Exemple #1
0
        public static bool TryExtractDigestHeader(string verb, string authHeader, out DigestHeader header)
        {
            header = null;

            try
            {
                header = ExtractDigestHeader(verb, authHeader);
                return(true);
            }
            catch (Exception)
            { }

            return(false);
        }
Exemple #2
0
        /// <summary>   Extracts a HTTP digest auth header from a given string, assigning the given HTTP verb. </summary>
        /// <remarks>   ebrown, 3/28/2011. </remarks>
        /// <exception cref="ArgumentNullException">    Thrown when the authHeader argument is null. </exception>
        /// <exception cref="ArgumentException">        Thrown when one or more arguments have unsupported or illegal values. </exception>
        /// <exception cref="Exception">                Thrown when exception. </exception>
        /// <param name="verb">         The HTTP verb. </param>
        /// <param name="authHeader">   The incoming authorization header. </param>
        /// <returns>   A new DigestHeader instance containing the relevant values as parsed from the header. </returns>
        public static DigestHeader ExtractDigestHeader(string verb, string authHeader)
        {
            try
            {
                if (null == authHeader)
                {
                    throw new ArgumentNullException("authHeader");
                }
                if (null == verb)
                {
                    throw new ArgumentNullException("verb");
                }
                if (!verb.IsEnumFromEnumValue <HttpMethodNames>())
                {
                    throw new ArgumentException(String.Format("The verb {0} specified is not valid", verb), "verb");
                }

                if (string.IsNullOrWhiteSpace(authHeader) || !authHeader.StartsWith("Digest", StringComparison.OrdinalIgnoreCase))
                {
                    throw new ArgumentException("AuthHeader cannot be null or empty OR does not start with Digest", "authHeader");
                }

                //lop off the "Digest " and then separate by commas per the spec
                //http://en.wikipedia.org/wiki/Digest_access_authentication
                // http://tools.ietf.org/html/rfc2617
                string keyValuePairs = authHeader.Substring(7);
                if (string.IsNullOrEmpty(keyValuePairs))
                {
                    throw new ArgumentException("Authorization header did not contain any data other than Digest");
                }

                var headerDictionary = keyValuePairs.Split(',')
                                       .Select(pair =>
                {
                    var firstEqualIndex = pair.IndexOf('=');
                    return(new { Key = pair.Substring(0, firstEqualIndex).Trim().Trim('\"'), Value = pair.Substring(firstEqualIndex + 1).Trim().Trim('\"') });
                }).ToDictionary(pair => pair.Key, pair => pair.Value, StringComparer.CurrentCultureIgnoreCase);

                //parse the values, supplying defaults as necessary
                var header = new DigestHeader()
                {
                    Verb                = verb,
                    ClientNonce         = headerDictionary.GetValueOrDefault("cnonce", string.Empty),
                    Nonce               = headerDictionary.GetValueOrDefault("nonce", string.Empty),
                    Opaque              = headerDictionary.GetValueOrDefault("opaque", string.Empty),
                    QualityOfProtection = headerDictionary.GetValueOrDefault("qop", string.Empty).ToEnumFromEnumValue <DigestQualityOfProtectionType>(),
                    Realm               = headerDictionary.GetValueOrDefault("realm", string.Empty),
                    RequestCounter      = headerDictionary.ContainsKey("nc") ? (int?)Convert.ToInt32(headerDictionary["nc"], 16) : null,
                    Response            = headerDictionary.GetValueOrDefault("response", string.Empty),
                    Uri      = headerDictionary.GetValueOrDefault("uri", string.Empty),
                    UserName = headerDictionary.GetValueOrDefault("username", string.Empty)
                };

                string empty = "* EMPTY *";
                log.Info(String.Format(CultureInfo.InvariantCulture,
                                       "Authorization header contains username [{1}] / realm [{2}]{0}" +
                                       "uri [{3}] / nonce [{4}] / nc (nonce request counter) [{5}] / cnonce (client nonce) [{6}]{0}" +
                                       "qop [{7}] / response [{8}] / opaque [{9}]",
                                       Environment.NewLine, header.UserName ?? empty, header.Realm ?? empty, header.Uri ?? empty,
                                       header.Nonce ?? empty, header.RequestCounter, header.ClientNonce ?? empty,
                                       header.QualityOfProtection, header.Response ?? empty, header.Opaque ?? empty));

                return(header);
            }
            catch (Exception ex)
            {
                log.Warn("Unexpected error parsing header string", ex);
                throw;
            }
        }
        /// <summary>   Extracts a HTTP digest auth header from a given string, assigning the given HTTP verb. </summary>
        /// <remarks>   ebrown, 3/28/2011. </remarks>
        /// <exception cref="ArgumentNullException">    Thrown when the authHeader argument is null. </exception>
        /// <exception cref="ArgumentException">        Thrown when one or more arguments have unsupported or illegal values. </exception>
        /// <exception cref="Exception">                Thrown when exception. </exception>
        /// <param name="verb">         The HTTP verb. </param>
        /// <param name="authHeader">   The incoming authorization header. </param>
        /// <returns>   A new DigestHeader instance containing the relevant values as parsed from the header. </returns>
        public static DigestHeader ExtractDigestHeader(string verb, string authHeader)
        {
            try
            {
                if (null == authHeader) { throw new ArgumentNullException("authHeader"); }
                if (null == verb) { throw new ArgumentNullException("verb"); }
                if (!verb.IsEnumFromEnumValue<HttpMethodNames>()) { throw new ArgumentException(String.Format("The verb {0} specified is not valid", verb), "verb"); }

                if (string.IsNullOrWhiteSpace(authHeader) || !authHeader.StartsWith("Digest", StringComparison.OrdinalIgnoreCase))
                {
                    throw new ArgumentException("AuthHeader cannot be null or empty OR does not start with Digest", "authHeader");
                }

                //lop off the "Digest " and then separate by commas per the spec
                //http://en.wikipedia.org/wiki/Digest_access_authentication
                // http://tools.ietf.org/html/rfc2617
                string keyValuePairs = authHeader.Substring(7);
                if (string.IsNullOrEmpty(keyValuePairs))
                {
                    throw new ArgumentException("Authorization header did not contain any data other than Digest");
                }

                var headerDictionary = keyValuePairs.Split(',')
                    .Select(pair =>
                    {
                        var firstEqualIndex = pair.IndexOf('=');
                        return new { Key = pair.Substring(0, firstEqualIndex).Trim().Trim('\"'), Value = pair.Substring(firstEqualIndex + 1).Trim().Trim('\"') };
                    }).ToDictionary(pair => pair.Key, pair => pair.Value, StringComparer.CurrentCultureIgnoreCase);

                //parse the values, supplying defaults as necessary
                var header = new DigestHeader()
                    {
                        Verb = verb,
                        ClientNonce = headerDictionary.GetValueOrDefault("cnonce", string.Empty),
                        Nonce = headerDictionary.GetValueOrDefault("nonce", string.Empty),
                        Opaque = headerDictionary.GetValueOrDefault("opaque", string.Empty),
                        QualityOfProtection = headerDictionary.GetValueOrDefault("qop", string.Empty).ToEnumFromEnumValue<DigestQualityOfProtectionType>(),
                        Realm = headerDictionary.GetValueOrDefault("realm", string.Empty),
                        RequestCounter = headerDictionary.ContainsKey("nc") ? (int?)Convert.ToInt32(headerDictionary["nc"], 16) : null,
                        Response = headerDictionary.GetValueOrDefault("response", string.Empty),
                        Uri = headerDictionary.GetValueOrDefault("uri", string.Empty),
                        UserName = headerDictionary.GetValueOrDefault("username", string.Empty)
                    };

                string empty = "* EMPTY *";
                log.Info(String.Format(CultureInfo.InvariantCulture,
                    "Authorization header contains username [{1}] / realm [{2}]{0}" +
                    "uri [{3}] / nonce [{4}] / nc (nonce request counter) [{5}] / cnonce (client nonce) [{6}]{0}" +
                    "qop [{7}] / response [{8}] / opaque [{9}]",
                    Environment.NewLine, header.UserName ?? empty, header.Realm ?? empty, header.Uri ?? empty,
                    header.Nonce ?? empty, header.RequestCounter, header.ClientNonce ?? empty,
                    header.QualityOfProtection, header.Response ?? empty, header.Opaque ?? empty));

                return header;
            }
            catch (Exception ex)
            {
                log.Warn("Unexpected error parsing header string", ex);
                throw;
            }
        }
        public static bool TryExtractDigestHeader(string verb, string authHeader, out DigestHeader header)
        {
            header = null;

            try
            {
                header = ExtractDigestHeader(verb, authHeader);
                return true;
            }
            catch (Exception)
            { }

            return false;
        }