public void ShouldAuthenticate()
{
// Arrange
IHmacConfiguration configuration = CreateConfiguration();
IRestSharpHmacSigner signer = new RestSharpHmacSigner(configuration, _keyRepository);
HmacAuthenticator authenticator = new HmacAuthenticator(configuration, signer);
IRestClient client = CreateClient();
IRestRequest request = CreateRequest(configuration);
// Act
authenticator.Authenticate(client, request);
Parameter contentMd5Param = request.Parameters.FirstOrDefault(p => p.Name == "Content-MD5");
Parameter authorizationParam = request.Parameters.FirstOrDefault(p => p.Name == "Authorization");
Parameter dateParam = request.Parameters.FirstOrDefault(p => p.Name == "Date");
string dateString = dateParam != null ? dateParam.Value as string ?? string.Empty : string.Empty;
DateTimeOffset parsedDate;
bool isValidDate = DateTimeOffset.TryParseExact(dateString, "ddd, dd MMM yyyy HH:mm:ss G\\MT", _dateHeaderCulture, DateTimeStyles.AssumeUniversal, out parsedDate);
HmacSignatureData signatureData = signer.GetSignatureDataFromRestRequest(client, request);
string signature = signer.CreateSignature(signatureData);
// Assert
Assert.IsNotNull(contentMd5Param);
Assert.AreEqual(ParameterType.HttpHeader, contentMd5Param.Type);
Assert.AreEqual(_base64Md5Hash, contentMd5Param.Value);
Assert.IsNotNull(authorizationParam);
Assert.AreEqual(ParameterType.HttpHeader, authorizationParam.Type);
Assert.IsNotNull(authorizationParam.Value);
Assert.IsInstanceOfType(authorizationParam.Value, typeof(string));
Assert.AreEqual((string)authorizationParam.Value, "HMAC " + signature);
Assert.IsNotNull(dateParam);
Assert.AreEqual(ParameterType.HttpHeader, dateParam.Type);
Assert.IsNotNull(dateParam.Value);
Assert.IsTrue(isValidDate);
}
private IRestRequest CreateRequest(IHmacConfiguration configuration)
{
List <Parameter> parameters = new List <Parameter>
{
new Parameter {
Name = ContentType, Value = Body, Type = ParameterType.RequestBody
},
new Parameter {
Name = configuration.UserHeaderName, Value = _keyRepository.Username, Type = ParameterType.HttpHeader
},
new Parameter {
Name = "X-Custom-Test-Header-1", Value = "Test1", Type = ParameterType.HttpHeader
},
new Parameter {
Name = "X-Custom-Test-Header-2", Value = "Test2", Type = ParameterType.HttpHeader
}
};
Mock <IRestRequest> mockRequest = new Mock <IRestRequest>();
mockRequest.Setup(r => r.Method).Returns(Method.POST);
mockRequest.Setup(r => r.Parameters).Returns(parameters);
mockRequest
.Setup(r => r.AddParameter(It.IsAny <string>(), It.IsAny <object>(), It.IsAny <ParameterType>()))
.Callback((string name, object value, ParameterType type) => parameters.Add(new Parameter {
Name = name, Value = value, Type = type
}));
return(mockRequest.Object);
}
public HmacClient(IHmacConfiguration hmacConfiguration, string credential, Func <IWorkContext, Task <string> > getHmacKey)
: this(hmacConfiguration, credential)
{
Verify.IsNotNull(nameof(getHmacKey), getHmacKey);
_getHmacKey = getHmacKey;
}
public HmacClient(IHmacConfiguration hmacConfiguration, string credential, string hmacKey)
: this(hmacConfiguration, credential)
{
Verify.IsNotEmpty(nameof(hmacKey), hmacKey);
HmacKey = hmacKey;
}
public void ShouldCreateSignature()
{
// Arrange
IHmacConfiguration configuration = CreateConfiguration();
HmacSigner signer = new HmacSigner(configuration, _keyRepository);
HmacSignatureData signatureData = new HmacSignatureData
{
Key = _keyRepository.Key,
HttpMethod = "POST",
ContentMd5 = _base64Md5Hash,
ContentType = ContentType,
Date = "Wed, 30 Dec 2015 12:30:45 GMT",
Username = _keyRepository.Username,
RequestUri = Url,
Headers = new NameValueCollection {
{ "X-Custom-Test-Header-1", "Test1" }, { "X-Custom-Test-Header-2", "Test2" }
}
};
const string expectedSignature = "CSDWHwt5sOWkBKS5mSNWrgJaXREQB6CKywVyB/A4IDQ65h3gzR9/Uutug34ikpcW3JlnVyAL+xbu/eNaq99q/Q==";
HmacSignatureData signatureData2 = new HmacSignatureData {
Key = _keyRepository.Key
};
const string expectedSignature2 = "QwPLzI1RUBRyYerrolY3+4Mzuw8Z07YfxnpP9va2ckH/I7UvdPBMkcaomWOaC5pZym9x+t/BA/2VTP6pjje1DQ==";
// Act
string signature = signer.CreateSignature(signatureData);
string signature2 = signer.CreateSignature(signatureData2);
// Assert
Assert.IsNotNull(signature);
Assert.AreEqual(expectedSignature, signature);
Assert.IsNotNull(signature2);
Assert.AreEqual(expectedSignature2, signature2);
}
/// <summary>
/// Initializes a new instance of the <see cref="HmacSigner"/> class using the specified configuration and key repository.
/// </summary>
/// <param name="configuration">The configuration used for signing.</param>
/// <param name="keyRepository">The repository used for retrieving the key associated with the user.</param>
/// <exception cref="ArgumentNullException">The configuration or key repository is null.</exception>
/// <exception cref="HmacConfigurationException">The configured signature encoding is invalid.</exception>
public HmacSigner(IHmacConfiguration configuration, IHmacKeyRepository keyRepository)
{
if (configuration == null)
{
throw new ArgumentNullException(nameof(configuration), "The configuration cannot be null.");
}
if (keyRepository == null)
{
throw new ArgumentNullException(nameof(keyRepository), "The key repository cannot be null.");
}
HmacConfiguration = configuration;
HmacKeyRepository = keyRepository;
DateHeaderCulture = new CultureInfo(HmacConstants.DateHeaderCulture);
Md5 = MD5.Create();
try
{
SignatureEncoding = Encoding.GetEncoding(configuration.SignatureEncoding);
}
catch (ArgumentException ex)
{
throw new HmacConfigurationException("The configured signature encoding is invalid.", ex);
}
}
public void ShouldFailToValidateContentMd5()
{
// Arrange
IHmacConfiguration configuration = CreateConfiguration();
IHmacSigner signer = new HmacSigner(configuration, _keyRepository);
HmacValidator validator = new HmacValidator(configuration, signer);
const string incorrectBody = Body + "Modified";
byte[] incorrectBodyBytes = Encoding.UTF8.GetBytes(incorrectBody);
Stream incorrectBodyStream = new MemoryStream(incorrectBodyBytes);
// Act
bool stringIsValidBase64 = validator.IsValidContentMd5(_base64Md5Hash, incorrectBody, Encoding.UTF8);
bool stringIsValidByteArray = validator.IsValidContentMd5(_md5Hash, incorrectBody, Encoding.UTF8);
bool bytesAreValidBase64 = validator.IsValidContentMd5(_base64Md5Hash, incorrectBodyBytes);
bool bytesAreValidByteArray = validator.IsValidContentMd5(_md5Hash, incorrectBodyBytes);
bool streamIsValidBase64 = validator.IsValidContentMd5(_base64Md5Hash, incorrectBodyStream);
bool streamIsValidByteArray = validator.IsValidContentMd5(_md5Hash, incorrectBodyStream);
incorrectBodyStream.Dispose();
// Assert
Assert.IsFalse(stringIsValidBase64);
Assert.IsFalse(stringIsValidByteArray);
Assert.IsFalse(bytesAreValidBase64);
Assert.IsFalse(bytesAreValidByteArray);
Assert.IsFalse(streamIsValidBase64);
Assert.IsFalse(streamIsValidByteArray);
}
public void ShouldFailValidationDueToMissingKey()
{
// Arrange
Mock <IHmacKeyRepository> mockKeyRepo = new Mock <IHmacKeyRepository>();
mockKeyRepo.Setup(r => r.GetHmacKeyForUsername(It.IsAny <string>())).Returns((string)null);
IHmacConfiguration configuration = CreateConfiguration();
IHmacSigner signer = new HmacSigner(configuration, mockKeyRepo.Object);
HmacValidator validator = new HmacValidator(configuration, signer);
DateTimeOffset dateTimeOffset = DateTimeOffset.UtcNow.AddMinutes(-3);
string dateString = dateTimeOffset.ToString(HmacConstants.DateHeaderFormat, _dateHeaderCulture);
HttpRequestBase request = CreateRequest(dateString);
HmacSignatureData signatureData = signer.GetSignatureDataFromHttpRequest(request);
signatureData.Key = "TestKey";
string signature = signer.CreateSignature(signatureData);
request.Headers[HmacConstants.AuthorizationHeaderName] = string.Format(
HmacConstants.AuthorizationHeaderFormat,
configuration.AuthorizationScheme,
signature);
// Act
HmacValidationResult result = validator.ValidateHttpRequest(request);
// Assert
Assert.IsNotNull(result);
Assert.IsNotNull(result.ErrorMessage);
Assert.AreEqual(result.ResultCode, HmacValidationResultCode.KeyMissing);
}
public HmacSignature(IHmacConfiguration hmacConfiguration, TimeSpan?validFor = null)
{
Verify.IsNotNull(nameof(hmacConfiguration), hmacConfiguration);
_hmacConfiguration = hmacConfiguration;
_validFor = validFor ?? TimeSpan.FromMinutes(5);
}
public void ShouldGetDefaultConfiguration()
{
// Arrange
HmacConfigurationManager configurationManager = new HmacConfigurationManager();
HmacConfiguration expectedConfiguration = new HmacConfiguration
{
Name = configurationManager.DefaultConfigurationKey,
UserHeaderName = "X-Auth-User",
AuthorizationScheme = "HMAC",
SignatureDataSeparator = "\n",
SignatureEncoding = "UTF-8",
HmacAlgorithm = "HMACSHA512",
MaxRequestAge = TimeSpan.FromMinutes(5),
SignRequestUri = true,
ValidateContentMd5 = true,
Headers = null
};
// Act
IHmacConfiguration defaultConfigByKey = configurationManager.Get(configurationManager.DefaultConfigurationKey);
IHmacConfiguration defaultConfig = configurationManager.GetDefault();
// Assert
AssertConfiguration(expectedConfiguration, defaultConfigByKey);
AssertConfiguration(expectedConfiguration, defaultConfig);
}
private void AssertConfiguration(IHmacConfiguration expected, IHmacConfiguration actual)
{
if (expected == null)
{
Assert.IsNull(actual);
return;
}
Assert.IsNotNull(actual);
Assert.AreEqual(expected.Name, actual.Name);
Assert.AreEqual(expected.UserHeaderName, actual.UserHeaderName);
Assert.AreEqual(expected.AuthorizationScheme, actual.AuthorizationScheme);
Assert.AreEqual(expected.SignatureDataSeparator, actual.SignatureDataSeparator);
Assert.AreEqual(expected.SignatureEncoding, actual.SignatureEncoding);
Assert.AreEqual(expected.HmacAlgorithm, actual.HmacAlgorithm);
Assert.AreEqual(expected.MaxRequestAge, actual.MaxRequestAge);
Assert.AreEqual(expected.SignRequestUri, actual.SignRequestUri);
if (expected.Headers != null)
{
Assert.IsNotNull(actual.Headers);
Assert.IsTrue(expected.Headers.OrderBy(h => h).SequenceEqual(actual.Headers.OrderBy(h => h)));
}
else
{
Assert.IsNull(actual.Headers);
}
}
public void ShouldConfigureFromFile()
{
// Arrange
HmacConfigurationManager configurationManager = new HmacConfigurationManager();
HmacConfiguration expectedConfiguration = new HmacConfiguration
{
Name = "TestConfiguration",
UserHeaderName = "X-Test-User",
AuthorizationScheme = "TEST",
SignatureDataSeparator = "_",
SignatureEncoding = "UTF-32",
HmacAlgorithm = "HMACSHA256",
MaxRequestAge = TimeSpan.FromMinutes(2),
SignRequestUri = false,
ValidateContentMd5 = true,
Headers = new List <string> {
"X-Test-Header-1", "X-Test-Header-2"
}
};
// Act
configurationManager.ConfigureFromFile("Hmac.config");
IHmacConfiguration configuration = configurationManager.Get(expectedConfiguration.Name);
// Assert
AssertConfiguration(expectedConfiguration, configuration);
}
public void OnAuthorization(AuthorizationContext filterContext)
{
if (filterContext.ActionDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true) || filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(AllowAnonymousAttribute), true))
{
return;
}
IHmacConfiguration configuration = _configurationManager.Get("Example");
IHmacSigner signer = new HmacSigner(configuration, _keyRepository);
IHmacValidator validator = new HmacValidator(configuration, signer);
HmacValidationResult result = validator.ValidateHttpRequest(filterContext.HttpContext.Request);
if (result.ResultCode == HmacValidationResultCode.Ok)
{
return;
}
HttpResponseBase response = filterContext.HttpContext.Response;
validator.AddWwwAuthenticateHeader(response, configuration.AuthorizationScheme);
response.Headers.Add("X-Auth-ErrorCode", result.ResultCode.ToString());
response.StatusCode = (int)HttpStatusCode.Unauthorized;
response.Write(result.ErrorMessage);
response.End();
}
public void ShouldFailValidationDueToMissingDate()
{
// Arrange
IHmacConfiguration configuration = CreateConfiguration();
IHmacSigner signer = new HmacSigner(configuration, _keyRepository);
HmacValidator validator = new HmacValidator(configuration, signer);
DateTimeOffset dateTimeOffset = DateTimeOffset.UtcNow.AddMinutes(-3);
string dateString = dateTimeOffset.ToString(HmacConstants.DateHeaderFormat, _dateHeaderCulture);
HttpRequestBase request = CreateRequest(dateString);
HmacSignatureData signatureData = signer.GetSignatureDataFromHttpRequest(request);
string signature = signer.CreateSignature(signatureData);
request.Headers[HmacConstants.AuthorizationHeaderName] = string.Format(
HmacConstants.AuthorizationHeaderFormat,
configuration.AuthorizationScheme,
signature);
request.Headers.Remove(HmacConstants.DateHeaderName);
// Act
HmacValidationResult result = validator.ValidateHttpRequest(request);
// Assert
Assert.IsNotNull(result);
Assert.IsNotNull(result.ErrorMessage);
Assert.AreEqual(result.ResultCode, HmacValidationResultCode.DateMissing);
}
static void Main()
{
// Retrieve the server URL
string serverBaseUrl = ConfigurationManager.AppSettings["ServerBaseUrl"];
// Setup the signer
IHmacConfigurationManager configurationManager = new HmacConfigurationManager();
configurationManager.ConfigureFromFile("Hmac.config");
IHmacConfiguration configuration = configurationManager.Get("Example");
IHmacKeyRepository keyRepository = new SingleHmacKeyRepository("FollowTheWhiteRabbit");
IRestSharpHmacSigner signer = new RestSharpHmacSigner(configuration, keyRepository);
// Setup the RestSharp client
IRestClient client = new RestClient(serverBaseUrl);
client.AddHandler("application/json", new JsonDeserializer());
client.Authenticator = new HmacAuthenticator(configuration, signer);
client.AddDefaultHeader("X-Custom-Header", "Knock knock...");
// Execute the GET request
Console.WriteLine("Neo searches for a spoon.");
IRestRequest getRequest = new RestRequest("spoon", Method.GET);
getRequest.AddHeader(configuration.UserHeaderName, "Neo");
IRestResponse <ExampleModel> getResponse = client.Execute <ExampleModel>(getRequest);
Console.WriteLine(" There is a '{0}'!", getResponse.Data.Value);
// Execute the POST request
Console.WriteLine("Neo posts his sunglasses.");
IRestRequest postRequest = new RestRequest(Method.POST);
postRequest.RequestFormat = DataFormat.Json;
postRequest.AddHeader(configuration.UserHeaderName, "Neo");
postRequest.AddBody(new ExampleModel {
Value = "sunglasses"
});
IRestResponse postResponse = client.Execute(postRequest);
Console.WriteLine(" {0}", postResponse.Content);
// Execute GET request with an incorrect username
Console.WriteLine("Morpheus searches for The One.");
IRestRequest incorrectGetRequest = new RestRequest("The One", Method.GET);
incorrectGetRequest.AddHeader(configuration.UserHeaderName, "Morpheus");
IRestResponse incorrectGetResponse = client.Execute(incorrectGetRequest);
Console.WriteLine(" {0}", incorrectGetResponse.Content);
#if DEBUG
if (Debugger.IsAttached)
{
Console.WriteLine("Press any key to continue . . .");
Console.ReadKey(true);
}
#endif
}
private HmacClient(IHmacConfiguration hmacConfiguration, string credential)
{
Verify.IsNotNull(nameof(hmacConfiguration), hmacConfiguration);
Verify.IsNotEmpty(nameof(credential), credential);
HmacConfiguration = hmacConfiguration;
Credential = credential;
}
public HmacMiddleware(RequestDelegate next, IIdentityRepository identityRepository, IHmacConfiguration hmacConfiguration)
{
Verify.IsNotNull(nameof(next), next);
_next = next;
_identityRepository = identityRepository;
_hmacConfiguration = hmacConfiguration;
}
/// <summary>
/// Initializes a new instance of the <see cref="HmacValidator"/> class using the specified configuration and signer.
/// </summary>
/// <param name="configuration">The configuration used for signing and validating.</param>
/// <param name="signer">The signer to use for creating a signature.</param>
/// <exception cref="ArgumentNullException">The configuration or signer is null.</exception>
public HmacValidator(IHmacConfiguration configuration, IHmacSigner signer)
{
if (configuration == null)
{
throw new ArgumentNullException(nameof(configuration), "The configuration cannot be null.");
}
if (signer == null)
{
throw new ArgumentNullException(nameof(signer), "The signer cannot be null.");
}
HmacConfiguration = configuration;
HmacSigner = signer;
DateHeaderCulture = new CultureInfo(HmacConstants.DateHeaderCulture);
}
public void ShouldSetAuthorizationHeader()
{
// Arrange
const string signature = "TEST_SIGNATURE";
IHmacConfiguration configuration = CreateConfiguration();
HttpRequestBase request = CreateRequest(string.Empty);
HmacSigner signer = new HmacSigner(configuration, _keyRepository);
// Act
signer.SetAuthorizationHeader(request, signature);
string headerValue = request.Headers["Authorization"];
// Assert
Assert.IsNotNull(headerValue);
Assert.AreEqual("HMAC TEST_SIGNATURE", headerValue);
}
public void ShouldAddAuthorizationHeader()
{
// Arrange
const string signature = "TEST_SIGNATURE";
IHmacConfiguration configuration = CreateConfiguration();
IRestRequest request = CreateRequest(configuration, string.Empty);
RestSharpHmacSigner signer = new RestSharpHmacSigner(configuration, _keyRepository);
// Act
signer.AddAuthorizationHeader(request, signature);
Parameter param = request.Parameters.FirstOrDefault(p => p.Name == "Authorization");
// Assert
Assert.IsNotNull(param);
Assert.AreEqual($"{configuration.AuthorizationScheme} {signature}", param.Value);
Assert.AreEqual(ParameterType.HttpHeader, param.Type);
}
public void ShouldAddWwwAuthenticateHeader()
{
// Arrange
const string headerValue = "HMAC_TEST";
IHmacConfiguration configuration = CreateConfiguration();
HttpResponseBase response = CreateResponse(string.Empty);
HmacSigner signer = new HmacSigner(configuration, _keyRepository);
HmacValidator validator = new HmacValidator(configuration, signer);
// Act
validator.AddWwwAuthenticateHeader(response, headerValue);
string actualHeaderValue = response.Headers["WWW-Authenticate"];
// Assert
Assert.IsNotNull(actualHeaderValue);
Assert.AreEqual(headerValue, actualHeaderValue);
}
public void ShouldFailToValidateRequestDate()
{
// Arrange
IHmacConfiguration configuration = CreateConfiguration();
IHmacSigner signer = new HmacSigner(configuration, _keyRepository);
HmacValidator validator = new HmacValidator(configuration, signer);
DateTimeOffset dateTimeOffset = DateTimeOffset.UtcNow.AddMinutes(-6);
string dateString = dateTimeOffset.ToString(HmacConstants.DateHeaderFormat, _dateHeaderCulture);
DateTime dateTime = dateTimeOffset.UtcDateTime;
// Act
bool isValidDateTimeOffset = validator.IsValidRequestDate(dateTimeOffset);
bool isValidDateString = validator.IsValidRequestDate(dateString, HmacConstants.DateHeaderFormat);
bool isValidDateTime = validator.IsValidRequestDate(dateTime);
// Assert
Assert.IsFalse(isValidDateString);
Assert.IsFalse(isValidDateTime);
Assert.IsFalse(isValidDateTimeOffset);
}
public void ShouldFailValidationDueToInvalidAuthorization()
{
// Arrange
IHmacConfiguration configuration = CreateConfiguration();
IHmacSigner signer = new HmacSigner(configuration, _keyRepository);
HmacValidator validator = new HmacValidator(configuration, signer);
DateTimeOffset dateTimeOffset = DateTimeOffset.UtcNow.AddMinutes(-3);
string dateString = dateTimeOffset.ToString(HmacConstants.DateHeaderFormat, _dateHeaderCulture);
HttpRequestBase request = CreateRequest(dateString);
request.Headers[HmacConstants.AuthorizationHeaderName] = "blahblah";
// Act
HmacValidationResult result = validator.ValidateHttpRequest(request);
// Assert
Assert.IsNotNull(result);
Assert.IsNotNull(result.ErrorMessage);
Assert.AreEqual(result.ResultCode, HmacValidationResultCode.AuthorizationInvalid);
}
public void ShouldFailToValidateSignature()
{
// Arrange
IHmacConfiguration configuration = CreateConfiguration();
IHmacSigner signer = new HmacSigner(configuration, _keyRepository);
HmacValidator validator = new HmacValidator(configuration, signer);
const string signatureString1 = "SIGNATURE_STRING";
const string signatureString2 = "SIGNATURE_STRING_DIFFERENT";
byte[] signatureBytes1 = Encoding.UTF8.GetBytes(signatureString1);
byte[] signatureBytes2 = Encoding.UTF8.GetBytes(signatureString2);
// Act
bool isValidString = validator.IsValidSignature(signatureString1, signatureString2);
bool isValidByteArray = validator.IsValidSignature(signatureBytes1, signatureBytes2);
// Assert
Assert.IsFalse(isValidString);
Assert.IsFalse(isValidByteArray);
}
public void ShouldGetSignatureDataFromHttpRequest()
{
// Arrange
IHmacConfiguration configuration = CreateConfiguration();
string dateString = CreateHttpDateString();
HttpRequestBase request = CreateRequest(dateString);
HmacSigner signer = new HmacSigner(configuration, _keyRepository);
// Act
HmacSignatureData signatureData = signer.GetSignatureDataFromHttpRequest(request);
// Assert
Assert.IsNotNull(signatureData);
Assert.AreEqual(_keyRepository.Key, signatureData.Key);
Assert.AreEqual(request.HttpMethod, signatureData.HttpMethod);
Assert.AreEqual(_base64Md5Hash, signatureData.ContentMd5);
Assert.AreEqual(ContentType, signatureData.ContentType);
Assert.AreEqual(dateString, signatureData.Date);
Assert.AreEqual(_keyRepository.Username, signatureData.Username);
Assert.AreEqual(Url, signatureData.RequestUri);
Assert.IsNotNull(signatureData.Headers);
Assert.IsTrue(signatureData.Headers.Count > 0);
}
public void ShouldValidateContentMd5()
{
// Arrange
IHmacConfiguration configuration = CreateConfiguration();
IHmacSigner signer = new HmacSigner(configuration, _keyRepository);
HmacValidator validator = new HmacValidator(configuration, signer);
// Act
bool stringIsValidBase64 = validator.IsValidContentMd5(_base64Md5Hash, Body, Encoding.UTF8);
bool stringIsValidByteArray = validator.IsValidContentMd5(_md5Hash, Body, Encoding.UTF8);
bool bytesAreValidBase64 = validator.IsValidContentMd5(_base64Md5Hash, _bodyBytes);
bool bytesAreValidByteArray = validator.IsValidContentMd5(_md5Hash, _bodyBytes);
bool streamIsValidBase64 = validator.IsValidContentMd5(_base64Md5Hash, _bodyStream);
bool streamIsValidByteArray = validator.IsValidContentMd5(_md5Hash, _bodyStream);
// Assert
Assert.IsTrue(stringIsValidBase64);
Assert.IsTrue(stringIsValidByteArray);
Assert.IsTrue(bytesAreValidBase64);
Assert.IsTrue(bytesAreValidByteArray);
Assert.IsTrue(streamIsValidBase64);
Assert.IsTrue(streamIsValidByteArray);
}
public void ShouldConfigureFromFileAndWatch()
{
// Arrange
HmacConfigurationManager configurationManager = new HmacConfigurationManager();
const string name = "TestConfiguration";
const string originalAuthScheme = "TEST";
const string modifiedAuthScheme = "TEST_MODIFIED";
// Act
configurationManager.ConfigureFromFileAndWatch("Hmac.config");
IHmacConfiguration configuration = configurationManager.Get(name);
using (StreamWriter writer = new StreamWriter("Hmac.config", false, Encoding.UTF8))
{
writer.Write(_hmacModifiedConfig);
writer.Flush();
}
Thread.Sleep(1500);
IHmacConfiguration modifiedConfiguration = configurationManager.Get(name);
IHmacConfiguration defaultConfiguration = configurationManager.Get(configurationManager.DefaultConfigurationKey);
using (StreamWriter writer = new StreamWriter("Hmac.config", false, Encoding.UTF8))
{
writer.Write(_hmacConfig);
writer.Flush();
}
// Assert
Assert.IsNotNull(configuration);
Assert.AreEqual(name, configuration.Name);
Assert.AreEqual(originalAuthScheme, configuration.AuthorizationScheme);
Assert.IsNotNull(configuration);
Assert.AreEqual(name, modifiedConfiguration.Name);
Assert.AreEqual(modifiedAuthScheme, modifiedConfiguration.AuthorizationScheme);
Assert.IsNotNull(defaultConfiguration);
Assert.AreEqual(configurationManager.DefaultConfigurationKey, defaultConfiguration.Name);
}
public void ShouldGetSignatureDataFromRestRequest()
{
// Arrange
IHmacConfiguration configuration = CreateConfiguration();
string dateString = CreateHttpDateString();
IRestClient client = CreateClient();
IRestRequest request = CreateRequest(configuration, dateString);
RestSharpHmacSigner signer = new RestSharpHmacSigner(configuration, _keyRepository);
// Act
HmacSignatureData signatureData = signer.GetSignatureDataFromRestRequest(client, request);
// Assert
Assert.IsNotNull(signatureData);
Assert.AreEqual(_keyRepository.Key, signatureData.Key);
Assert.AreEqual(request.Method.ToString().ToUpperInvariant(), signatureData.HttpMethod);
Assert.AreEqual(_base64Md5Hash, signatureData.ContentMd5);
Assert.AreEqual(ContentType, signatureData.ContentType);
Assert.AreEqual(dateString, signatureData.Date);
Assert.AreEqual(_keyRepository.Username, signatureData.Username);
Assert.AreEqual(Url, signatureData.RequestUri);
Assert.IsNotNull(signatureData.Headers);
Assert.IsTrue(signatureData.Headers.Count > 0);
}
/// <summary>
/// Initializes a new instance of the <see cref="RestSharpHmacSigner"/> class using the specified configuration and key repository.
/// </summary>
/// <param name="configuration">The configuration used for signing.</param>
/// <param name="keyRepository">The repository used for retrieving the key associated with the user.</param>
/// <exception cref="ArgumentNullException">The configuration or key repository is null.</exception>
public RestSharpHmacSigner(IHmacConfiguration configuration, IHmacKeyRepository keyRepository)
: base(configuration, keyRepository)
{
}
