Table of Contents

Class SharedSecretAuthentication

Namespace
The.Security
Assembly
Instagile.dll
public class SharedSecretAuthentication : IAuthentication
Inheritance
SharedSecretAuthentication
Implements
Inherited Members

Constructors

SharedSecretAuthentication(IAuthentication, byte[]) 

public SharedSecretAuthentication(IAuthentication localAuthentication, byte[] sharedSecret)

Parameters

localAuthentication IAuthentication
sharedSecret byte[]

SharedSecretAuthentication(IAuthentication, string) 

public SharedSecretAuthentication(IAuthentication localAuthentication, string sharedSecret)

Parameters

localAuthentication IAuthentication
sharedSecret string

Fields

LocalAuthentication 

public readonly IAuthentication LocalAuthentication

Field Value

IAuthentication

Properties

CanSign

true if the authenticator supports digital signatures (not necessarily cryptographic)

public bool CanSign { get; }

Property Value

bool

Remarks

signature doesn't have to be based on the operation; it can use some other capability like ambient windows logon

IsAuthoritative

If true, the returned identity should be accepted without server verification

public bool IsAuthoritative { get; }

Property Value

bool

Remarks

May depend on ambient state - don't cache the result. As well as enabling automatic login, this is used by SecurityService to decide whether it's ok to perform purely-local authentication without calling IEntityStore.Connect.

Realm

Describes identities within the purview of this authenticator

public string Realm { get; }

Property Value

string

RequiresCredentials

Expects non-empty Credentials in order to perform client-side identity operations

public bool RequiresCredentials { get; }

Property Value

bool

Methods

CheckSignatureAsync(IEntityContext, Identity, byte[], byte[])

check a signature by the specified identity (which may be from various realms)

public Task<AuthenticationResult> CheckSignatureAsync(IEntityContext scopedContext, Identity subject, byte[] operation, byte[] token)

Parameters

scopedContext IEntityContext
subject Identity
operation byte[]
token byte[]

Returns

Task<AuthenticationResult>

(signature found for user, null/reason for failure)

CreateSignatureAsync(Credentials, byte[])

sign a message using the supplied credentials

public Task<AuthenticationResult<byte[]>> CreateSignatureAsync(Credentials credentials, byte[] operation)

Parameters

credentials Credentials
operation byte[]

Returns

Task<AuthenticationResult<byte[]>>

opaque signature

GetIdentity(Credentials)

Extract a subject from the environment or the supplied credentials.

public AuthenticationResult<string> GetIdentity(Credentials credentials)

Parameters

credentials Credentials

Returns

AuthenticationResult<string>

subject name, unverified - from local knowledge only

VerifyIdentity(Credentials, string)

Verify that the subject matches the supplied credentials. Available synchronously only if IsAuthoritative returns true.

public AuthenticationResult VerifyIdentity(Credentials credentials, string subject)

Parameters

credentials Credentials
subject string

Returns

AuthenticationResult

(true/false for authentication state, null/reason for failure)

VerifyIdentityAsync(Credentials, IEntityContext, string)

verify that the subject matches the supplied credentials

public Task<AuthenticationResult> VerifyIdentityAsync(Credentials credentials, IEntityContext scopedContext, string subject)

Parameters

credentials Credentials
scopedContext IEntityContext
subject string

Returns

Task<AuthenticationResult>

(true/false for authentication state, null/reason for failure)