示例#1
0
        public async Task <IActionResult> Decrypt(DecryptionModel model)
        {
            var result = new ExpandoObject();

            result.TryAdd("secret", await _encryptionService.DecryptAsync(model));
            return(Ok(result));
        }
示例#2
0
    public async Task <TokenResult?> GetOrUpdateAuthTokenAsync(ulong guildId)
    {
        GuildConfig config = await _guildConfig.FindOrCreateConfigAsync(guildId);

        LoginModel login = config.ApiLogin ?? throw new ApplicationException("Guild must first set API login (username/password).");

        if (config.Token is { } token&& token.IsValid())
        {
            return(token);
        }

        try
        {
            token = await LoginAsync(login.Username, await _encryption.DecryptAsync(login.Password));

            await _guildConfig.UpdateOneAsync(
                Builders <GuildConfig> .Filter.Eq(c => c.Id, config.Id),
                Builders <GuildConfig> .Update.Set(c => c.Token, token));

            return(token);
        }
        catch (HttpRequestException e) when(e.StatusCode is HttpStatusCode.Unauthorized or HttpStatusCode.Forbidden)
        {
            throw new UnauthorizedAccessException(e.Message, e);
        }
    }
示例#3
0
        public async Task <IReadOnlyList <IEvent <Guid> > > GetEventsAsync(Guid aggregateId, CancellationToken token)
        {
            var filter          = new FilterDefinitionBuilder <EncryptedEvent <Guid> >().Eq(nameof(Event.AggregateRootId), aggregateId);
            var encryptedEvents = await _mongoCollection.Find(filter).ToListAsync(token);

            var decryptedEvents = new List <IEvent <Guid> >();

            foreach (var encryptedEvent in encryptedEvents)
            {
                var decrypted = await _encryptionService.DecryptAsync(encryptedEvent, token);

                decryptedEvents.Add(decrypted);
            }

            return(decryptedEvents);
        }
示例#4
0
        private async Task ValidateAntiTamperingPropertyAsync(ActionExecutingContext context, string originalName, string protectedName,
                                                              IEncryptionService encryptionService)
        {
            var httpContext        = context.HttpContext;
            var httpContextRequest = httpContext.Request;
            var decryptedValue     = await encryptionService.DecryptAsync(httpContextRequest.Form[protectedName], true);

            if (decryptedValue == null)
            {
                throw new HiddenInputTamperedException("A required security token was not supplied or was invalid.");
            }

            var originalValue = httpContextRequest.Form[originalName];


            if (!decryptedValue.ToLower().Equals(originalValue))
            {
                throw new HiddenInputTamperedException("A required security token was not supplied or was invalid.");
            }
        }
示例#5
0
        private async Task DecryptHiddenFormAsync(ActionExecutingContext context, IEncryptionService encryptionService)
        {
            var formCollection = context.HttpContext.Request.Form.ToDictionary(x => x.Key, x => x.Value);


            var protectedProperties = formCollection.Keys
                                      .Where(x => !x.StartsWith(EncryptionConstants.TokenPrefixAntiTampering)).ToArray();

            foreach (var protectedProperty in protectedProperties)
            {
                try
                {
                    var stringValues = formCollection[protectedProperty].FirstOrDefault();
                    formCollection[protectedProperty] = await encryptionService.DecryptAsync(stringValues, true);
                }
                catch (Exception ex)
                {
                    throw new HiddenInputTamperedException("A required security token was not supplied or was invalid.", ex);
                }
            }

            context.HttpContext.Request.Form = new FormCollection(formCollection);
        }
示例#6
0
        public async Task <ApiResponse <CryptographyResponseModel> > Get()
        {
            Stopwatch stopwatch = null;
            ApiResponse <CryptographyResponseModel> response = new ApiResponse <CryptographyResponseModel>();

            try
            {
                stopwatch = new Stopwatch();
                stopwatch.Start();
                response = new ApiResponse <CryptographyResponseModel>();

                var    cryptoSet = _encryptionService.GenerateCryptoKeySet();
                string encrypted = await _encryptionService.EncryptAsync(cryptoSet, Guid.NewGuid().ToString());

                string decrypted = await _encryptionService.DecryptAsync(cryptoSet, encrypted);

                response.Result = new CryptographyResponseModel()
                {
                    Key       = cryptoSet.Key,
                    IV        = cryptoSet.IV,
                    Encrypted = encrypted,
                    Decrypted = decrypted
                };
                response.StatusCode = HttpStatusCode.OK;
                response.Timestamp  = DateTime.UtcNow;

                stopwatch.Stop();
                response.ElapsedMilliseconds = stopwatch.ElapsedMilliseconds;
            }
            catch (Exception ex)
            {
                response = ApiResponse <CryptographyResponseModel> .CreateResponse(HttpStatusCode.InternalServerError, ex.Message);
            }

            return(response);
        }
示例#7
0
 public async Task <IActionResult> Decrypt([FromBody] DecryptionModel model)
 {
     return(Ok(await _encryptionService.DecryptAsync(model)));
 }
示例#8
0
 public ActionResult <EncryptMessageModel> Decrypt([FromBody] DecryptMessageModel input)
 {
     return(Ok(_encryptionService.DecryptAsync(input)));
 }
示例#9
0
        public async Task <ValueProviderResult> GetValueAsync(string key)
        {
            var val = _innerValueProvider.GetValue(key);

            return(new ValueProviderResult(await _encryptionService.DecryptAsync(val.FirstValue, true), val.Culture));
        }