public List <ApiKey> GenerateNewApiKeys(string userId, params string[] environments) { var now = DateTime.UtcNow; var apiKeys = new List <ApiKey>(); if (environments.Length == 0) { environments = Environments; } foreach (var env in environments) { foreach (var keyType in KeyTypes) { var key = GenerateApiKey(env, keyType, KeySizeBytes); var apiKey = new ApiKey { UserAuthId = userId, Environment = env, KeyType = keyType, Id = key, CreatedDate = now, ExpiryDate = ExpireKeysAfter != null?now.Add(ExpireKeysAfter.Value) : (DateTime?)null }; if (CreateApiKeyFilter != null) { CreateApiKeyFilter(apiKey); } apiKeys.Add(apiKey); } } return(apiKeys); }
public virtual async Task PreAuthenticateWithApiKeyAsync(IRequest req, IResponse res, ApiKey apiKey) { if (RequireSecureConnection && !req.IsSecureConnection) { throw HttpError.Forbidden(ErrorMessages.ApiKeyRequiresSecureConnection.Localize(req)); } ValidateApiKey(req, apiKey); var apiSessionKey = GetSessionKey(apiKey.Id); if (await HasCachedSessionAsync(req, apiSessionKey).ConfigAwait()) { req.Items[Keywords.ApiKey] = apiKey; return; } //Need to run SessionFeature filter since its not executed before this attribute (Priority -100) SessionFeature.AddSessionIdToRequestFilter(req, res, null); //Required to get req.GetSessionId() using var authService = HostContext.ResolveService <AuthenticateService>(req); var response = await authService.PostAsync(new Authenticate { provider = Name, UserName = "******", Password = apiKey.Id, }).ConfigAwait(); await CacheSessionAsync(req, apiSessionKey); }
public List<ApiKey> GenerateNewApiKeys(string userId, params string[] environments) { var now = DateTime.UtcNow; var apiKeys = new List<ApiKey>(); if (environments.Length == 0) environments = Environments; foreach (var env in environments) { foreach (var keyType in KeyTypes) { var key = GenerateApiKey(env, keyType, KeySizeBytes); var apiKey = new ApiKey { UserAuthId = userId, Environment = env, KeyType = keyType, Id = key, CreatedDate = now, ExpiryDate = ExpireKeysAfter != null ? now.Add(ExpireKeysAfter.Value) : (DateTime?) null }; CreateApiKeyFilter?.Invoke(apiKey); apiKeys.Add(apiKey); } } return apiKeys; }
private void PreAuthenticateWithApiKey(IRequest req, IResponse res, ApiKey apiKey) { if (RequireSecureConnection && !req.IsSecureConnection) throw HttpError.Forbidden(ErrorMessages.ApiKeyRequiresSecureConnection); ValidateApiKey(apiKey); var apiSessionKey = GetSessionKey(apiKey.Id); if (SessionCacheDuration != null) { var session = req.GetCacheClient().Get<IAuthSession>(apiSessionKey); if (session != null) session = HostContext.AppHost.OnSessionFilter(session, session.Id); if (session != null) { req.Items[Keywords.ApiKey] = apiKey; req.Items[Keywords.Session] = session; return; } } //Need to run SessionFeature filter since its not executed before this attribute (Priority -100) SessionFeature.AddSessionIdToRequestFilter(req, res, null); //Required to get req.GetSessionId() using (var authService = HostContext.ResolveService<AuthenticateService>(req)) { var response = authService.Post(new Authenticate { provider = Name, UserName = "******", Password = apiKey.Id, }); } if (SessionCacheDuration != null) { var session = req.GetSession(); req.GetCacheClient().Set(apiSessionKey, session, SessionCacheDuration); } }
protected virtual void ValidateApiKey(ApiKey apiKey) { if (apiKey == null) throw HttpError.NotFound("ApiKey does not exist"); if (apiKey.CancelledDate != null) throw HttpError.Forbidden("ApiKey has been cancelled"); if (apiKey.ExpiryDate != null && DateTime.UtcNow > apiKey.ExpiryDate.Value) throw HttpError.Forbidden("ApiKey has expired"); }
public List<ApiKey> GenerateNewApiKeys(string userId, params string[] environments) { var now = DateTime.UtcNow; var apiKeys = new List<ApiKey>(); if (environments.Length == 0) environments = Environments; foreach (var env in environments) { foreach (var keyType in KeyTypes) { var key = CreateApiKeyFn(env, keyType, KeySizeBytes); var apiKey = new ApiKey { UserAuthId = userId, Environment = env, KeyType = keyType, Id = key, CreatedDate = now, }; if (ApiKeyFilterFn != null) ApiKeyFilterFn(apiKey); apiKeys.Add(apiKey); } } return apiKeys; }
public override void OnRegistered(IRequest httpReq, IAuthSession session, IServiceBase registrationService) { var now = DateTime.UtcNow; var userId = session.UserAuthId; var apiKeys = new List<ApiKey>(); foreach (var env in apiKeyProvider.Environments) { foreach (var keyType in apiKeyProvider.KeyTypes) { var key = apiKeyProvider.CreateApiKeyFn(env, keyType, apiKeyProvider.KeySizeBytes); var apiKey = new ApiKey { UserAuthId = userId, Environment = env, KeyType = keyType, Id = key, CreatedDate = now, }; if (apiKeyProvider.ApiKeyFilterFn != null) apiKeyProvider.ApiKeyFilterFn(apiKey); apiKeys.Add(apiKey); } } var authRepo = (IManageApiKeys)httpReq.TryResolve<IAuthRepository>().AsUserAuthRepository(httpReq); authRepo.StoreAll(apiKeys); }