/// <summary> /// Gets the key in a given bucket and handle. /// </summary> /// <param name="bucket">The bucket name. Case sensitive.</param> /// <param name="handle">The key handle. Case sensitive.</param> /// <returns>The cryptographic key, or <c>null</c> if no matching key was found.</returns> public CryptoKey GetKey(string bucket, string handle) { X509Certificate2 certificate = null; if (GetCodeKey) { certificate = _consumerStore.GetConsumerCertificate(handle); } else { certificate = _consumerStore.GetConsumerCertificate(_clientIndetifier); } Byte[] publicKey = certificate.GetPublicKey(); Byte[] getSigningKey = publicKey.Take(32).ToArray(); return(new CryptoKey(getSigningKey, ExpiryDateTime)); }
protected virtual SigningContext CreateSignatureContextForConsumer(IOAuthContext context) { var signingContext = new SigningContext { ConsumerSecret = _consumerStore.GetConsumerSecret(context) }; if (SignatureMethodRequiresCertificate(context.SignatureMethod)) { X509Certificate2 cert = _consumerStore.GetConsumerCertificate(context); signingContext.Algorithm = cert.PublicKey.Key; } return(signingContext); }
/// <summary> /// Verify that the request is valid. /// </summary> /// <param name="httpRequest">The HTTP request base.</param> /// <param name="rawUri">A System.Uri object containing information regarding the URL of the current request.</param> /// <param name="queryString">The collection of HTTP query string variables.</param> /// <param name="form">The collection of form variables.</param> /// <param name="headers">The collection of HTTP headers.</param> /// <param name="requiredScopes">The set of scopes required to approve this request.</param> /// <returns> /// The principal that contains the user and roles that the access token is authorized for; else null. /// </returns> private IPrincipal Verify(HttpRequestBase httpRequest, Uri rawUri, NameValueCollection queryString, NameValueCollection form, NameValueCollection headers, params string[] requiredScopes) { string clientID = null; string nonce = null; string accessToken = null; string tokenNonce = null; string userID = null; try { // Make sure that all the passed parameters are valid. if (httpRequest == null) { throw new ArgumentNullException("httpRequest"); } if (rawUri == null) { throw new ArgumentNullException("rawUri"); } if (queryString == null) { throw new ArgumentNullException("queryString"); } if (form == null) { throw new ArgumentNullException("form"); } if (headers == null) { throw new ArgumentNullException("headers"); } // Attempt to find the 'access_token' parameter in the form. IEnumerable <string> accessTokens = form.AllKeys.Where(u => u.EndsWith("access_token")); if (accessTokens == null || accessTokens.Count() < 1) { // Attempt to find the 'access_token' parameter in the query string. if (queryString != null || queryString.Keys.Count > 0) { if (queryString["access_token"] != null) { accessToken = queryString["access_token"]; } } // Attempt to find the 'access_token' parameter in the headers. if (headers != null || headers.Keys.Count > 0) { if (headers["access_token"] != null) { accessToken = headers["access_token"]; } } } else { accessToken = form["access_token"]; } // Pass a access token if (!String.IsNullOrEmpty(accessToken)) { // Get the nonce data for the code value. nonce = _tokenStore.GetNonceByAccessToken(accessToken); clientID = _consumerStore.GetConsumerIdentifier(nonce); // Make sure that the token is still valid. if (!_consumerStore.IsAuthorizationValid(clientID, nonce)) { return(null); } else { // Get the encryption certificate for the client. // Create a new access token decryption analyser. X509Certificate2 certificate = _consumerStore.GetConsumerCertificate(clientID); StandardAccessTokenAnalyzer accessTokenAnalyzer = new StandardAccessTokenAnalyzer( (RSACryptoServiceProvider)certificate.PrivateKey, (RSACryptoServiceProvider)certificate.PublicKey.Key); // Assign the analyser and get the access token // data from the http request. _resourceServer.AccessTokenAnalyzer = accessTokenAnalyzer; AccessToken token = _resourceServer.GetAccessToken(httpRequest, requiredScopes); // Get the priciple identity of the access token request. IPrincipal principal = _resourceServer.GetPrincipal(token, out userID, out tokenNonce, httpRequest, requiredScopes); return(principal); } } else { return(null); } } catch (Exception ex) { // Get the current token errors. _tokenError = ex.Message; return(null); } }