protected override void Act()
{
_actualResponse = _secretVerifier.VerifySecret(
"MyKey",
"MySecret",
new ApiClientSecret
{
Secret = "MyHashedSecret", IsHashed = true
});
}
protected override void Act()
{
_actualResponse = _secretVerifier.VerifySecret(
"MyKey",
"MySecret",
new ApiClientSecret
{
Secret = "NotMySecret"
});
}
protected override void Act()
{
_secretVerifier.VerifySecret(
"MyKey",
"MySecret",
new ApiClientSecret
{
Secret = "NotMySecret", IsHashed = true
});
}
public bool TryAuthenticate(string key, string secret, out ApiClientIdentity authenticatedApiClientIdentity)
{
authenticatedApiClientIdentity = null;
ApiClientSecret apiClientSecret;
try
{
apiClientSecret = _apiClientSecretProvider.GetSecret(key);
}
catch (ArgumentException)
{
return(false);
}
if (!_secretVerifier.VerifySecret(key, secret, apiClientSecret))
{
return(false);
}
authenticatedApiClientIdentity = _apiClientIdentityProvider.GetApiClientIdentity(key);
return(true);
}
public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret)
{
if (!_next.VerifySecret(key, presentedSecret, actualSecret))
{
_logger.Warn(
$"Unable to decode the secret for vendor \"{key}\" using the secret verifier \"{_next.GetType().Name}\". You may need to reset the secret for this vendor.");
return(false);
}
var hashAlgorithm = _hashConfiguration.GetAlgorithmHashCode();
if (actualSecret.IsHashed)
{
var packedHash = _packedHashConverter.GetPackedHash(actualSecret.Secret);
if (packedHash.HashAlgorithm == hashAlgorithm &&
packedHash.Iterations == _hashConfiguration.Iterations &&
packedHash.Salt.Length == _hashConfiguration.GetSaltSizeInBytes())
{
return(true);
}
}
actualSecret.Secret = _securePackedHashProvider.ComputePackedHashString(
presentedSecret,
hashAlgorithm,
_hashConfiguration.Iterations,
_hashConfiguration.GetSaltSizeInBytes());
actualSecret.IsHashed = true;
_apiClientSecretProvider.SetSecret(key, actualSecret);
return(true);
}
