SignedUrl 1.2.0
dotnet add package SignedUrl --version 1.2.0
NuGet\Install-Package SignedUrl -Version 1.2.0
<PackageReference Include="SignedUrl" Version="1.2.0" />
paket add SignedUrl --version 1.2.0
#r "nuget: SignedUrl, 1.2.0"
// Install SignedUrl as a Cake Addin #addin nuget:?package=SignedUrl&version=1.2.0 // Install SignedUrl as a Cake Tool #tool nuget:?package=SignedUrl&version=1.2.0
SignedUrl
A NuGet package that generates signed query strings.
Usage
Currently, only ASP.NET projects are supported. If you can't use it, you need to implement
ISignatureProtectoryourself.
The implementation MUST NOT return the bytes as is, as this would make your signature prone to brute force attacks.
Install two NuGet packages:
SignedUrlandSignedUrl.AspNet
// use dependency injection
builder.Services.AddSingleton<ISignatureProtector, DataProtectionSignatureProtector>();
builder.Services.AddSingleton<IQuerySigner, DigestQuerySigner>();
Then consume the IQuerySigner:
public class MyUrlService(IQuerySigner signer) {
public string GenerateSomeUrl() {
var query = new Dictionary<string, string?>
{
{ "time", CurrentUnixTimestamp().ToString() },
};
return "https://example.com/?" + signer.GenerateSignature(query);
}
}
The above class will generate a URL like this:
https://example.com/?time=1702855023&s=vJ89aMd%2bkkZaLamPOKuCgGAiuDDRqn7XtIdM%2bXpCYZw%3d
Observations:
- The dictionary containing a key
timeand a value of the current Unix timestamp is appended to the query string - The
sparameter is the signature of the query string
And to verify the signature:
public class MyUrlService(IQuerySigner signer) {
// [...omitted for brevity...]
public bool VerifySomeUrl(string url) {
var query = HttpUtility.ParseQueryString(new Uri(url).Query);
return signer.VerifySignature(query);
}
}
Development
Pre-requisites
- .NET 8
Extensions
If you want to write extensions, you can use the SignedUrl.Abstractions package, which contains the interfaces used
by the SignedUrl implementations.
Testing
The project uses xUnit for testing. To run the tests, run dotnet test in the root directory.
Publishing
There are 3 NuGet packages that need to be published:
SignedUrlSignedUrl.AbstractionsSignedUrl.AspNet
Make sure all the versions are the same. Then, run dotnet pack in each project directory.
License
Licensed under MIT.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
-
net8.0
- SignedUrl.Abstractions (>= 1.2.0)
NuGet packages (1)
Showing the top 1 NuGet packages that depend on SignedUrl:
| Package | Downloads |
|---|---|
|
SignedUrl.Extensions
Package Description |
GitHub repositories
This package is not used by any popular GitHub repositories.
1.2.0
-----
* Handle cases where `ISignatureProtector` generates time-dependent outputs
* The `ISignatureGenerator` does no longer need to protect the generated signature itself
1.1.0
-----
* Split `DigestQuerySigner` into `DigestSignatureGenerator` and `QueryStringUrlSigner`
1.0.2
-----
* No changes
1.0.1
-----
* Handle `FormatException`s and `ProtectorException`s in `DigestQuerySigner::ValidateSignature`
* Forward exceptions thrown in `DigestQuerySigner::GenerateSignature` as `SignatureGenerationException`s
1.0.0
-----
* Initial release