softaware.Authentication.Hmac.AspNetCore
1.0.0
.NET Standard 2.0
There is a newer version of this package available.
See the version list below for details.
See the version list below for details.
Install-Package softaware.Authentication.Hmac.AspNetCore -Version 1.0.0
dotnet add package softaware.Authentication.Hmac.AspNetCore --version 1.0.0
<PackageReference Include="softaware.Authentication.Hmac.AspNetCore" Version="1.0.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add softaware.Authentication.Hmac.AspNetCore --version 1.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: softaware.Authentication.Hmac.AspNetCore, 1.0.0"
#r directive can be used in F# Interactive, C# scripting and .NET Interactive. Copy this into the interactive tool or source code of the script to reference the package.
// Install softaware.Authentication.Hmac.AspNetCore as a Cake Addin
#addin nuget:?package=softaware.Authentication.Hmac.AspNetCore&version=1.0.0
// Install softaware.Authentication.Hmac.AspNetCore as a Cake Tool
#tool nuget:?package=softaware.Authentication.Hmac.AspNetCore&version=1.0.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
softaware.Authentication.Hmac
softaware.Authentication.Hmac.AspNetCore
Provides an AuthenticationHandler which supports HMAC authentication in an ASP.NET Core project.
Usage:
- Get your HMAC authenticated clients, for example from the
appsettings.jsonfile. For HMAC authentication, anAppIdand anApiKeyis required for each client which should get access.
var hmacAuthenticatedApps = this.Configuration
.GetSection("Authentication")
.GetSection("HmacAuthenticatedApps")
.Get<HmacAuthenticationClientConfiguration[]>()
.ToDictionary(e => e.AppId, e => e.ApiKey);
{
"Authentication": {
"HmacAuthenticatedApps": [
{
"AppId": "<some-app-id>",
"ApiKey": "<some-api-key>"
}
]
}
}
- Enable HMAC authentication in
Startup.csin theConfigureServicesmethod:
services
.AddHmacAuthentication(HmacAuthenticationDefaults.AuthenticationScheme, "HMAC Authentication", o =>
{
o.MaxRequestAgeInSeconds = HmacAuthenticationDefaults.MaxRequestAgeInSeconds;
o.HmacAuthenticatedApps = hmacAuthenticatedApps;
});
- Add
MemoryCache(from Microsoft.Extensions.Caching.Memory) inStartup.csin theConfigureServicesmethod. TheMemoryCacheis used by the HMACAuthenticationHandlerto determine replay attacks.
services.AddMemoryCache();
- Enable authentication in
Startup.csin theConfiguremethod:
app.UseAuthentication();
- Optional: Specify HMAC as the authentication scheme for certain controllers:
[Authorize(AuthenticationSchemes = HmacAuthenticationDefaults.AuthenticationScheme)]
[Route("api/[controller]")]
public class HomeController : Controller
{
// ...
}
softaware.Authentication.Hmac.Client
Provides a DelegatingHandler for adding an HMAC authorization header to HTTP requests.
Instantiate your HttpClient instance with the ApiKeyDelegatingHandler:
new HttpClient(new ApiKeyDelegatingHandler(appId, apiKey));
Or in case your WebAPI client is another ASP.NET WebAPI (>= ASP.NET Core 2.1), register your HttpClient in the Startup.cs for example as follows:
services.AddTransient(sp => new ApiKeyDelegatingHandler(appId, apiKey));
services
.AddHttpClient("HmacHttpClient")
.AddHttpMessageHandler<ApiKeyDelegatingHandler>();
Generate HMAC AppId and ApiKey
To generate an API Key, the following simple Console Application can be used. This implementation is also provided on .NET Fiddle.
using System.Security.Cryptography;
public class Program
{
public static void Main()
{
Console.WriteLine($"AppID: {Guid.NewGuid()} or <some-speaking-name>");
Console.WriteLine($"ApiKey: {GenerateApiKey()}");
}
private static string GenerateApiKey()
{
using (var cryptoProvider = new RNGCryptoServiceProvider())
{
byte[] secretKeyByteArray = new byte[32]; //256 bit
cryptoProvider.GetBytes(secretKeyByteArray);
return Convert.ToBase64String(secretKeyByteArray);
}
}
}
| Product | Versions |
|---|---|
| .NET | net5.0 net5.0-windows net6.0 net6.0-android net6.0-ios net6.0-maccatalyst net6.0-macos net6.0-tvos net6.0-windows |
| .NET Core | netcoreapp2.0 netcoreapp2.1 netcoreapp2.2 netcoreapp3.0 netcoreapp3.1 |
| .NET Standard | netstandard2.0 netstandard2.1 |
| .NET Framework | net461 net462 net463 net47 net471 net472 net48 |
| MonoAndroid | monoandroid |
| MonoMac | monomac |
| MonoTouch | monotouch |
| Tizen | tizen40 tizen60 |
| Xamarin.iOS | xamarinios |
| Xamarin.Mac | xamarinmac |
| Xamarin.TVOS | xamarintvos |
| Xamarin.WatchOS | xamarinwatchos |
Compatible target framework(s)
Additional computed target framework(s)
Learn more about Target Frameworks and .NET Standard.
-
.NETStandard 2.0
- Microsoft.AspNetCore.Authentication (>= 2.1.1)
- Microsoft.Extensions.Caching.Memory (>= 2.1.1)
- softaware.Authentication.Hmac (>= 1.0.0)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.