protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request,
System.Threading.CancellationToken cancellationToken)
{
//we won't use it any more. abandon this.
//if (!request.Headers.Contains(Configuration.AppKey))
//{
// request.Headers.Add(Configuration.AppKey, AppKey);
//}
request.Headers.Date = new DateTimeOffset(DateTime.Now, DateTime.Now - DateTime.UtcNow);
var representation = _representationBuilder.BuildRequestRepresentation(request);
var secret = _secretRepository.GetSecretForAppKey(AppKey);
string signature = _signatureCalculator.Signature(secret,
representation);
var authentication = Convert.ToBase64String(Encoding.UTF8.GetBytes(string.Format(Configuration.AuthenticationFormat, AppKey, signature)));
var header = new AuthenticationHeaderValue(Configuration.AuthenticationScheme, authentication);
request.Headers.Authorization = header;
return(base.SendAsync(request, cancellationToken));
}
protected async Task <Tuple <bool, string> > IsAuthenticated(HttpRequestMessage requestMessage)
{
//wo won't use it anymore.
//if (!requestMessage.Headers.Contains(Configuration.AppKey))
//{
// return Tuple.Create(false,UnauthorizedReasons.NoAppKeyHeader);
//}
var isDateValid = IsDateValid(requestMessage);
if (!isDateValid.Item1)
{
return(isDateValid);
}
if (requestMessage.Headers.Authorization == null ||
requestMessage.Headers.Authorization.Scheme != Configuration.AuthenticationScheme)
{
return(Tuple.Create(false, UnauthorizedReasons.NoAuthorizationHeaderOrScheme));
}
var authorizationParam = requestMessage.Headers.Authorization.Parameter;
var originAuthParm = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(authorizationParam));
var authSplit = originAuthParm.Split(':');
if (authSplit.Length != 2)
{
return(Tuple.Create(false, UnauthorizedReasons.WrongFormatOfAuthorization));
}
var appKey = authSplit[0];
//string appKey = requestMessage.Headers.GetValues(Configuration.AppKey).First();
var secret = _secretRepository.GetSecretForAppKey(appKey);
if (secret == null)
{
return(Tuple.Create(false, UnauthorizedReasons.AppKeyIsNotExists));
}
var representation = _representationBuilder.BuildRequestRepresentation(requestMessage);
if (string.IsNullOrWhiteSpace(representation))
{
return(Tuple.Create(false, UnauthorizedReasons.CantBuildRepresentation));
}
//mLogger.Debug(representation);
// FileUtil.WriteStringToFile(@"D:\Log.txt", representation + "\r\n", false, true);
Log.D(representation + "\r\n");
if (requestMessage.Content.Headers.ContentMD5 != null &&
!await IsMd5Valid(requestMessage))
{
return(Tuple.Create(false, UnauthorizedReasons.MD5NotMatch));
}
var signature = _signatureCalculator.Signature(secret, representation);
// mLogger.Debug("Signature:"+signature);
// FileUtil.WriteStringToFile(@"D:\Log.txt", "Signature:" + signature, false, true);
Log.D("IsAuthenticated", "Signature:" + signature);
if (MemoryCache.Default.Contains(signature))
{
return(Tuple.Create(false, UnauthorizedReasons.ReplayAttack));
}
//var result = requestMessage.Headers.Authorization.Parameter == signature;
var result = authSplit[1] == signature;
if (result)
{
MemoryCache.Default.Add(signature, appKey,
DateTimeOffset.UtcNow.AddMinutes(Configuration.ValidityPeriodInMinutes));
return(Tuple.Create(true, string.Empty));
}
return(Tuple.Create(false, UnauthorizedReasons.WrongSignature));
}
