Ejemplo n.º 1
0
        protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request,
                                                                System.Threading.CancellationToken cancellationToken)
        {
            //we won't use it any more. abandon this.
            //if (!request.Headers.Contains(Configuration.AppKey))
            //{
            //    request.Headers.Add(Configuration.AppKey, AppKey);
            //}
            request.Headers.Date = new DateTimeOffset(DateTime.Now, DateTime.Now - DateTime.UtcNow);
            var    representation = _representationBuilder.BuildRequestRepresentation(request);
            var    secret         = _secretRepository.GetSecretForAppKey(AppKey);
            string signature      = _signatureCalculator.Signature(secret,
                                                                   representation);
            var authentication = Convert.ToBase64String(Encoding.UTF8.GetBytes(string.Format(Configuration.AuthenticationFormat, AppKey, signature)));
            var header         = new AuthenticationHeaderValue(Configuration.AuthenticationScheme, authentication);

            request.Headers.Authorization = header;
            return(base.SendAsync(request, cancellationToken));
        }
        protected async Task <Tuple <bool, string> > IsAuthenticated(HttpRequestMessage requestMessage)
        {
            //wo won't use it anymore.
            //if (!requestMessage.Headers.Contains(Configuration.AppKey))
            //{
            //    return Tuple.Create(false,UnauthorizedReasons.NoAppKeyHeader);
            //}

            var isDateValid = IsDateValid(requestMessage);

            if (!isDateValid.Item1)
            {
                return(isDateValid);
            }

            if (requestMessage.Headers.Authorization == null ||
                requestMessage.Headers.Authorization.Scheme != Configuration.AuthenticationScheme)
            {
                return(Tuple.Create(false, UnauthorizedReasons.NoAuthorizationHeaderOrScheme));
            }
            var authorizationParam = requestMessage.Headers.Authorization.Parameter;
            var originAuthParm     = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(authorizationParam));
            var authSplit          = originAuthParm.Split(':');

            if (authSplit.Length != 2)
            {
                return(Tuple.Create(false, UnauthorizedReasons.WrongFormatOfAuthorization));
            }
            var appKey = authSplit[0];
            //string appKey = requestMessage.Headers.GetValues(Configuration.AppKey).First();
            var secret = _secretRepository.GetSecretForAppKey(appKey);

            if (secret == null)
            {
                return(Tuple.Create(false, UnauthorizedReasons.AppKeyIsNotExists));
            }

            var representation = _representationBuilder.BuildRequestRepresentation(requestMessage);

            if (string.IsNullOrWhiteSpace(representation))
            {
                return(Tuple.Create(false, UnauthorizedReasons.CantBuildRepresentation));
            }
            //mLogger.Debug(representation);
            // FileUtil.WriteStringToFile(@"D:\Log.txt", representation + "\r\n", false, true);
            Log.D(representation + "\r\n");
            if (requestMessage.Content.Headers.ContentMD5 != null &&
                !await IsMd5Valid(requestMessage))
            {
                return(Tuple.Create(false, UnauthorizedReasons.MD5NotMatch));
            }

            var signature = _signatureCalculator.Signature(secret, representation);

            // mLogger.Debug("Signature:"+signature);
            // FileUtil.WriteStringToFile(@"D:\Log.txt", "Signature:" + signature, false, true);
            Log.D("IsAuthenticated", "Signature:" + signature);

            if (MemoryCache.Default.Contains(signature))
            {
                return(Tuple.Create(false, UnauthorizedReasons.ReplayAttack));
            }

            //var result = requestMessage.Headers.Authorization.Parameter == signature;
            var result = authSplit[1] == signature;

            if (result)
            {
                MemoryCache.Default.Add(signature, appKey,
                                        DateTimeOffset.UtcNow.AddMinutes(Configuration.ValidityPeriodInMinutes));
                return(Tuple.Create(true, string.Empty));
            }
            return(Tuple.Create(false, UnauthorizedReasons.WrongSignature));
        }