C#
Introduction
The SDK downloads zip file contains a NuGet package that can be installed to allow access to the C#
SDK.
Once installed, this will allow access to the Rapid
class which when instantiated needs to be provided your service authentication certificate.
In the code below this has been imported into the x.509 certificate store assigned to the local machine.
using RapidSecurity;
public class RapidIntegration
{
public RapidIntegration()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
}
}
Methods
The Rapid
object gives access to a number of methods allowing you to connect to Rapid. The samples on this page make use of the Nancy light-weight framework.
Request Identity
Below is some sample code of how to use the Rapid SDK to request a credential and return the RequestId
.
The /register
Nancy route creates a new user and then calls into the RequestIdentity
method with a Guid
as the anonymous identifier. The RequestIdentity
method returns a Credential
object which is serialised to JSON
by Nancy and returned to the caller of the Register
method.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
#if DEBUG
rapid.DevelopmentMode = true;
#endif
Get["/register/{accountName}"] = _ =>
{
var newUser = new User
{
AccountName = _.accountName,
AnonId = Guid.NewGuid().ToString(),
};
SaveUser(newUser);
return Response.AsJson(rapid.RequestIdentity(newUser.AnonId));
};
}
}
Credential Collection
The sample code below calls the preventCollection
Nancy endpoint with an account name. The account name is looked up in your user store to retrieve your anonymous identifier for that user and their device if they have multiple devices.
This then calls into the preventCredentialCollection
method in the Rapid SDK.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
Get["/preventCollection/{accountName}"] = _ =>
{
var anonymousId = GetUser(_.accountName);
return Response.AsJson(rapid.PreventCredentialCollection(anonymousId));
};
}
}
The below shows the allowCollection
version.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
Get["/allowCollection/{accountName}"] = _ =>
{
var anonymousId = GetUser(_.accountName);
return Response.AsJson(rapid.AllowCredentialCollection(anonymousId));
};
}
}
Credential Replacement
The sample code below calls the replace
Nancy endpoint with an account name. The account name is looked up in your user store to retrieve your anonymous id for that user and their device if they have multiple devices.
This then calls into the ReplaceCredential
method in the Rapid SDK.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
Get["/replace/{accountName}"] = _ =>
{
var anonymousId = GetUser(_.accountName);
return Response.AsJson(rapid.ReplaceCredential(anonymousId));
};
}
}
Authenticated user
This method will return the anonymous identifier from the certificate provided during two way TLS.
By calling the /authenticate
route with a client certificate which is passed through to the GetAuthenticatedUser
method, it will return the anonymous identifier stored within the certificate.
You can then determine if the anonymous identifier matches a user in your user store. If one exists it returns the account name of the user as JSON
.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
Get["/authenticate"] = _ =>
{
var anonId = rapid.GetAuthenticatedUser(Context.Request.ClientCertificate, () => "MyTestUserAnonId");
var user = GetUserFromAnonId(anonId);
return Response.AsJson(new { accountName = user?.AccountName });
};
}
}
Reseed
The sample code below calls the reseed
Nancy route with a RequestId
. This then calls into the Reseed
method in the Rapid SDK.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
Get["/reseed/{requestId}"] = _ =>
{
return Response.AsJson(rapid.Reseed(_.requestId));
};
}
}
Deprecated C# Methods
The original RequestCredential
method is still supported in this version of the sdk but will be removed in a future version. Update to the supported method RequestIdentity
at the earliest possible opportunity.
Get["/register/{accountName}"] = _ =>
{
var newUser = new User
{
AccountName = _.accountName,
AnonId = Guid.NewGuid().ToString(),
};
SaveUser(newUser);
return Response.AsJson(rapid.RequestCredential(newUser.AnonId));
};
The original GetUserIdentity
method is still supported in this version of the sdk but will be removed in a future version. Update to the supported method GetAuthenticatedUser
at the earliest possible opportunity.
Get["/authenticate"] = _ =>
{
var anonId = rapid.GetUserIdentity(Context.Request.ClientCertificate, () => "MyTestUserAnonId");
var user = GetUserFromAnonId(anonId);
return Response.AsJson(new { accountName = user?.AccountName });
};