public HttpResponseMessage Get(HttpRequestMessage request, [FromUri] string message)
{
bool userExists = false;
string response = "Bad Request";
HttpStatusCode statusCode = HttpStatusCode.BadRequest;
string apiKey = request.Headers.GetValues("ApiKey").FirstOrDefault();
RSACryptoServiceProvider rsa = WebApiConfig.RSA;
using (rsa)
{
if (userExists = UserDatabaseAccess.checkUserKey(apiKey))
{
byte[] signedMessage;
byte[] messageBytes = Encoding.ASCII.GetBytes(message);
SHA1CryptoServiceProvider sha1 = new SHA1CryptoServiceProvider();
signedMessage = rsa.SignData(messageBytes, sha1);
response = BitConverter.ToString(signedMessage);
statusCode = HttpStatusCode.OK;
}
}
return(Request.CreateResponse <string>(statusCode, response));
}
public HttpResponseMessage Getsha256([FromUri] string message, HttpRequestMessage request)
{
string apiKey = request.Headers.GetValues("ApiKey").FirstOrDefault();
HttpStatusCode statusCode = HttpStatusCode.BadRequest;
bool userExists = false;
byte[] messageBytes;
string response = "Bad Request";
byte[] responseBytes;
if (message != null)
{
if (userExists = UserDatabaseAccess.checkUserKey(apiKey))
{
messageBytes = Encoding.ASCII.GetBytes(message);
SHA256 sha = new SHA256CryptoServiceProvider();
responseBytes = sha.ComputeHash(messageBytes);
response = BitConverter.ToString(responseBytes).Replace("-", "");
statusCode = HttpStatusCode.OK;
}
}
return(Request.CreateResponse <string>(statusCode, response));
}
protected override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
#region Task5
// TODO: Find if a header ‘ApiKey’ exists, and if it does, check the database to determine if the given API Key is valid
// Then authorise the principle on the current thread using a claim, claimidentity and claimsprinciple
#endregion
if (request.Headers.Contains("ApiKey"))
{
string apiKeyHeaderValue = request.Headers.GetValues("ApiKey").FirstOrDefault();
if (apiKeyHeaderValue != null && UserDatabaseAccess.checkUserKey(apiKeyHeaderValue))
{
if (UserDatabaseAccess.checkUserKey(apiKeyHeaderValue))
{
User user = UserDatabaseAccess.checkUserRtnUsr(apiKeyHeaderValue);
ClaimsPrincipal claimPrincipal = new ClaimsPrincipal(new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.UserName, ClaimValueTypes.String)
}, "ApiKey"));
Thread.CurrentPrincipal = claimPrincipal;
}
}
}
return(base.SendAsync(request, cancellationToken));
}
public HttpResponseMessage GetPublicKey(HttpRequestMessage request)
{
bool userExists = false;
string response = "Bad Request";
HttpStatusCode statusCode = HttpStatusCode.BadRequest;
string apiKey = request.Headers.GetValues("ApiKey").FirstOrDefault();
using (var rsa = WebApiConfig.RSA)
{
if (userExists = UserDatabaseAccess.checkUserKey(apiKey))
{
var publicKeyXML = rsa.ToXmlString(false);
response = publicKeyXML;
statusCode = HttpStatusCode.OK;
}
}
return(Request.CreateResponse <string>(statusCode, response));
}
