Exemple #1
0
        public static String Token(
            string realm
            , string authPrefix
            , HttpMethod httpMethod
            , Uri urlPath
            , string appId
            , string secret    = null
            , ApiList formList = null
            , RSA privateKey   = null
            , string nonce     = null
            , string timestamp = null
            , string version   = "1.0")
        {
            Logger.LogEnter(LoggerBase.Args(realm, authPrefix, httpMethod, urlPath, appId, secret, formList == null ? null : formList.ToFormData(), privateKey, nonce, timestamp, version));

            Logger.LogDebug("URL:: {0}", urlPath);

            authPrefix = authPrefix.ToLower();

            // Generate the nonce value
            nonce     = nonce ?? ApiAuthorization.NewNonce().ToString();
            timestamp = timestamp ?? ApiAuthorization.NewTimestamp().ToString();

            SignatureMethod signatureMethod = SignatureMethod.HMACSHA256;

            if (secret == null)
            {
                signatureMethod = SignatureMethod.SHA256withRSA;
            }

            String baseString = BaseString(authPrefix, signatureMethod
                                           , appId, urlPath, httpMethod
                                           , formList, nonce, timestamp, version);

            String base64Token = "";

            if (secret != null)
            {
                base64Token = baseString.L1Signature(secret);
            }
            else
            {
                base64Token = baseString.L2Signature(privateKey);
            }

            var tokenList = new ApiList();

            tokenList.Add("realm", realm);
            tokenList.Add(authPrefix + "_timestamp", timestamp);
            tokenList.Add(authPrefix + "_nonce", nonce);
            tokenList.Add(authPrefix + "_app_id", appId);
            tokenList.Add(authPrefix + "_signature_method", signatureMethod.ToString());
            tokenList.Add(authPrefix + "_version", version);
            tokenList.Add(authPrefix + "_signature", base64Token);

            string authorizationToken = string.Format("{0} {1}", authPrefix.Substring(0, 1).ToUpperInvariant() + authPrefix.Substring(1), tokenList.ToString(",", false, true));

            Logger.LogDebug("Token :: {0}", authorizationToken);

            Logger.LogExit(LoggerBase.Args(authorizationToken));
            return(authorizationToken);
        }
Exemple #2
0
        public static string BaseString(
            string authPrefix
            , SignatureMethod signatureMethod
            , string appId
            , Uri siteUri
            , HttpMethod httpMethod
            , ApiList formList
            , string nonce
            , string timestamp
            , string version)
        {
            Logger.LogEnter(LoggerBase.Args(authPrefix, signatureMethod, appId, siteUri, httpMethod, formList, nonce, timestamp));

            authPrefix = authPrefix.ToLower();

            // make sure that the url are valid
            if (siteUri.Scheme != "http" && siteUri.Scheme != "https")
            {
                throw new System.NotSupportedException("Support http and https protocol only.");
            }

            // make sure that the port no and querystring are remove from url
            var url = string.Format("{0}://{1}{2}", siteUri.Scheme, siteUri.Host, siteUri.AbsolutePath);

            Logger.LogInformation("url:: {0}", url);

            // helper calss that handle parameters and form fields
            ApiList paramList = new ApiList();

            // process QueryString from url by transfering it to paramList
            if (siteUri.Query.Length > 1)
            {
                var queryString = siteUri.Query.Substring(1); // remove the ? from first character
                Logger.LogInformation("queryString:: {0}", queryString);

                var paramArr = queryString.Split('&');
                foreach (string item in paramArr)
                {
                    var itemArr = item.Split('=');
                    paramList.Add(itemArr[0], System.Net.WebUtility.UrlDecode(itemArr[1]));
                }

                Logger.LogInformation("paramList:: {0}", paramList);
            }

            // add the form fields to paramList
            if (formList != null && formList.Count > 0)
            {
                paramList.AddRange(formList);
            }

            paramList.Add(authPrefix + "_timestamp", timestamp);
            paramList.Add(authPrefix + "_nonce", nonce);
            paramList.Add(authPrefix + "_app_id", appId);
            paramList.Add(authPrefix + "_signature_method", signatureMethod.ToString());
            paramList.Add(authPrefix + "_version", version);

            string baseString = httpMethod.ToString() + "&" + url + "&" + paramList.ToString();

            Logger.LogDebug("BaseString:: {0}", baseString);

            Logger.LogExit(LoggerBase.Args(baseString));
            return(baseString);
        }