public HomeController(IDataProtectionProvider provider, IKeyManager keyManager)
{
var dataProtector = provider.CreateProtector("W3E72EFS4MN9LOP0FDWJ7F6E0FSW");
_timeLimitedDataProtector = dataProtector.ToTimeLimitedDataProtector();
_keyManager = keyManager;
}
private async Task <bool> IsTokenValid(string token)
{
try
{
using (var scope = await _shellHost.GetScopeAsync(_shellSettingsManager.GetSettings(ShellHelper.DefaultShellName)))
{
var dataProtectionProvider = scope.ServiceProvider.GetService <IDataProtectionProvider>();
ITimeLimitedDataProtector dataProtector = dataProtectionProvider.CreateProtector("Tokens").ToTimeLimitedDataProtector();
var tokenValue = dataProtector.Unprotect(token, out var expiration);
if (_clock.UtcNow < expiration.ToUniversalTime())
{
if (_shellSettings.Secret == tokenValue)
{
return(true);
}
}
}
}
catch (Exception ex)
{
_logger.LogError(ex, "Error in decrypting the token");
}
return(false);
}
public DocumentsController(
IMediator mediator,
ITempContentStorage tempContentStorage,
IUserService userService,
IDocumentStorage documentStorage,
IContentTypeProvider contentTypeProvider,
IFoldersStorage foldersStorage,
IDataProtectionProvider dataProtectionProvider)
{
if (dataProtectionProvider == null)
{
throw new ArgumentNullException(nameof(dataProtectionProvider));
}
this.mediator = mediator ?? throw new ArgumentNullException(nameof(mediator));
this.tempContentStorage = tempContentStorage ?? throw new ArgumentNullException(nameof(tempContentStorage));
this.userService = userService ?? throw new ArgumentNullException(nameof(userService));
this.documentStorage = documentStorage ?? throw new ArgumentNullException(nameof(documentStorage));
this.contentTypeProvider = contentTypeProvider ?? throw new ArgumentNullException(nameof(contentTypeProvider));
this.foldersStorage = foldersStorage ?? throw new ArgumentNullException(nameof(foldersStorage));
dataProtector = dataProtectionProvider
.CreateProtector(nameof(DocumentsController))
.ToTimeLimitedDataProtector();
}
public SecurityTokenService(
IDataProtectionProvider dataProtectionProvider,
IClock clock)
{
_dataProtector = dataProtectionProvider.CreateProtector("Tokens").ToTimeLimitedDataProtector();
_clock = clock;
}
public ValuesController(IDataProtectionProvider provider, IKeyManager keyManager)
{
_provider = provider;
_dataProtector = provider.CreateProtector("3BCE558E2AD3E0E34A7743EAB5AEA2A9BD2575A0");
_timeLimitedDataProtector = _dataProtector.ToTimeLimitedDataProtector();
_keyManager = keyManager;
}
public ServerComponentDeserializerTest()
{
_ephemeralDataProtectionProvider = new EphemeralDataProtectionProvider();
_protector = _ephemeralDataProtectionProvider
.CreateProtector(ServerComponentSerializationSettings.DataProtectionProviderPurpose)
.ToTimeLimitedDataProtector();
}
public SecurityTokenService(
IDataProtectionProvider dataProtectionProvider,
IClock clock,
IStringLocalizer <SecurityTokenService> localizer)
{
_dataProtector = dataProtectionProvider.CreateProtector("Tokens").ToTimeLimitedDataProtector();
_clock = clock;
T = localizer;
}
public AuthService(UserManager <AppUser> userManager,
IDataProtectionProvider dataProtectionProvider,
IEmailService emailService,
IConfiguration configuration)
{
this.userManager = userManager;
this.emailService = emailService;
this.configuration = configuration;
dataProtector = dataProtectionProvider.CreateProtector("LoginTfaTokenProtector").ToTimeLimitedDataProtector();
}
public PruebasEncriptacionController(IDataProtectionProvider dataProtectionProvider, HashService hashService)
{
//Esta encriptacion usa una clave interna que net core gestiona (Segun si esta en azure o en IIS...). Hay forma para controlar donde se guarda esa clave por ejemplo si se usa microservicios y no
//se tiene la clave en un almacen comun cada microservicio encriptaria de forma distinta.
//Recomendado obtener la clave de un repositorio seguro, secretos o variable de entorno.
_dataProtector = dataProtectionProvider.CreateProtector("Clave");
_dataProtectorTiempoLimitado = dataProtectionProvider.CreateProtector("Clave").ToTimeLimitedDataProtector();
_hashService = hashService;
}
public CredentialsService(
IDataProtectionProvider dataProtectionProvider,
IHttpContextAccessor httpContextAccessor,
IConfiguration configuration,
IOptions <WitsmlClientCapabilities> clientCapabilities)
{
dataProtector = dataProtectionProvider.CreateProtector("WitsmlServerPassword").ToTimeLimitedDataProtector();
this.httpContextAccessor = httpContextAccessor;
this.configuration = configuration;
this.clientCapabilities = clientCapabilities.Value;
}
public LoginController(IConfiguration configuration, IArangoDatabase database, HttpClient httpClient,
CloudBlobContainer container, IPasswordHasher <User> passwordHasher, IEmailSender emailSender, IDataProtectionProvider protector)
{
DataProtector = protector.CreateProtector("MaxOrg.NewPassword").ToTimeLimitedDataProtector();
EmailSender = emailSender;
Container = container;
HttpClient = httpClient;
Database = database;
Configuration = configuration;
m_passwordHasher = passwordHasher;
}
public LFSController(ILogger <LFSController> logger,
ApplicationDbContext database, LfsDownloadUrls downloadUrls, IDataProtectionProvider dataProtectionProvider,
LfsRemoteStorage remoteStorage, IConfiguration configuration)
{
this.logger = logger;
this.database = database;
this.downloadUrls = downloadUrls;
this.remoteStorage = remoteStorage;
this.configuration = configuration;
dataProtector = dataProtectionProvider.CreateProtector(LfsUploadProtectionPurposeString)
.ToTimeLimitedDataProtector();
}
private readonly ITimeLimitedDataProtector _timeLimitedDataProtector; //Şifrelediğimiz veriye ömür biçmek için kullanırız.
public ProductController(AppDbContext context, IDataProtectionProvider dataProtectionProvider) //IDataProtectionProvider ile IDataProtector'ı dolduracağız.
{
_context = context;
/*
* CreateProtector içerisinde vereceğim isim Unique'dir. DataProtector'ları birbirinden ayırmak için kullanırız.
* Farklı bir controller içerisinde de DataProtector kullanabileceğimizden ötürü, bunları birbirinden ayırmak mahiyetinde isimlendirme yapıyoruz.
*/
_dataProtector = dataProtectionProvider.CreateProtector(nameof(ProductController));
_timeLimitedDataProtector = _dataProtector.ToTimeLimitedDataProtector(); //Şifrelediğimiz veriye ömür biçmek için kullanırız.
//_dataProtector = dataProtectionProvider.CreateProtector(GetType().FullName); | GetType().FullName ile otomatik olarak da isimlendirebiliriz.
}
public StorageFilesController(ILogger <StorageFilesController> logger, NotificationsEnabledDb database,
GeneralRemoteStorage remoteStorage, IDataProtectionProvider dataProtectionProvider,
IBackgroundJobClient jobClient)
{
this.logger = logger;
this.database = database;
this.remoteStorage = remoteStorage;
this.jobClient = jobClient;
dataProtector = dataProtectionProvider.CreateProtector(FileUploadProtectionPurposeString)
.ToTimeLimitedDataProtector();
chunkDataProtector = dataProtectionProvider.CreateProtector(FileUploadChunkProtectionPurposeString)
.ToTimeLimitedDataProtector();
}
/// <summary>
/// Cryptographically protects a piece of plaintext data, expiring the data after
/// the specified amount of time has elapsed.
/// </summary>
/// <param name="protector">The protector to use.</param>
/// <param name="plaintext">The plaintext data to protect.</param>
/// <param name="lifetime">The amount of time after which the payload should no longer be unprotectable.</param>
/// <returns>The protected form of the plaintext data.</returns>
public static string Protect(this ITimeLimitedDataProtector protector, string plaintext, TimeSpan lifetime)
{
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
return(Protect(protector, plaintext, DateTimeOffset.Now + lifetime));
}
public AccountLinkingStateService(
ILogger <AccountLinkingStateService> logger,
IReplayValidator replayValidator,
IDataProtectionProvider dataProtectionProvider,
IOptions <AccountLinkingStateServiceOptions> options)
{
_logger = logger;
_replayValidator = replayValidator;
var protectorName = string.IsNullOrEmpty(options.Value.ProtectorName)
? (typeof(AccountLinkingStateService).Assembly.FullName ?? nameof(AccountLinkingStateService))
: options.Value.ProtectorName;
_dataProtector = dataProtectionProvider.CreateProtector(protectorName).ToTimeLimitedDataProtector();
_lifeSpan = options.Value.ExpirationTime;
}
public UserAppService(IRoleRepository roleRep,
IOptionsSnapshot <AppSettings> appSettingsOptions,
IUserRepository userRepository,
ICurrentUser currentUser,
ICapPublisher publisher,
IDataProtectionProvider provider, IUserDomainService userDomainService, IRoleDomainService roleDomainService)
{
_userRep = userRepository;
_appSettings = appSettingsOptions.Value;
_currentUser = currentUser;
_roleRep = roleRep;
_protector = provider.CreateProtector(appSettingsOptions.Value.DataProtectorPurpose.FileDownload).ToTimeLimitedDataProtector();
_publisher = publisher;
_userDomainService = userDomainService;
_roleDomainService = roleDomainService;
}
public UserService(UserManager <ApplicationUser> userManager, IMapper mapper,
ApplicationDbContext applicationDbContext,
ILogger <UserService> logger,
IDataProtectionProvider dataProtectionProvider)
{
if (dataProtectionProvider is null)
{
throw new ArgumentNullException(nameof(dataProtectionProvider));
}
this.userManager = userManager ?? throw new ArgumentNullException(nameof(userManager));
this.mapper = mapper ?? throw new ArgumentNullException(nameof(mapper));
this.applicationDbContext = applicationDbContext ?? throw new ArgumentNullException(nameof(applicationDbContext));
this.logger = logger ?? throw new ArgumentNullException(nameof(logger));
dataProtector = dataProtectionProvider.CreateProtector(nameof(UserService)).ToTimeLimitedDataProtector();
}
/// <summary>
/// Cryptographically unprotects a piece of protected data.
/// </summary>
/// <param name="protector">The protector to use.</param>
/// <param name="protectedData">The protected data to unprotect.</param>
/// <param name="expiration">An 'out' parameter which upon a successful unprotect
/// operation receives the expiration date of the payload.</param>
/// <returns>The plaintext form of the protected data.</returns>
/// <exception cref="System.Security.Cryptography.CryptographicException">
/// Thrown if <paramref name="protectedData"/> is invalid, malformed, or expired.
/// </exception>
public static string Unprotect(this ITimeLimitedDataProtector protector, string protectedData, out DateTimeOffset expiration)
{
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (protectedData == null)
{
throw new ArgumentNullException(nameof(protectedData));
}
var wrappingProtector = new TimeLimitedWrappingProtector(protector);
string retVal = wrappingProtector.Unprotect(protectedData);
expiration = wrappingProtector.Expiration;
return(retVal);
}
public UserController(
ApplicationDbContext _db,
RedisService _redis,
IStringLocalizer <UserController> _localizer,
ISmsSender _sms,
IEmailSender _email,
IDataProtectionProvider _provider,
UserManager <AppUser> _userManager)
{
// 多语言
l = _localizer;
db = _db;
redis = _redis;
sms = _sms;
protector = _provider.CreateProtector(GetType().FullName).ToTimeLimitedDataProtector();
email = _email;
userManager = _userManager;
}
private static void ProtectParams(JToken token, ITimeLimitedDataProtector protector, ParamsProtectionOptions option)
{
if (token is JArray array)
{
foreach (var j in array)
{
if (array.Parent is JProperty property && j is JValue val)
{
var strJ = val.Value.ToString();
if (option.IsParamNeedProtect(property.Name, strJ))
{
val.Value = protector.Protect(strJ, TimeSpan.FromMinutes(option.ExpiresIn.GetValueOrDefault(10)));
}
}
else
{
ProtectParams(j, protector, option);
}
}
/// <summary>
/// Cryptographically protects a piece of plaintext data, expiring the data at
/// the chosen time.
/// </summary>
/// <param name="protector">The protector to use.</param>
/// <param name="plaintext">The plaintext data to protect.</param>
/// <param name="expiration">The time when this payload should expire.</param>
/// <returns>The protected form of the plaintext data.</returns>
public static string Protect(this ITimeLimitedDataProtector protector, string plaintext, DateTimeOffset expiration)
{
if (protector == null)
{
throw new ArgumentNullException(nameof(protector));
}
if (plaintext == null)
{
throw new ArgumentNullException(nameof(plaintext));
}
var wrappingProtector = new TimeLimitedWrappingProtector(protector)
{
Expiration = expiration
};
return(wrappingProtector.Protect(plaintext));
}
public StaticFileMiddleware(RequestDelegate next, IDataProtectionProvider provider, IOptionsSnapshot <H_AppSettings> appSettingsOptions)
{
_next = next;
_protector = provider.CreateProtector(appSettingsOptions.Value.DataProtectorPurpose.FileDownload).ToTimeLimitedDataProtector();
}
public DataProtectorService(IDataProtectionProvider provider)
{
_dataProtector = provider.CreateProtector(GetType().FullName);
_timeLimitedDataProtector = _dataProtector.ToTimeLimitedDataProtector();
}
public DataProtectionService(IDataProtectionProvider dataProtectionProvider)
{
_dataProtector = dataProtectionProvider.CreateProtector("Spitball")
.ToTimeLimitedDataProtector();
}
// the 'provider' parameter is provided by DI
public DataProtectionHelper(IDataProtectionProvider provider)
{
_protector = provider.CreateProtector("Contoso.democlass.v1");
_timeLimitedProtector = _protector.ToTimeLimitedDataProtector();
}
public CredentialsService(IDataProtectionProvider dataProtectionProvider, IHttpContextAccessor httpContextAccessor, IConfiguration configuration)
{
dataProtector = dataProtectionProvider.CreateProtector("WitsmlServerPassword").ToTimeLimitedDataProtector();
this.httpContextAccessor = httpContextAccessor;
this.configuration = configuration;
}
public TimeLimitedWrappingProtector(ITimeLimitedDataProtector innerProtector)
{
_innerProtector = innerProtector;
}
public SecretController(SecretContext context)
{
_protector = DataProtectionProvider.Create("SecretKeeper").CreateProtector("Secrets.TimeLimited").ToTimeLimitedDataProtector();
_rndProvider = new RNGCryptoServiceProvider();
_context = context;
}
public SecurityTokenService(IDataProtectionProvider dataProtectionProvider, IDateTimeProvider dateTimeProvider)
{
_dateTimeProvider = dateTimeProvider;
_dataProtector = dataProtectionProvider.CreateProtector("Tokens").ToTimeLimitedDataProtector();
}
public TimeLimitedWrappingProtector(ITimeLimitedDataProtector innerProtector)
{
_innerProtector = innerProtector;
}
