コード例 #1
0
        public async Task ItShouldNotAllowSameNonceTwiceIfConfigured()
        {
            var client = new System.Net.Http.HttpClient();
            var signatureBodySourceBuilder = new SignatureBodySourceBuilder();
            var signatureBodySigner        = new HashAlgorithmSignatureBodySigner();
            var request   = new HttpRequestMessage(HttpMethod.Get, new Uri(_fixture.ServerUri, ApiController.GetSignatureValidationResultGetUri));
            var nonce     = Guid.NewGuid().ToString();
            var timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();

            var signatureBodySourceParameters = new SignatureBodySourceParameters(
                request.Method.ToString(),
                request.RequestUri,
                new Dictionary <string, string>(),
                nonce,
                timestamp,
                StartupWithMiddleware.DefaultClientId,
                DefaultConstants.SignatureBodySourceComponents);
            var signatureBodySource = await signatureBodySourceBuilder.Build(signatureBodySourceParameters);

            var signatureBody = await signatureBodySigner.Sign(new SignatureBodyParameters(signatureBodySource, StartupWithMiddleware.DefaultClientSecret));

            var signature = $"{StartupWithMiddleware.DefaultClientId}:{nonce}:{timestamp}:{signatureBody}";

            request.Headers.TryAddWithoutValidation(DefaultConstants.HeaderName, signature);

            var response = await client.SendAsync(request);

            var result = await response.Content.ReadAsAsync <SignatureValidationResult>();

            result.Status.Should().Be(SignatureValidationResultStatus.OK);
            result.ClientId.Should().Be(StartupWithMiddleware.DefaultClientId);

            timestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();

            request = new HttpRequestMessage(HttpMethod.Get, new Uri(_fixture.ServerUri, ApiController.GetSignatureValidationResultGetUri));
            signatureBodySourceParameters = new SignatureBodySourceParameters(
                request.Method.ToString(),
                request.RequestUri,
                new Dictionary <string, string>(),
                nonce,
                timestamp,
                StartupWithMiddleware.DefaultClientId,
                DefaultConstants.SignatureBodySourceComponents);

            signatureBodySource = await signatureBodySourceBuilder.Build(signatureBodySourceParameters);

            signatureBody = await signatureBodySigner.Sign(new SignatureBodyParameters(signatureBodySource, StartupWithMiddleware.DefaultClientSecret));

            signature = $"{StartupWithMiddleware.DefaultClientId}:{nonce}:{timestamp}:{signatureBody}";
            request.Headers.TryAddWithoutValidation(DefaultConstants.HeaderName, signature);

            response = await client.SendAsync(request);

            result = await response.Content.ReadAsAsync <SignatureValidationResult>();

            result.Status.Should().Be(SignatureValidationResultStatus.NonceHasBeenUsedBefore);
        }
コード例 #2
0
        public async Task ItShouldSign()
        {
            var parameters = new SignatureBodyParameters(Array.Empty <byte>(), "clientSecret");
            var signer     = new HashAlgorithmSignatureBodySigner();

            var result = await signer.Sign(parameters);

            result.Should().NotBeEmpty();

            var bytes = Convert.FromBase64String(result);

            bytes.Should().HaveCount(32);
        }