From 74569d85b6249100c6ff9bd6203e869014b3bb31 Mon Sep 17 00:00:00 2001 From: kdeng00 Date: Fri, 16 Dec 2022 13:48:15 -0500 Subject: [PATCH] Deprecating asymmetric keys Starting work to deprecate using public and private keys to sign tokens --- Controllers/Managers/TokenManager.cs | 19 +++++++++---------- Controllers/v1/BaseController.cs | 4 +++- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/Controllers/Managers/TokenManager.cs b/Controllers/Managers/TokenManager.cs index 56d89da..20cf02f 100644 --- a/Controllers/Managers/TokenManager.cs +++ b/Controllers/Managers/TokenManager.cs @@ -29,10 +29,10 @@ namespace Icarus.Controllers.Managers #region Fields private string _clientId; private string _clientSecret; - private string _privateKeyPath; - private string _privateKey; - private string _publicKeyPath; - private string _publicKey; + private string _privateKeyPath = string.Empty; + private string _privateKey = string.Empty; + private string _publicKeyPath = string.Empty; + private string _publicKey = string.Empty; private string _audience; private string _grantType; private string _url; @@ -88,6 +88,7 @@ namespace Icarus.Controllers.Managers } + [Obsolete("Asymmetric key signing for tokens have been deprecated")] public LoginResult LogIn(User user) { var tokenResult = new TokenTierOne(); @@ -152,6 +153,7 @@ namespace Icarus.Controllers.Managers }; } + [Obsolete("Asymmetric key signing for tokens have been deprecated")] public bool IsTokenValid(string scope, string accessToken) { var result = false; @@ -172,6 +174,7 @@ namespace Icarus.Controllers.Managers return result; } + [Obsolete("Asymmetric key signing for tokens have been deprecated")] public Token DecodeToken(string accessToken) { var rsaParams = GetRSAPublic(_publicKey); @@ -264,6 +267,7 @@ namespace Icarus.Controllers.Managers return claim; } + [Obsolete("Asymmetric key signing for tokens have been deprecated")] private string CreateToken(List claims, string privateKey) { var token = string.Empty; @@ -323,6 +327,7 @@ namespace Icarus.Controllers.Managers return token; } + [Obsolete("Asymmetric key signing for tokens have been deprecated")] private RSAParameters GetRSAPublic(string publicKey) { using (var tr = new System.IO.StringReader(publicKey)) @@ -362,12 +367,6 @@ namespace Icarus.Controllers.Managers _audience = _config["Auth0:ApiIdentifier"]; _grantType = "client_credentials"; _url = $"https://{_config["Auth0:Domain"]}"; - _privateKeyPath = _config["RSAKeys:PrivateKeyPath"]; - _publicKeyPath = _config["RSAKeys:PublicKeyPath"]; - _privateKey = System.IO.File.ReadAllText(_privateKeyPath); - _publicKey = System.IO.File.ReadAllText(_publicKeyPath); - - PrintCredentials(); } #region Testing Methods diff --git a/Controllers/v1/BaseController.cs b/Controllers/v1/BaseController.cs index 9cec68a..4e3d40a 100644 --- a/Controllers/v1/BaseController.cs +++ b/Controllers/v1/BaseController.cs @@ -18,6 +18,7 @@ namespace Icarus.Controllers.V1 #region Methods [ApiExplorerSettings(IgnoreApi = true)] + [Obsolete("Asymmetric key signing for tokens have been deprecated")] protected string ParseBearerTokenFromHeader() { var token = string.Empty; @@ -39,6 +40,7 @@ namespace Icarus.Controllers.V1 } [ApiExplorerSettings(IgnoreApi = true)] + [Obsolete("Asymmetric key signing for tokens have been deprecated")] protected bool IsTokenValid(string scope) { var token = ParseBearerTokenFromHeader(); @@ -48,4 +50,4 @@ namespace Icarus.Controllers.V1 } #endregion } -} \ No newline at end of file +}