/// <summary> /// Decodes, decryptes and deseralizes a serialized, protected and encoded /// OwinAuthenticationTicket created by OWIN's cookie authentication system. /// </summary> /// <param name="cookie">The cookie value generated by OWIN</param> /// <param name="decryptionKey">The machineKey decryptionKey found in your web.config</param> /// <param name="validationKey">The machineKey validationKey found in your web.config</param> /// <param name="decryptionAlgorithm">The machineKey decryptionAlgorithm found in your web.config (Auto == AES)</param> /// <param name="validationAlgorithm">The machineKey validationAlgorithm found in your web.config</param> /// <returns>A v3 AuthenticationTicket</returns> public static OwinAuthenticationTicket UnprotectCookie(string cookie, string decryptionKey, string validationKey, string decryptionAlgorithm = "AES", string validationAlgorithm = "HMACSHA1") { var decoded = WebEncoders.Base64UrlDecode(cookie); var unprotected = Unprotect(decoded, decryptionKey, validationKey, decryptionAlgorithm, validationAlgorithm, "User.MachineKey.Protect", "Microsoft.Owin.Security.Cookies.CookieAuthenticationMiddleware", "ApplicationCookie", "v1"); var serializer = new OwinTicketSerializer(); var ticket = serializer.Deserialize(unprotected); return(ticket); }
/// <summary> /// Serializes, encrypts and encodes an AuthenticationTicket /// created by OWIN's cookie authentication system. /// </summary> /// <param name="ticket">The v3 AuthenticationTicket</param> /// <param name="decryptionKey">The machineKey decryptionKey found in your web.config</param> /// <param name="validationKey">The machineKey validationKey found in your web.config</param> /// <param name="decryptionAlgorithm">The machineKey decryptionAlgorithm found in your web.config (Auto == AES)</param> /// <param name="validationAlgorithm">The machineKey validationAlgorithm found in your web.config</param> /// <returns>An encoded string</returns> public static string ProtectCookie(OwinAuthenticationTicket ticket, string decryptionKey, string validationKey, string decryptionAlgorithm = "AES", string validationAlgorithm = "HMACSHA1") { var serializer = new OwinTicketSerializer(); var serializedData = serializer.Serialize(ticket); var protectedData = Protect(serializedData, decryptionKey, validationKey, decryptionAlgorithm, validationAlgorithm, "User.MachineKey.Protect", "Microsoft.Owin.Security.Cookies.CookieAuthenticationMiddleware", "ApplicationCookie", "v1"); var encoded = WebEncoders.Base64UrlEncode(protectedData); return(encoded); }
/// <summary> /// Decodes, decrypts and deseralizes a serialized, protected and encoded /// AuthenticationTicket created by OWIN's OAuth server implementation for the refresh token. /// </summary> /// <param name="token">The token generated by OWIN</param> /// <param name="decryptionKey">The machineKey decryptionKey found in your web.config</param> /// <param name="validationKey">The machineKey validationKey found in your web.config</param> /// <param name="decryptionAlgorithm">The machineKey decryptionAlgorithm found in your web.config (Auto == AES)</param> /// <param name="validationAlgorithm">The machineKey validationAlgorithm found in your web.config</param> /// <returns></returns> public static OwinAuthenticationTicket UnprotectOAuthRefreshToken(string token, string decryptionKey, string validationKey, string decryptionAlgorithm = "AES", string validationAlgorithm = "HMACSHA1") { var decoded = WebEncoders.Base64UrlDecode(token); var unprotected = Unprotect(decoded, decryptionKey, validationKey, decryptionAlgorithm, validationAlgorithm, "User.MachineKey.Protect", "Microsoft.Owin.Security.OAuth", "Refresh_Token", "v1"); var serializer = new OwinTicketSerializer(); var ticket = serializer.Deserialize(unprotected); return(ticket); }
/// <summary> /// Serializes, encrypts and encodes an AuthenticationTicket /// created by OWIN's OAuth server implementation for the refresh token. /// </summary> /// <param name="ticket">The v3 AuthenticationTicket</param> /// <param name="decryptionKey">The machineKey decryptionKey found in your web.config</param> /// <param name="validationKey">The machineKey validationKey found in your web.config</param> /// <param name="decryptionAlgorithm">The machineKey decryptionAlgorithm found in your web.config (Auto == AES)</param> /// <param name="validationAlgorithm">The machineKey validationAlgorithm found in your web.config</param> /// <returns>An encoded string</returns> public static string ProtectOAuthRefreshToken(OwinAuthenticationTicket ticket, string decryptionKey, string validationKey, string decryptionAlgorithm = "AES", string validationAlgorithm = "HMACSHA1") { var serializer = new OwinTicketSerializer(); var serializedData = serializer.Serialize(ticket); var protectedData = Protect(serializedData, decryptionKey, validationKey, decryptionAlgorithm, validationAlgorithm, "User.MachineKey.Protect", "Microsoft.Owin.Security.OAuth", "Refresh_Token", "v1"); var encoded = WebEncoders.Base64UrlEncode(protectedData); return(encoded); }