Esempi in C# (CSharp) per IHmacSignatureProvider.GetSignature

Esempio n. 1

        /// <inheritdoc />
        protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
        {
            var hmacOptions = _hmacOptionsProvider.GetHmacOptions(Scheme.Name);

            if (hmacOptions == null)
            {
                return(AuthenticateResult.Fail("Hmac configuration not set."));
            }

            if (!Request.Headers.TryGetValue(Constants.Nonce, out var nonceValue))
            {
                return(AuthenticateResult.Fail($"{Constants.Nonce} not set."));
            }

            Request.Headers.TryGetValue(Constants.Header, out var headerSignature);
            if (string.IsNullOrEmpty(headerSignature))
            {
                return(AuthenticateResult.Fail("Hmac header is empty."));
            }

            var body = await Request.GetBodyAsync();

            var clearSignature = _hmacSignatureProvider.GetSignature(Request.Method.ToUpper(), Request.Path.Value, body, nonceValue, hmacOptions.Secret);
            var hashProvider   = _signatureProviderFactory.GetHashProvider(hmacOptions.HashAlgorithm);
            var signature      = hashProvider.Hash(clearSignature);
            var authHeader     = AuthenticationHeaderValue.Parse(headerSignature);

            if (!signature.Equals(authHeader.Parameter))
            {
                _logger.LogDebug("Signature {signature}", clearSignature);
                return(AuthenticateResult.Fail("Hmac does not match."));
            }

            var identity = new ClaimsIdentity(Scheme.Name); // the name of our auth scheme

            identity.AddClaim(new Claim("HMAC", authHeader.Parameter));

            var authTicket = new AuthenticationTicket(
                new ClaimsPrincipal(identity),
                Scheme.Name);

            return(AuthenticateResult.Success(authTicket));
        }

Esempio n. 2

        /// <inheritdoc />
        protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            var options = _options.Value;

            if (options == null)
            {
                throw new ConfigurationErrorsException("Options not set for HMAC.");
            }

            if (!request.Headers.TryGetValues(Constants.Nonce, out var nonceValue) || !nonceValue.Any())
            {
                throw new ArgumentException($"'{Constants.Nonce}' must not be null or empty.", Constants.Nonce);
            }

            var hashProvider    = _hashProviderFactory.GetHashProvider(options.HashAlgorithm);
            var hmacHeaderClear = _signatureProvider.GetSignature(request.Method.ToString().ToUpper(), request.RequestUri.LocalPath, await request.GetBodyAsync(), nonceValue.First(), options.Secret);

            var hashedHmacHeader = hashProvider.Hash(hmacHeaderClear);

            request.Headers.Authorization = new AuthenticationHeaderValue("hmac", hashedHmacHeader);

            return(await base.SendAsync(request, cancellationToken));
        }