DefaultHmacTokenHandler
Members
Namespace: ASPSecurityKit.AuthProviders
Assembly: ASPSecurityKit.dll
Summary
Implements IAuthenticationSchemeHandler to authenticate using HMAC.
Remarks
This scheme is the recommended scheme for secure authentication and the header version (by the name as defined by HeaderHmac) is enabled by default for all requests.
It also supports embedding hmac in URL as queryString variable by the name as defined by QSHmac. However, the queryString method is usually not enabled by default; you must do so using the appropriate mechanism provided in your platform-specific ASPSecurityKit library.
The supported format for value is [idTokenType]:[idToken]:[signatureHash]:[nonce]:[timestamp]. Read more about it on https://ASPSecurityKit.net/docs/authentication-schemes/#hmac
Constructors
#ctor(sessionProvider,securityContext,cacheClient,settings,errorResource)
Summary
Initializes a new instance of the DefaultHmacTokenHandler class.
Parameters
| Name | Type | Description |
|---|---|---|
| sessionProvider | ASPSecurityKit.IAuthSessionProvider | The session provider. |
| securityContext | ASPSecurityKit.ISecurityContext | The security context. |
| cacheClient | ASPSecurityKit.ICacheClient | The cache client. |
| settings | ASPSecurityKit.ISecuritySettings | The security settings. |
| errorResource | ASPSecurityKit.IErrorMessageResourceProvider | The error resource. |
Methods
Validate(requestService)
Summary
Evaluates the specified request against the auth scheme represented by this interface.
Returns
AuthSchemeValidationResult instance with Evaluated as true If the scheme was found in the request (along with either Auth as not null if evaluation succeeded or Error populated if it failed); otherwise, false.
Parameters
| Name | Type | Description |
|---|---|---|
| requestService | ASPSecurityKit.IRequestService | The request service. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When requestService is null. |
ValidateAsync(requestService)
Summary
Evaluates the specified request against the auth scheme represented by this interface.
Returns
AuthSchemeValidationResult instance with Evaluated as true If the scheme was found in the request (along with either Auth as not null if evaluation succeeded or Error populated if it failed); otherwise, false.
Parameters
| Name | Type | Description |
|---|---|---|
| requestService | ASPSecurityKit.IRequestService | The request service. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When requestService is null. |
ValidateAsync(requestService,cancellationToken)
Summary
Evaluates the specified request against the auth scheme represented by this interface.
Returns
AuthSchemeValidationResult instance with Evaluated as true If the scheme was found in the request (along with either Auth as not null if evaluation succeeded or Error populated if it failed); otherwise, false.
Parameters
| Name | Type | Description |
|---|---|---|
| requestService | ASPSecurityKit.IRequestService | The request service. |
| cancellationToken | System.Threading.CancellationToken | The cancellation token. |
Exceptions
| Type | Description |
|---|---|
| System.ArgumentNullException | When requestService is null. |