Skip to content

Decrypts MachineKey protected AuthenticationTicket objects created by ASP.NET to be used in ASP.NET Core.

License

Notifications You must be signed in to change notification settings

akrock/AspNetTicketBridge

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 

Repository files navigation

AspNetTicketBridge

Decrypts MachineKey protected AuthenticationTicket objects created by ASP.NET to be used in ASP.NET Core.

This MachineKey decryptor uses HMACSHA1 and AES with the decryptionKey and validationKey from your web.config to decrypt OAuth tokens generated from OWIN.

<machineKey compatibilityMode="Framework45" decryption="AES" decryptionKey="....." validation="SHA1" validationKey="....." />

Example

string validationKey = "<value from old web.config/machineKey/validationKey>";
string decryptionKey = "<value from old web.config/machineKey/decryptionKey>";

// Decrypt the token
var ticket = MachineKeyTicketUnprotector.UnprotectOAuthToken(token, decryptionKey, validationKey);

// The ticket is in v3 format and needs to be converted to v5 (ASP.NET Core 2.0).
// Can use whatever you want for AuthScheme
var newTicket = AuthenticationTicketConverter.Convert(ticket, AuthScheme);

// If using a custom AuthenticationHandler, you can return the new ticket 
// in the HandleAuthenticateAsync method.
var result = AuthenticateResult.Success(newTicket);

Special thanks for Umar Karimabadi for doing all of the heavy lifting. For more information, see here: https://stackoverflow.com/questions/46546254/using-machine-keys-for-idataprotector-asp-net-core

About

Decrypts MachineKey protected AuthenticationTicket objects created by ASP.NET to be used in ASP.NET Core.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C# 100.0%