Esempio n. 1
0
 public DigestHeader(DigestHeader copy)
 {
     foreach (var kv in copy._values)
     {
         _values.Add(kv.Key, kv.Value);
     }
 }
 void GivenAClientAuthzHeader(string httpMethod, string username, string password, string realm, string nonce,
                              string uri)
 {
     TheRequestAuthorizationHeader = new DigestHeader
     {
         Username = username,
         Password = password,
         Realm = realm,
         Nonce = nonce,
         Uri = uri,
         QualityOfProtection = "auth",
         ClientNonce = "clientNonce",
         Opaque = "opaque"
     };
     TheRequestAuthorizationHeader.Response = TheRequestAuthorizationHeader.GetCalculatedResponse(httpMethod);
     Context.Request.Headers["Authorization"] = TheRequestAuthorizationHeader.ClientRequestHeader;
 }
Esempio n. 3
0
        public static DigestHeader Parse(string header)
        {
            if (!header.ToUpper().StartsWith("DIGEST"))
            {
                return(null);
            }
            var    credentials = new DigestHeader();
            string arguments   = header.Substring(6);

            string[] keyValues = arguments.Split(',');
            foreach (string kv in keyValues)
            {
                string[] parts = kv.Split(new[] { '=' }, 2);
                string   key   = parts[0].Trim(' ', '\t', '\r', '\n', '\"');
                string   value = parts[1].Trim(' ', '\t', '\r', '\n', '\"');
                credentials._values.Add(key, value);
            }
            return(credentials);
        }
        IResponse RetryWithHttpAuthenticationCredentials(IClientRequest request, IResponse response)
        {
            if (response.Headers["WWW-Authenticate"] != null && response.Headers["WWW-Authenticate"].Contains("Digest"))
            {
                var responseDigest = DigestHeader.Parse(response.Headers["WWW-Authenticate"]);

                var header = new OpenRasta.Security.DigestHeader(responseDigest)
                {
                    Username    = request.Credentials.Username,
                    Password    = request.Credentials.Password,
                    Nonce       = responseDigest.Nonce,
                    ClientNonce = "none",
                    Uri         = request.Uri.GetLeftPart(UriPartial.Path)
                };
                header.Response = header.GetCalculatedResponse(request.HttpMethod);

                request.Headers["Authorization"] = header.ClientRequestHeader;
                return(_host.ProcessRequest(request));
            }
            return(response);
        }
        public PipelineContinuation ReadCredentials(ICommunicationContext context)
        {
            if (!_resolver.HasDependency(typeof(IAuthenticationProvider)))
                return PipelineContinuation.Continue;

            _authentication = _resolver.Resolve<IAuthenticationProvider>();

            DigestHeader authorizeHeader = GetDigestHeader(context);

            if (authorizeHeader == null)
                return PipelineContinuation.Continue;

            string digestUri = GetAbsolutePath(authorizeHeader.Uri);

            if (digestUri != context.Request.Uri.AbsolutePath)
                return ClientError(context);

            Credentials creds = _authentication.GetByUsername(authorizeHeader.Username);

            if (creds == null)
                return NotAuthorized(context);
            var checkHeader = new DigestHeader(authorizeHeader)
            {
                Password = creds.Password,
                Uri = authorizeHeader.Uri
            };
            string hashedDigest = checkHeader.GetCalculatedResponse(context.Request.HttpMethod);

            if (authorizeHeader.Response == hashedDigest)
            {
                IIdentity id = new GenericIdentity(creds.Username, "Digest");
                context.User = new GenericPrincipal(id, creds.Roles);
                return PipelineContinuation.Continue;
            }
            return NotAuthorized(context);
        }
        IResponse RetryWithHttpAuthenticationCredentials(IClientRequest request, IResponse response)
        {
            if (response.Headers["WWW-Authenticate"] != null && response.Headers["WWW-Authenticate"].Contains("Digest"))
            {
                var responseDigest = DigestHeader.Parse(response.Headers["WWW-Authenticate"]);

                var header = new OpenRasta.Security.DigestHeader(responseDigest)
                {
                    Username = request.Credentials.Username,
                    Password = request.Credentials.Password,
                    Nonce = responseDigest.Nonce,
                    ClientNonce = "none",
                    Uri = request.Uri.GetLeftPart(UriPartial.Path)
                };
                header.Response =  header.GetCalculatedResponse(request.HttpMethod);

                request.Headers["Authorization"] = header.ClientRequestHeader;
                return _host.ProcessRequest(request);
            }
            return response;
        }
Esempio n. 7
0
 public DigestHeader(DigestHeader copy)
 {
     foreach (var kv in copy._values)
         _values.Add(kv.Key, kv.Value);
 }
Esempio n. 8
0
        public static DigestHeader Parse(string header)
        {
            if (!header.ToUpper().StartsWith("DIGEST"))
                return null;
            var credentials = new DigestHeader();
            string arguments = header.Substring(6);

            string[] keyValues = arguments.Split(',');
            foreach (string kv in keyValues)
            {
                string[] parts = kv.Split(new[] {'='}, 2);
                string key = parts[0].Trim(' ', '\t', '\r', '\n', '\"');
                string value = parts[1].Trim(' ', '\t', '\r', '\n', '\"');
                credentials._values.Add(key, value);
            }
            return credentials;
        }