protected string ExtractSignedAuthorization(Microsoft.Cis.Services.Nephos.Common.RequestContext requestContext)
{
string authorizationScheme;
string authorizationSchemeParameters;
try
{
authorizationScheme = requestContext.AuthorizationScheme;
authorizationSchemeParameters = requestContext.AuthorizationSchemeParameters;
}
catch (HttpRequestHeaderNotFoundException httpRequestHeaderNotFoundException)
{
throw new AuthenticationFailureException("Authorization header not found", httpRequestHeaderNotFoundException);
}
catch (HttpRequestInvalidHeaderException httpRequestInvalidHeaderException1)
{
HttpRequestInvalidHeaderException httpRequestInvalidHeaderException = httpRequestInvalidHeaderException1;
throw new InvalidAuthenticationInfoException(httpRequestInvalidHeaderException.Message, httpRequestInvalidHeaderException);
}
catch (HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException)
{
throw new InvalidAuthenticationInfoException("Duplicate authorization headers found");
}
if (string.IsNullOrEmpty(authorizationSchemeParameters) || string.IsNullOrEmpty(authorizationScheme) || !authorizationScheme.Equals("SignedKey"))
{
throw new AuthenticationFailureException(string.Concat("SignedKey scheme expected but found ", authorizationScheme));
}
return(authorizationSchemeParameters);
}
public static bool IsAuthenticatedAccess(RequestContext requestContext, string expectedAuthScheme)
{
string authorizationScheme;
if (!Microsoft.Cis.Services.Nephos.Common.Authentication.AuthenticationManager.IsAuthenticatedAccess(requestContext))
{
return(false);
}
try
{
authorizationScheme = requestContext.AuthorizationScheme;
string authorizationSchemeParameters = requestContext.AuthorizationSchemeParameters;
}
catch (HttpRequestInvalidHeaderException httpRequestInvalidHeaderException1)
{
HttpRequestInvalidHeaderException httpRequestInvalidHeaderException = httpRequestInvalidHeaderException1;
throw new InvalidAuthenticationInfoException(httpRequestInvalidHeaderException.Message, httpRequestInvalidHeaderException);
}
catch (HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException)
{
throw new InvalidAuthenticationInfoException("Duplicate authorization headers found", httpRequestDuplicateHeaderException);
}
return(authorizationScheme == expectedAuthScheme);
}
public static void ParseSignatureParametersFromAuthorizationHeader(RequestContext requestContext, NephosUriComponents uriComponents, bool swallowException, out string accountName, out string signature, out SupportedAuthScheme?requestAuthScheme, out bool isAnonymousAccount)
{
string authorizationScheme;
string authorizationSchemeParameters;
accountName = null;
signature = null;
isAnonymousAccount = false;
requestAuthScheme = null;
try
{
try
{
authorizationScheme = requestContext.AuthorizationScheme;
authorizationSchemeParameters = requestContext.AuthorizationSchemeParameters;
}
catch (HttpRequestHeaderNotFoundException httpRequestHeaderNotFoundException)
{
isAnonymousAccount = true;
return;
}
catch (HttpRequestInvalidHeaderException httpRequestInvalidHeaderException1)
{
HttpRequestInvalidHeaderException httpRequestInvalidHeaderException = httpRequestInvalidHeaderException1;
throw new InvalidAuthenticationInfoException(httpRequestInvalidHeaderException.Message, httpRequestInvalidHeaderException);
}
catch (HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException1)
{
HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException = httpRequestDuplicateHeaderException1;
throw new InvalidAuthenticationInfoException(httpRequestDuplicateHeaderException.Message, httpRequestDuplicateHeaderException);
}
DateTime?nephosOrStandardDateHeader = null;
try
{
nephosOrStandardDateHeader = HttpRequestAccessorCommon.GetNephosOrStandardDateHeader(requestContext.RequestHeaders);
}
catch (ArgumentException argumentException)
{
throw new AuthenticationFailureException("The Date header in the request is incorrect.", argumentException);
}
if (!nephosOrStandardDateHeader.HasValue)
{
throw new AuthenticationFailureException("Request date header not specified");
}
if (nephosOrStandardDateHeader.Value.Ticks < DateTime.UtcNow.Subtract(ParameterLimits.DateHeaderLag).Ticks)
{
DateTime value = nephosOrStandardDateHeader.Value;
throw new AuthenticationFailureException(string.Format("Request date header too old: '{0}'", HttpUtilities.ConvertDateTimeToHttpString(value.ToUniversalTime())));
}
try
{
requestAuthScheme = new SupportedAuthScheme?((SupportedAuthScheme)Enum.Parse(typeof(SupportedAuthScheme), authorizationScheme, true));
}
catch (ArgumentException argumentException1)
{
CultureInfo invariantCulture = CultureInfo.InvariantCulture;
object[] objArray = new object[] { authorizationScheme };
throw new AuthenticationFailureException(string.Format(invariantCulture, "Authentication scheme {0} is not supported", objArray));
}
if (!requestAuthScheme.Equals(SupportedAuthScheme.SharedKey) && !requestAuthScheme.Equals(SupportedAuthScheme.SharedKeyLite) && !requestAuthScheme.Equals(SupportedAuthScheme.SignedKey))
{
CultureInfo cultureInfo = CultureInfo.InvariantCulture;
object[] objArray1 = new object[] { authorizationScheme };
throw new AuthenticationFailureException(string.Format(cultureInfo, "Authentication scheme {0} is not supported", objArray1));
}
NephosAssertionException.Assert(requestAuthScheme.HasValue, "Authentication scheme in request has no value");
NephosAuthenticationManager.serviceSchemeParamsParserTable[requestContext.ServiceType][requestAuthScheme.Value](requestAuthScheme.Value, authorizationSchemeParameters, uriComponents, out accountName, out signature);
}
catch (Exception exception)
{
if (!swallowException)
{
throw;
}
}
}
