographyConfiguration }; FormsAuthentication.Enable(pipelines, _formsAuthConfig); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator(Configuration.EncryptionKey, new byte[] { 8, 2, 10, 4, 68, 120, 7, 14 })), new DefaultHmacProvider(new PassphraseKeyGenerator(Configuration.HmacKey, new byte[] { 1, 20, 73, 49, 25, 106, 78, 86 }))); var authenticationConfiguration = new FormsAuthenticationConfiguration() { CryptographyConfiguration = cryptographyConfiguration, RedirectUrl = "/login", UserMapper = container.Resolve <IUserMapper>(), }; FormsAuthentication.Enable(pipelines, authenticationConfiguration); }
protected override void ApplicationStartup(IWindsorContainer container, IPipelines pipelines) { base.ApplicationStartup(container, pipelines); var cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("YourSuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 })), new DefaultHmacProvider(new PassphraseKeyGenerator("YourUberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }))); var formsAuthConfiguration = new FormsAuthenticationConfiguration() { CryptographyConfiguration = cryptographyConfiguration, RedirectUrl = "~/login", UserMapper = container.Resolve <IUserMapper>() }; FormsAuthentication.Enable(pipelines, formsAuthConfiguration); }
/// <summary> /// Enables Csrf token generation. /// </summary> /// <remarks>This is disabled by default.</remarks> /// <param name="pipelines">The application pipelines.</param> /// <param name="cryptographyConfiguration">The cryptography configuration. This is <see langword="null" /> by default.</param> /// <param name="useSecureCookie">Set the CSRF cookie secure flag. This is <see langword="false"/> by default</param> public static void Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration = null, bool useSecureCookie = false) { cryptographyConfiguration = cryptographyConfiguration ?? CsrfApplicationStartup.CryptographyConfiguration; var postHook = new PipelineItem <Action <NancyContext> >( CsrfHookName, context => { if (context.Response == null || context.Response.Cookies == null || context.Request.Method.Equals("OPTIONS", StringComparison.OrdinalIgnoreCase)) { return; } object value; if (context.Items.TryGetValue(CsrfToken.DEFAULT_CSRF_KEY, out value)) { context.Response.Cookies.Add(new NancyCookie( CsrfToken.DEFAULT_CSRF_KEY, (string)value, true, useSecureCookie)); return; } string cookieValue; if (context.Request.Cookies.TryGetValue(CsrfToken.DEFAULT_CSRF_KEY, out cookieValue)) { var cookieToken = ParseToCsrfToken(cookieValue); if (CsrfApplicationStartup.TokenValidator.CookieTokenStillValid(cookieToken)) { context.Items[CsrfToken.DEFAULT_CSRF_KEY] = cookieValue; return; } } var tokenString = GenerateTokenString(cryptographyConfiguration); context.Items[CsrfToken.DEFAULT_CSRF_KEY] = tokenString; context.Response.Cookies.Add(new NancyCookie(CsrfToken.DEFAULT_CSRF_KEY, tokenString, true, useSecureCookie)); }); pipelines.AfterRequest.AddItemToEndOfPipeline(postHook); }
protected override void ApplicationStartup(TinyIoCContainer container, IPipelines pipelines) { // override maximum JSON length for Nancy Nancy.Json.JsonSettings.MaxJsonLength = int.MaxValue; // register settings first as we will use that below IAppSettings settings = new AppSettings(); container.Register <IAppSettings>(settings); // set up the crypto config _cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator($"AES_{settings.SecureKey}", new byte[] { 101, 2, 103, 4, 105, 6, 107, 8 })), new DefaultHmacProvider(new PassphraseKeyGenerator($"HMAC_{settings.SecureKey}", new byte[] { 101, 2, 103, 4, 105, 6, 107, 8 }))); // IO Wrappers container.Register <IDirectoryWrap, DirectoryWrap>(); //container.Register<IPathWrap, PathWrap>(); container.Register <IFileWrap, FileWrap>(); //container.Register<IPathHelper, PathHelper>(); // security container.Register <Encryption.IEncryptionProvider, Encryption.AESGCM>(); container.Register <IPasswordProvider, PasswordProvider>(); // set up mappings var config = new MapperConfiguration(cfg => { cfg.CreateMap <ConnectionViewModel, ConnectionModel>(); cfg.CreateMap <ConnectionModel, ConnectionViewModel>(); cfg.CreateMap <UserViewModel, UserModel>();//.ForMember(dest => dest.Id, opt => opt.MapFrom(src => src.DocumentId)); }); var mapper = config.CreateMapper(); container.Register <IMapper>(mapper); // set up the stores var dataPath = Path.Combine(this.RootPathProvider.GetRootPath(), "Data"); var userStorePath = Path.Combine(dataPath, "users.json"); IUserStore userStore = new UserStore(userStorePath, container.Resolve <IFileWrap>(), container.Resolve <IDirectoryWrap>(), container.Resolve <IPasswordProvider>()); userStore.Load(); container.Register <IUserStore>(userStore); }
public FormsAuthenticationFixture() { this.cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000))); this.config = new FormsAuthenticationConfiguration() { CryptographyConfiguration = this.cryptographyConfiguration, RedirectUrl = "/login", UserMapper = A.Fake <IUserMapper>(), RequiresSSL = false }; this.secureConfig = new FormsAuthenticationConfiguration() { CryptographyConfiguration = this.cryptographyConfiguration, RedirectUrl = "/login", UserMapper = A.Fake <IUserMapper>(), RequiresSSL = true }; this.domainPathConfig = new FormsAuthenticationConfiguration() { CryptographyConfiguration = this.cryptographyConfiguration, RedirectUrl = "/login", UserMapper = A.Fake <IUserMapper>(), RequiresSSL = false, Domain = domain, Path = path }; this.context = new NancyContext { Request = new Request( "GET", new Url { Scheme = "http", BasePath = "/testing", HostName = "test.com", Path = "test" }) }; this.userGuid = new Guid("3D97EB33-824A-4173-A2C1-633AC16C1010"); }
public FormsAuthenticationFixture() { this.cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000))); this.config = new FormsAuthenticationConfiguration() { CryptographyConfiguration = this.cryptographyConfiguration, RedirectUrl = "/login", UserMapper = A.Fake<IUserMapper>(), }; this.context = new NancyContext() { Request = new FakeRequest("GET", "/") }; this.userGuid = new Guid("3D97EB33-824A-4173-A2C1-633AC16C1010"); }
public FormsAuthenticationFixture() { this.cryptographyConfiguration = new CryptographyConfiguration( new RijndaelEncryptionProvider(new PassphraseKeyGenerator("SuperSecretPass", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000)), new DefaultHmacProvider(new PassphraseKeyGenerator("UberSuperSecure", new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 }, 1000))); this.config = new FormsAuthenticationConfiguration() { CryptographyConfiguration = this.cryptographyConfiguration, RedirectUrl = "/login", UserMapper = A.Fake <IUserMapper>(), }; this.context = new NancyContext() { Request = new FakeRequest("GET", "/") }; this.userGuid = new Guid("3D97EB33-824A-4173-A2C1-633AC16C1010"); }
/// <summary> /// Enables Csrf token generation. /// This is disabled by default. /// </summary> /// <param name="pipelines">Application pipelines</param> public static void Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration = null) { cryptographyConfiguration = cryptographyConfiguration ?? CsrfApplicationStartup.CryptographyConfiguration; var postHook = new PipelineItem <Action <NancyContext> >( CsrfHookName, context => { if (context.Response == null || context.Response.Cookies == null || context.Request.Method.Equals("OPTIONS", StringComparison.OrdinalIgnoreCase)) { return; } if (context.Items.ContainsKey(CsrfToken.DEFAULT_CSRF_KEY)) { context.Response.Cookies.Add(new NancyCookie(CsrfToken.DEFAULT_CSRF_KEY, (string)context.Items[CsrfToken.DEFAULT_CSRF_KEY], true)); return; } if (context.Request.Cookies.ContainsKey(CsrfToken.DEFAULT_CSRF_KEY)) { var cookieValue = context.Request.Cookies[CsrfToken.DEFAULT_CSRF_KEY]; var cookieToken = CsrfApplicationStartup.ObjectSerializer.Deserialize(cookieValue) as CsrfToken; if (CsrfApplicationStartup.TokenValidator.CookieTokenStillValid(cookieToken)) { context.Items[CsrfToken.DEFAULT_CSRF_KEY] = cookieValue; return; } } var tokenString = GenerateTokenString(cryptographyConfiguration); context.Items[CsrfToken.DEFAULT_CSRF_KEY] = tokenString; context.Response.Cookies.Add(new NancyCookie(CsrfToken.DEFAULT_CSRF_KEY, tokenString, true)); }); pipelines.AfterRequest.AddItemToEndOfPipeline(postHook); }
/// <summary> /// Initializes a new instance of the <see cref="InProcSessionsConfiguration" /> class. /// </summary> public InProcSessionsConfiguration(CryptographyConfiguration cryptographyConfiguration, IInProcSessionIdentificationMethod sessionIdentificationMethod) { SessionIdentificationMethod = sessionIdentificationMethod; SessionTimeout = TimeSpan.FromMinutes(DefaultSessionTimeoutMinutes); CacheTrimInterval = TimeSpan.FromMinutes(DefaultCacheTrimIntervalMinutes); }
/// <summary> /// Initializes a new instance of the <see cref="CookieBasedSessionsConfiguration"/> class. /// </summary> public CookieBasedSessionsConfiguration(CryptographyConfiguration cryptographyConfiguration) { CryptographyConfiguration = cryptographyConfiguration; CookieName = DefaultCookieName; }
public CsrfStartup(CryptographyConfiguration cryptographyConfiguration, IObjectSerializer objectSerializer, ICsrfTokenValidator tokenValidator) { CryptographyConfiguration = cryptographyConfiguration; ObjectSerializer = objectSerializer; TokenValidator = tokenValidator; }
/// <summary> /// Initializes a new instance of the <see cref="FormsAuthenticationConfiguration"/> class. /// </summary> /// <param name="cryptographyConfiguration">Cryptography configuration</param> public FormsAuthenticationConfiguration(CryptographyConfiguration cryptographyConfiguration) { CryptographyConfiguration = cryptographyConfiguration; }
/// <summary> /// Initializes a new instance of the <see cref="DefaultCsrfTokenValidator"/> class, /// using the provided <paramref name="cryptoConfig"/>. /// </summary> /// <param name="cryptoConfig">The <see cref="CryptographyConfiguration"/> that should be used.</param> public DefaultCsrfTokenValidator(CryptographyConfiguration cryptoConfig) { this.hmacProvider = cryptoConfig.HmacProvider; }
/// <summary> /// Initialise and add cookie based session hooks to the application pipeine /// </summary> /// <param name="pipelines">Application pipelines</param> /// <param name="cryptographyConfiguration">Cryptography configuration</param> /// <returns>Formatter selector for choosing a non-default serializer</returns> public static IObjectSerializerSelector Enable(IPipelines pipelines, CryptographyConfiguration cryptographyConfiguration) { var cookieBasedSessionsConfiguration = new CookieBasedSessionsConfiguration(cryptographyConfiguration) { Serializer = new DefaultObjectSerializer() }; return Enable(pipelines, cookieBasedSessionsConfiguration); }
public DiagnosticsConfiguration(CryptographyConfiguration cryptographyConfiguration) { CryptographyConfiguration = cryptographyConfiguration; }
/// <summary> /// Initializes a new instance of the <see cref="FormsAuthenticationConfiguration" /> class. /// </summary> /// <param name="cryptographyConfiguration">Cryptography configuration</param> public FormsAuthenticationConfiguration(CryptographyConfiguration cryptographyConfiguration) { this.CryptographyConfiguration = cryptographyConfiguration; this.RedirectQuerystringKey = DefaultRedirectQuerystringKey; this.AuthSessionIdStore = new InMemoryAuthSessionIdStore(); }
/// <summary> /// Initializes a new instance of the <see cref="FormsAuthenticationConfiguration"/> class. /// </summary> /// <param name="cryptographyConfiguration">Cryptography configuration</param> public FormsAuthenticationConfiguration(CryptographyConfiguration cryptographyConfiguration) { CryptographyConfiguration = cryptographyConfiguration; RedirectQuerystringKey = DefaultRedirectQuerystringKey; }