public string Escape(Uri requestTarget, RequestTargetEscaping escaping) { if (requestTarget == null) { throw new ArgumentNullException(nameof(requestTarget)); } switch (escaping) { case RequestTargetEscaping.RFC3986: return(_rfc3986Escaper.Escape(requestTarget, escaping)); case RequestTargetEscaping.RFC2396: return(_rfc2396Escaper.Escape(requestTarget, escaping)); case RequestTargetEscaping.OriginalString: return(_originalStringEscaper.Escape(requestTarget, escaping)); case RequestTargetEscaping.Unescaped: return(_unescapedEscaper.Escape(requestTarget, escaping)); default: throw new ArgumentOutOfRangeException(nameof(escaping), escaping, $"The specified {nameof(RequestTargetEscaping)} value is currently not supported."); } }
public void GivenUnsupportedEscapingOption_ThrowsArgumentException(RequestTargetEscaping escaping) { var requestTarget = new Uri("https://dalion.eu/api/create", UriKind.Absolute); Action act = () => _sut.Escape(requestTarget, escaping); act.Should().Throw <ArgumentException>(); }
public Create() { _timeOfComposing = new DateTimeOffset(2020, 2, 24, 11, 20, 14, TimeSpan.FromHours(1)); _expires = TimeSpan.FromMinutes(5); _httpRequest = new HttpRequestForSignatureString { Method = HttpMethod.Post, RequestUri = "http://dalion.eu/api/resource/id1".ToUri() }; _requestTargetEscaping = RequestTargetEscaping.RFC3986; }
public RequestTargetHeaderAppenderTests() { FakeFactory.Create(out _requestTargetEscaper); _httpRequest = new HttpRequestForSignatureString { Method = HttpMethod.Post, RequestUri = "/api/resource/id1".ToUri() }; _requestTargetEscaping = RequestTargetEscaping.RFC3986; _sut = new RequestTargetHeaderAppender(_httpRequest, _requestTargetEscaping, _requestTargetEscaper); }
public IHeaderAppender Create(HttpRequestForSignatureString request, RequestTargetEscaping requestTargetEscaping, DateTimeOffset?timeOfComposing, TimeSpan?expires) { if (request == null) { throw new ArgumentNullException(nameof(request)); } return(new CompositeHeaderAppender( new DefaultHeaderAppender(request), new RequestTargetHeaderAppender(request, requestTargetEscaping, _requestTargetEscaper), new CreatedHeaderAppender(timeOfComposing), new ExpiresHeaderAppender(timeOfComposing, expires), new DateHeaderAppender(request))); }
public void CallsCorrectEscaperAndReturnsItsResult(RequestTargetEscaping escaping) { A.CallTo(() => _rfc3986Escaper.Escape(_requestTarget, escaping)) .Returns("escaped_rfc3986"); A.CallTo(() => _rfc2396Escaper.Escape(_requestTarget, escaping)) .Returns("escaped_rfc2396"); A.CallTo(() => _originalStringEscaper.Escape(_requestTarget, escaping)) .Returns("escaped_originalstring"); A.CallTo(() => _unescapedEscaper.Escape(_requestTarget, escaping)) .Returns("escaped_unescaped"); var actual = _sut.Escape(_requestTarget, escaping); actual.Should().Be("escaped_" + escaping.ToString().ToLower()); }
/// <summary> /// Create a new instance of the <see cref="Client" /> class. /// </summary> /// <param name="id">The identity of the client that can be looked up by the server.</param> /// <param name="name">The descriptive name of the client</param> /// <param name="signatureAlgorithm">The <see cref="Dalion.HttpMessageSigning.ISignatureAlgorithm" /> that is used to verify the signature.</param> /// <param name="nonceLifetime">The time span after which repeated nonce values are allowed again.</param> /// <param name="clockSkew">The clock skew to allow when validation a time.</param> /// <param name="claims">The additional claims that the validated principal will have upon successful signature verification.</param> /// <param name="requestTargetEscaping">The method of escaping the value of the (request-target) pseudo-header.</param> public Client( KeyId id, string name, ISignatureAlgorithm signatureAlgorithm, TimeSpan nonceLifetime, TimeSpan clockSkew, RequestTargetEscaping requestTargetEscaping, params Claim[] claims) : this(id, name, signatureAlgorithm, new ClientOptions { RequestTargetEscaping = requestTargetEscaping, NonceLifetime = nonceLifetime, ClockSkew = clockSkew, Claims = claims }) { }
public string Escape(Uri requestTarget, RequestTargetEscaping escaping) { if (escaping != RequestTargetEscaping.Unescaped) { throw new ArgumentException($"This {GetType().Name} cannot escape adhering to the rules of option '{escaping}'."); } if (requestTarget == null) { throw new ArgumentNullException(nameof(requestTarget)); } return(requestTarget.IsAbsoluteUri ? requestTarget.GetComponents(UriComponents.PathAndQuery, UriFormat.Unescaped) : ("/" + requestTarget.OriginalString.Split('#')[0].TrimStart('/')).UriUnescape()); }
public string Escape(Uri requestTarget, RequestTargetEscaping escaping) { if (escaping != RequestTargetEscaping.OriginalString) { throw new ArgumentException($"This {GetType().Name} cannot escape adhering to the rules of option '{escaping}'."); } if (requestTarget == null) { throw new ArgumentNullException(nameof(requestTarget)); } if (requestTarget.IsAbsoluteUri) { var segments = requestTarget.OriginalString.Split('#')[0].Split('/'); return("/" + string.Join("/", segments.Skip(3))); } return("/" + requestTarget.OriginalString.Split('#')[0].TrimStart('/')); }
private static void ConfigureServices(IServiceCollection services, RequestTargetEscaping escapingForSigning, RequestTargetEscaping escapingForVerification) { services .AddHttpMessageSigning() .UseKeyId("e0e8dcd638334c409e1b88daf821d135") .UseSignatureAlgorithm(SignatureAlgorithm.CreateForSigning("yumACY64r%hm")) .UseDigestAlgorithm(HashAlgorithmName.SHA256) .UseExpires(TimeSpan.FromMinutes(1)) .UseHeaders((HeaderName)"Dalion-App-Id") .UseRequestTargetEscaping(escapingForSigning) .Services .AddHttpMessageSignatureVerification() .UseAspNetCoreSignatureVerification() .UseClient(Client.Create( "e0e8dcd638334c409e1b88daf821d135", "HttpMessageSigningSampleHMAC", SignatureAlgorithm.CreateForVerification("yumACY64r%hm"), options => { options.RequestTargetEscaping = escapingForVerification; options.Claims = new[] { new Claim(SignedHttpRequestClaimTypes.Role, "users.read") }; })); }
public Escape() { _escaping = RequestTargetEscaping.OriginalString; }
public async Task WhenRequestTargetEscapingSettingIsAMatch_VerificationSucceeds(RequestTargetEscaping escaping) { _serviceProvider = new ServiceCollection().Configure(services => ConfigureServices(services, escaping, escaping)).BuildServiceProvider(); _requestSignerFactory = _serviceProvider.GetRequiredService <IRequestSignerFactory>(); _verifier = _serviceProvider.GetRequiredService <IRequestSignatureVerifier>(); var request = new HttpRequestMessage { RequestUri = new Uri("https://dalion.eu/api/%7BBrooks%7D%20was%20here/api/David%20%26%20Partners%20%2B%20Siebe%20at%20100%25%20%2A%20co.?query%2Bstring=%7BBrooks%7D"), Method = HttpMethod.Post, Content = new StringContent("{'id':42}", Encoding.UTF8, MediaTypeNames.Application.Json), Headers = { { "Dalion-App-Id", "ringor" } } }; var requestSigner = _requestSignerFactory.CreateFor("e0e8dcd638334c409e1b88daf821d135"); await requestSigner.Sign(request); var receivedRequest = await request.ToServerSideHttpRequest(); var verificationResult = await _verifier.VerifySignature(receivedRequest, _authenticationOptions); verificationResult.IsSuccess.Should().BeTrue(); if (verificationResult is RequestSignatureVerificationResultFailure failureResult) { _output.WriteLine("Request signature verification failed: {0}", failureResult.Failure); throw new SignatureVerificationException(failureResult.Failure.ToString()); } }
public Escape() { _escaping = RequestTargetEscaping.RFC2396; }
public IHttpMessageSigningBuilder UseRequestTargetEscaping(RequestTargetEscaping requestTargetEscaping) { _signingSettings.RequestTargetEscaping = requestTargetEscaping; return(this); }
public Escape() { _escaping = RequestTargetEscaping.Unescaped; }
public RequestTargetHeaderAppender(HttpRequestForSignatureString request, RequestTargetEscaping requestTargetEscaping, IRequestTargetEscaper requestTargetEscaper) { _request = request ?? throw new ArgumentNullException(nameof(request)); _requestTargetEscaping = requestTargetEscaping; _requestTargetEscaper = requestTargetEscaper ?? throw new ArgumentNullException(nameof(requestTargetEscaper)); }