public static string GerarToken(DataSet info)
{
byte[] _publicKey = HexToBytes(ConfigurationManager.AppSettings["chavePublica"]);
byte[] _privateKey = HexToBytes(ConfigurationManager.AppSettings["chavePrivada"]);
var date = DateTime.UtcNow;
var claims = new PasetoInstance {
Issuer = "http://api.passcenter.com.br",
Subject = "Token de autenticacao",
Audience = "http://passcenter.com.br",
Expiration = date.AddMinutes(30),
NotBefore = date.AddMinutes(-30),
IssuedAt = date,
AdditionalClaims = new Dictionary <string, object> {
["usu_codigo"] = new object[] { Convert.ToInt32(info.Tables[0].Rows[0]["usu_codigo"]) },
["pes_codigo"] = new object[] { Convert.ToInt32(info.Tables[0].Rows[0]["pes_codigo"]) },
["end_codigo"] = new object[] { Convert.ToInt32(info.Tables[0].Rows[0]["end_codigo"]) },
["ins_codigo"] = new object[] { Convert.ToInt32(info.Tables[0].Rows[0]["ins_codigo"]) },
["tus_codigo"] = new object[] { Convert.ToInt32(info.Tables[0].Rows[0]["tus_codigo"]) }
},
};
return(PasetoUtility.Sign(_publicKey, _privateKey, claims));
}
public void JsonDataRoundTrip()
{
var date = DateTime.UtcNow;
var claims = new PasetoInstance
{
Issuer = "http://auth.example.com",
Subject = "2986689",
Audience = "audience",
Expiration = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind).AddMinutes(10),
NotBefore = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind).AddMinutes(-10),
IssuedAt = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind),
AdditionalClaims = new Dictionary <string, object>
{
["roles"] = new[] { "Admin", "User" }
},
Footer = new Dictionary <string, object>
{
["kid"] = "dpm0"
},
};
string token = PasetoUtility.Encrypt(_symmetricKey, claims);
var parsedToken = PasetoUtility.Decrypt(_symmetricKey, token, validateTimes: true);
Assert.Equal(claims.Issuer, parsedToken.Issuer);
Assert.Equal(claims.Subject, parsedToken.Subject);
Assert.Equal(claims.Audience, parsedToken.Audience);
Assert.Equal(claims.Expiration, parsedToken.Expiration);
Assert.Equal(claims.NotBefore, parsedToken.NotBefore);
Assert.Equal(claims.IssuedAt, parsedToken.IssuedAt);
Assert.Equal(claims.AdditionalClaims, parsedToken.AdditionalClaims);
Assert.Equal(claims.Footer, parsedToken.Footer);
}
public void RoundTrip()
{
const string payload = "Frank Denis rocks";
string signature = PasetoUtility.SignBytes(_publicKey, _privateKey, Encoding.UTF8.GetBytes(payload));
Assert.Equal(payload, Encoding.UTF8.GetString(PasetoUtility.ParseBytes(_publicKey, signature).Payload));
}
public void RoundTripPrivate()
{
const string payload = "Love is stronger than hate or fear";
string encrypted = PasetoUtility.EncryptBytes(_symmetricKey, Encoding.UTF8.GetBytes(payload), nonce: new byte[24]);
Assert.Equal(payload, Encoding.UTF8.GetString(PasetoUtility.DecryptBytes(_symmetricKey, encrypted).Payload));
}
protected string autenticarToken(string token, string chavePublica)
{
byte[] _publicKey = HexToBytes(chavePublica);
if (Object.Equals(PasetoUtility.Parse(_publicKey, token, validateTimes: true), null))
{
return("Token NÃO autenticado/válido!");
}
return("Token autenticado/válido!");
}
public void Parse(string message, string payload, string footer = "")
{
var parsed = PasetoUtility.ParseBytes(_publicKey, message);
Assert.Equal(payload, Encoding.UTF8.GetString(parsed.Payload));
Assert.Equal(footer, Encoding.UTF8.GetString(parsed.Footer));
Assert.Null(PasetoUtility.Parse(new byte[32], message));
}
public void FutureTokenDoesNotParse()
{
var testClaims = new PasetoInstance
{
NotBefore = DateTime.UtcNow.AddMinutes(1),
Subject = "2986689",
};
Assert.NotNull(PasetoUtility.Parse(_publicKey, PasetoUtility.Sign(_publicKey, _privateKey, claims: testClaims), validateTimes: false));
Assert.Null(PasetoUtility.Parse(_publicKey, PasetoUtility.Sign(_publicKey, _privateKey, claims: testClaims)));
testClaims.NotBefore = DateTime.UtcNow.AddMinutes(-1);
Assert.NotNull(PasetoUtility.Parse(_publicKey, PasetoUtility.Sign(_publicKey, _privateKey, claims: testClaims)));
}
public void FooterCanBeParsed()
{
string footerText = "Hello friend";
Assert.Equal(footerText, PasetoUtility.ParseFooter(PasetoUtility.EncryptBytes(_symmetricKey, new byte[0], footerText)));
var footerJson = new Dictionary <string, object> {
["hello"] = "friend"
};
Assert.Equal(footerJson, PasetoUtility.ParseFooterJson(PasetoUtility.Encrypt(_symmetricKey, new PasetoInstance {
Footer = footerJson
})));
}
public static Indentificacao ValidarToken(string token)
{
byte[] _publicKey = HexToBytes(ConfigurationManager.AppSettings["chavePublica"]);
var tokenDescodificado = PasetoUtility.Parse(_publicKey, token, validateTimes: true);
if (Object.Equals(tokenDescodificado, null))
{
return(null);
}
Indentificacao ident = new Indentificacao();
ident.Usu_codigo = converteObjStr(tokenDescodificado.AdditionalClaims["usu_codigo"]);
ident.Pes_codigo = converteObjStr(tokenDescodificado.AdditionalClaims["pes_codigo"]);
ident.End_codigo = converteObjStr(tokenDescodificado.AdditionalClaims["end_codigo"]);
ident.Ins_codigo = converteObjStr(tokenDescodificado.AdditionalClaims["ins_codigo"]);
ident.Tus_codigo = Convert.ToInt32(converteObjStr(tokenDescodificado.AdditionalClaims["tus_codigo"]));
return(ident);
}
protected string criarToken(string chavePublica, string chavePrivada)
{
byte[] _publicKey = HexToBytes(chavePublica);
byte[] _privateKey = HexToBytes(chavePrivada);
var date = DateTime.UtcNow;
var claims = new PasetoInstance {
Issuer = "http://auth.example.com",
Subject = "2986689",
Audience = "audience",
Expiration = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind).AddMinutes(10),
NotBefore = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind).AddMinutes(-10),
IssuedAt = new DateTime(date.Year, date.Month, date.Day, date.Hour, date.Minute, date.Second, date.Kind),
AdditionalClaims = new Dictionary <string, object> {
["roles"] = new[] { "Admin", "User" }
},
Footer = new Dictionary <string, object> {
["kid"] = "dpm0"
},
};
return(PasetoUtility.Sign(_publicKey, _privateKey, claims));
}
public void Encrypt(string payload, string message, string footer = "")
{
var nonce = new byte[24];
Assert.Equal(message, PasetoUtility.EncryptBytes(_symmetricKey, Encoding.UTF8.GetBytes(payload), footer, nonce));
}
public void EncryptWithNullKey(string payload, string message)
{
Assert.Equal(message, PasetoUtility.EncryptBytes(new byte[32], Encoding.UTF8.GetBytes(payload), nonce: new byte[24]));
}
public void EmptyTokenRoundTrip()
{
PasetoUtility.Parse(_publicKey, PasetoUtility.SignBytes(_publicKey, _privateKey, Encoding.UTF8.GetBytes("{}")));
Assert.Equal("{}", Encoding.UTF8.GetString(PasetoUtility.ParseBytes(_publicKey, PasetoUtility.Sign(_publicKey, _privateKey, new PasetoInstance())).Payload));
}
public void PAE()
{
Assert.Equal("\x00\x00\x00\x00\x00\x00\x00\x00", Encoding.UTF8.GetString(PasetoUtility.PreAuthEncode(new List <byte[]>())));
Assert.Equal("\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", Encoding.UTF8.GetString(PasetoUtility.PreAuthEncode(new[] { Encoding.UTF8.GetBytes("") })));
Assert.Equal("\x01\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x00\x00\x00\x00\x00test", Encoding.UTF8.GetString(PasetoUtility.PreAuthEncode(new[] { Encoding.UTF8.GetBytes("test") })));
}
public void InvalidTokenThrows(string token)
{
Assert.Throws <PasetoFormatException>(() => PasetoUtility.ParseBytes(_publicKey, token));
}
public void InvalidJsonThrows(string str)
{
string token = PasetoUtility.SignBytes(_publicKey, _privateKey, Encoding.UTF8.GetBytes(str));
Assert.Throws <PasetoFormatException>(() => PasetoUtility.Parse(_publicKey, token));
}
public void TimezonesAreAllowed(string tokenJson)
{
var signedBytes = PasetoUtility.SignBytes(_publicKey, _privateKey, Encoding.UTF8.GetBytes(tokenJson));
Assert.Equal("2018-03-20T07:00:00+00:00", PasetoUtility.Parse(_publicKey, signedBytes, validateTimes: false).Expiration.Value.ToString(Iso8601Format));
}
