private void DecryptEncryptedValues(IAppConfiguration appConfiguration, DecryptionService decryptionService)
{
if (appConfiguration.ElasticSearchSettings != null)
{
appConfiguration.ElasticSearchSettings.Password = decryptionService.DecryptString(
appConfiguration.ElasticSearchSettings.Password, appConfiguration.SigningCertificateSettings);
}
if (appConfiguration.CouchDbSettings != null)
{
appConfiguration.CouchDbSettings.Password = decryptionService.DecryptString(
appConfiguration.CouchDbSettings.Password, appConfiguration.SigningCertificateSettings);
}
if (appConfiguration.LdapSettings != null)
{
appConfiguration.LdapSettings.Password = decryptionService.DecryptString(
appConfiguration.LdapSettings.Password, appConfiguration.SigningCertificateSettings);
}
if (appConfiguration.IdentityServerConfidentialClientSettings != null)
{
appConfiguration.IdentityServerConfidentialClientSettings.ClientSecret =
decryptionService.DecryptString(
appConfiguration.IdentityServerConfidentialClientSettings.ClientSecret,
appConfiguration.SigningCertificateSettings);
}
if (appConfiguration.AzureActiveDirectorySettings?.ClientSecret != null)
{
appConfiguration.AzureActiveDirectorySettings.ClientSecret = decryptionService.DecryptString(
appConfiguration.AzureActiveDirectorySettings.ClientSecret,
appConfiguration.SigningCertificateSettings);
}
}
protected async Task <bool> IsUserValidAsync()
{
var userIsValid = await UserModel.CheckUserExistsByIdAsync(
ExtractUserIdFromToken(), RepositoryManager.UserRepository);
if (userIsValid)
{
var user = await UserModel.GetUserByIdAsync(
ExtractUserIdFromToken(), RepositoryManager.UserRepository);
if (user.UserSecret != null)
{
var decryptedUserSecret = DecryptionService.DecryptString(user.UserSecret);
if (decryptedUserSecret == ExtractUserSecretFromToken())
{
return(true);
}
else
{
return(false);
}
}
else
{
return(false);
}
}
else
{
return(userIsValid);
}
}
private void DecryptEncryptedValues(IAppConfiguration appConfig)
{
if (_encryptionCertificateSettings != null && appConfig.AzureActiveDirectoryClientSettings.ClientAppSettings != null)
{
foreach (var setting in appConfig.AzureActiveDirectoryClientSettings.ClientAppSettings)
{
setting.ClientSecret = _decryptionService.DecryptString(setting.ClientSecret, _encryptionCertificateSettings);
}
}
}
public static async Task QueueAlbumAsync(
string albumId,
Guid userId,
IRepositoryManager repositoryManager,
SpotifyAPICredentials spotifyAPICredentials)
{
try
{
var user = await repositoryManager.UserRepository.GetByIdAsync(userId);
if (user != null)
{
if (user.SpotifyRefreshToken != null)
{
var spotifyAuthRefreshRequest = new AuthorizationCodeRefreshRequest
(
spotifyAPICredentials.ClientId,
spotifyAPICredentials.ClientSecret,
DecryptionService.DecryptString(user.SpotifyRefreshToken)
);
var spotifyAuthResponse = await new OAuthClient().RequestToken(spotifyAuthRefreshRequest);
var spotifyToken = spotifyAuthResponse.AccessToken;
var spotifyClient = new SpotifyClient(spotifyToken);
var activeDevices = await spotifyClient.Player.GetAvailableDevices();
if (activeDevices.Devices.Count > 0)
{
var album = await spotifyClient.Albums.Get(albumId);
foreach (var track in album.Tracks.Items)
{
var trackQueueRequest = new PlayerAddToQueueRequest(track.Uri);
await spotifyClient.Player.AddToQueue(trackQueueRequest);
}
}
else
{
throw new SpotifyNoActiveDevicesException("No Active Devices Found", "No Active Devices Found");
}
}
else
{
throw new SpotifyNotLinkedException("Spotify Account not Linked", "Spotify Account not Linked");
}
}
}
catch (Exception)
{
throw;
}
}
private string GenerateJwtToken(string userId, string userSecret)
{
var decryptedUserSecret = DecryptionService.DecryptString(userSecret);
SecurityTokenDescriptor tokenDescriptor = GetTokenDescriptor(userId, decryptedUserSecret);
var tokenHandler = new JwtSecurityTokenHandler();
SecurityToken securityToken = tokenHandler.CreateToken(tokenDescriptor);
string token = tokenHandler.WriteToken(securityToken);
return(token);
}
public static async Task <bool> ValidatePasswordResetTokenAsync(
string passwordResetToken,
IPasswordResetRepository passwordResetRepository)
{
var decryptedResetToken = DecryptionService.DecryptString(passwordResetToken);
var hashedResetIdentifier = HashingHelper.HashIdentifier(decryptedResetToken);
var(existsAndValid, _) = await CheckPasswordResetIdentifierExistsAndIsValidAsync(
hashedResetIdentifier,
passwordResetRepository).ConfigureAwait(false);
return(existsAndValid);
}
public void DecryptString_HandlesNullOrEmptyString(string stringToDecrypt)
{
// Arrange
var privateKey = GetPrivateKey();
var mockCertificateService = GetMockCertificateService(privateKey);
var signingCertificateSettings = new SigningCertificateSettings();
var decryptionService = new DecryptionService(mockCertificateService);
// Act
var decryptedString = decryptionService.DecryptString(stringToDecrypt, signingCertificateSettings);
// Assert
Assert.Equal(stringToDecrypt, decryptedString);
}
public void DecryptString_ThrowsFormatException_InvalidBase64String()
{
// Arrange
var privateKey = GetPrivateKey();
var stringToEncrypt = Guid.NewGuid().ToString();
var encryptedString = $"{DecryptionService.EncryptionPrefix}{EncryptString(privateKey, stringToEncrypt).Substring(1)}";
var mockCertificateService = GetMockCertificateService(privateKey);
var signingCertificateSettings = new SigningCertificateSettings();
var decryptionService = new DecryptionService(mockCertificateService);
// Act & Assert
Assert.Throws <FormatException>(
() => decryptionService.DecryptString(encryptedString, signingCertificateSettings));
}
public void DecryptString_ReturnsNonEncryptedString()
{
// Arrange
var privateKey = GetPrivateKey();
var clearTextstringToDecrypt = Guid.NewGuid().ToString();
var mockCertificateService = GetMockCertificateService(privateKey);
var signingCertificateSettings = new SigningCertificateSettings();
var decryptionService = new DecryptionService(mockCertificateService);
// Act
var decryptedString = decryptionService.DecryptString(clearTextstringToDecrypt, signingCertificateSettings);
// Assert
Assert.Equal(clearTextstringToDecrypt, decryptedString);
}
public void DecryptString_DecryptsEncryptedString()
{
// Arrange
var privateKey = GetPrivateKey();
var stringToEncrypt = Guid.NewGuid().ToString();
var encryptedString = $"{DecryptionService.EncryptionPrefix}{EncryptString(privateKey, stringToEncrypt)}";
var mockCertificateService = GetMockCertificateService(privateKey);
var signingCertificateSettings = new SigningCertificateSettings();
var decryptionService = new DecryptionService(mockCertificateService);
// Act
var decryptedString = decryptionService.DecryptString(encryptedString, signingCertificateSettings);
// Assert
Assert.Equal(stringToEncrypt, decryptedString);
}
public static async Task <IEnumerable <SimplePlaylist> > GetUserPlaylistsAsync(
SpotifyAPICredentials spotifyAPICredentials,
Guid userId,
int page,
int pageSize,
IRepositoryManager repositoryManager)
{
try
{
var user = await repositoryManager.UserRepository.GetByIdAsync(userId);
if (user.SpotifyRefreshToken != null)
{
var spotifyAuthRefreshRequest = new AuthorizationCodeRefreshRequest
(
spotifyAPICredentials.ClientId,
spotifyAPICredentials.ClientSecret,
DecryptionService.DecryptString(user.SpotifyRefreshToken)
);
var spotifyAuthResponse = await new OAuthClient().RequestToken(spotifyAuthRefreshRequest);
var spotifyToken = spotifyAuthResponse.AccessToken;
var spotifyClient = new SpotifyClient(spotifyToken);
var playlistsRequest = new PlaylistCurrentUsersRequest
{
Limit = pageSize,
Offset = page * pageSize
};
var playlists = await spotifyClient.Playlists.CurrentUsers(playlistsRequest);
return(playlists.Items);
}
else
{
throw new SpotifyNotLinkedException("Spotify Account not Linked", "Spotify Account not Linked");
}
}
catch (Exception)
{
throw;
}
}
public static async Task ResetPasswordAsync(
string passwordResetToken,
string newPassword,
string requesterAddress,
IRepositoryManager repositoryManager)
{
var decryptedResetToken = DecryptionService.DecryptString(passwordResetToken);
var hashedResetIdentifier = HashingHelper.HashIdentifier(decryptedResetToken);
var(existsAndValid, passwordReset) = await CheckPasswordResetIdentifierExistsAndIsValidAsync(
hashedResetIdentifier,
repositoryManager.PasswordResetRepository).ConfigureAwait(false);
if (existsAndValid)
{
var userId = Guid.Parse(DecryptionService.DecryptString(passwordReset.UserId));
var user = await repositoryManager.UserRepository.GetByIdAsync(userId);
user.Password = HashingHelper.HashPassword(newPassword);
user.UserSecret = EncryptionService.EncryptString(ModelHelpers.GenerateUniqueIdentifier(IdentifierConsts.UserIdentifierLength));
user.LastUpdatedOn = DateTime.Now;
user.LastUpdatedBy = userId;
passwordReset.Active = false;
passwordReset.UsedOn = DateTime.Now;
passwordReset.UsedByAddress = requesterAddress;
passwordReset.LastUpdatedOn = DateTime.Now;
await repositoryManager.UserRepository.UpdateAsync(user);
await repositoryManager.PasswordResetRepository.UpdateAsync(passwordReset);
}
else
{
throw new InvalidTokenException(InvalidTokenType.TokenNotFound, "The Password Reset Token is invalid");
}
}