private Task ConnectAsync(IChannelHandlerContext context)
        {
            string registrationId = _message.Security.GetRegistrationID();
            string userAgent      = _message.ProductInfo;

            bool   hasPassword = false;
            string password    = null;

            if (_message.Security is SecurityProviderSymmetricKey)
            {
                hasPassword = true;
                string key = ((SecurityProviderSymmetricKey)_message.Security).GetPrimaryKey();
                password = ProvisioningSasBuilder.BuildSasSignature(Registration, key, string.Concat(_message.IdScope, '/', "registrations", '/', registrationId), TimeSpan.FromDays(1));
            }

            var message = new ConnectPacket()
            {
                CleanSession = true,
                ClientId     = registrationId,
                HasWill      = false,
                HasUsername  = true,
                Username     = string.Format(
                    CultureInfo.InvariantCulture,
                    UsernameFormat,
                    _message.IdScope,
                    registrationId,
                    ClientApiVersionHelper.ApiVersion,
                    Uri.EscapeDataString(userAgent)),
                HasPassword = hasPassword,
                Password    = hasPassword ? password : null
            };

            return(context.WriteAndFlushAsync(message));
        }
        public override Task ProcessHttpRequestAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
            string audience = request.RequestUri.AbsolutePath.Trim('/');
            var    segments = audience.Split('/');

            _sasToken = ProvisioningSasBuilder.BuildSasSignature(Registration, this.SymmetricKey, string.Concat(segments[0], '/', segments[1], '/', segments[2]), TimeSpan.FromDays(1));
            SetAuthorizationHeader(request, _sasToken);

            return(base.ProcessHttpRequestAsync(request, cancellationToken));
        }
Esempio n. 3
0
        protected override async Task <HttpResponseMessage> SendAsync(
            HttpRequestMessage request,
            CancellationToken cancellationToken)
        {
            if (Logging.IsEnabled)
            {
                Logging.Enter(this, $"{request.RequestUri}", nameof(SendAsync));
            }

            HttpResponseMessage response = await base.SendAsync(request, cancellationToken).ConfigureAwait(false);

            if (response.StatusCode == HttpStatusCode.Unauthorized)
            {
#if NET5_0_OR_GREATER
                if (request.Options.TryGetValue(new HttpRequestOptionsKey <object>(ProvisioningHeaderName), out object result))
#else
                if (request.Properties.TryGetValue(ProvisioningHeaderName, out object result))
#endif
                {
                    if (result is Action <string> setSasToken)
                    {
                        string target          = GetTarget(request.RequestUri.LocalPath);
                        string responseContent = await response.Content.ReadHttpContentAsStringAsync(cancellationToken).ConfigureAwait(false);

                        TpmChallenge challenge = JsonConvert.DeserializeObject <TpmChallenge>(responseContent);

                        string sasToken = ProvisioningSasBuilder.ExtractServiceAuthKey(
                            _securityProvider,
                            target,
                            Convert.FromBase64String(challenge.AuthenticationKey));

                        setSasToken(sasToken);

                        if (Logging.IsEnabled)
                        {
                            Logging.Info(this, $"Authorization challenge. Retrying with Token:{sasToken}");
                        }

                        response = await base.SendAsync(request, cancellationToken).ConfigureAwait(false);
                    }
                }
            }

            if (Logging.IsEnabled)
            {
                Logging.Exit(this, $"{request.RequestUri}", nameof(SendAsync));
            }

            return(response);
        }
        private void SendLastResponse()
        {
            string sas = ProvisioningSasBuilder.ExtractServiceAuthKey(
                _security,
                _hostName,
                _nonceBuffer);

            byte[] responseBuffer = new byte[sas.Length + 1];
            responseBuffer[0] = 0x0;
            Buffer.BlockCopy(Encoding.UTF8.GetBytes(sas), 0, responseBuffer, 1, sas.Length);

            var response = new SaslResponse {
                Response = new ArraySegment <byte>(responseBuffer)
            };

            Negotiator.WriteFrame(response, true);
        }
Esempio n. 5
0
        public override AmqpSettings CreateAmqpSettings(string idScope)
        {
            var settings = new AmqpSettings();

            var saslProvider = new SaslTransportProvider();

            saslProvider.Versions.Add(AmqpConstants.DefaultProtocolVersion);
            settings.TransportProviders.Add(saslProvider);

            SaslPlainHandler saslHandler = new SaslPlainHandler();

            saslHandler.AuthenticationIdentity = $"{idScope}/registrations/{_security.GetRegistrationID()}";
            string key = _security.GetPrimaryKey();

            saslHandler.Password = ProvisioningSasBuilder.BuildSasSignature("registration", key, saslHandler.AuthenticationIdentity, TimeSpan.FromDays(1));
            saslProvider.AddHandler(saslHandler);

            return(settings);
        }