ASP.NET Core MVC Value Provider for Encrypted Route Parameter
Back in January 2013 & March 2013, I had published a detailed articles on this blog on how to create a custom Value Provider for ASP.NET MVC and ASP.NET 4.5 Model Binding respectively. In normal scenario it is not required to create custom Value Provider but sometime we require to process incoming request parameter values before default value providers feed it to model binder. For e.g. in an ecommerce application encrypted invoice id is passed in as a query string parameter or route parameter so that end-user can see and download invoice without login but as invoice id is encrypted they cannot manipulate it by guessing other possible value. In such case, we can access this encrypted query string or route parameter value from within MVC action method and decrypt it there and utilize decrypted values. This is fairly straightforward for relatively small application with only a handful of MVC actions accepting encrypted values. But consider a use case where you have plenty of action methods which need to accept encrypted values either passed as a query string or route parameter. Here instead of decrypting it manually from within each and every MVC actions, we can create custom Value Provider (I’ve named it as CryptoValueProvider) to do the job. CryptoValueProvider should read encrypted query string or route parameter, decrypt it and feed plain decrypted value to default model binder so that we can get direct value in action parameter. Here in this article, we will see how to create custom CryptoValueProvider in ASP.NET Core.