/* Verifying and Decoding a Signed Request from Salesforce
* 1. split the signed request on the FIRST period(.).
* a. string[0] = hashed Base64 context signed with the consumer secret
* b. string[1] = Base64 encoded context itself
* use HMAC SHA-256 algorith to hash the Base64 encoded context (string[1]) and sign it using your consumer secret
* Compare the Base64 encoded string with the hashed Base64 context signed with the consumer secret
*/
public static CanvasRequest verifyAndDecode(String signedRequest, String secret)
{
CanvasRequest returnCanvasRequest = new CanvasRequest();
String decodedSignature = "";
String decodedPayload = "";
String[] split = getParts(Uri.UnescapeDataString(signedRequest));//decode signedRequest before processing
if(split.Length==2)
{
decodedSignature = split[0];
decodedPayload = split[1];
if (verify(secret, decodedPayload, decodedSignature))
{
byte[] encodedDataAsBytes = System.Convert.FromBase64String(decodedPayload);
string jsonData = System.Text.Encoding.UTF8.GetString(encodedDataAsBytes);
//populate the CanvasRequest object based on this JSON payload
//returnCanvasRequest.client;
Newtonsoft.Json.JsonSerializer js = new JsonSerializer();
JsonTextReader reader = new JsonTextReader(new StringReader(jsonData));
returnCanvasRequest = js.Deserialize<CanvasRequest>(reader);
}
}
return returnCanvasRequest;
}
/* Verifying and Decoding a Signed Request from Salesforce
* 1. split the signed request on the FIRST period(.).
* a. string[0] = hashed Base64 context signed with the consumer secret
* b. string[1] = Base64 encoded context itself
* use HMAC SHA-256 algorith to hash the Base64 encoded context (string[1]) and sign it using your consumer secret
* Compare the Base64 encoded string with the hashed Base64 context signed with the consumer secret
*/
public static CanvasRequest verifyAndDecode(String signedRequest, String secret)
{
CanvasRequest returnCanvasRequest = new CanvasRequest();
String decodedSignature = "";
String decodedPayload = "";
String[] split = getParts(Uri.UnescapeDataString(signedRequest));//decode signedRequest before processing
if (split.Length == 2)
{
decodedSignature = split[0];
decodedPayload = split[1];
if (verify(secret, decodedPayload, decodedSignature))
{
byte[] encodedDataAsBytes = System.Convert.FromBase64String(decodedPayload);
string jsonData = System.Text.Encoding.UTF8.GetString(encodedDataAsBytes);
//populate the CanvasRequest object based on this JSON payload
//returnCanvasRequest.client;
Newtonsoft.Json.JsonSerializer js = new JsonSerializer();
JsonTextReader reader = new JsonTextReader(new StringReader(jsonData));
returnCanvasRequest = js.Deserialize <CanvasRequest>(reader);
}
}
return(returnCanvasRequest);
}
