private static void ValidateRequest(HttpRequestBase request)
{
string method = request.HttpMethod.ToUpper();
string url = request.Url.AbsoluteUri;
if (!string.IsNullOrEmpty(request.Url.Query))
{
url = url.Replace(request.Url.Query, string.Empty);
}
Dictionary<string, string> parameters = new Dictionary<string, string>();
foreach (string k in request.Form.AllKeys)
{
parameters.Add(k, request.Form.Get(k));
}
foreach (string k in request.QueryString.AllKeys)
{
parameters.Add(k, request.QueryString.Get(k));
}
var tempParameters = from p in parameters where (p.Key != AuthSecretKey) && (p.Key != AuthFormat) orderby p.Key select p;
Dictionary<string, string> lastParameters = tempParameters.ToDictionary<KeyValuePair<string, string>, string, string>(p => p.Key, p => p.Value);
string secretKey = request.GetParameter(AuthSecretKey);
if (string.IsNullOrEmpty(secretKey))
{
throw new APIAuthorizeException("SecretKey is not found");
}
string correctSecretKey = PublicFunctions.URLEncode(url);
foreach (string parameter in lastParameters.Keys)
{
correctSecretKey = correctSecretKey + parameters[parameter];
}
if (secretKey != correctSecretKey)
{
throw new APIAuthorizeException("SecretKey is invalid");
}
}
