19 lines
638 B
C#
19 lines
638 B
C#
using Microsoft.AspNetCore.DataProtection;
|
|
|
|
namespace OED.Api.Infrastructure.Auth;
|
|
|
|
public interface ITokenEncryptor
|
|
{
|
|
string Encrypt(string plaintext);
|
|
string Decrypt(string ciphertext);
|
|
}
|
|
|
|
// Uses ASP.NET Data Protection — handles key management, rotation, and storage automatically
|
|
public class TokenEncryptor(IDataProtectionProvider provider) : ITokenEncryptor
|
|
{
|
|
private readonly IDataProtector _protector = provider.CreateProtector("Eve.RefreshToken.v1");
|
|
|
|
public string Encrypt(string plaintext) => _protector.Protect(plaintext);
|
|
public string Decrypt(string ciphertext) => _protector.Unprotect(ciphertext);
|
|
}
|