Exemple #1
0
        protected string ExtractSignedAuthorization(Microsoft.Cis.Services.Nephos.Common.RequestContext requestContext)
        {
            string authorizationScheme;
            string authorizationSchemeParameters;

            try
            {
                authorizationScheme           = requestContext.AuthorizationScheme;
                authorizationSchemeParameters = requestContext.AuthorizationSchemeParameters;
            }
            catch (HttpRequestHeaderNotFoundException httpRequestHeaderNotFoundException)
            {
                throw new AuthenticationFailureException("Authorization header not found", httpRequestHeaderNotFoundException);
            }
            catch (HttpRequestInvalidHeaderException httpRequestInvalidHeaderException1)
            {
                HttpRequestInvalidHeaderException httpRequestInvalidHeaderException = httpRequestInvalidHeaderException1;
                throw new InvalidAuthenticationInfoException(httpRequestInvalidHeaderException.Message, httpRequestInvalidHeaderException);
            }
            catch (HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException)
            {
                throw new InvalidAuthenticationInfoException("Duplicate authorization headers found");
            }
            if (string.IsNullOrEmpty(authorizationSchemeParameters) || string.IsNullOrEmpty(authorizationScheme) || !authorizationScheme.Equals("SignedKey"))
            {
                throw new AuthenticationFailureException(string.Concat("SignedKey scheme expected but found ", authorizationScheme));
            }
            return(authorizationSchemeParameters);
        }
Exemple #2
0
        public static bool IsAuthenticatedAccess(RequestContext requestContext, string expectedAuthScheme)
        {
            string authorizationScheme;

            if (!Microsoft.Cis.Services.Nephos.Common.Authentication.AuthenticationManager.IsAuthenticatedAccess(requestContext))
            {
                return(false);
            }
            try
            {
                authorizationScheme = requestContext.AuthorizationScheme;
                string authorizationSchemeParameters = requestContext.AuthorizationSchemeParameters;
            }
            catch (HttpRequestInvalidHeaderException httpRequestInvalidHeaderException1)
            {
                HttpRequestInvalidHeaderException httpRequestInvalidHeaderException = httpRequestInvalidHeaderException1;
                throw new InvalidAuthenticationInfoException(httpRequestInvalidHeaderException.Message, httpRequestInvalidHeaderException);
            }
            catch (HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException)
            {
                throw new InvalidAuthenticationInfoException("Duplicate authorization headers found", httpRequestDuplicateHeaderException);
            }
            return(authorizationScheme == expectedAuthScheme);
        }
Exemple #3
0
        public static void ParseSignatureParametersFromAuthorizationHeader(RequestContext requestContext, NephosUriComponents uriComponents, bool swallowException, out string accountName, out string signature, out SupportedAuthScheme?requestAuthScheme, out bool isAnonymousAccount)
        {
            string authorizationScheme;
            string authorizationSchemeParameters;

            accountName        = null;
            signature          = null;
            isAnonymousAccount = false;
            requestAuthScheme  = null;
            try
            {
                try
                {
                    authorizationScheme           = requestContext.AuthorizationScheme;
                    authorizationSchemeParameters = requestContext.AuthorizationSchemeParameters;
                }
                catch (HttpRequestHeaderNotFoundException httpRequestHeaderNotFoundException)
                {
                    isAnonymousAccount = true;
                    return;
                }
                catch (HttpRequestInvalidHeaderException httpRequestInvalidHeaderException1)
                {
                    HttpRequestInvalidHeaderException httpRequestInvalidHeaderException = httpRequestInvalidHeaderException1;
                    throw new InvalidAuthenticationInfoException(httpRequestInvalidHeaderException.Message, httpRequestInvalidHeaderException);
                }
                catch (HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException1)
                {
                    HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException = httpRequestDuplicateHeaderException1;
                    throw new InvalidAuthenticationInfoException(httpRequestDuplicateHeaderException.Message, httpRequestDuplicateHeaderException);
                }
                DateTime?nephosOrStandardDateHeader = null;
                try
                {
                    nephosOrStandardDateHeader = HttpRequestAccessorCommon.GetNephosOrStandardDateHeader(requestContext.RequestHeaders);
                }
                catch (ArgumentException argumentException)
                {
                    throw new AuthenticationFailureException("The Date header in the request is incorrect.", argumentException);
                }
                if (!nephosOrStandardDateHeader.HasValue)
                {
                    throw new AuthenticationFailureException("Request date header not specified");
                }
                if (nephosOrStandardDateHeader.Value.Ticks < DateTime.UtcNow.Subtract(ParameterLimits.DateHeaderLag).Ticks)
                {
                    DateTime value = nephosOrStandardDateHeader.Value;
                    throw new AuthenticationFailureException(string.Format("Request date header too old: '{0}'", HttpUtilities.ConvertDateTimeToHttpString(value.ToUniversalTime())));
                }
                try
                {
                    requestAuthScheme = new SupportedAuthScheme?((SupportedAuthScheme)Enum.Parse(typeof(SupportedAuthScheme), authorizationScheme, true));
                }
                catch (ArgumentException argumentException1)
                {
                    CultureInfo invariantCulture = CultureInfo.InvariantCulture;
                    object[]    objArray         = new object[] { authorizationScheme };
                    throw new AuthenticationFailureException(string.Format(invariantCulture, "Authentication scheme {0} is not supported", objArray));
                }
                if (!requestAuthScheme.Equals(SupportedAuthScheme.SharedKey) && !requestAuthScheme.Equals(SupportedAuthScheme.SharedKeyLite) && !requestAuthScheme.Equals(SupportedAuthScheme.SignedKey))
                {
                    CultureInfo cultureInfo = CultureInfo.InvariantCulture;
                    object[]    objArray1   = new object[] { authorizationScheme };
                    throw new AuthenticationFailureException(string.Format(cultureInfo, "Authentication scheme {0} is not supported", objArray1));
                }
                NephosAssertionException.Assert(requestAuthScheme.HasValue, "Authentication scheme in request has no value");
                NephosAuthenticationManager.serviceSchemeParamsParserTable[requestContext.ServiceType][requestAuthScheme.Value](requestAuthScheme.Value, authorizationSchemeParameters, uriComponents, out accountName, out signature);
            }
            catch (Exception exception)
            {
                if (!swallowException)
                {
                    throw;
                }
            }
        }