private SIPRequest GetAuthenticatedRegistrationRequest(SIPRequest registerRequest, SIPResponse sipResponse)
{
try
{
SIPAuthorisationDigest authRequest = sipResponse.Header.AuthenticationHeader.SIPDigest;
string username = (m_authUsername != null) ? m_authUsername : m_sipAccountAOR.User;
authRequest.SetCredentials(username, m_password, registerRequest.URI.ToString(), SIPMethodsEnum.REGISTER.ToString());
SIPRequest regRequest = registerRequest.Copy();
regRequest.LocalSIPEndPoint = registerRequest.LocalSIPEndPoint;
regRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId();
regRequest.Header.From.FromTag = CallProperties.CreateNewTag();
regRequest.Header.To.ToTag = null;
regRequest.Header.CSeq = ++m_cseq;
regRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(authRequest);
regRequest.Header.AuthenticationHeader.SIPDigest.Response = authRequest.Digest;
return(regRequest);
}
catch (Exception excp)
{
logger.LogError("Exception GetAuthenticatedRegistrationRequest. " + excp.Message);
throw excp;
}
}
private SIPRequest GetAuthenticatedRegistrationRequest(SIPRequest registerRequest, SIPResponse sipResponse)
{
SIPAuthorisationDigest authRequest = sipResponse.Header.AuthenticationHeader.SIPDigest;
string username = (m_authUsername != null) ? m_authUsername : m_sipAccountAOR.User;
authRequest.SetCredentials(username, m_password, registerRequest.URI.ToString(), SIPMethodsEnum.REGISTER.ToString());
if (!this.m_realm.IsNullOrBlank())
{
authRequest.Realm = this.m_realm;
}
SIPRequest regRequest = registerRequest.Copy();
regRequest.SetSendFromHints(registerRequest.LocalSIPEndPoint);
regRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId();
regRequest.Header.From.FromTag = CallProperties.CreateNewTag();
regRequest.Header.To.ToTag = null;
regRequest.Header.CSeq = ++m_cseq;
regRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(authRequest);
regRequest.Header.AuthenticationHeader.SIPDigest.Response = authRequest.Digest;
return(regRequest);
}
private SIPRequest GetAuthenticatedRequest(SIPRequest originalRequest, SIPResponse sipResponse)
{
try
{
SIPAuthorisationDigest digest = sipResponse.Header.AuthenticationHeader.SIPDigest;
m_lastServerNonce = digest.Nonce;
string username = (m_callDescriptor.AuthUsername != null) ? m_callDescriptor.AuthUsername : m_callDescriptor.Username;
digest.SetCredentials(username, m_callDescriptor.Password, originalRequest.URI.ToString(), originalRequest.Method.ToString());
SIPRequest authRequest = originalRequest.Copy();
authRequest.SetSendFromHints(originalRequest.LocalSIPEndPoint);
authRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId();
authRequest.Header.From.FromTag = CallProperties.CreateNewTag();
authRequest.Header.To.ToTag = null;
authRequest.Header.CallId = CallProperties.CreateNewCallId();
authRequest.Header.CSeq = originalRequest.Header.CSeq + 1;
authRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(digest);
authRequest.Header.AuthenticationHeader.SIPDigest.Response = digest.Digest;
return(authRequest);
}
catch (Exception excp)
{
logger.LogError("Exception SIPNonInviteClientUserAgent GetAuthenticatedRequest. " + excp.Message);
throw;
}
}
private Task <SocketError> ByeServerFinalResponseReceived(SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPTransaction sipTransaction, SIPResponse sipResponse)
{
try
{
logger.LogDebug("Response " + sipResponse.StatusCode + " " + sipResponse.ReasonPhrase + " for " + sipTransaction.TransactionRequest.URI.ToString() + ".");
SIPNonInviteTransaction byeTransaction = sipTransaction as SIPNonInviteTransaction;
if ((sipResponse.Status == SIPResponseStatusCodesEnum.ProxyAuthenticationRequired || sipResponse.Status == SIPResponseStatusCodesEnum.Unauthorised) && SIPAccount != null)
{
// Resend BYE with credentials.
SIPAuthorisationDigest authRequest = sipResponse.Header.AuthenticationHeader.SIPDigest;
SIPURI contactUri = sipResponse.Header.Contact.Any() ? sipResponse.Header.Contact[0].ContactURI : sipResponse.Header.From.FromURI;
authRequest.SetCredentials(SIPAccount.SIPUsername, SIPAccount.SIPPassword, contactUri.ToString(), SIPMethodsEnum.BYE.ToString());
SIPRequest authByeRequest = byeTransaction.TransactionRequest;
authByeRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(authRequest);
authByeRequest.Header.AuthenticationHeader.SIPDigest.Response = authRequest.Digest;
authByeRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId();
authByeRequest.Header.CSeq = authByeRequest.Header.CSeq + 1;
SIPNonInviteTransaction authByeTransaction = new SIPNonInviteTransaction(m_sipTransport, authByeRequest, null);
authByeTransaction.SendRequest();
}
return(Task.FromResult(SocketError.Success));
}
catch (Exception excp)
{
logger.LogError("Exception ByServerFinalResponseReceived. " + excp.Message);
return(Task.FromResult(SocketError.Fault));
}
}
private void ByeServerFinalResponseReceived(SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPTransaction sipTransaction, SIPResponse sipResponse)
{
try
{
Log_External(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.UserAgentServer, SIPMonitorEventTypesEnum.DialPlan, "Response " + sipResponse.StatusCode + " " + sipResponse.ReasonPhrase + " for " + sipTransaction.TransactionRequest.URI.ToString() + ".", Owner));
SIPNonInviteTransaction byeTransaction = sipTransaction as SIPNonInviteTransaction;
byeTransaction.NonInviteTransactionFinalResponseReceived -= ByeServerFinalResponseReceived;
if ((sipResponse.Status == SIPResponseStatusCodesEnum.ProxyAuthenticationRequired || sipResponse.Status == SIPResponseStatusCodesEnum.Unauthorised) && SIPAccount != null)
{
// Resend BYE with credentials.
SIPAuthorisationDigest authRequest = sipResponse.Header.AuthenticationHeader.SIPDigest;
SIPURI contactUri = sipResponse.Header.Contact.Any() ? sipResponse.Header.Contact[0].ContactURI : sipResponse.Header.From.FromURI;
authRequest.SetCredentials(SIPAccount.SIPUsername, SIPAccount.SIPPassword, contactUri.ToString(), SIPMethodsEnum.BYE.ToString());
SIPRequest authByeRequest = byeTransaction.TransactionRequest;
authByeRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(authRequest);
authByeRequest.Header.AuthenticationHeader.SIPDigest.Response = authRequest.Digest;
authByeRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId();
authByeRequest.Header.CSeq = authByeRequest.Header.CSeq + 1;
SIPNonInviteTransaction bTransaction = m_sipTransport.CreateNonInviteTransaction(authByeRequest, null, localSIPEndPoint, null);
bTransaction.SendReliableRequest();
}
}
catch (Exception excp)
{
Log_External(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.UserAgentClient, SIPMonitorEventTypesEnum.Error, "Exception ByServerFinalResponseReceived. " + excp.Message, Owner));
}
}
/// <summary>
/// Cancels an in progress call. This method should be called prior to the remote user agent server answering the call.
/// </summary>
public void Cancel()
{
try
{
m_callCancelled = true;
// Cancel server call.
if (m_serverTransaction == null)
{
logger.LogDebug("Cancelling forwarded call leg " + m_sipCallDescriptor.Uri + ", server transaction has not been created yet no CANCEL request required.");
}
else if (m_cancelTransaction != null)
{
if (m_cancelTransaction.TransactionState != SIPTransactionStatesEnum.Completed)
{
logger.LogDebug("Call " + m_serverTransaction.TransactionRequest.URI.ToString() + " has already been cancelled once, trying again.");
m_cancelTransaction.SendRequest();
}
else
{
logger.LogDebug("Call " + m_serverTransaction.TransactionRequest.URI.ToString() + " has already responded to CANCEL, probably overlap in messages not re-sending.");
}
}
else //if (m_serverTransaction.TransactionState == SIPTransactionStatesEnum.Proceeding || m_serverTransaction.TransactionState == SIPTransactionStatesEnum.Trying)
{
logger.LogDebug("Cancelling forwarded call leg, sending CANCEL to " + m_serverTransaction.TransactionRequest.URI.ToString() + ".");
// No response has been received from the server so no CANCEL request necessary, stop any retransmits of the INVITE.
m_serverTransaction.CancelCall();
SIPRequest cancelRequest = GetCancelRequest(m_serverTransaction.TransactionRequest);
// If auth header is included inside INVITE request, we re-include them inside CANCEL request
if (m_serverTransaction.TransactionRequest.Header.HasAuthenticationHeader)
{
string username = (m_sipCallDescriptor.AuthUsername == null || m_sipCallDescriptor.AuthUsername.Trim().Length <= 0 ? m_sipCallDescriptor.Username : m_sipCallDescriptor.AuthUsername);
SIPAuthorisationDigest authDigest = m_serverTransaction.TransactionRequest.Header.AuthenticationHeaders.First().SIPDigest;
authDigest.SetCredentials(username, m_sipCallDescriptor.Password, m_sipCallDescriptor.Uri, SIPMethodsEnum.CANCEL.ToString());
var authHeader = new SIPAuthenticationHeader(authDigest);
authHeader.SIPDigest.IncrementNonceCount();
authHeader.SIPDigest.Response = authDigest.GetDigest();
cancelRequest.Header.AuthenticationHeaders.Clear();
cancelRequest.Header.AuthenticationHeaders.Add(authHeader);
}
m_cancelTransaction = new SIPNonInviteTransaction(m_sipTransport, cancelRequest, m_outboundProxy);
m_cancelTransaction.SendRequest();
}
CallFailed?.Invoke(this, "Call cancelled by user.", null);
}
catch (Exception excp)
{
logger.LogError("Exception CancelServerCall. " + excp.Message);
}
}
public void ParseWWWAuthenticateDigestTest()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"Digest realm=""aol.com"",nonce=""48e7541d4339e27ee7b520a4bf8a8e3c4fffcb90"",qop=""auth"",opaque=""004533235332435434ffac663e"",algorithm=MD5");
Assert.IsTrue(authRequest.Realm == "aol.com", "The authorisation realm was not parsed correctly.");
Assert.IsTrue(authRequest.Nonce == "48e7541d4339e27ee7b520a4bf8a8e3c4fffcb90", "The authorisation nonce was not parsed correctly.");
Assert.IsTrue(authRequest.Qop == "auth", "The authorisation qop was not parsed correctly.");
Assert.IsTrue(authRequest.Opaque == "004533235332435434ffac663e", "The authorisation opaque was not parsed correctly.");
Console.WriteLine("-----------------------------------------");
}
public void KnownRegisterDigestTest()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaron", "password", "sip:blueface", "1c8192c9", "REGISTER");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue("08881d1d56c0b21f11d19f4067da7045" == digest, "Digest was incorrect.");
Console.WriteLine("-----------------------------------------");
}
public void KnownDigestTest2()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaronxten2", "password", "sip:[email protected]", "4a4ad124", "INVITE");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue(true, "True was false.");
Console.WriteLine("-----------------------------------------");
}
public void KnownDigestTestObscureChars2()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "sip.blueface.ie", "aaronxten", "_*!$%^()\"", "sip:sip.blueface.ie", "1263192143", "REGISTER");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue(digest == "54b08b70ed1976068b9e18d38ea59849", "The digest was incorrect.");
Console.WriteLine("-----------------------------------------");
}
public void KnownDigestTestObscureChars()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "sip.blueface.ie", "aaronnetgear", "!\"$%^&*()_-+=}[{]~#@':;?><,.", "sip:sip.blueface.ie:5060", "1430352056", "REGISTER");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue(digest == "500fd998b609a0f24b45edfe190f2a17", "The digest was incorrect.");
Console.WriteLine("-----------------------------------------");
}
public void KnownDigestTestObscureChars()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "sip.blueface.ie", "aaronnetgear", "!\"$%^&*()_-+=}[{]~#@':;?><,.", "sip:sip.blueface.ie:5060", "1430352056", "REGISTER");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue(digest == "500fd998b609a0f24b45edfe190f2a17", "The digest was incorrect.");
Console.WriteLine("-----------------------------------------");
}
public void KnownDigestTestObscureChars2()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "sip.blueface.ie", "aaronxten", "_*!$%^()\"", "sip:sip.blueface.ie", "1263192143", "REGISTER");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue(digest == "54b08b70ed1976068b9e18d38ea59849", "The digest was incorrect.");
Console.WriteLine("-----------------------------------------");
}
public void KnownDigestTest2()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaronxten2", "password", "sip:[email protected]", "4a4ad124", "INVITE");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue(true, "True was false.");
Console.WriteLine("-----------------------------------------");
}
public void KnownRegisterDigestTest2()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaron", "password", "sip:blueface", "1c3c7a97", "REGISTER");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue("1ef20beed71043225873e4f6712e4922" == digest, "Digest was incorrect.");
Console.WriteLine("-----------------------------------------");
}
public void KnownDigestTest()
{
logger.LogDebug("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
logger.BeginScope(System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaronxten2", "password", "sip:303@bluesipd", "17190028", "INVITE");
string digest = authRequest.Digest;
logger.LogDebug("Digest = " + digest + ".");
logger.LogDebug(authRequest.ToString());
Assert.True(true, "True was false.");
logger.LogDebug("-----------------------------------------");
}
public void GenreateDigestTest()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"digest realm=""sipsorcery.com"", nonce=""1265068315059e3bbf3052cf13ea5ca22fb71669a7"", opaque=""09c0f23f71f89ce53baab5664c09cbfa"", algorithm=MD5");
authRequest.SetCredentials("username", "password", "sip:sipsorcery.com", "REGISTER");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue(true, "True was false.");
Console.WriteLine("-----------------------------------------");
}
public void KnownOpaqueTest()
{
logger.LogDebug("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
logger.BeginScope(System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"digest realm=""Syndeo Corporation"", nonce=""1265068315059e3bbf3052cf13ea5ca22fb71669a7"", opaque=""09c0f23f71f89ce53baab5664c09cbfa"", algorithm=MD5");
authRequest.SetCredentials("user", "pass", "sip:sip.ribbit.com", "REGISTER");
string digest = authRequest.Digest;
logger.LogDebug("Digest = " + digest + ".");
logger.LogDebug(authRequest.ToString());
Assert.True(true, "True was false.");
logger.LogDebug("-----------------------------------------");
}
public void GenerateDigestTest()
{
logger.LogDebug("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
logger.BeginScope(System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"digest realm=""sipsorcery.com"", nonce=""1265068315059e3bbf3052cf13ea5ca22fb71669a7"", opaque=""09c0f23f71f89ce53baab5664c09cbfa"", algorithm=MD5");
authRequest.SetCredentials("username", "password", "sip:sipsorcery.com", "REGISTER");
string digest = authRequest.Digest;
logger.LogDebug("Digest = " + digest + ".");
logger.LogDebug(authRequest.ToString());
Assert.Equal("b1ea9d6b32e8dd0023a3feec14b16177", digest);
logger.LogDebug("-----------------------------------------");
}
public override void AddMessageResponse(SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPResponse response)
{
if (response.Status == SIPResponseStatusCodesEnum.Unauthorised)
{
logger.Info("需要提供身份认证字段" + remoteEndPoint.ToHost());
//安全身份认证
SIPAuthorisationDigest digest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.Authorize);
digest.Username = response.Header.AuthenticationHeader.SIPDigest.Username;
digest.Password = "******";
digest.Realm = response.Header.AuthenticationHeader.SIPDigest.Realm;
digest.Nonce = response.Header.AuthenticationHeader.SIPDigest.Nonce;
digest.Response = digest.Digest;
string md5Pass = digest.ToString();
SIPAuthenticationHeader auth = new SIPAuthenticationHeader(digest);
_auth = auth;
RegisterToPlatform();
}
}
public void KnownWWWAuthenticateDigestTest()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"Digest realm=""aol.com"",nonce=""48e757f3b95250379d63fe29f777984a93831b80"",qop=""auth"",opaque=""004533235332435434ffac663e"",algorithm=MD5");
authRequest.SetCredentials("*****@*****.**", "password", "sip:[email protected];transport=udp", "INVITE");
authRequest.Cnonce = "e66ea40d700e8ab69509df4893f4a821";
string digest = authRequest.Digest;
authRequest.Response = digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue("6221ea0348e2d5229dd1f3825d633295" == digest, "Digest was incorrect.");
Console.WriteLine("-----------------------------------------");
}
public void AuthenticateHeaderToStringTest()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, @"Digest realm=""aol.com"",nonce=""48e7541d4339e27ee7b520a4bf8a8e3c4fffcb90"",qop=""auth"",opaque=""004533235332435434ffac663e"",algorithm=MD5");
authRequest.SetCredentials("*****@*****.**", "password", "sip:[email protected];transport=udp", "INVITE");
authRequest.Cnonce = "cf2e005f1801550717cc8c59193aa9f4";
string digest = authRequest.Digest;
authRequest.Response = digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue(authRequest.ToString() == @"Digest username=""*****@*****.**"",realm=""aol.com"",nonce=""48e7541d4339e27ee7b520a4bf8a8e3c4fffcb90"",uri=""sip:[email protected];transport=udp"",response=""18ad0e62fcc9d7f141a72078c4a0784f"",cnonce=""cf2e005f1801550717cc8c59193aa9f4"",nc=00000001,qop=auth,opaque=""004533235332435434ffac663e"",algorithm=MD5", "The authorisation header was not put to a string correctly.");
Console.WriteLine("-----------------------------------------");
}
public void KnownQOPUnitTest()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = SIPAuthorisationDigest.ParseAuthorisationDigest(SIPAuthorisationHeadersEnum.WWWAuthenticate, "Digest realm=\"jnctn.net\", nonce=\"4a597e1c0000a1636739088e9151ef2f319af257c8f585f1\", qop=\"auth\"");
authRequest.SetCredentials("user", "password", "sip:user.onsip.com", "REGISTER");
authRequest.Cnonce = "d3a1ca6af34e72e2461b794f48d5045d";
string digest = authRequest.Digest;
authRequest.Response = digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue(authRequest.Response == "7709215c1d58c1912dc59d1e8b5b6248", "The authentication response digest was not generated properly.");
Console.WriteLine("-----------------------------------------");
}
/// <summary>
/// Authenticates a SIP request.
/// </summary>
public static SIPRequestAuthenticationResult AuthenticateSIPRequest(
SIPEndPoint localSIPEndPoint,
SIPEndPoint remoteEndPoint,
SIPRequest sipRequest,
ISIPAccount sipAccount)
{
try
{
if (sipAccount == null)
{
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Forbidden, null));
}
else if (sipAccount.IsDisabled)
{
logger.LogWarning($"SIP account {sipAccount.SIPUsername}@{sipAccount.SIPDomain} is disabled for {sipRequest.Method}.");
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Forbidden, null));
}
else
{
SIPAuthenticationHeader reqAuthHeader = sipRequest.Header.AuthenticationHeader;
if (reqAuthHeader == null)
{
// Check for IP address authentication.
//if (!sipAccount.IPAddressACL.IsNullOrBlank())
//{
// SIPEndPoint uaEndPoint = (!sipRequest.Header.ProxyReceivedFrom.IsNullOrBlank()) ? SIPEndPoint.ParseSIPEndPoint(sipRequest.Header.ProxyReceivedFrom) : remoteEndPoint;
// if (Regex.Match(uaEndPoint.GetIPEndPoint().ToString(), sipAccount.IPAddressACL).Success)
// {
// // Successfully authenticated
// return new SIPRequestAuthenticationResult(true, true);
// }
//}
SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce());
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader));
}
else
{
// Check for IP address authentication.
//if (!sipAccount.IPAddressACL.IsNullOrBlank())
//{
// SIPEndPoint uaEndPoint = (!sipRequest.Header.ProxyReceivedFrom.IsNullOrBlank()) ? SIPEndPoint.ParseSIPEndPoint(sipRequest.Header.ProxyReceivedFrom) : remoteEndPoint;
// if (Regex.Match(uaEndPoint.GetIPEndPoint().ToString(), sipAccount.IPAddressACL).Success)
// {
// // Successfully authenticated
// return new SIPRequestAuthenticationResult(true, true);
// }
//}
string requestNonce = reqAuthHeader.SIPDigest.Nonce;
string uri = reqAuthHeader.SIPDigest.URI;
string response = reqAuthHeader.SIPDigest.Response;
// Check for stale nonces.
if (IsNonceStale(requestNonce))
{
logger.LogWarning($"Authentication failed stale nonce for realm={sipAccount.SIPDomain}, username={sipAccount.SIPUsername}, uri={uri}, nonce={requestNonce}, method={sipRequest.Method}.");
SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce());
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader));
}
else
{
SIPAuthorisationDigest checkAuthReq = reqAuthHeader.SIPDigest;
if (sipAccount.SIPPassword != null)
{
checkAuthReq.SetCredentials(sipAccount.SIPUsername, sipAccount.SIPPassword, uri, sipRequest.Method.ToString());
}
else if (sipAccount.HA1Digest != null)
{
checkAuthReq.SetCredentials(sipAccount.HA1Digest, uri, sipRequest.Method.ToString());
}
else
{
throw new ApplicationException("SIP authentication cannot be attempted as neither a password or HA1 digest are available.");
}
string digest = checkAuthReq.Digest;
if (digest == response)
{
// Successfully authenticated
return(new SIPRequestAuthenticationResult(true, false));
}
else
{
logger.LogWarning("Authentication token check failed for realm=" + sipAccount.SIPDomain + ", username="******", uri=" + uri + ", nonce=" + requestNonce + ", method=" + sipRequest.Method + ".");
SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce());
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader));
}
}
}
}
}
catch (Exception excp)
{
logger.LogError(0, excp, "Exception AuthoriseSIPRequest. " + excp.Message);
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.InternalServerError, null));
}
}
public void KnownRegisterDigestTest()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaron", "password", "sip:blueface", "1c8192c9", "REGISTER");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue("08881d1d56c0b21f11d19f4067da7045" == digest, "Digest was incorrect.");
Console.WriteLine("-----------------------------------------");
}
public void KnownRegisterDigestTest2()
{
Console.WriteLine("--> " + System.Reflection.MethodBase.GetCurrentMethod().Name);
SIPAuthorisationDigest authRequest = new SIPAuthorisationDigest(SIPAuthorisationHeadersEnum.ProxyAuthorization, "asterisk", "aaron", "password", "sip:blueface", "1c3c7a97", "REGISTER");
string digest = authRequest.Digest;
Console.WriteLine("Digest = " + digest + ".");
Console.WriteLine(authRequest.ToString());
Assert.IsTrue("1ef20beed71043225873e4f6712e4922" == digest, "Digest was incorrect.");
Console.WriteLine("-----------------------------------------");
}
private Task <SocketError> SubscribeTransactionFinalResponseReceived(SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPTransaction sipTransaction, SIPResponse sipResponse)
{
try
{
if (sipResponse.Status == SIPResponseStatusCodesEnum.IntervalTooBrief)
{
// The expiry interval used was too small. Adjust and try again.
m_expiry = (sipResponse.Header.MinExpires > 0) ? sipResponse.Header.MinExpires : m_expiry * 2;
logger.LogWarning("A subscribe request was rejected with IntervalTooBrief, adjusting expiry to " + m_expiry + " and trying again.");
Subscribe(m_resourceURI, m_expiry, m_sipEventPackage, m_subscribeCallID, null);
}
else if (sipResponse.Status == SIPResponseStatusCodesEnum.Forbidden)
{
// The subscription is never going to succeed so cancel it.
SubscriptionFailed?.Invoke(m_resourceURI, sipResponse.Status, "A Forbidden response was received on a subscribe attempt to " + m_resourceURI.ToString() + " for user " + m_authUsername + ".");
m_exit = true;
m_waitForSubscribeResponse.Set();
}
else if (sipResponse.Status == SIPResponseStatusCodesEnum.BadEvent)
{
// The subscription is never going to succeed so cancel it.
SubscriptionFailed?.Invoke(m_resourceURI, sipResponse.Status, "A BadEvent response was received on a subscribe attempt to " + m_resourceURI.ToString() + " for event package " + m_sipEventPackage.ToString() + ".");
m_exit = true;
m_waitForSubscribeResponse.Set();
}
else if (sipResponse.Status == SIPResponseStatusCodesEnum.CallLegTransactionDoesNotExist)
{
// The notifier server does not have a record for the existing subscription.
SubscriptionFailed?.Invoke(m_resourceURI, sipResponse.Status, "Subscribe failed with response " + sipResponse.StatusCode + " " + sipResponse.ReasonPhrase + ".");
m_waitForSubscribeResponse.Set();
}
else if (sipResponse.Status == SIPResponseStatusCodesEnum.ProxyAuthenticationRequired || sipResponse.Status == SIPResponseStatusCodesEnum.Unauthorised)
{
if (m_authUsername.IsNullOrBlank() || m_authPassword.IsNullOrBlank())
{
// No point trying to authenticate if there are no credentials to use.
SubscriptionFailed?.Invoke(m_resourceURI, sipResponse.Status, "Authentication requested on subscribe request when no credentials available.");
m_waitForSubscribeResponse.Set();
}
else if (sipResponse.Header.AuthenticationHeader != null)
{
if (m_attempts >= MAX_SUBSCRIBE_ATTEMPTS)
{
m_subscribed = false;
SubscriptionFailed?.Invoke(m_resourceURI, SIPResponseStatusCodesEnum.InternalServerError, "Subscription reached the maximum number of allowed attempts.");
m_waitForSubscribeResponse.Set();
}
else
{
logger.LogDebug("Attempting authentication for subscribe request for event package " + m_sipEventPackage.ToString() + " and " + m_resourceURI.ToString() + ".");
m_attempts++;
// Resend SUBSCRIBE with credentials.
SIPAuthorisationDigest authRequest = sipResponse.Header.AuthenticationHeader.SIPDigest;
authRequest.SetCredentials(m_authUsername, m_authPassword, m_resourceURI.ToString(), SIPMethodsEnum.SUBSCRIBE.ToString());
SIPRequest authSubscribeRequest = sipTransaction.TransactionRequest;
authSubscribeRequest.Header.AuthenticationHeader = new SIPAuthenticationHeader(authRequest);
authSubscribeRequest.Header.AuthenticationHeader.SIPDigest.Response = authRequest.Digest;
authSubscribeRequest.Header.Vias.TopViaHeader.Branch = CallProperties.CreateBranchId();
m_localCSeq = sipTransaction.TransactionRequest.Header.CSeq + 1;
authSubscribeRequest.Header.CSeq = m_localCSeq;
authSubscribeRequest.Header.CallId = m_subscribeCallID;
if (!m_filter.IsNullOrBlank())
{
authSubscribeRequest.Body = m_filter;
authSubscribeRequest.Header.ContentLength = m_filter.Length;
authSubscribeRequest.Header.ContentType = m_filterTextType;
}
// Create a new transaction to establish the authenticated server call.
SIPNonInviteTransaction subscribeTransaction = new SIPNonInviteTransaction(m_sipTransport, authSubscribeRequest, m_outboundProxy);
subscribeTransaction.NonInviteTransactionFinalResponseReceived += SubscribeTransactionFinalResponseReceived;
subscribeTransaction.NonInviteTransactionFailed += SubscribeTransactionFailed;
//m_sipTransport.SendTransaction(subscribeTransaction);
subscribeTransaction.SendRequest();
}
}
else
{
SubscriptionFailed?.Invoke(sipTransaction.TransactionRequestURI, sipResponse.Status, "Subscribe requested authentication but did not provide an authentication header.");
m_waitForSubscribeResponse.Set();
}
}
else if (sipResponse.StatusCode >= 200 && sipResponse.StatusCode <= 299)
{
logger.LogDebug("Authenticating subscribe request for event package " + m_sipEventPackage.ToString() + " and " + m_resourceURI.ToString() + " was successful.");
m_subscribed = true;
m_subscriptionToTag = sipResponse.Header.To.ToTag;
SubscriptionSuccessful?.Invoke(m_resourceURI);
m_waitForSubscribeResponse.Set();
}
else
{
SubscriptionFailed?.Invoke(m_resourceURI, sipResponse.Status, "Subscribe failed with response " + sipResponse.StatusCode + " " + sipResponse.ReasonPhrase + ".");
m_waitForSubscribeResponse.Set();
}
return(Task.FromResult(SocketError.Success));
}
catch (Exception excp)
{
logger.LogError("Exception SubscribeTransactionFinalResponseReceived. " + excp.Message);
SubscriptionFailed?.Invoke(m_resourceURI, SIPResponseStatusCodesEnum.InternalServerError, "Exception processing subscribe response. " + excp.Message);
m_waitForSubscribeResponse.Set();
return(Task.FromResult(SocketError.Fault));
}
}
/// <summary>
/// Authenticates a SIP request.
/// </summary>
public static SIPRequestAuthenticationResult AuthenticateSIPRequest(SIPEndPoint localSIPEndPoint, SIPEndPoint remoteEndPoint, SIPRequest sipRequest, SIPAccount sipAccount, SIPMonitorLogDelegate logSIPMonitorEvent)
{
try
{
if (sipAccount == null)
{
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Forbidden, null));
}
else if (sipAccount.IsDisabled)
{
if (logSIPMonitorEvent != null)
{
logSIPMonitorEvent(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.Authoriser, SIPMonitorEventTypesEnum.DialPlan, "SIP account " + sipAccount.SIPUsername + "@" + sipAccount.SIPDomain + " is disabled for " + sipRequest.Method + ".", sipAccount.Owner));
}
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Forbidden, null));
}
else
{
SIPAuthenticationHeader reqAuthHeader = sipRequest.Header.AuthenticationHeader;
if (reqAuthHeader == null)
{
// Check for IP address authentication.
if (!sipAccount.IPAddressACL.IsNullOrBlank())
{
SIPEndPoint uaEndPoint = (!sipRequest.Header.ProxyReceivedFrom.IsNullOrBlank()) ? SIPEndPoint.ParseSIPEndPoint(sipRequest.Header.ProxyReceivedFrom) : remoteEndPoint;
if (Regex.Match(uaEndPoint.GetIPEndPoint().ToString(), sipAccount.IPAddressACL).Success)
{
// Successfully authenticated
return(new SIPRequestAuthenticationResult(true, true));
}
}
SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce());
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader));
}
else
{
// Check for IP address authentication.
if (!sipAccount.IPAddressACL.IsNullOrBlank())
{
SIPEndPoint uaEndPoint = (!sipRequest.Header.ProxyReceivedFrom.IsNullOrBlank()) ? SIPEndPoint.ParseSIPEndPoint(sipRequest.Header.ProxyReceivedFrom) : remoteEndPoint;
if (Regex.Match(uaEndPoint.GetIPEndPoint().ToString(), sipAccount.IPAddressACL).Success)
{
// Successfully authenticated
return(new SIPRequestAuthenticationResult(true, true));
}
}
string requestNonce = reqAuthHeader.SIPDigest.Nonce;
string uri = reqAuthHeader.SIPDigest.URI;
string response = reqAuthHeader.SIPDigest.Response;
// Check for stale nonces.
if (IsNonceStale(requestNonce))
{
if (logSIPMonitorEvent != null)
{
logSIPMonitorEvent(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.Authoriser, SIPMonitorEventTypesEnum.Warn, "Authentication failed stale nonce for realm=" + sipAccount.SIPDomain + ", username="******", uri=" + uri + ", nonce=" + requestNonce + ", method=" + sipRequest.Method + ".", null));
}
SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce());
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader));
}
else
{
SIPAuthorisationDigest checkAuthReq = reqAuthHeader.SIPDigest;
checkAuthReq.SetCredentials(sipAccount.SIPUsername, sipAccount.SIPPassword, uri, sipRequest.Method.ToString());
string digest = checkAuthReq.Digest;
if (digest == response)
{
// Successfully authenticated
return(new SIPRequestAuthenticationResult(true, false));
}
else
{
if (logSIPMonitorEvent != null)
{
logSIPMonitorEvent(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.Authoriser, SIPMonitorEventTypesEnum.Warn, "Authentication token check failed for realm=" + sipAccount.SIPDomain + ", username="******", uri=" + uri + ", nonce=" + requestNonce + ", method=" + sipRequest.Method + ".", sipAccount.Owner));
}
SIPAuthenticationHeader authHeader = new SIPAuthenticationHeader(SIPAuthorisationHeadersEnum.WWWAuthenticate, sipAccount.SIPDomain, GetNonce());
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.Unauthorised, authHeader));
}
}
}
}
}
catch (Exception excp)
{
if (logSIPMonitorEvent != null)
{
logSIPMonitorEvent(new SIPMonitorConsoleEvent(SIPMonitorServerTypesEnum.Authoriser, SIPMonitorEventTypesEnum.Error, "Exception AuthoriseSIPRequest. " + excp.Message, null));
}
return(new SIPRequestAuthenticationResult(SIPResponseStatusCodesEnum.InternalServerError, null));
}
}
