Exemplo n.º 1
0
        public SignedKeyData GenerateKey([FromBody] string keyData)
        {
            var encrypted_buff = Convert.FromBase64String(keyData);
            var decrypted_buff = rsaProvider.DecryptData(encrypted_buff);
            var signedData     = JsonConvert.DeserializeObject <SignedKeyData>(Encoding.ASCII.GetString(decrypted_buff));

            return(signedData);
        }
Exemplo n.º 2
0
        protected override Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            return(Task.Run(() =>
            {
                try {
                    if (!Context.Request.Headers.ContainsKey("APIKey"))
                    {
                        return AuthenticateResult.NoResult();
                    }
                    var APIKey = Context.Request.Headers["APIKey"];
                    var encrypted_buff = Convert.FromBase64String(APIKey);
                    var DecryptedAPIKey = apiKeyProvider.DecryptData(encrypted_buff);
                    SignedKeyData signedData = JsonConvert.DeserializeObject <SignedKeyData>(Encoding.ASCII.GetString(DecryptedAPIKey));
                    if (signedData.expiresAt.HasValue)
                    {
                        DateTime expireTime = DateTime.FromFileTimeUtc(signedData.expiresAt.Value);
                        if (DateTime.Now > expireTime)
                        {
                            return AuthenticateResult.Fail("Expired Token");
                        }
                    }
                    var identity = new GenericIdentity("API");
                    identity.AddClaim(new System.Security.Claims.Claim("Origin", "Api"));

                    foreach (var role in signedData.roles)
                    {
                        identity.AddClaim(new System.Security.Claims.Claim("role", role));
                    }

                    var principal = new GenericPrincipal(identity, new[] { signedData.name });

                    var ticket = new AuthenticationTicket(principal, new AuthenticationProperties(), Scheme.Name);
                    return AuthenticateResult.Success(ticket);
                }
                catch (System.Exception e)
                {
                    return AuthenticateResult.Fail(e);
                }
            }));
        }