public async Task <RequestSignatureVerificationResult> VerifySignature(IOwinRequest request, SignedHttpRequestAuthenticationOptions options) { if (request == null) { throw new ArgumentNullException(nameof(request)); } Client client = null; Signature signature = null; try { signature = _signatureParser.Parse(request); client = await _clientStore.Get(signature.KeyId); var requestForSigning = request.ToHttpRequestForSigning(); var verificationFailure = await _signatureVerifier.VerifySignature(requestForSigning, signature, client); var verificationResultCreator = _verificationResultCreatorFactory.Create(client, signature); var result = verificationFailure == null ? verificationResultCreator.CreateForSuccess() : verificationResultCreator.CreateForFailure(verificationFailure); if (result is RequestSignatureVerificationResultSuccess success) { _logger?.LogDebug($"Request signature verification succeeded for principal {success.Principal?.Identity?.Name ?? "[null]"}."); } else if (result is RequestSignatureVerificationResultFailure failure) { _logger?.LogWarning("Request signature verification failed ({0}): {1}", failure.Failure.Code, failure.Failure.Message); } return(result); } catch (InvalidClientException ex) { var failure = SignatureVerificationFailure.InvalidClient(ex.Message, ex); _logger?.LogWarning("Request signature verification failed ({0}): {1}", failure.Code, failure.Message); return(new RequestSignatureVerificationResultFailure(client, signature, failure)); } catch (InvalidSignatureException ex) { var failure = SignatureVerificationFailure.InvalidSignature(ex.Message, ex); _logger?.LogWarning("Request signature verification failed ({0}): {1}", failure.Code, failure.Message); return(new RequestSignatureVerificationResultFailure(client, signature, failure)); } }
public async Task <RequestSignatureVerificationResult> VerifySignature(IOwinRequest request, SignedHttpRequestAuthenticationOptions options) { if (request == null) { throw new ArgumentNullException(nameof(request)); } if (options == null) { throw new ArgumentNullException(nameof(options)); } Client client = null; Signature signature = null; try { signature = _signatureParser.Parse(request, options); var eventTask = options.OnSignatureParsed; if (eventTask != null) { await eventTask.Invoke(request, signature).ConfigureAwait(false); } try { signature.Validate(); } catch (ValidationException ex) { throw new InvalidSignatureException( "The signature is invalid. See inner exception.", ex); } client = await _clientStore.Get(signature.KeyId).ConfigureAwait(false); if (client == null) { var failure = SignatureVerificationFailure.InvalidClient($"No {nameof(Client)}s with id '{signature.KeyId}' are registered in the server store."); _logger?.LogWarning("Request signature verification failed ({0}): {1}", failure.Code, failure.Message); return(new RequestSignatureVerificationResultFailure(client, signature, failure)); } var requestForSigning = request.ToHttpRequestForSigning(); var verificationFailure = await _signatureVerifier.VerifySignature(requestForSigning, signature, client).ConfigureAwait(false); var verificationResultCreator = _verificationResultCreatorFactory.Create(client, signature); var result = verificationFailure == null ? verificationResultCreator.CreateForSuccess() : verificationResultCreator.CreateForFailure(verificationFailure); if (result is RequestSignatureVerificationResultSuccess success) { _logger?.LogDebug($"Request signature verification succeeded for principal {success.Principal?.Identity?.Name ?? "[null]"}."); } else if (result is RequestSignatureVerificationResultFailure failure) { _logger?.LogWarning("Request signature verification failed ({0}): {1}", failure.Failure.Code, failure.Failure.Message); } return(result); } catch (InvalidSignatureException ex) { var failure = SignatureVerificationFailure.InvalidSignature(ex.Message, ex); _logger?.LogWarning("Request signature verification failed ({0}): {1}", failure.Code, failure.Message); return(new RequestSignatureVerificationResultFailure(client, signature, failure)); } }
public void CopiesMethod(string method) { _owinRequest.Method = method; var actual = _owinRequest.ToHttpRequestForSigning(); actual.Method.Should().Be(new HttpMethod(method)); }