public HttpResponseMessage Get(Guid id)
{
var data = m_DataRepository.Get(id);
data.SerializedData = m_Encryptor.DecryptValue(data.SerializedData);
return(Request.CreateResponse(HttpStatusCode.OK));
}
public Guid ValidateAuthorizationToken(string token)
{
var tokenParts = token.Split('|');
var encryptedToken = tokenParts[0];
var tokenHash = tokenParts[1];
string publicKey = ConfigurationManager.AppSettings["PublicKey"];
var validationHash = m_HashProvider.GenerateHash(encryptedToken, encryptedToken, publicKey);
if (validationHash != tokenHash)
{
throw new FormatException(ErrorMessages.MalformedAuthorizationToken);
}
//decrypt the token
var decryptedToken = m_Encryptor.DecryptValue(encryptedToken);
//extract the different peices of the token [userid:expiration:hash]
string[] decryptedParts = decryptedToken.Split('|');
if (decryptedParts.Length != 3)
{
throw new FormatException(ErrorMessages.MalformedAuthorizationToken);
}
//validate the expiration
DateTime expiration = DateTime.Parse(decryptedParts[1]);
if (DateTime.Now > expiration)
{
throw new AuthenticationException(ErrorMessages.ExpiredToken);
}
Guid userId = Guid.Parse(decryptedParts[0]);
return(userId);
}
