private void SendSqrlData(SqrlData data)
{
var request = WebRequest.Create("http://" + data.Url);
request.Method = "POST";
string postData = string.Format("publickey={0}&signature={1}&url={2}",
HttpServerUtility.UrlTokenEncode(data.PublicKey),
HttpServerUtility.UrlTokenEncode(data.Signature),
data.Url);
var byteArray = Encoding.UTF8.GetBytes(postData);
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = byteArray.Length;
var dataStream = request.GetRequestStream();
dataStream.Write(byteArray, 0, byteArray.Length);
dataStream.Close();
var response = request.GetResponse();
dataStream = response.GetResponseStream();
var reader = new StreamReader(dataStream);
var responseFromServer = reader.ReadToEnd();
dataView.Buffer.Text = responseFromServer;
reader.Close();
dataStream.Close();
response.Close();
}
/// <summary>
/// Verifies the sqrl request.
/// </summary>
/// <returns>
/// Whether the public key provided decrypts the signature provided.
/// </returns>
/// <param name='data'>
/// The data contained in the SQRL request.
/// </param>
/// <param name='expectedUrl'>
/// The URL that is expected from the request.
/// </param>
public bool VerifySqrlRequest(SqrlData data, string expectedUrl)
{
var decryptedSignatureData = _sqrlSigner.Verify(data.PublicKey, data.Signature);
var decryptedUrl = Encoding.UTF8.GetString(decryptedSignatureData);
return((decryptedUrl == data.Url) && (decryptedUrl == Utility.GetUrlWithoutProtocol(expectedUrl)));
}
/// <summary>
/// Gets the sqrl data for login.
/// </summary>
/// <returns>
/// The sqrl data for login.
/// </returns>
/// <param name='masterKey'>
/// Master key.
/// </param>
/// <param name='url'>
/// The URL.
/// </param>
public SqrlData GetSqrlDataForLogin(byte[] masterKey, string url)
{
var domain = Utility.GetDomainFromUrl(url);
var privateKey = _hmacGenerator.GeneratePrivateKey(masterKey, domain);
var sqrlData = new SqrlData
{
Url = Utility.GetUrlWithoutProtocol(url),
Signature = _signer.Sign(privateKey, Utility.GetUrlWithoutProtocol(url)),
PublicKey = _signer.MakePublicKey(privateKey)
};
Array.Clear(privateKey, 0, privateKey.Length);
return(sqrlData);
}
public ActionResult Sqrl(string id, string publickey, string signature, string url)
{
var data = new SqrlData
{
PublicKey = HttpServerUtility.UrlTokenDecode(publickey),
Signature = HttpServerUtility.UrlTokenDecode(signature),
Url = url
};
var expected = string.Format("{0}/{1}",
Url.Action("Sqrl",
"Login",
null,
"sqrl",
Request.Url.Host + ":" + Request.Url.Port),
id);
if (_sqrlServer.VerifySqrlRequest(data, expected) && _nutRepository.IsNutActive(id))
{
var user = _userRepository.Retrieve(publickey);
if (user == null)
{
// register user
user = new SqrlUser
{
Id = publickey,
Initialized = false
};
_userRepository.Create(user);
}
_nutRepository.Validate(id, user.Id);
return(Content("valid"));
}
return(Content("invalid"));
}
/// <summary>
/// Verifies the sqrl request.
/// </summary>
/// <returns>
/// Whether the public key provided decrypts the signature provided.
/// </returns>
/// <param name='data'>
/// The data contained in the SQRL request.
/// </param>
/// <param name='expectedUrl'>
/// The URL that is expected from the request.
/// </param>
public bool VerifySqrlRequest(SqrlData data, string expectedUrl)
{
var decryptedSignatureData = _sqrlSigner.Verify(data.PublicKey, data.Signature);
var decryptedUrl = Encoding.UTF8.GetString(decryptedSignatureData);
return (decryptedUrl == data.Url) && (decryptedUrl == Utility.GetUrlWithoutProtocol(expectedUrl));
}
