public async Task <AuthenticationResult> TryAuthenticateAsync(string key, string secret) { ApiClientSecret apiClientSecret; ApiClientIdentity apiClientIdentity; try { apiClientIdentity = await _apiClientIdentityProvider.GetApiClientIdentityAsync(key); apiClientSecret = new ApiClientSecret { Secret = apiClientIdentity.Secret, IsHashed = apiClientIdentity.IsHashed }; } catch (ArgumentException) { return(new AuthenticationResult { IsAuthenticated = false }); } if (!_secretVerifier.VerifySecret(key, secret, apiClientSecret)) { return(new AuthenticationResult { IsAuthenticated = false }); } return(new AuthenticationResult { IsAuthenticated = true, ApiClientIdentity = apiClientIdentity }); }
public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret) { if (actualSecret.IsHashed) { throw new ArgumentException("Password is hashed."); } return(presentedSecret == actualSecret.Secret); }
public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret) { if (!actualSecret.IsHashed) { return(presentedSecret == actualSecret.Secret); } var actualHash = _packedHashConverter.GetPackedHash(actualSecret.Secret); var hasher = _secureHasherProvider.GetHasher(actualHash.HashAlgorithm); var presentedHash = hasher.ComputeHash( presentedSecret, actualHash.HashAlgorithm, actualHash.Iterations, actualHash.Salt); return(ByteArraysEqual(actualHash.HashBytes, presentedHash.HashBytes)); }
public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret) { if (!_next.VerifySecret(key, presentedSecret, actualSecret)) { _logger.Warn( $"Unable to decode the secret for vendor \"{key}\" using the secret verifier \"{_next.GetType().Name}\". You may need to reset the secret for this vendor."); return(false); } var hashAlgorithm = _hashConfiguration.GetAlgorithmHashCode(); if (actualSecret.IsHashed) { var packedHash = _packedHashConverter.GetPackedHash(actualSecret.Secret); if (packedHash.HashAlgorithm == hashAlgorithm && packedHash.Iterations == _hashConfiguration.Iterations && packedHash.Salt.Length == _hashConfiguration.GetSaltSizeInBytes()) { return(true); } } actualSecret.Secret = _securePackedHashProvider.ComputePackedHashString( presentedSecret, hashAlgorithm, _hashConfiguration.Iterations, _hashConfiguration.GetSaltSizeInBytes()); actualSecret.IsHashed = true; _apiClientSecretProvider.SetSecret(key, actualSecret); return(true); }