/// <summary>
/// Tries to decode/unprotect the message, returning null if the protectedMessage does not represent a valid protected message
/// </summary>
/// <param name="algorithm">Algorithm to use</param>
/// <param name="protectedMessage">Protected message content encoded as string</param>
/// <returns>Unprotected/decoded message or null if the protectedMessage is not valid</returns>
public static IJsonDataObject Unprotect(this ICryptoMessageAlgorithm algorithm, string protectedMessage)
{
var raw = protectedMessage.FromWebSafeBase64();
if (raw == null)
{
return(null);
}
return(Unprotect(algorithm, new ArraySegment <byte>(raw)));
}
/// <summary>
/// Protects message into a byte[]. Null is returned for null messages
/// </summary>
/// <param name="algorithm">Algorithm to use</param>
/// <param name="originalMessage">Message to protect using Json format</param>
/// <param name="options">Json format options</param>
/// <returns>Binary representation of protected message</returns>
public static byte[] ProtectAsBuffer(this ICryptoMessageAlgorithm algorithm, object originalMessage, JsonWritingOptions options = null)
{
if (originalMessage == null)
{
return(null);
}
if (options == null)
{
options = JsonWritingOptions.CompactRowsAsMap;
}
var raw = JsonWriter.WriteToBuffer(originalMessage, options, UTF8_NO_BOM);
var result = algorithm.NonNull(nameof(algorithm)).Protect(new ArraySegment <byte>(raw));
return(result);
}
/// <summary>
/// Unprotected the JWT payload (middle) segment with the default public algorithm
/// </summary>
/// <param name="algorithm">App chassis sec manager</param>
/// <param name="jwt">JSON web token: `header.payload.hash`</param>
/// <returns>JsonDataMap filled with payload/claims or null if message is corrupt/not authentic</returns>
public static JsonDataMap UnprotectJWTPayload(this ICryptoMessageAlgorithm algorithm, ArraySegment <byte> jwt)
{
var raw = algorithm.Unprotect(jwt);
if (raw == null)
{
return(null);
}
using (var ms = new MemoryStream(raw))
{
try
{
return(JsonReader.DeserializeDataObject(ms, UTF8_NO_BOM, true) as JsonDataMap);
}
catch
{
return(null);//corrupted message
}
}
}
/// <summary>
/// Tries to decode/unprotect the message, returning null if the protectedMessage does not represent a valid protected message
/// </summary>
/// <param name="algorithm">Algorithm to use</param>
/// <param name="protectedMessage">Protected message content encoded as string</param>
/// <returns>Unprotected/decoded message or null if the protectedMessage is not valid</returns>
public static IJsonDataObject UnprotectObject(this ICryptoMessageAlgorithm algorithm, string protectedMessage)
{
var raw = algorithm.UnprotectFromString(protectedMessage);
if (raw == null)
{
return(null);
}
using (var ms = new MemoryStream(raw))
{
try
{
return(JsonReader.DeserializeDataObject(ms, UTF8_NO_BOM, true));
}
catch
{
return(null);//corrupted message
}
}
}
/// <summary>
/// Tries to decode/unprotect the message, returning null if the protectedMessage does not represent a valid protected message
/// </summary>
/// <param name="algorithm">Algorithm to use</param>
/// <param name="protectedMessage">Protected message content</param>
/// <returns>Unprotected/decoded message or null if the protectedMessage is not valid</returns>
public static IJsonDataObject Unprotect(this ICryptoMessageAlgorithm algorithm, ArraySegment <byte> protectedMessage)
{
var raw = algorithm.Unprotect(protectedMessage);
if (raw == null)
{
return(null);
}
using (var ms = new MemoryStream(raw))
{
try
{
return(JsonReader.DeserializeDataObject(ms, Encoding.UTF8, true));
}
catch
{
return(null);//corrupted message
}
}
}
/// <summary>
/// Protected the JWT payload (middle) segment with the default public algorithm
/// </summary>
/// <param name="algorithm">Message protection algorithm</param>
/// <param name="payload">JWT payload (the middle) segment between '.'</param>
/// <returns>JWT string like: `header.payload.hash` encoded with base 64 URI scheme</returns>
public static string ProtectJWTPayloadAsString(this ICryptoMessageAlgorithm algorithm, JsonDataMap payload)
{
var binPayload = JsonWriter.WriteToBuffer(payload.NonNull(nameof(payload)), JsonWritingOptions.CompactRowsAsMap, UTF8_NO_BOM);
return(algorithm.ProtectToString(new ArraySegment <byte>(binPayload)));
}
/// <summary>
/// Protects message as web-safe URI string. Null is returned for null messages
/// </summary>
/// <param name="algorithm">Algorithm to use</param>
/// <param name="originalMessage">Message to protect using Json format</param>
/// <param name="options">Json format options</param>
/// <returns>Web-safe base64-encoded string representation of protected message suitable for direct use in Uris</returns>
public static string ProtectAsString(this ICryptoMessageAlgorithm algorithm, object originalMessage, JsonWritingOptions options = null)
{
var bin = ProtectAsBuffer(algorithm, originalMessage, options);
return(bin.ToWebSafeBase64());
}
