Harnessing ASP.NET Core MVC to Create Custom Value Providers for Encrypted Route Parameters
Reading Time: 8 min
Nandip Makwana
Sep 3,
2020 |
Posted in
Development
Often it is necessary to share anonymously accessible URLs in such a way that only the intended users can access a particular page and its details. Strictly speaking, it could be argued that if a page is only intended for a specific user, it should be behind the login flow. However, we also need to recognize that way is often not the most convenient from the end-user perspective, especially when users need to share specific details with guest users. There are many business scenarios in which this is the case: just one example we have all encountered is when we need to track an order shipment. The best way to create such anonymously accessible URLs is to encrypt a key identifier in the URLs. For our order tracking example, that would be the order ID. This is important in preventing malicious users from gaining direct access to IDs by piecing together various identifiers.
The traditional approach
The classic approach to reading encrypted values from HTTP requests or URLs is to read query strings or route values and decrypt them manually as explained below.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var encryptedId = Request.RouteValues["id"].ToString(); | |
| var actualIdValue = EncryptionUtility.Decrypt(encryptedId); | |
| /*OR*/ | |
| public IActionResult Index(int id) | |
| { | |
| var actualIdValue = EncryptionUtility.Decrypt(id); | |
| return View(); | |
| } |
In the case of ASP.NET Core MVC/Web API, the route value is directly bound with the action method parameter and from there we must manually decrypt it. The only time this gets complicated is when this encrypted string contains multiple values and we must read each of the decrypted values manually and classify them according to data type.
Take a look at code snippets below. This manual approach is straightforward enough for a relatively small application with only a handful of MVC actions accepting an encrypted value. However, consider an application where there are numerous action methods reading encrypted values from the route parameter.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| string encryptedId = Request.RouteValues["id"].ToString(); | |
| Dictionary<string, string> actualValues = EncryptionUtility.Decrypt(encryptedId); | |
| int idValue = Convert.ToInt32(actualValues["id"]); | |
| string dateValue = actualValues["date"]; |
With the help of ASP.NET Core extensibility features, we can delegate this responsibility of decrypting route parameters and type casting to the custom value provider. After implementing ASP.NET Core’s custom value provider, CryptoValueProvider, the above code snippets can be rewritten as below.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*To bind all action paramters from CryptoValueProvider*/ | |
| [CryptoValueProvider] | |
| public IActionResult Example1(int orderId, string date) | |
| { | |
| } | |
| /*To bind only orderId from CryptoValueProvider. | |
| normalParameter will be bound with the help of default Value Provider*/ | |
| public IActionResult Example2([FromCrypto]int orderId, string normalParameter) | |
| { | |
| } |
As we can see that above code snippet is much more readable and it directly sets strongly typed decrypted value in action methods parameters.
Leveraging ASP.NET Core extensibility
Here we will dive into a step-by-step walkthrough of how to create custom value providers in ASP.NET Core. In a nutshell, value providers feeds data to model binders.
The first step is to implement CryptoParamsProtector.cs with the help of ASP.NET Core Data Protection APIs. This CryptoParamsProtector class offers two methods. EncryptParamDictionary – which will accept parameter dictionary and will encrypt it to single string. Another method that the DecryptToParamDictionary will accept the encrypt string and will convert it back to the parameter dictionary after decrypting with data protection APIs.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class CryptoParamsProtector | |
| { | |
| IDataProtector _protector; | |
| public CryptoParamsProtector(IDataProtectionProvider dataProtectionProvider) | |
| { | |
| _protector = dataProtectionProvider.CreateProtector(GetType().FullName); | |
| } | |
| public string EncryptParamDictionary(Dictionary<string, string> parameters) | |
| { | |
| var paramsInSingleString = string.Join("+", parameters | |
| .Select(p => string.Format("{0}={1}", p.Key.ToLower(), p.Value))); | |
| return _protector.Protect(paramsInSingleString); | |
| } | |
| public Dictionary<string, string> DecryptToParamDictionary(string encryptedParameters) | |
| { | |
| var paramsInSingleString = string.Empty; | |
| try | |
| { | |
| paramsInSingleString = _protector.Unprotect(encryptedParameters); | |
| } | |
| catch | |
| { | |
| //return empty dictionary when string encryptedParameters is not protected with _protector | |
| return new Dictionary<string, string>(); | |
| } | |
| return paramsInSingleString.Split('+') | |
| .Select(p => p.Split('=')) | |
| .ToDictionary(p => p[0], p => p[1]); | |
| } | |
| } |
Next we need to implement CryptoBindingSource.cs. In the CryptoBindingSource class, we define the BindingSource object which represents the binding source for CryptoValueProvider i.e. the encrypted value from the route parameter. This binding source is useful when we want to bind the action method parameter value from the encrypted string as demonstrated in the earlier method.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class CryptoBindingSource | |
| { | |
| public static readonly BindingSource Crypto = new BindingSource( | |
| "Crypto", | |
| "BindingSource_Crypto", | |
| isGreedy: false, | |
| isFromRequest: true); | |
| } |
Lastly there is CryptoValueProvider.cs. This is the CryptoValueProvider class where we actually implement the custom value provider in ASP.NET Core. Generally, we implement the IValueProvider interface to create the custom value provider. However here we are inheriting it from BindingSourceValueProvider to also support parameter level binding.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class CryptoValueProvider : BindingSourceValueProvider | |
| { | |
| string _encryptedParameters; | |
| CryptoParamsProtector _protector; | |
| Dictionary<string, string> _values; | |
| public CryptoValueProvider(BindingSource bindingSource, CryptoParamsProtector protector, string encryptedParameters) | |
| : base(bindingSource) | |
| { | |
| _encryptedParameters = encryptedParameters; | |
| _protector = protector; | |
| } | |
| public override bool ContainsPrefix(string prefix) | |
| { | |
| if (_values == null) | |
| { | |
| if (string.IsNullOrEmpty(_encryptedParameters)) | |
| { | |
| _values = new Dictionary<string, string>(); | |
| } | |
| else | |
| { | |
| _values = _protector.DecryptToParamDictionary(_encryptedParameters); | |
| } | |
| } | |
| return _values.ContainsKey(prefix.ToLower()); | |
| } | |
| public override ValueProviderResult GetValue(string key) | |
| { | |
| if (_values.ContainsKey(key.ToLower())) | |
| { | |
| return new ValueProviderResult(new StringValues(_values[key.ToLower()])); | |
| } | |
| else | |
| { | |
| return ValueProviderResult.None; | |
| } | |
| } | |
| } |
Now that we have created the CryptoValueProvider, we have to instantiate it and plug it in when model binding takes place for our targeted action method. We will create CryptoValueProviderFactory to accomplish this.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class CryptoValueProviderFactory : IValueProviderFactory | |
| { | |
| public Task CreateValueProviderAsync(ValueProviderFactoryContext context) | |
| { | |
| var paramsProtector = (CryptoParamsProtector)context.ActionContext.HttpContext | |
| .RequestServices.GetService(typeof(CryptoParamsProtector)); | |
| context.ValueProviders.Add(new CryptoValueProvider(CryptoBindingSource.Crypto | |
| , paramsProtector | |
| , context.ActionContext.RouteData.Values["id"]?.ToString())); | |
| return Task.CompletedTask; | |
| } | |
| } |
Next, we will create CryptoValueProviderAttribute which will be used to decorate the action method to denote that all the parameters of this method will be bound with the help of CryptoValueProvider.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [AttributeUsage(AttributeTargets.Method)] | |
| public class CryptoValueProviderAttribute : Attribute, IResourceFilter | |
| { | |
| public void OnResourceExecuted(ResourceExecutedContext context) | |
| { | |
| } | |
| public void OnResourceExecuting(ResourceExecutingContext context) | |
| { | |
| context.ValueProviderFactories.Clear(); | |
| context.ValueProviderFactories.Add(new CryptoValueProviderFactory()); | |
| } | |
| } |
Using the same steps as before we will create FromCryptoAttribute, which can be used to define the optional binding source at parameter level. The rest of the action parameters will be bound with the help of the default Value Provider.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [AttributeUsage(AttributeTargets.Parameter)] | |
| public class FromCryptoAttribute : Attribute, IBindingSourceMetadata | |
| { | |
| public BindingSource BindingSource => CryptoBindingSource.Crypto; | |
| } |
Lastly, we will register CryptoParamsProtector and CryptoValueProviderFactory in Startup.ConfigureServices to wire-up altogether.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // This method gets called by the runtime. Use this method to add services to the container. | |
| public void ConfigureServices(IServiceCollection services) | |
| { | |
| services.AddScoped(typeof(CryptoParamsProtector)); | |
| services.AddControllersWithViews(mvcOptions => | |
| { | |
| mvcOptions.ValueProviderFactories.Add(new CryptoValueProviderFactory()); | |
| }); | |
| } |
Example usage
First, we will create the encrypted string with the secret value as in below example controller.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class ExampleUsageController : Controller | |
| { | |
| CryptoParamsProtector _protector; | |
| public ExampleUsageController(CryptoParamsProtector protector) | |
| { | |
| _protector = protector; | |
| } | |
| public IActionResult Index() | |
| { | |
| var paramDictionary = new Dictionary<string, string>(); | |
| paramDictionary.Add("orderId", 1234.ToString()); | |
| paramDictionary.Add("date", "2020-08-17"); | |
| ViewBag.encryptedRouteParam = _protector.EncryptParamDictionary(paramDictionary); | |
| return View(); | |
| } | |
| [CryptoValueProvider] | |
| public IActionResult TargetAction(int orderId, string date) | |
| { | |
| //process orderId and date here | |
| return View(); | |
| } | |
| } |
Use encrypted string to construct URL and share it with user through email or direct link.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <a asp-controller="ExampleUsage" asp-action="TargetAction" asp-route-id="@ViewBag.encryptedRouteParam"><h4>Example 1 Demo</h4></a> |
If you’d like to know more about ASP.NET Core development, complete the form below.
