Thursday, May 2, 2024

sending API header with encrypted credentials( encryption/decryption included)

 private static bool IsValidRequestAsync(HttpRequest request, string configValue)

{

   bool isValidRequest = false; 

    try

    {

        const string headerKeyName = "header";

        string headerValue = request.Headers[headerKeyName].First();

        string credentials = EncryptionDecryption.DecryptString(configValue, headerValue);

        isValidRequest = credentials == "User ID=nsouser;Password=nsouser123;" ? true : false;


    }

    catch (Exception ex)

    {

        return isValidRequest;

    }


    return isValidRequest;

  

}



==================



 internal static  IResult GetNSOReqDataSummary(string nsoRequestID, string status, INSOReqSummaryService NSOReqSummaryService,HttpRequest request)

 {

    bool isValid  =  IsValidRequestAsync(request, NSOReqSummaryService.GetConfigValue());

     if (isValid)

     {

         var responceData = "Invalid Parameter";

         if (nsoRequestID != null || status != null)

         {

             var nsorequestdetails = NSOReqSummaryService.GetNSOReqDataSummary(nsoRequestID, status);

             return nsorequestdetails is not null ? Results.Ok(JsonConvert.SerializeObject(nsorequestdetails)) : Results.NotFound();

         }

         else

         {

             return Results.Json(JsonConvert.SerializeObject(responceData), null, null, (int)HttpStatusCode.ExpectationFailed);

         }

     }

     else

     {

         var responceInvalidUserData = "Invalid credentials";

         return Results.Json(JsonConvert.SerializeObject(responceInvalidUserData), null, null, (int)HttpStatusCode.ExpectationFailed);

     }

 }





=======================================================================



  public class EncryptionDecryption

  {

      public static string EncryptString(string key, string plainText)

      {

          byte[] iv = new byte[16];

          byte[] array;


          using (Aes aes = Aes.Create())

          {

              aes.Key = Encoding.UTF8.GetBytes(key);

              aes.IV = iv;


              ICryptoTransform encryptor = aes.CreateEncryptor(aes.Key, aes.IV);


              using (MemoryStream memoryStream = new MemoryStream())

              {

                  using (CryptoStream cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))

                  {

                      using (StreamWriter streamWriter = new StreamWriter(cryptoStream))

                      {

                          streamWriter.Write(plainText);

                      }


                      array = memoryStream.ToArray();

                  }

              }

          }


          return Convert.ToBase64String(array);

      }


      public static string DecryptString(string key, string cipherText)

      {

          byte[] iv = new byte[16];

          byte[] buffer = Convert.FromBase64String(cipherText);


          using (Aes aes = Aes.Create())

          {

              aes.Key = Encoding.UTF8.GetBytes(key);

              aes.IV = iv;

              ICryptoTransform decryptor = aes.CreateDecryptor(aes.Key, aes.IV);


              using (MemoryStream memoryStream = new MemoryStream(buffer))

              {

                  using (CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))

                  {

                      using (StreamReader streamReader = new StreamReader(cryptoStream))

                      {

                          return streamReader.ReadToEnd();

                      }

                  }

              }

          }

      }

  }

Posted by at No comments:
Subscribe to: Posts (Atom)