public static void DownloadBinary(Hashtable htDbBinaryConfig)
{
HttpRequest request = HttpContext.Current.Request;
HttpResponse response = HttpContext.Current.Response;
if ((request.HttpMethod.ToUpper() != "GET") && (request.HttpMethod.ToUpper() != "HEAD"))
{
response.AppendHeader("Allow", "GET, HEAD");
ResponseError(response, 405, "Method Not Allowed");
return;
}
string parametersString = GetParameters(request).TrimEnd('/').TrimStart('/').Replace("-", "+").Replace("_", "/"); /* Replace invalid URL chars */
parametersString = SymmCryptHelper.DecryptWithAES256FixedIV(BinaryContentUtils.DatabaseBinaryEnvironmentPassword, parametersString, Convert.FromBase64String(PRIVATE_SALT));
var parameters = parametersString.Split('/');
if (parameters.Length < 3)
{
ResponseError(response, 400, "Bad Request");
return;
}
var entity = parameters[0].ToLower();
var attribute = parameters[1].ToLower();
var id = parameters[2];
object objt = htDbBinaryConfig[entity + "/" + attribute];
if (objt == null)
{
ResponseError(response, 404, "Not Found");
return;
}
DbBinaryConfig dbBinaryConfig;
dbBinaryConfig = (DbBinaryConfig)objt;
byte[] buffer = GetDatabaseBinaryAttribute(id, dbBinaryConfig);
if (buffer == null)
{
ResponseError(response, 404, "Not Found");
}
else
{
string md5Hash = SecureHashHelper.Hash(buffer);
response.Clear();
response.StatusCode = 200; //OK
response.ContentType = RuntimePlatformUtils.GetMIMEType(buffer);
response.AppendHeader("ETag", "\"" + md5Hash + "\"");
response.AppendHeader("Accept-Ranges", "none");
if (request.HttpMethod.ToUpper() == "GET")
{
BinaryWrite(response, buffer);
}
End(response);
}
}
/// <summary>
/// Stores a refresh token hash for a user.
/// </summary>
/// <param name="userId">The user id.</param>
/// <param name="refreshToken">The unhashed refresh token.</param>
public async Task StoreRefreshTokenHashAsync(Guid userId, string refreshToken)
{
var sql = @"
UPDATE application.user_up_to_date AS u
SET refresh_token_hash = @refresh_token_hash
WHERE u.id = @user_id";
await using var context = await CreateNewDatabaseContext(sql);
context.AddParameterWithValue("user_id", userId);
context.AddParameterWithValue("refresh_token_hash", SecureHashHelper.Hash(refreshToken));
await context.NonQueryAsync(hasRowGuard : true);
}
/**
* It should be ok to truncate the hash to a shorter length since we are not worried about collisions here,
* just trying to force different hashes when the content is updated.
*
* FIPS 180-4 (http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf) specifies that:
* "Some application may require a hash function with a message digest length different than those provided
* by the hash functions in this Standard. In such cases, a truncated message digest may be used, whereby a
* hash function with a larger message digest length is applied to the data to be hashed, and the resulting
* message digest is truncated by selecting an appropriate number of the leftmost bits".
**/
private static string GetBinaryContentHash(byte[] content)
{
return(SecureHashHelper.Hash(content).Substring(0, 20));
}