public HttpResponseMessage Get(HttpRequestMessage request, [FromUri] string message) { bool userExists = false; string response = "Bad Request"; HttpStatusCode statusCode = HttpStatusCode.BadRequest; string apiKey = request.Headers.GetValues("ApiKey").FirstOrDefault(); RSACryptoServiceProvider rsa = WebApiConfig.RSA; using (rsa) { if (userExists = UserDatabaseAccess.checkUserKey(apiKey)) { byte[] signedMessage; byte[] messageBytes = Encoding.ASCII.GetBytes(message); SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider(); signedMessage = rsa.SignData(messageBytes, sha1); response = BitConverter.ToString(signedMessage); statusCode = HttpStatusCode.OK; } } return(Request.CreateResponse <string>(statusCode, response)); }
public HttpResponseMessage Getsha256([FromUri] string message, HttpRequestMessage request) { string apiKey = request.Headers.GetValues("ApiKey").FirstOrDefault(); HttpStatusCode statusCode = HttpStatusCode.BadRequest; bool userExists = false; byte[] messageBytes; string response = "Bad Request"; byte[] responseBytes; if (message != null) { if (userExists = UserDatabaseAccess.checkUserKey(apiKey)) { messageBytes = Encoding.ASCII.GetBytes(message); SHA256 sha = new SHA256CryptoServiceProvider(); responseBytes = sha.ComputeHash(messageBytes); response = BitConverter.ToString(responseBytes).Replace("-", ""); statusCode = HttpStatusCode.OK; } } return(Request.CreateResponse <string>(statusCode, response)); }
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { #region Task5 // TODO: Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid // Then authorise the principle on the current thread using a claim, claimidentity and claimsprinciple #endregion if (request.Headers.Contains("ApiKey")) { string apiKeyHeaderValue = request.Headers.GetValues("ApiKey").FirstOrDefault(); if (apiKeyHeaderValue != null && UserDatabaseAccess.checkUserKey(apiKeyHeaderValue)) { if (UserDatabaseAccess.checkUserKey(apiKeyHeaderValue)) { User user = UserDatabaseAccess.checkUserRtnUsr(apiKeyHeaderValue); ClaimsPrincipal claimPrincipal = new ClaimsPrincipal(new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.UserName, ClaimValueTypes.String) }, "ApiKey")); Thread.CurrentPrincipal = claimPrincipal; } } } return(base.SendAsync(request, cancellationToken)); }
public HttpResponseMessage GetPublicKey(HttpRequestMessage request) { bool userExists = false; string response = "Bad Request"; HttpStatusCode statusCode = HttpStatusCode.BadRequest; string apiKey = request.Headers.GetValues("ApiKey").FirstOrDefault(); using (var rsa = WebApiConfig.RSA) { if (userExists = UserDatabaseAccess.checkUserKey(apiKey)) { var publicKeyXML = rsa.ToXmlString(false); response = publicKeyXML; statusCode = HttpStatusCode.OK; } } return(Request.CreateResponse <string>(statusCode, response)); }