DefaultHmacTokenHandler

Namespace: ASPSecurityKit.AuthProviders
Assembly: ASPSecurityKit.dll

Summary

Implements IAuthenticationSchemeHandler to authenticate using HMAC.

Remarks

This scheme is the recommended scheme for secure authentication and the header version (by the name as defined by HeaderHmac) is enabled by default for all requests. It also supports embedding hmac in URL as queryString variable by the name as defined by QSHmac. However, the queryString method is usually not enabled by default; you must do so using the appropriate mechanism provided in your platform-specific ASPSecurityKit library. The supported format for value is [idTokenType]:[idToken]:[signatureHash]:[nonce]:[timestamp]. Read more about it on https://ASPSecurityKit.net/docs/article/authentication-schemes/#hmac

Constructors

#ctor(sessionProvider,securityContext,cacheClient,settings,errorResource)

Summary

Initializes a new instance of the DefaultHmacTokenHandler class.

Parameters
Name Type Description
sessionProvider ASPSecurityKit.IAuthSessionProvider The session provider.
securityContext ASPSecurityKit.ISecurityContext The security context.
cacheClient ASPSecurityKit.ICacheClient The cache client.
settings ASPSecurityKit.ISecuritySettings The security settings.
errorResource ASPSecurityKit.IErrorMessageResourceProvider The error resource.

Methods

Validate(requestService)

Summary

Evaluates the specified request against the auth scheme represented by this interface.

Returns

AuthSchemeValidationResult instance with Evaluated as true If the scheme was found in the request (along with either Auth as not null if evaluation succeeded or Error populated if it failed); otherwise, false.

Parameters
Name Type Description
requestService ASPSecurityKit.IRequestService The request service.
Exceptions
Type Description
System.ArgumentNullException When requestService is null.

ValidateAsync(requestService)

Summary

Evaluates the specified request against the auth scheme represented by this interface.

Returns

AuthSchemeValidationResult instance with Evaluated as true If the scheme was found in the request (along with either Auth as not null if evaluation succeeded or Error populated if it failed); otherwise, false.

Parameters
Name Type Description
requestService ASPSecurityKit.IRequestService The request service.
Exceptions
Type Description
System.ArgumentNullException When requestService is null.

ValidateAsync(requestService,cancellationToken)

Summary

Evaluates the specified request against the auth scheme represented by this interface.

Returns

AuthSchemeValidationResult instance with Evaluated as true If the scheme was found in the request (along with either Auth as not null if evaluation succeeded or Error populated if it failed); otherwise, false.

Parameters
Name Type Description
requestService ASPSecurityKit.IRequestService The request service.
cancellationToken System.Threading.CancellationToken The cancellation token.
Exceptions
Type Description
System.ArgumentNullException When requestService is null.