I want to generate client id and client secret using .NET. I read the OAuth 2 specification and for example the size of client secret is not specified there. Is there a good practice for generating client id and client secret using .NET framework???
The Client ID is a public identifier of your application. The Client Secret is confidential and should only be used to authenticate your application and make requests to LinkedIn's APIs.
Client Secret A great way to generate a secure secret is to use a cryptographically-secure library to generate a 256-bit value and then convert it to a hexadecimal representation. It is critical that developers never include their client_secret in public (mobile or browser-based) clients.
As section 2.2 of The OAuth 2.0 Authorization Framework says:
The authorization server issues the registered client a client identifier -- a unique string representing the registration information provided by the client. The client identifier is not a secret; it is exposed to the resource owner and MUST NOT be used alone for client authentication. The client identifier is unique to the authorization server.
The client identifier string size is left undefined by this specification. The client should avoid making assumptions about the identifier size. The authorization server SHOULD document the size of any identifier it issues.
So you can define the client identifier by yourself. It depends your choice. You can use System.Guid
to generate one simply, or use uid + systemTime, also you can Hash it, encrypt it or anything you want else.
But the client secret should be a cryptographically strong random string. You can generate one like this:
RandomNumberGenerator cryptoRandomDataGenerator = new RNGCryptoServiceProvider(); byte[] buffer = new byte[length]; cryptoRandomDataGenerator.GetBytes(buffer); string uniq = Convert.ToBase64String(buffer); return uniq;
Also you can use cryptographic hash functions() to hash UUID+SystemTime+somthingelse to implement it yourself.
If you want to know more practices, you can refer to some open implementations from here.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With