public static AuthDataEntry SignedKeyAuthenticate(string stringToSign, string requestSignature, AuthenticationInformation authInfo)
{
AuthDataEntry authDataEntry;
NephosAssertionException.Assert(!string.IsNullOrEmpty(stringToSign));
NephosAssertionException.Assert(!string.IsNullOrEmpty(requestSignature));
NephosAssertionException.Assert(authInfo != null);
RequestContext requestContext = authInfo.RequestContext;
NephosUriComponents uriComponents = authInfo.UriComponents;
NameValueCollection queryParameters = requestContext.QueryParameters;
string item = queryParameters["sv"];
byte[] sign = BlobSignedAccessHelper.ComputeUrlDecodedUtf8EncodedStringToSign(queryParameters, uriComponents);
using (IEnumerator <AuthDataEntry> enumerator = SharedKeyAuthInfoHelper.GetSharedKeys(authInfo).GetEnumerator())
{
while (enumerator.MoveNext())
{
AuthDataEntry current = enumerator.Current;
byte[] numArray = SASUtilities.ComputeSignedKey(sign, current.AuthValue);
if (!SASUtilities.ComputeSignatureAndCompare((new UTF8Encoding()).GetBytes(stringToSign), numArray, requestSignature))
{
continue;
}
authDataEntry = current;
return(authDataEntry);
}
CultureInfo invariantCulture = CultureInfo.InvariantCulture;
object[] objArray = new object[] { requestSignature, stringToSign };
throw new AuthenticationFailureException(string.Format(invariantCulture, "The MAC signature found in the HTTP request '{0}' is not the same as any computed signature. Server used following string to sign: '{1}'.", objArray));
}
return(authDataEntry);
}
public static string GenerateBlobSasUrl(string accountName, string containerName, string blobName, string blobSnapshot, IStorageAccount storageAccount, string requestUrlBase, bool includeWritePermission)
{
if (string.IsNullOrEmpty(accountName) || string.IsNullOrEmpty(containerName) || string.IsNullOrEmpty(blobName) || string.IsNullOrEmpty(requestUrlBase))
{
IStringDataEventStream error = Logger <IRestProtocolHeadLogger> .Instance.Error;
object[] objArray = new object[] { accountName, containerName, blobName, requestUrlBase };
error.Log("Source blob account, container, blob name or requestUrl should not be empty. sourceUnversionedAccountName: {0} sourceUnversionedContainerName: {1} sourceBlobName: {2} requestUrlBase: {3}", objArray);
return(string.Empty);
}
NameValueCollection nameValueCollection = new NameValueCollection();
if (!includeWritePermission)
{
nameValueCollection.Add("sp", "r");
}
else
{
nameValueCollection.Add("sp", "rw");
}
nameValueCollection.Add("se", SASUtilities.EncodeTime(DateTime.MaxValue));
nameValueCollection.Add("sv", "2016-02-19");
nameValueCollection.Add("sr", "b");
byte[] sign = BlobSignedAccessHelper.ComputeUrlDecodedUtf8EncodedStringToSign(nameValueCollection, new NephosUriComponents(accountName, containerName, HttpUtility.UrlDecode(blobName)));
string str = (new UTF8Encoding()).GetString(sign);
str = str.Replace('\n', '.');
SecretKeyV3 secretKeyV3 = null;
if (secretKeyV3 == null)
{
Logger <IRestProtocolHeadLogger> .Instance.Error.Log("GenerateBlobSasUrl: could not find a system key for the account");
return(string.Empty);
}
string str1 = BlobSignedAccessHelper.ComputeHMACSHA256(secretKeyV3.Value, sign);
if (string.IsNullOrEmpty(str1))
{
Logger <IRestProtocolHeadLogger> .Instance.Error.Log("GenerateBlobSasUrl: could not get HMACSHA256");
return(string.Empty);
}
nameValueCollection.Add("sig", str1);
if (!string.IsNullOrEmpty(blobSnapshot))
{
nameValueCollection.Add("snapshot", blobSnapshot);
}
UriBuilder uriBuilder = new UriBuilder(requestUrlBase);
StringBuilder stringBuilder = new StringBuilder();
string[] allKeys = nameValueCollection.AllKeys;
for (int i = 0; i < (int)allKeys.Length; i++)
{
string str2 = allKeys[i];
stringBuilder.Append(HttpUtilities.PathEncode(str2));
stringBuilder.Append("=");
stringBuilder.Append(HttpUtilities.PathEncode(nameValueCollection[str2]));
stringBuilder.Append("&");
}
if (stringBuilder.Length > 0)
{
stringBuilder.Remove(stringBuilder.Length - 1, 1);
}
uriBuilder.Query = stringBuilder.ToString();
return(uriBuilder.ToString());
}