public bool Confidentials(string email)
{
if (HttpContext.Request.Headers.TryGetValue("Authorization", out Microsoft.Extensions.Primitives.StringValues stringValue))
{
// Ressource pour le cas Get
var canonicalizedResource = HttpContext.Request.Path.Value ?? "/";
canonicalizedResource += "email" + email; // Concataint la chaine
// Recupere les informations de la requete envoyer par le client
var custumeAutho = new CustumeAutho
{
Verbe = HttpContext.Request.Method,
ContentType = HttpContext.Request.ContentType ?? "",
ContenteMd5 = HttpContext.Request.Headers["HeaderContentMD5"].ToString() ?? "",
HeaderDate = HttpContext.Request.Headers["HeaderDate"].ToString() ?? "",
CanonicalizedResource = canonicalizedResource,
Authorization = stringValue
};
custumeAutho.HeaderAmazon = new Dictionary <string, string>();
// Recuper les header values and keys.
foreach (var item in HttpContext.Request.Headers.Keys)
{
// Crée dictionary
custumeAutho.HeaderAmazon.Add(item, HttpContext.Request.Headers[item].ToString());
}
return(authorisationServices.ChekAuthorize(custumeAutho));
}
return(false);
}
/// <summary>
/// Construction de chaine de StringToSign
/// </summary>
/// <param name="custumeAutho"></param>
/// <returns></returns>
public string ConstructionStringToSign(CustumeAutho custumeAutho)
{
// Construction de la chaine canonicalizedamazon
var canonicalizedAmzHeaders = CanonicalizedAmzHeaders(custumeAutho.HeaderAmazon);
// construction de la chaine Stringtosing
string stringrosign = custumeAutho.Verbe + '\n' + custumeAutho.ContenteMd5 + '\n' + custumeAutho.ContentType + '\n'
+ custumeAutho.HeaderDate + '\n' + canonicalizedAmzHeaders + custumeAutho.CanonicalizedResource;
return(stringrosign);
}
/// <summary>
/// Vérifier les deux signatures
/// </summary>
/// <param name="custumeAutho"></param>
/// <returns></returns>
public bool ChekAuthorize(CustumeAutho custumeAutho)
{
// Construction de la stringToSign
var StringToSign = ConstructionStringToSign(custumeAutho);
// Cryptage du StringToSign avec la clès privée
var signatureServer = HMACSHA1(SecretAccessKeyID, StringToSign);
// Recupre la signature du client
if (custumeAutho.Authorization.Split(":").Count() == 0)
{
return(false);
}
return(custumeAutho.Authorization.Split(":")[1].Equals(signatureServer));
}
