26 lines
768 B
C#
26 lines
768 B
C#
|
using System.Security.Cryptography;
|
||
|
|
using System.Text;
|
||
|
|
|
||
|
|
namespace SIGCM2.Domain.Security;
|
||
|
|
|
||
|
|
/// <summary>
|
||
|
|
/// Pure static helper for hashing opaque refresh tokens.
|
||
|
|
/// SHA-256 is appropriate here — tokens are 256-bit random values (not passwords),
|
||
|
|
/// so salting is unnecessary. Output is base64url without padding.
|
||
|
|
/// </summary>
|
||
|
|
public static class TokenHasher
|
||
|
|
{
|
||
|
|
public static string Sha256Base64Url(string raw)
|
||
|
|
{
|
||
|
|
var bytes = Encoding.UTF8.GetBytes(raw);
|
||
|
|
var hash = SHA256.HashData(bytes);
|
||
|
|
return Base64UrlEncode(hash);
|
||
|
|
}
|
||
|
|
|
||
|
|
private static string Base64UrlEncode(byte[] bytes)
|
||
|
|
=> Convert.ToBase64String(bytes)
|
||
|
|
.TrimEnd('=')
|
||
|
|
.Replace('+', '-')
|
||
|
|
.Replace('/', '_');
|
||
|
|
}
|