public async Task <AntiCsrfNonce> Generate(Guid?sessionId = null) { if (!_configuration.Enabled) { return(null); } sessionId = sessionId ?? _guidFactory.Random(); Guid nonce = _guidFactory.Random(); DateTime currentTimestamp = _systemClock.UtcDateTime; await _nonceRepository.AddAsync(sessionId.Value, nonce, currentTimestamp, currentTimestamp + _configuration.NonceDuration); return(new AntiCsrfNonce(sessionId.Value, nonce)); }
public async Task <string> GenerateHiddenInputHtmlAsync(HttpResponseBase response) { if (!_configuration.Enabled) { return(""); } Guid?sessionId = await _cookieManager.GetSessionIdAsync(response); if (sessionId == null) { return(""); } Guid nonce = _guidFactory.Random(); DateTime currentTimestamp = _systemClock.UtcDateTime; await _nonceRepository.AddAsync(sessionId.Value, nonce, currentTimestamp, currentTimestamp + _configuration.NonceDuration); return(String.Format(@"<input type=""hidden"" name=""{0}"" value=""{1}""/>", _configuration.FormFieldName, nonce.ToString("N"))); }