HMAC Authentication

For .net core projects.

HMAC authentication handler to eg. secure your Github webhooks. Verifies both the data integrity and the authenticity of a message.

Add to your Startup.cs

public void ConfigureServices(IServiceCollection services)
{
    services.AddHttpContextAccessor();
    
    services.ConfigureDictionary<HMACSignatureOptions>(Configuration.GetSection("AuthOptions"));
    services.AddAuthentication(o => { o.DefaultScheme = "Webhook"; }).AddScheme<HMACSignatureHandler>("Webhook");
}

To your configuration eg. appsettings.json

Note: each scheme is configured separately, here the scheme is 'Webhook'.

"AuthOptions": {
  "Webhook": {
    "Secret": "secret",
    "Header": "X-Hub-Signature", 
    "HashFunction":  1
  }
},

Header defaults to X-Hub-Signature if left empty.
HashFunction is (SHA) hash function - 1, 256 or 512, Defaults to 1 if left empty.

Secure your API 🚀

[Authorize(AuthenticationSchemes = "Webhook")]
[HttpPost("api/release")]
public async Task<IActionResult> Webhook()
{
    return Ok();
}

Name		Name	Last commit message	Last commit date
Latest commit History 24 Commits
.github		.github
HMACAuthentication.TestApi		HMACAuthentication.TestApi
HMACAuthentication.Tests		HMACAuthentication.Tests
HMACAuthentication		HMACAuthentication
.gitignore		.gitignore
HMACAuthentication.sln		HMACAuthentication.sln
HMACAuthentication.sln.DotSettings		HMACAuthentication.sln.DotSettings
LICENSE		LICENSE
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

HMAC Authentication

Add to your Startup.cs

To your configuration eg. appsettings.json

Secure your API 🚀

About

Releases 3

Languages

License

antja0/hmac-authentication

Folders and files

Latest commit

History

Repository files navigation

HMAC Authentication

Add to your Startup.cs

To your configuration eg. appsettings.json

Secure your API 🚀

About

Resources

License

Stars

Watchers

Forks

Releases 3

Languages