public HmacAuthenticationOptions(ISigningAlgorithm algorithm, IAppSecretRepository appSecretRepository, string signInAsAuthenticationType = Schemas.HMAC) : base(Schemas.HMAC) { Algorithm = algorithm; AppSecretRepository = appSecretRepository; SignInAsAuthenticationType = signInAsAuthenticationType; }
public TokenService( IAppSecretRepository appSecretRepository, UserManager <ApplicationUser> userManager, IdentityServerTools tools, IOrganisationService organisationService) { this.appSecretRepository = appSecretRepository; this.userManager = userManager; this.tools = tools; this.organisationService = organisationService; }
public HmacAuthenticationService( IAppSecretRepository appSecretProvider, ISigningAlgorithm algorithm, IHmacRequestDateValidator dateValidator, IHmacSignatureContentResolver signatureContentResolver) { this.appSecretProvider = appSecretProvider; this.algorithm = algorithm; this.dateValidator = dateValidator; this.signatureContentResolver = signatureContentResolver; }
public HmacServerHandler( IAppSecretRepository appSecretRepository, ISigningAlgorithm signingAlgorithm, bool mixedAuthMode = false, TimeSpan?tolerance = null, ITime time = null) { this.appSecretRepository = appSecretRepository; this.signingAlgorithm = signingAlgorithm; this.mixedAuthMode = mixedAuthMode; this.tolerance = tolerance ?? Constants.DefaultTolerance; this.time = time ?? SystemTime.Instance; }
public HMACMiddleware( OwinMiddleware next, IAppSecretRepository appSecretRepository, ISigningAlgorithm signingAlgorithm, TimeSpan?tolerance = null, ITime time = null) : base(next) { this.appSecretRepository = appSecretRepository; this.signingAlgorithm = signingAlgorithm; this.tolerance = tolerance ?? Constants.DefaultTolerance; this.time = time ?? SystemTime.Instance; }
public HMACServerHandler( HttpMessageHandler innerHandler, IAppSecretRepository appSecretRepository, ISigningAlgorithm signingAlgorithm, TimeSpan?tolerance = null, ITime time = null) : base(innerHandler) { this.appSecretRepository = appSecretRepository; this.signingAlgorithm = signingAlgorithm; this.tolerance = tolerance ?? Constants.DefaultTolerance; this.time = time ?? SystemTime.Instance; }
internal static bool Validate(IOwinRequest req, ISigningAlgorithm algorithm, IAppSecretRepository appSecretRepository, ITime time, TimeSpan tolerance) { var h = req.Headers; var appId = GetAppId(req); var nonce = GetNonce(req); var auth = h.Get(Headers.Authorization)?.Split(' '); var authSchema = auth?.Length == 2 ? auth[0] : null; var authValue = auth?.Length == 2 ? auth[1] : null; DateTimeOffset date = DateTimeOffset.TryParse(h.Get(Headers.Date), out date) ? date : DateTimeOffset.MinValue; if (appId != null && authSchema == Schemas.HMAC && authValue != null && time.UtcNow - date <= tolerance) { var contentMd5 = h.Get(Headers.ContentMD5); var builder = new CannonicalRepresentationBuilder(); var content = builder.BuildRepresentation( nonce, appId, req.Method, req.ContentType, req.Accept, contentMd5 == null ? null : Convert.FromBase64String(contentMd5), date, req.Uri); SecureString secret; if (content != null && (secret = appSecretRepository.GetSecret(appId)) != null) { var signature = algorithm.Sign(secret, content); if (authValue == signature) { return(true); } } } return(false); }
public HmacOptions(IAppSecretRepository appSecretRepository) { AppSecretRepository = appSecretRepository; }
public HMACMiddlewareSettings(IAppSecretRepository appSecretRepository, ISigningAlgorithm signingAlgorithm) { AppSecretRepository = appSecretRepository; SigningAlgorithm = signingAlgorithm; }
public HmacMiddlewareOptions(IAppSecretRepository appSecretRepository, ISigningAlgorithm algorithm) { AppSecretRepository = appSecretRepository; Algorithm = algorithm; }