Example #1
0
        public static bool TryParse(string input, out ApiRequestSignature parsedValue)
        {
            parsedValue = null;
            var success = false;

            if (input != null)
            {
                var parts = input.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
                if (parts.Length == 3)
                {
                    if (parts[2].Length == 64)
                    {
                        DateTime timestamp;
                        if (DateTime.TryParseExact(parts[1], _timestampFormats, CultureInfo.InvariantCulture, DateTimeStyles.AdjustToUniversal, out timestamp))
                        {
                            parsedValue = new ApiRequestSignature
                            {
                                AppId           = parts[0],
                                TimestampString = parts[1],
                                Hash            = parts[2],
                                Timestamp       = timestamp,
                            };
                            success = true;
                        }
                    }
                }
            }

            return(success);
        }
        private bool IsValidSignature(ApiRequestSignature signature, ApiAccountEntity credentials)
        {
            var parameters = new[]
            {
                new NameValuePair(null, signature.AppId),
                new NameValuePair(null, signature.TimestampString)
            };

            var validSignature = HmacUtility.GetHashString(Options.HmacFactory, credentials.SecretKey, parameters);
            var isValid        = string.Equals(signature.Hash, validSignature, StringComparison.OrdinalIgnoreCase);

            return(isValid);
        }
        protected override string ExtractUserIdFromRequest()
        {
            string userId = null;

            var credentials = GetAuthenticationHeaderCredentials();

            ApiRequestSignature signature;

            if (ApiRequestSignature.TryParse(credentials, out signature))
            {
                if ((DateTime.UtcNow - signature.Timestamp).Duration() < Options.SignatureValidityPeriod)
                {
                    var apiAccount = Options.ApiCredentialsProvider.GetAccountByAppId(ApiAccountType.Hmac, signature.AppId);
                    if (apiAccount != null && IsValidSignature(signature, apiAccount))
                    {
                        userId = apiAccount.AccountId;
                    }
                }
            }

            return(userId);
        }
Example #4
0
        public static bool TryParse(string input, out ApiRequestSignature parsedValue)
        {
            parsedValue = null;
            var success = false;

            if (input != null)
            {
                var parts = input.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
                if (parts.Length == 3)
                {
                    if (parts[2].Length == 64)
                    {
                        DateTime timestamp;
                        if (DateTime.TryParseExact(parts[1], _timestampFormats, CultureInfo.InvariantCulture, DateTimeStyles.AdjustToUniversal, out timestamp))
                        {
                            parsedValue = new ApiRequestSignature
                            {
                                AppId = parts[0],
                                TimestampString = parts[1],
                                Hash = parts[2],
                                Timestamp = timestamp,
                            };
                            success = true;
                        }
                    }
                }
            }

            return success;
        }