C#
Introduction
The SDK downloads zip file contains a NuGet package that can be installed to allow access to the C# SDK.
Once installed, this will allow access to the Rapid class which when instantiated needs to be provided your service authentication certificate.
In the code below this has been imported into the x.509 certificate store assigned to the local machine.
using RapidSecurity;
public class RapidIntegration
{
public RapidIntegration()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
}
}
Methods
The Rapid object gives access to a number of methods allowing you to connect to Rapid. The samples on this page make use of the Nancy light-weight framework.
Request Identity
Below is some sample code of how to use the Rapid SDK to request a credential and return the RequestId.
The /register Nancy route creates a new user and then calls into the RequestIdentity method with a Guid as the anonymous identifier. The RequestIdentity method returns a Credential object which is serialised to JSON by Nancy and returned to the caller of the Register method.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
#if DEBUG
rapid.DevelopmentMode = true;
#endif
Get["/register/{accountName}"] = _ =>
{
var newUser = new User
{
AccountName = _.accountName,
AnonId = Guid.NewGuid().ToString(),
};
SaveUser(newUser);
return Response.AsJson(rapid.RequestIdentity(newUser.AnonId));
};
}
}
Credential Collection
The sample code below calls the preventCollection Nancy endpoint with an account name. The account name is looked up in your user store to retrieve your anonymous identifier for that user and their device if they have multiple devices.
This then calls into the preventCredentialCollection method in the Rapid SDK.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
Get["/preventCollection/{accountName}"] = _ =>
{
var anonymousId = GetUser(_.accountName);
return Response.AsJson(rapid.PreventCredentialCollection(anonymousId));
};
}
}
The below shows the allowCollection version.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
Get["/allowCollection/{accountName}"] = _ =>
{
var anonymousId = GetUser(_.accountName);
return Response.AsJson(rapid.AllowCredentialCollection(anonymousId));
};
}
}
Credential Replacement
The sample code below calls the replace Nancy endpoint with an account name. The account name is looked up in your user store to retrieve your anonymous id for that user and their device if they have multiple devices.
This then calls into the ReplaceCredential method in the Rapid SDK.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
Get["/replace/{accountName}"] = _ =>
{
var anonymousId = GetUser(_.accountName);
return Response.AsJson(rapid.ReplaceCredential(anonymousId));
};
}
}
Authenticated user
This method will return the anonymous identifier from the certificate provided during two way TLS.
By calling the /authenticate route with a client certificate which is passed through to the GetAuthenticatedUser method, it will return the anonymous identifier stored within the certificate.
You can then determine if the anonymous identifier matches a user in your user store. If one exists it returns the account name of the user as JSON.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
Get["/authenticate"] = _ =>
{
var anonId = rapid.GetAuthenticatedUser(Context.Request.ClientCertificate, () => "MyTestUserAnonId");
var user = GetUserFromAnonId(anonId);
return Response.AsJson(new { accountName = user?.AccountName });
};
}
}
Reseed
The sample code below calls the reseed Nancy route with a RequestId. This then calls into the Reseed method in the Rapid SDK.
public class RapidModule : NancyModule
{
public RapidModule()
{
const string rapidCertificateFriendlyName = "CN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
var rapid = new Rapid(StoreLocation.LocalMachine, rapidCertificateFriendlyName);
Get["/reseed/{requestId}"] = _ =>
{
return Response.AsJson(rapid.Reseed(_.requestId));
};
}
}
Deprecated C# Methods
The original RequestCredential method is still supported in this version of the sdk but will be removed in a future version. Update to the supported method RequestIdentity at the earliest possible opportunity.
Get["/register/{accountName}"] = _ =>
{
var newUser = new User
{
AccountName = _.accountName,
AnonId = Guid.NewGuid().ToString(),
};
SaveUser(newUser);
return Response.AsJson(rapid.RequestCredential(newUser.AnonId));
};
The original GetUserIdentity method is still supported in this version of the sdk but will be removed in a future version. Update to the supported method GetAuthenticatedUser at the earliest possible opportunity.
Get["/authenticate"] = _ =>
{
var anonId = rapid.GetUserIdentity(Context.Request.ClientCertificate, () => "MyTestUserAnonId");
var user = GetUserFromAnonId(anonId);
return Response.AsJson(new { accountName = user?.AccountName });
};