Esempio n. 1
0
        public bool IsValidSignature(string accessKey, string signature, DateTime date, string path)
        {
            var message          = Secret.BuildMessage(date, path);
            var computeSignature = Hmacsha1.ComputeSignature(Secret.GetSecretKey(accessKey), message);

            return(signature.Equals(computeSignature));
        }
Esempio n. 2
0
        public void SignAndCompareWithSameData()
        {
            var ressource  = "/test";
            var secretKey  = Secret.GetSecretKey(Secret.AccessKeyId);
            var date       = DateTime.UtcNow;
            var message    = Secret.BuildMessage(date, ressource);
            var signature  = Hmacsha1.ComputeSignature(secretKey, message);
            var signature2 = Hmacsha1.ComputeSignature(secretKey, message);

            Assert.True(signature == signature2);
        }
Esempio n. 3
0
        public void SignAndCompareWithDifferentDate()
        {
            var ressource     = "/test";
            var secretKey     = Secret.GetSecretKey(Secret.AccessKeyId);
            var firsDate      = DateTime.UtcNow;
            var secondDate    = firsDate.AddSeconds(1);
            var firstMessage  = Secret.BuildMessage(firsDate, ressource);
            var secondMessage = Secret.BuildMessage(secondDate, ressource);
            var signature     = Hmacsha1.ComputeSignature(secretKey, firstMessage);
            var signature2    = Hmacsha1.ComputeSignature(secretKey, secondMessage);

            Assert.True(signature != signature2);
        }
        public bool Authenticate(string email)
        {
            var query = $"{AuthenticateUri}/{WebUtility.UrlEncode(email)}";

            using (var client = new HttpClient {
                BaseAddress = new Uri(BaseAddress)
            })
            {
                var date      = DateTime.UtcNow;
                var message   = Secret.BuildMessage(date, AuthenticateUri);
                var signature = Hmacsha1.ComputeSignature(Secret.GetSecretKey(Secret.AccessKeyId), message);
                client.AddHeader(Secret.AccessKeyId, signature, date);
                var response = client.GetAsync(query).Result;
                return(WebHelper.Deserialize <bool>(response));
            }
        }
        public async Task Invoke(HttpContext context)
        {
            var    typed  = context.Request.GetTypedHeaders();
            string value  = context.Request.Headers["Authorization"];
            var    values = value.Split(":");

            var date = typed.Date.Value.UtcDateTime;

            var keyId     = values[0].Replace("Authorization ", "");
            var signature = values[1];

            var message          = Secret.BuildMessage(date, AuthenticateUri);
            var computeSignature = Hmacsha1.ComputeSignature(Secret.GetSecretKey(keyId), message);

            var result = signature.Equals(computeSignature);

            if (!result)
            {
                context.Abort();
            }
            await _next?.Invoke(context);
        }