/// <summary>
/// Makes the HTTP request (Sync).
/// </summary>
/// <param name="path">URL path.</param>
/// <param name="method">HTTP method.</param>
/// <param name="queryParams">Query parameters.</param>
/// <param name="postBody">HTTP body (POST request).</param>
/// <param name="headerParams">Header parameters.</param>
/// <param name="formParams">Form parameters.</param>
/// <param name="fileParams">File parameters.</param>
/// <param name="pathParams">Path parameters.</param>
/// <param name="contentType">Content Type of the request</param>
/// <returns>Object</returns>
public Object CallApi(
String path, RestSharp.Method method, List <KeyValuePair <String, String> > queryParams, Object postBody,
Dictionary <String, String> headerParams, Dictionary <String, String> formParams,
Dictionary <String, FileParameter> fileParams, Dictionary <String, String> pathParams,
String contentType)
{
RequestSignature.InjectSecurityHeaders(headerParams: ref headerParams,
method: method,
postBody: postBody,
path: path,
pathParams: pathParams,
queryParams: queryParams);
var request = PrepareRequest(
path, method, queryParams, postBody, headerParams, formParams, fileParams,
pathParams, contentType);
// set timeout
RestClient.Timeout = Configuration.Timeout;
// set user agent
RestClient.UserAgent = Configuration.UserAgent;
InterceptRequest(request);
var response = RestClient.Execute(request);
InterceptResponse(request, response);
return((Object)response);
}
internal Request(string moduleName, RequestSignature signature, Guid languageId = default(Guid))
{
ModuleName = moduleName;
Signature = signature;
LanguageId = languageId;
_resolvedAddresses = new List<Address>();
}
public async Task <Credentials> Reauthorize()
{
if (credentials == null || credentials?.RefreshToken.Length == 0)
{
return(await Authorize().ConfigureAwait(false));
}
RequestSignature sig = GenerateRequestSignature();
Response.ApiResponse <Credentials> response = await api.RefreshAccessToken(
credentials.RefreshToken,
sig.Signature,
sig.Timestamp)
.ConfigureAwait(false);
if (!response.IsSuccess)
{
throw new ResponseException(response.ResponseMessage, response.ResponseCode);
}
credentials = response.Result;
credentials.Timestamp = response.Timestamp;
return(credentials);
}
private List <RequestSignature> PrepareUsers(ItemsList itemsList)
{
_log.AppendLine("Adding signers to Envelope");
if (itemsList.Rows.Count <= 0)
{
throw new Exception("Empty signers list");
}
var users = new List <RequestSignature>();
foreach (var row in itemsList.Rows)
{
var user = new RequestSignature();
user.signer_email_address = row.GetCellValue(Configuration.Users.SignersList.SignerMailColumnID).ToString();
user.signer_identity_data = new SignerIdentityData()
{
first_name = TextHelper.GetPairName(row.GetCellValue(Configuration.Users.SignersList.SignerNameColumnID).ToString()).Split(' ').First(),
last_name = TextHelper.GetPairName(row.GetCellValue(Configuration.Users.SignersList.SignerNameColumnID).ToString()).Split(' ').Last(),
mobile_number = Configuration.Users.PhoneAutorization ? row.GetCellValue(Configuration.Users.SignersList.SignerPhoneNumberColumnID).ToString() : "",
provider = Configuration.Users.PhoneAutorization ? Configuration.Users.Provider : "",
issuing_country = Configuration.Users.PhoneAutorization ? Configuration.Users.IssuingCountry : ""
};
users.Add(user);
}
return(users);
}
internal static void Resolve(Process process, Resolver resolver, RequestSignature signature, string[] expectedSignatures)
{
var request = new Request(null, signature);
resolver.EnableResolution(process, request);
VerifySignatures(request, expectedSignatures);
}
private static void VerifySignature(string str, RequestSignature expectedSignature)
{
var actualSignature = MemberSignatureParser.Parse(str);
if (expectedSignature == null)
{
Assert.Null(actualSignature);
}
else
{
Assert.NotNull(actualSignature);
Assert.Equal(expectedSignature.MemberName, actualSignature.MemberName, NameComparer.Instance);
if (expectedSignature.Parameters.IsDefault)
{
Assert.True(actualSignature.Parameters.IsDefault);
}
else
{
AssertEx.Equal(
expectedSignature.Parameters,
actualSignature.Parameters,
comparer: ParameterComparer.Instance,
itemInspector: p => p.Type.GetDebuggerDisplay());
}
}
}
public static RequestSignature GetSignature(this HttpRequest request)
{
var context = request.HttpContext;
var logger = context.RequestServices.GetRequiredService <ILogger <RequestSignature> >();
// First we check if we have already saved a signature on the context
if (context.Items.TryGetValue(typeof(RequestSignature), out var contextItem))
{
if (contextItem is RequestSignature contextSignature)
{
return(contextSignature);
}
}
// Try to retrieve from header
if (!request.Headers.TryGetValue("X-Request-Signature", out var headerValues))
{
return(null);
}
var jws = headerValues.ToString();
// Verify header is set
if (string.IsNullOrWhiteSpace(jws))
{
return(null);
}
logger.LogTrace($"X-Request-Signature: {jws}");
RequestSignature signature;
try
{
var token = new JwtSecurityToken(jws);
signature = new RequestSignature(request, token);
}
catch (Exception e)
{
signature = new RequestSignature();
}
// Save to context
context.Items[typeof(RequestSignature)] = signature;
return(signature);
}
public void RequestSignatureParseFromHeaderValParsesHeaderCorrectly()
{
var headerVal = "Signature keyId=\"/SmartThings/89:94:9a:9a:51:24:2d:6d:40:21:63:44:9c:b1:88:14\",signature=\"jskjdfhksdjhf!-9807987bkHKGHKu6gM52ueBRUSEm2H4xEyr4+cQ7zVN-87687HJHjgjhgJGJjj87687HJHjgjhgJGJjjNV7bI8DUz/c-87687HJHjgjhgJGJjjiG/-87687HJHjgjhgJGJjjfHaiutAW7GnzOmjGOfvsNX0xT/PMO-87687HJHjgjhgJGJjjtrD9GfudTljxaFRuFp/-87687HJHjgjhgJGJjj/-87687HJHjgjhgJGJjj-87687HJHjgjhgJGJjjDsIOSHXMSwxLQntMl0UvfMytejT4p2X/yJXlqHlBd/-87687HJHjgjhgJGJjjImx7dJ2Fnw==\",headers=\"(request-target) digest date\",algorithm=\"rsa-sha256\"";
var sig = RequestSignature.ParseFromHeaderVal(headerVal);
Assert.NotNull(sig);
var expected = "/SmartThings/89:94:9a:9a:51:24:2d:6d:40:21:63:44:9c:b1:88:14";
Assert.Equal(sig.KeyId, expected);
expected = "jskjdfhksdjhf!-9807987bkHKGHKu6gM52ueBRUSEm2H4xEyr4+cQ7zVN-87687HJHjgjhgJGJjj87687HJHjgjhgJGJjjNV7bI8DUz/c-87687HJHjgjhgJGJjjiG/-87687HJHjgjhgJGJjjfHaiutAW7GnzOmjGOfvsNX0xT/PMO-87687HJHjgjhgJGJjjtrD9GfudTljxaFRuFp/-87687HJHjgjhgJGJjj/-87687HJHjgjhgJGJjj-87687HJHjgjhgJGJjjDsIOSHXMSwxLQntMl0UvfMytejT4p2X/yJXlqHlBd/-87687HJHjgjhgJGJjjImx7dJ2Fnw==";
Assert.Equal(sig.Signature, expected);
Assert.Contains("(request-target)", sig.Headers);
Assert.Contains("digest", sig.Headers);
Assert.Contains("date", sig.Headers);
expected = "rsa-sha256";
Assert.Equal(sig.Algorithm, expected);
}
public async Task <Credentials> Authorize()
{
RequestSignature sig = GenerateRequestSignature();
Response.ApiResponse <Credentials> response = await api.GetAccessToken(
sig.Signature,
sig.Timestamp)
.ConfigureAwait(false);
if (!response.IsSuccess)
{
throw new ResponseException(response.ResponseMessage, response.ResponseCode);
}
credentials = response.Result;
credentials.Timestamp = response.Timestamp;
return(credentials);
}
private List <RequestSignature> PrepareUser()
{
_log.AppendLine("Adding signer to Envelope");
var users = new List <RequestSignature>();
var user = new RequestSignature();
user.signer_email_address = Configuration.Users.SignerMail;
user.signer_identity_data = new SignerIdentityData()
{
first_name = TextHelper.GetPairName(Configuration.Users.SignerName).Split(' ').First(),
last_name = TextHelper.GetPairName(Configuration.Users.SignerName).Split(' ').Last(),
mobile_number = Configuration.Users.PhoneAutorization ? Configuration.Users.SignerPhoneNumber : "",
provider = Configuration.Users.PhoneAutorization ? Configuration.Users.Provider : "",
issuing_country = Configuration.Users.PhoneAutorization ? Configuration.Users.IssuingCountry : ""
};
users.Add(user);
return(users);
}
public async Task <DeviceInfo> GetDeviceInfo(string deviceId)
{
if (credentials == null || credentials?.AccessToken.Length == 0)
{
throw new UnauthorizedException("Unauthorized");
}
RequestSignature sig = GenerateRequestSignature(credentials.AccessToken);
Response.ApiResponse <DeviceInfo> response = await api.GetDeviceInfo(
sig.Signature,
sig.Timestamp,
credentials.AccessToken,
deviceId)
.ConfigureAwait(false);
if (!response.IsSuccess)
{
throw new ResponseException(response.ResponseMessage, response.ResponseCode);
}
return(response.Result);
}
public async Task <CommandResponse> SendCommands(string deviceId, Commands commands)
{
if (credentials == null || credentials?.AccessToken.Length == 0)
{
throw new UnauthorizedException("Unauthorized");
}
RequestSignature sig = GenerateRequestSignature(credentials.AccessToken);
CommandResponse response = await api.SendCommands(
sig.Signature,
sig.Timestamp,
credentials.AccessToken,
deviceId,
commands)
.ConfigureAwait(false);
if (!response.IsSuccess)
{
throw new ResponseException(response.ResponseMessage, response.ResponseCode);
}
return(response);
}
private List <RequestSignature> PrepareUsers(ItemsList itemsList)
{
if (itemsList.Rows.Count <= 0)
{
throw new Exception("Empty signers list");
}
var users = new List <RequestSignature>();
foreach (var row in itemsList.Rows)
{
var user = new RequestSignature();
user.signer_email_address = row.GetCellValue(Configuration.Users.SignersList.SignerMailColumnID).ToString();
user.signer_identity_data = new SignerIdentityData()
{
first_name = TextHelper.GetPairName(row.GetCellValue(Configuration.Users.SignersList.SignerNameColumnID).ToString()).Split(' ').First(),
last_name = TextHelper.GetPairName(row.GetCellValue(Configuration.Users.SignersList.SignerNameColumnID).ToString()).Split(' ').Last(),
};
users.Add(user);
}
return(users);
}
public void RequestSignature_Time()
{
// Verify that time checks work
ArgCollection args = new ArgCollection();
SymmetricKey key = Crypto.GenerateSymmetricKey();
string signature;
args.Clear();
args["arg1"] = "hello";
args["arg2"] = "world";
args["arg3"] = "test";
// Verify a request with no arguments.
signature = RequestSignature.Generate(key, args);
Thread.Sleep(2000);
Assert.IsTrue(RequestSignature.TryVerify(key, signature, args, null, TimeSpan.FromSeconds(4)));
args.Clear();
signature = RequestSignature.Generate(key, args);
Thread.Sleep(6000);
Assert.IsFalse(RequestSignature.TryVerify(key, signature, args, null, TimeSpan.FromSeconds(4)));
}
internal static void VerifySignature(RequestSignature actualSignature, RequestSignature expectedSignature)
{
if (expectedSignature == null)
{
Assert.Null(actualSignature);
}
else
{
Assert.NotNull(actualSignature);
Assert.Equal(expectedSignature.MemberName, actualSignature.MemberName, NameComparer.Instance);
if (expectedSignature.Parameters.IsDefault)
{
Assert.True(actualSignature.Parameters.IsDefault);
}
else
{
AssertEx.Equal(
expectedSignature.Parameters,
actualSignature.Parameters,
comparer: ParameterComparer.Instance,
itemInspector: p => p.Type.GetDebuggerDisplay());
}
}
}
protected virtual bool VerifySignature(HttpContext context, SignatureValidationOptions validationOptions, out RequestSignature signature, out string reason)
{
var services = context.RequestServices;
var options = services.GetRequiredService <TransportSecuritySettings>();
signature = context.Request.GetSignature();
reason = string.Empty;
if (signature == null)
{
reason = "Request signature not present";
return(!options.SignatureRequred);
}
if (validationOptions.VerifyRequest && !signature.IsValid)
{
reason = "Request signature not valid";
return(false);
}
if (validationOptions.VerifyCertificate &&
!VerifyCertificate(signature.Token, signature.Certificate, out reason))
{
return(false);
}
return(true);
}
internal Request(string moduleName, RequestSignature signature)
{
ModuleName = moduleName;
Signature = signature;
_resolvedAddresses = new List<Address>();
}
public void RequestSignature_Args()
{
ArgCollection args = new ArgCollection();
SymmetricKey key = Crypto.GenerateSymmetricKey();
string signature;
// Verify a request with no arguments.
args.Clear();
signature = RequestSignature.Generate(key, args);
RequestSignature.Verify(key, signature, args, null, graceInterval);
// Verify a request with a few arguments
args.Clear();
args["arg1"] = "hello";
args["arg2"] = "world";
args["arg3"] = "test";
signature = RequestSignature.Generate(key, args);
Assert.IsTrue(RequestSignature.TryVerify(key, signature, args, null, graceInterval));
// Verify that argument normaization works by reversing the
// orher of the arguments added.
args.Clear();
args["arg3"] = "test";
args["arg2"] = "world";
args["arg1"] = "hello";
Assert.IsTrue(RequestSignature.TryVerify(key, signature, args, null, graceInterval));
// Test with the signature as part of the arguments.
args["signature"] = signature;
Assert.IsTrue(RequestSignature.TryVerify(key, signature, args, "signature", graceInterval));
// Tamper with one of the argument values and verify failure
args["arg2"] = "xxx";
Assert.IsFalse(RequestSignature.TryVerify(key, signature, args, null, graceInterval));
// Do it again
args["arg2"] = "WORLD";
ExtendedAssert.Throws <SecurityException>(
() =>
{
RequestSignature.Verify(key, signature, args, null, graceInterval);
Assert.Fail("SecurityException expected");
});
// Change the shared key and verify failure
args.Clear();
args["arg1"] = "hello";
args["arg2"] = "world";
args["arg3"] = "test";
signature = RequestSignature.Generate(key, args);
Assert.IsFalse(RequestSignature.TryVerify(Crypto.GenerateSymmetricKey(), signature, args, null, graceInterval));
}
internal Request(string moduleName, RequestSignature signature)
{
ModuleName = moduleName;
Signature = signature;
_resolvedAddresses = new List <Address>();
}
private static void VerifySignature(string str, RequestSignature expectedSignature)
{
var actualSignature = MemberSignatureParser.Parse(str);
VerifySignature(actualSignature, expectedSignature);
}
private static void VerifySignature(string str, RequestSignature expectedSignature)
{
var actualSignature = MemberSignatureParser.Parse(str);
VerifySignature(actualSignature, expectedSignature);
}
public async Task <ViewModels.RequestOfPermit> GetSection(Models.HotWorksPermit hotWorksPermit)
{
var requestTime = RequestTime.NullableTime;
if (requestTime == null)
{
requestTime = TimeSpan.Zero;
}
ViewModels.RequestOfPermit request = new ViewModels.RequestOfPermit
{
RequestMinutes = RequestMinutesEntry.Text,
RequestPrintName = RequestName.Text,
RequestCompany = RequestCompany.Text,
RequestJobTitle = RequestJobTitle.Text,
RequestDate = RequestDatePicker.Date,
RequestTime = requestTime
};
if (hotWorksPermit != null)
{
var worksPermitObject = JsonConvert.DeserializeObject <HotWorkPermitViewModel>(hotWorksPermit.Content);
if (worksPermitObject.RequestOfPermit.RequestSigned != null)
{
request.RequestSigned = worksPermitObject.RequestOfPermit.RequestSigned;
}
else
{
var image = await RequestSignature.GetImageStreamAsync(SignatureImageFormat.Png);
if (image != null)
{
byte[] arr;
using (var ms = new MemoryStream())
{
await image.CopyToAsync(ms);
arr = ms.ToArray();
}
request.RequestSigned = arr;
}
}
}
else
{
var image = await RequestSignature.GetImageStreamAsync(SignatureImageFormat.Png);
if (image != null)
{
byte[] arr;
using (var ms = new MemoryStream())
{
await image.CopyToAsync(ms);
arr = ms.ToArray();
}
request.RequestSigned = arr;
}
}
return(request);
}
