IServiceHmacTokenProvider

Members

_{Namespace: ASPSecurityKit.AuthProviders}
_{Assembly: ASPSecurityKit.dll}

Summary

Provides an interface to sign and validate requests using Service HMAC Token.

Remarks

This scheme is the recommended scheme for secure authentication for incoming webhooks (callbacks) from services that support dynamic URL per callback. The hmac should be by the name in queryString as defined by QSServiceHmac. The supported format for value is [idTokenType]:[idToken]:[signatureHash]:[timestamp]:[additionalParams]. Read more about it on https://ASPSecurityKit.net/docs/authentication-schemes/#service-hmac

Methods

`Sign(uri,details,authUrn,secret)`

Summary

Signs the specified URL with SHT using the specified ServiceHmac options.

Returns

The signed URL.

Parameters

Name	Type	Description
uri	System.Uri	The URL to sign.
details	ASPSecurityKit.AuthProviders.IServiceHmacTokenDetails	The object with details about the params, validity etc. to be used for computing the SHT signature for the specified operation.
authUrn	System.String	The identity token (idTokenType:idToken) to be used for signing.
secret	System.String	The secret associated with the identity token to compute the signature hash.

Exceptions

Type	Description
System.ArgumentNullException	When uri/details is null, or, when authUrn/secret is null/whitespace.

`Validate(requestService)`

Summary

Evaluates the specified request against the SHT auth scheme.

Returns

AuthSchemeValidationResult instance with Evaluated as true If the scheme was found in the request (along with either Auth as not null if evaluation succeeded or Error populated if it failed); otherwise, false.

Parameters

Name	Type	Description
requestService	ASPSecurityKit.IRequestService	The request service.

Exceptions

Type	Description
System.ArgumentNullException	When requestService is null.

`SignAsync(uri,details,authUrn,secret)`

Summary

Signs the specified URL with SHT using the specified ServiceHmac options.

Returns

The signed URL.

Parameters

Name	Type	Description
uri	System.Uri	The URL to sign.
details	ASPSecurityKit.AuthProviders.IServiceHmacTokenDetails	The object with details about the params, validity etc. to be used for computing the SHT signature for the specified operation.
authUrn	System.String	The identity token (idTokenType:idToken) to be used for signing.
secret	System.String	The secret associated with the identity token to compute the signature hash.

Exceptions

Type	Description
System.ArgumentNullException	When uri/details is null, or, when authUrn/secret is null/whitespace.

`SignAsync(uri,details,authUrn,secret,cancellationToken)`

Summary

Signs the specified URL with SHT using the specified ServiceHmac options.

Returns

The signed URL.

Parameters

Name	Type	Description
uri	System.Uri	The URL to sign.
details	ASPSecurityKit.AuthProviders.IServiceHmacTokenDetails	The object with details about the params, validity etc. to be used for computing the SHT signature for the specified operation.
authUrn	System.String	The identity token (idTokenType:idToken) to be used for signing.
secret	System.String	The secret associated with the identity token to compute the signature hash.
cancellationToken	System.Threading.CancellationToken	The cancellation token.

Exceptions

Type	Description
System.ArgumentNullException	When uri/details is null, or, when authUrn/secret is null/whitespace.

`ValidateAsync(requestService)`

Summary

Evaluates the specified request against the SHT auth scheme.

Returns

Parameters

Name	Type	Description
requestService	ASPSecurityKit.IRequestService	The request service.

Exceptions

Type	Description
System.ArgumentNullException	When requestService is null.

`ValidateAsync(requestService,cancellationToken)`

Summary

Evaluates the specified request against the SHT auth scheme.

Returns

Parameters

Name	Type	Description
requestService	ASPSecurityKit.IRequestService	The request service.
cancellationToken	System.Threading.CancellationToken	The cancellation token.

Exceptions

Type	Description
System.ArgumentNullException	When requestService is null.