protected string ExtractSignedAuthorization(Microsoft.Cis.Services.Nephos.Common.RequestContext requestContext) { string authorizationScheme; string authorizationSchemeParameters; try { authorizationScheme = requestContext.AuthorizationScheme; authorizationSchemeParameters = requestContext.AuthorizationSchemeParameters; } catch (HttpRequestHeaderNotFoundException httpRequestHeaderNotFoundException) { throw new AuthenticationFailureException("Authorization header not found", httpRequestHeaderNotFoundException); } catch (HttpRequestInvalidHeaderException httpRequestInvalidHeaderException1) { HttpRequestInvalidHeaderException httpRequestInvalidHeaderException = httpRequestInvalidHeaderException1; throw new InvalidAuthenticationInfoException(httpRequestInvalidHeaderException.Message, httpRequestInvalidHeaderException); } catch (HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException) { throw new InvalidAuthenticationInfoException("Duplicate authorization headers found"); } if (string.IsNullOrEmpty(authorizationSchemeParameters) || string.IsNullOrEmpty(authorizationScheme) || !authorizationScheme.Equals("SignedKey")) { throw new AuthenticationFailureException(string.Concat("SignedKey scheme expected but found ", authorizationScheme)); } return(authorizationSchemeParameters); }
public static bool IsAuthenticatedAccess(RequestContext requestContext, string expectedAuthScheme) { string authorizationScheme; if (!Microsoft.Cis.Services.Nephos.Common.Authentication.AuthenticationManager.IsAuthenticatedAccess(requestContext)) { return(false); } try { authorizationScheme = requestContext.AuthorizationScheme; string authorizationSchemeParameters = requestContext.AuthorizationSchemeParameters; } catch (HttpRequestInvalidHeaderException httpRequestInvalidHeaderException1) { HttpRequestInvalidHeaderException httpRequestInvalidHeaderException = httpRequestInvalidHeaderException1; throw new InvalidAuthenticationInfoException(httpRequestInvalidHeaderException.Message, httpRequestInvalidHeaderException); } catch (HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException) { throw new InvalidAuthenticationInfoException("Duplicate authorization headers found", httpRequestDuplicateHeaderException); } return(authorizationScheme == expectedAuthScheme); }
public static void ParseSignatureParametersFromAuthorizationHeader(RequestContext requestContext, NephosUriComponents uriComponents, bool swallowException, out string accountName, out string signature, out SupportedAuthScheme?requestAuthScheme, out bool isAnonymousAccount) { string authorizationScheme; string authorizationSchemeParameters; accountName = null; signature = null; isAnonymousAccount = false; requestAuthScheme = null; try { try { authorizationScheme = requestContext.AuthorizationScheme; authorizationSchemeParameters = requestContext.AuthorizationSchemeParameters; } catch (HttpRequestHeaderNotFoundException httpRequestHeaderNotFoundException) { isAnonymousAccount = true; return; } catch (HttpRequestInvalidHeaderException httpRequestInvalidHeaderException1) { HttpRequestInvalidHeaderException httpRequestInvalidHeaderException = httpRequestInvalidHeaderException1; throw new InvalidAuthenticationInfoException(httpRequestInvalidHeaderException.Message, httpRequestInvalidHeaderException); } catch (HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException1) { HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException = httpRequestDuplicateHeaderException1; throw new InvalidAuthenticationInfoException(httpRequestDuplicateHeaderException.Message, httpRequestDuplicateHeaderException); } DateTime?nephosOrStandardDateHeader = null; try { nephosOrStandardDateHeader = HttpRequestAccessorCommon.GetNephosOrStandardDateHeader(requestContext.RequestHeaders); } catch (ArgumentException argumentException) { throw new AuthenticationFailureException("The Date header in the request is incorrect.", argumentException); } if (!nephosOrStandardDateHeader.HasValue) { throw new AuthenticationFailureException("Request date header not specified"); } if (nephosOrStandardDateHeader.Value.Ticks < DateTime.UtcNow.Subtract(ParameterLimits.DateHeaderLag).Ticks) { DateTime value = nephosOrStandardDateHeader.Value; throw new AuthenticationFailureException(string.Format("Request date header too old: '{0}'", HttpUtilities.ConvertDateTimeToHttpString(value.ToUniversalTime()))); } try { requestAuthScheme = new SupportedAuthScheme?((SupportedAuthScheme)Enum.Parse(typeof(SupportedAuthScheme), authorizationScheme, true)); } catch (ArgumentException argumentException1) { CultureInfo invariantCulture = CultureInfo.InvariantCulture; object[] objArray = new object[] { authorizationScheme }; throw new AuthenticationFailureException(string.Format(invariantCulture, "Authentication scheme {0} is not supported", objArray)); } if (!requestAuthScheme.Equals(SupportedAuthScheme.SharedKey) && !requestAuthScheme.Equals(SupportedAuthScheme.SharedKeyLite) && !requestAuthScheme.Equals(SupportedAuthScheme.SignedKey)) { CultureInfo cultureInfo = CultureInfo.InvariantCulture; object[] objArray1 = new object[] { authorizationScheme }; throw new AuthenticationFailureException(string.Format(cultureInfo, "Authentication scheme {0} is not supported", objArray1)); } NephosAssertionException.Assert(requestAuthScheme.HasValue, "Authentication scheme in request has no value"); NephosAuthenticationManager.serviceSchemeParamsParserTable[requestContext.ServiceType][requestAuthScheme.Value](requestAuthScheme.Value, authorizationSchemeParameters, uriComponents, out accountName, out signature); } catch (Exception exception) { if (!swallowException) { throw; } } }