File: Internal\AntiforgeryOptionsSetup.cs
Web Access
Project: src\src\Antiforgery\src\Microsoft.AspNetCore.Antiforgery.csproj (Microsoft.AspNetCore.Antiforgery)
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
 
using System.Security.Cryptography;
using System.Text;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.AspNetCore.WebUtilities;
using Microsoft.Extensions.Options;
 
namespace Microsoft.AspNetCore.Antiforgery;
 
internal sealed class AntiforgeryOptionsSetup : IConfigureOptions<AntiforgeryOptions>
{
    private readonly DataProtectionOptions _dataProtectionOptions;
 
    public AntiforgeryOptionsSetup(IOptions<DataProtectionOptions> dataProtectionOptions)
    {
        _dataProtectionOptions = dataProtectionOptions.Value;
    }
 
    public void Configure(AntiforgeryOptions options)
    {
        ArgumentNullException.ThrowIfNull(options);
 
        if (options.Cookie.Name == null)
        {
            var applicationId = _dataProtectionOptions.ApplicationDiscriminator ?? string.Empty;
            options.Cookie.Name = AntiforgeryOptions.DefaultCookiePrefix + ComputeCookieName(applicationId);
        }
    }
 
    private static string ComputeCookieName(string applicationId)
    {
        byte[] fullHash = SHA256.HashData(Encoding.UTF8.GetBytes(applicationId));
        return WebEncoders.Base64UrlEncode(fullHash, 0, 8);
    }
}