public override void ParseAccessPolicyFields(bool isDoubleSigned) { try { this.ValidateAndSetSASVersionToUse(base.QueryParams["sv"]); base.ParseAccessPolicyFields(false); string str = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(base.QueryParams); base.ValidateOptionalField(str, "sk"); if (str != null) { base.KeyName = str.Trim(); Logger <IRestProtocolHeadLogger> .Instance.Verbose.Log("Using secret key with KeyName '{0}' to authenticate SAS request.", new object[] { base.KeyName }); } string item = base.QueryParams["ss"]; base.ValidateMandatoryField(item, "ss"); this.SignedService = AccountSasHelper.ParseSasService(item); string item1 = base.QueryParams["srt"]; base.ValidateMandatoryField(item1, "srt"); this.SignedResourceType = AccountSasHelper.ParseSasResourceType(item1); string str1 = base.QueryParams["sig"]; base.ValidateMandatoryField(str1, "sig"); base.ValidateSignatureFormat(str1); base.Signature = str1; string item2 = base.QueryParams["sp"]; base.ValidateMandatoryField(item2, "sp"); base.SignedPermission = new SASPermission?(AccountSasHelper.ParsePermissionsForAccountSas(item2)); } catch (FormatException formatException) { throw new AuthenticationFailureException("Signature fields not well formed.", formatException); } }
public override void ParseAccessPolicyFields(bool isDoubleSigned) { try { if (isDoubleSigned) { string str = base.ExtractSignedAuthorization(base.RequestContext); base.ValidateMandatoryField(str, "SignedKey"); base.ValidateSignedAuthorizationFormat(str); } else { string item = base.QueryParams["sig"]; base.ValidateMandatoryField(item, "sig"); base.ValidateSignatureFormat(item); base.Signature = item; } string item1 = base.QueryParams["si"]; base.ValidateOptionalField(item1, "si"); base.SignedIdentifier = item1; string str1 = base.QueryParams["sv"]; base.ValidateMandatoryField(str1, "sv"); this.ValidateSASVersion(str1); base.ParseAccessPolicyFields(isDoubleSigned); string item2 = base.QueryParams["sp"]; if (!base.IsRevocableAccess) { base.ValidateMandatoryField(item2, "sp"); SASUtilities.ValidatePermissionOrdering(item2, SASPermission.Queue); base.SignedPermission = new SASPermission?(SASUtilities.ParseSASPermission(item2)); } else { base.ValidateOptionalField(item2, "sp"); if (item2 != null) { SASUtilities.ValidatePermissionOrdering(item2, SASPermission.Queue); base.SignedPermission = new SASPermission?(SASUtilities.ParseSASPermission(item2)); } } string str2 = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(base.QueryParams); base.ValidateOptionalField(str2, "sk"); if (str2 != null) { base.KeyName = str2.Trim(); Logger <IRestProtocolHeadLogger> .Instance.Verbose.Log("Using secret key with KeyName '{0}' to authenticate SAS request.", new object[] { base.KeyName }); } } catch (FormatException formatException) { throw new AuthenticationFailureException("Signature fields not well formed.", formatException); } }
public static AuthDataEntry SignedKeyAuthenticate(string stringToSign, string requestSignature, AuthenticationInformation authInfo) { AuthDataEntry authDataEntry; NephosAssertionException.Assert(!string.IsNullOrEmpty(stringToSign)); NephosAssertionException.Assert(!string.IsNullOrEmpty(requestSignature)); NephosAssertionException.Assert(authInfo != null); RequestContext requestContext = authInfo.RequestContext; NephosUriComponents uriComponents = authInfo.UriComponents; NameValueCollection queryParameters = requestContext.QueryParameters; string item = queryParameters["st"]; string str = queryParameters["se"]; string item1 = queryParameters["sp"]; string str1 = queryParameters["si"]; string item2 = queryParameters["sip"]; string str2 = queryParameters["spr"]; string item3 = queryParameters["sv"]; string str3 = queryParameters["tn"]; string item4 = queryParameters["spk"]; string str4 = queryParameters["srk"]; string item5 = queryParameters["epk"]; string str5 = queryParameters["erk"]; string item6 = queryParameters["sep"]; byte[] sign = TableSignedAccessHelper.ComputeUrlDecodedUtf8EncodedStringToSign(item, str, item1, str1, item2, str2, item3, str3, item4, str4, item5, str5, item6, uriComponents); authInfo.AuthKeyName = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(queryParameters); using (IEnumerator <AuthDataEntry> enumerator = SharedKeyAuthInfoHelper.GetSharedKeys(authInfo).GetEnumerator()) { while (enumerator.MoveNext()) { AuthDataEntry current = enumerator.Current; byte[] numArray = SASUtilities.ComputeSignedKey(sign, current.AuthValue); if (!SASUtilities.ComputeSignatureAndCompare((new UTF8Encoding()).GetBytes(stringToSign), numArray, requestSignature)) { continue; } authDataEntry = current; return(authDataEntry); } CultureInfo invariantCulture = CultureInfo.InvariantCulture; object[] objArray = new object[] { requestSignature, stringToSign }; throw new AuthenticationFailureException(string.Format(invariantCulture, "The MAC signature found in the HTTP request '{0}' is not the same as any computed signature. Server used following string to sign: '{1}'.", objArray)); } return(authDataEntry); }
public override void ParseAccessPolicyFields(bool isDoubleSigned) { try { if (isDoubleSigned) { string str = base.ExtractSignedAuthorization(base.RequestContext); base.ValidateMandatoryField(str, "SignedKey"); base.ValidateSignedAuthorizationFormat(str); } else { string item = base.QueryParams["sig"]; base.ValidateMandatoryField(item, "sig"); base.ValidateSignatureFormat(item); base.Signature = item; } string item1 = base.QueryParams["si"]; base.ValidateOptionalField(item1, "si"); base.SignedIdentifier = item1; string str1 = base.QueryParams["tn"]; base.ValidateMandatoryField(str1, "tn"); this.TableName = str1.ToLower(); string item2 = base.QueryParams["spk"]; this.StartingPartitionKey = item2; string str2 = base.QueryParams["srk"]; if (item2 == null && str2 != null) { throw new AuthenticationFailureException(string.Format("{0} is required when {1} is provided.", "srk", "spk")); } this.StartingRowKey = str2; string item3 = base.QueryParams["epk"]; this.EndingPartitionKey = item3; string str3 = base.QueryParams["erk"]; if (item3 == null && str3 != null) { throw new AuthenticationFailureException(string.Format("{0} is required when {1} is provided.", "erk", "epk")); } this.EndingRowKey = str3; string item4 = base.QueryParams["sv"]; base.ValidateMandatoryField(item4, "sv"); this.ValidateSASVersion(item4); base.ParseAccessPolicyFields(isDoubleSigned); string str4 = base.QueryParams["sp"]; if (!base.IsRevocableAccess) { base.ValidateMandatoryField(str4, "sp"); SASUtilities.ValidatePermissionOrdering(str4, SASPermission.Table); base.SignedPermission = new SASPermission?(SASUtilities.ParseSASPermission(str4)); } else { base.ValidateOptionalField(str4, "sp"); if (str4 != null) { SASUtilities.ValidatePermissionOrdering(str4, SASPermission.Table); base.SignedPermission = new SASPermission?(SASUtilities.ParseSASPermission(str4)); } } string str5 = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(base.QueryParams); base.ValidateOptionalField(str5, "sk"); if (str5 != null) { base.KeyName = str5.Trim(); Logger <IRestProtocolHeadLogger> .Instance.Verbose.Log("Using secret key with KeyName '{0}' to authenticate SAS request.", new object[] { base.KeyName }); } } catch (FormatException formatException) { throw new AuthenticationFailureException("Signature fields not well formed.", formatException); } }
public static string GetStringToSignForStandardSignedKeyAuth(RequestContext requestContext, NephosUriComponents uriComponents, SupportedAuthScheme requestAuthScheme, bool isFileService = false) { return(AuthenticationManagerHelper.GetStringToSignForStandardSharedKeyAuth(requestContext, uriComponents, SupportedAuthScheme.SharedKey, isFileService)); }