protected void ValidateSignatureFromHeaderWithContent(string secretKey, string headerName)
{
var result = false;
var signature = this.Request.Headers[headerName].FirstOrDefault() ?? string.Empty;
if (this.Request.Body.CanRead &&
this.Request.Body.CanSeek)
{
MemoryStream stream = new MemoryStream();
this.Request.Body.Seek(0, SeekOrigin.Begin);
this.Request.Body.CopyTo(stream);
this.Request.Body.Seek(0, SeekOrigin.Begin);
using (StreamReader reader = new StreamReader(stream))
{
stream.Seek(0, SeekOrigin.Begin);
var content = reader.ReadToEnd();
result = SignatureUtility.ValidateSignature(signature, secretKey, content);
}
}
if (result == false)
{
throw new UnauthorizedException();
}
}
public void ValidateSignatureFromHeaderWithContent(string secretKey, string headerName)
{
var signature = this.Request.Headers[headerName].FirstOrDefault() ?? string.Empty;
var content = RequestStream.FromStream(this.Request.Body).AsString() ?? string.Empty;
var result = SignatureUtility.ValidateSignature(signature, secretKey, content);
if (result == false)
{
throw new UnauthorizedException();
}
}
public static void ValidateSignature_Should_Return_Unsuccess_Validate()
{
// arrange
var message = "some content2";
var privateKey = "my-key";
var sign = "ae00f9ad096b6d2ca828e972bcda212ed74b338ebc1332c56b2d96bb06fc845e";
// act
var result = SignatureUtility.ValidateSignature(sign, privateKey, message);
// assert
Assert.False(result);
}
