public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret)
{
if (!actualSecret.IsHashed)
{
return(presentedSecret == actualSecret.Secret);
}
var actualHash = _packedHashConverter.GetPackedHash(actualSecret.Secret);
var presentedHash = _secureHasher.ComputeHash(presentedSecret, actualHash.HashAlgorithm, actualHash.Iterations, actualHash.Salt);
return(ByteArraysEqual(actualHash.HashBytes, presentedHash.HashBytes));
}
public bool VerifySecret(string key, string presentedSecret, ApiClientSecret actualSecret)
{
if (!_next.VerifySecret(key, presentedSecret, actualSecret))
{
_logger.Warn(
$"Unable to decode the secret for vendor \"{key}\" using the secret verifier \"{_next.GetType().Name}\". You may need to reset the secret for this vendor.");
return(false);
}
var hashAlgorithm = _hashConfiguration.GetAlgorithmHashCode();
if (actualSecret.IsHashed)
{
var packedHash = _packedHashConverter.GetPackedHash(actualSecret.Secret);
if (packedHash.HashAlgorithm == hashAlgorithm &&
packedHash.Iterations == _hashConfiguration.Iterations &&
packedHash.Salt.Length == _hashConfiguration.GetSaltSizeInBytes())
{
return(true);
}
}
actualSecret.Secret = _securePackedHashProvider.ComputePackedHashString(
presentedSecret,
hashAlgorithm,
_hashConfiguration.Iterations,
_hashConfiguration.GetSaltSizeInBytes());
actualSecret.IsHashed = true;
_apiClientSecretProvider.SetSecret(key, actualSecret);
return(true);
}