/// <summary>
/// Unprotects the specified protected data.
/// </summary>
/// <param name="protectedData">The protected data.</param>
/// <returns>System.Security.Claims.ClaimsIdentity.</returns>
public ClaimsIdentity Unprotect(string protectedData)
{
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
List <Claim> claims = new List <Claim>();
try
{
byte[] unprotectedData = this.rsaCryptoServiceProvider.Decrypt(protectedData.ToBase64Bytes(), false);
string identityData = unprotectedData.ASCII();
string[] identityDatas = identityData.Split(',');
long timestamp = identityDatas[1]?.AsLong() ?? 0L;
if (timestamp < DateTime.UtcNow.UnixTimestamp())
{
claims.Add(new Claim(ClaimTypes.Expired, "True"));
}
else
{
claims.Add(new Claim(ClaimTypes.Name, identityDatas[0] ?? Anonymous));
claims.Add(new Claim(ClaimTypes.Role, "User"));
return(new ClaimsIdentity(claims, identityDatas[2] ?? Unspecified));
}
}
catch (Exception e)
{
claims.Add(new Claim(ClaimTypes.AuthorizationDecision, "Error:" + e.Message));
}
return(new ClaimsIdentity(claims));
}