public async Task WhenEncryptionKeyIsNullOrEmpty_DoesNotEncryptHMACSecretInDatabase(string nullOrEmpty) { using (var sut = new SqlServerClientStore(new SqlServerClientStoreSettings { ConnectionString = _connectionString, SharedSecretEncryptionKey = nullOrEmpty }, new SignatureAlgorithmConverter(new FakeStringProtectorFactory()))) { var hmac = new HMACSignatureAlgorithm("s3cr3t", HashAlgorithmName.SHA384); var client = new Client( "c1", "app one", hmac, TimeSpan.FromMinutes(1), TimeSpan.FromMinutes(2), RequestTargetEscaping.RFC2396, new Claim("company", "Dalion"), new Claim("scope", "HttpMessageSigning")); await sut.Register(client); var loaded = await LoadFromDb(client.Id); loaded.SigParameter.Should().NotBeNullOrEmpty(); var unencryptedKey = Encoding.UTF8.GetString(hmac.Key); loaded.SigParameter.Should().Be(unencryptedKey); loaded.IsSigParameterEncrypted.Should().BeFalse(); } }
/// <summary>Configures HTTP message signature verification to use a SQL Server <see cref="IClientStore"/>.</summary> /// <param name="builder">The <see cref="IHttpMessageSigningVerificationBuilder" /> that is used to configure verification.</param> /// <param name="clientStoreSettingsFactory">The factory that creates the settings for the SQL Server connection.</param> /// <returns>The <see cref="IHttpMessageSigningVerificationBuilder" /> that can be used to continue configuring the verification settings.</returns> public static IHttpMessageSigningVerificationBuilder UseSqlServerClientStore( this IHttpMessageSigningVerificationBuilder builder, Func <IServiceProvider, SqlServerClientStoreSettings> clientStoreSettingsFactory) { if (builder == null) { throw new ArgumentNullException(nameof(builder)); } if (clientStoreSettingsFactory == null) { throw new ArgumentNullException(nameof(clientStoreSettingsFactory)); } builder.Services .AddMemoryCache() .AddSingleton <ISignatureAlgorithmConverter, SignatureAlgorithmConverter>() .AddSingleton(prov => { var settings = clientStoreSettingsFactory(prov); if (settings == null) { throw new ValidationException($"Invalid {nameof(SqlServerClientStoreSettings)} were specified."); } settings.Validate(); return(settings); }); return(builder // The actual store .UseClientStore(prov => { var sqlSettings = prov.GetRequiredService <SqlServerClientStoreSettings>(); var decorator = prov.GetRequiredService <ICachingClientStoreDecorator>(); var store = new SqlServerClientStore(sqlSettings, prov.GetRequiredService <ISignatureAlgorithmConverter>()); return decorator.DecorateWithCaching(store, sqlSettings.ClientCacheEntryExpiration); })); }
public SqlServerClientStoreTests(SqlServerFixture fixture) : base(fixture) { _sut = new SqlServerClientStore( new SqlServerClientStoreSettings { ConnectionString = fixture.SqlServerConfig.GetConnectionStringForTestDatabase() }, new SignatureAlgorithmConverter(new FakeStringProtectorFactory())); _connectionString = fixture.SqlServerConfig.GetConnectionStringForTestDatabase(); }