/// <summary> Given a nonce value, determines if it correctly applies to the given IP address. </summary>
/// <remarks> ebrown, 4/6/2011. </remarks>
/// <exception cref="ArgumentNullException"> Thrown when one or more required arguments are null. </exception>
/// <exception cref="ArgumentException"> Thrown when one or more arguments have unsupported or illegal values. </exception>
/// <param name="nonce"> The nonce. </param>
/// <param name="ipAddress"> The IP address. </param>
/// <param name="privateHashEncoder"> The private hash encoder. </param>
/// <returns> true if it succeeds, false if it fails. </returns>
public static bool Validate(string nonce, string ipAddress, PrivateHashEncoder privateHashEncoder)
{
if (null == nonce)
{
throw new ArgumentNullException("nonce");
}
if (string.IsNullOrWhiteSpace(nonce))
{
throw new ArgumentException("must not be empty", "nonce");
}
;
if (null == ipAddress)
{
throw new ArgumentNullException("ipAddress");
}
if (string.IsNullOrWhiteSpace(ipAddress))
{
throw new ArgumentException("must not be empty", "ipAddress");
}
;
if (null == privateHashEncoder)
{
throw new ArgumentNullException("privateHashEncoder");
}
string[] decodedParts = GetDecodedParts(nonce);
string md5EncodedString = privateHashEncoder.Encode(decodedParts[0], ipAddress);
return(string.CompareOrdinal(decodedParts[1], md5EncodedString) == 0);
}
/// <summary>
/// Generates a base64 encoded nonce combining the current time, and another hashed value that contains a hash of the time, ip address
/// and a private key. Milliseconds:PrivateHash where PrivateHash = Milliseconds:IP:PrivateKey.
/// </summary>
/// <remarks> ebrown, 4/6/2011. </remarks>
/// <exception cref="ArgumentNullException"> Thrown when one or more required arguments are null. </exception>
/// <exception cref="ArgumentException"> Thrown when one or more arguments have unsupported or illegal values. </exception>
/// <param name="ipAddress"> The IP address. </param>
/// <param name="privateHashEncoder"> The private hash encoder. </param>
/// <returns> A base64 nonce value representing time:privateValue. </returns>
public static string Generate(string ipAddress, PrivateHashEncoder privateHashEncoder)
{
if (null == ipAddress) { throw new ArgumentNullException("ipAddress"); }
if (string.IsNullOrWhiteSpace(ipAddress)) { throw new ArgumentException("must not be empty", "ipAddress"); };
if (null == privateHashEncoder) { throw new ArgumentNullException("privateHashEncoder"); }
string dateTimeInMilliSecondsString = (Now() - DateTime.MinValue)
.TotalMilliseconds.ToString(CultureInfo.InvariantCulture);
string privateHash = privateHashEncoder.Encode(dateTimeInMilliSecondsString, ipAddress);
return Convert.ToBase64String(encoding.GetBytes(
string.Format(CultureInfo.InvariantCulture, "{0}:{1}", dateTimeInMilliSecondsString, privateHash)));
}
/// <summary> Given a nonce value, determines if it correctly applies to the given IP address. </summary>
/// <remarks> ebrown, 4/6/2011. </remarks>
/// <exception cref="ArgumentNullException"> Thrown when one or more required arguments are null. </exception>
/// <exception cref="ArgumentException"> Thrown when one or more arguments have unsupported or illegal values. </exception>
/// <param name="nonce"> The nonce. </param>
/// <param name="ipAddress"> The IP address. </param>
/// <param name="privateHashEncoder"> The private hash encoder. </param>
/// <returns> true if it succeeds, false if it fails. </returns>
public static bool Validate(string nonce, string ipAddress, PrivateHashEncoder privateHashEncoder)
{
if (null == nonce) { throw new ArgumentNullException("nonce"); }
if (string.IsNullOrWhiteSpace(nonce)) { throw new ArgumentException("must not be empty", "nonce"); };
if (null == ipAddress) { throw new ArgumentNullException("ipAddress"); }
if (string.IsNullOrWhiteSpace(ipAddress)) { throw new ArgumentException("must not be empty", "ipAddress"); };
if (null == privateHashEncoder) { throw new ArgumentNullException("privateHashEncoder"); }
string[] decodedParts = GetDecodedParts(nonce);
string md5EncodedString = privateHashEncoder.Encode(decodedParts[0], ipAddress);
return string.CompareOrdinal(decodedParts[1], md5EncodedString) == 0;
}
/// <summary> Initializes a new instance of the DigestAuthenticator class. </summary>
/// <remarks> ebrown, 1/3/2011. </remarks>
/// <param name="config"> The configuration. </param>
public DigestAuthenticator(IDigestAuthenticatorConfiguration config)
: base(config)
{
//TODO: 4-6-2011 -- find a better way to hook up the validation logic here so that it matches up with the config class
if (null == config)
{
throw new ArgumentNullException("config");
}
string configPrivateKey = config.PrivateKey;
if (null == configPrivateKey)
{
throw new ArgumentNullException("config", "IDigestAuthenticatorConfiguration.PrivateKey is null");
}
if (null == config.Realm)
{
throw new ArgumentNullException("config", "IDigestAuthenticatorConfiguration.Realm is null");
}
if (string.IsNullOrWhiteSpace(configPrivateKey))
{
throw new ArgumentException("IDigestAuthenticatorConfiguration.PrivateKey must not be whitespace", "config");
}
if (configPrivateKey.Length < 8)
{
throw new ArgumentException("IDigestAuthenticatorConfiguration.PrivateKey must be at least 8 characters", "config");
}
if (string.IsNullOrWhiteSpace(config.Realm))
{
throw new ArgumentException("IDigestAuthenticatorConfiguration.Realm must not be whitespace", "config");
}
if (config.NonceValidDuration < TimeSpan.FromSeconds(20))
{
throw new ArgumentException("IDigestAuthenticatorConfiguration.NonceValidDuration must be at least 20 seconds", "config");
}
if (config.NonceValidDuration > TimeSpan.FromMinutes(60))
{
throw new ArgumentException("IDigestAuthenticatorConfiguration.NonceValidDuration must be less than 60 minutes", "config");
}
if (string.IsNullOrWhiteSpace(config.ProviderName) && null == config.PasswordRetriever)
{
throw new ArgumentException("When no ProviderName is set, DigestAuthenticator requires a PasswordRetriever");
}
privateHashEncoder = new PrivateHashEncoder(configPrivateKey);
}
/// <summary>
/// Generates a base64 encoded nonce combining the current time, and another hashed value that contains a hash of the time, ip address
/// and a private key. Milliseconds:PrivateHash where PrivateHash = Milliseconds:IP:PrivateKey.
/// </summary>
/// <remarks> ebrown, 4/6/2011. </remarks>
/// <exception cref="ArgumentNullException"> Thrown when one or more required arguments are null. </exception>
/// <exception cref="ArgumentException"> Thrown when one or more arguments have unsupported or illegal values. </exception>
/// <param name="ipAddress"> The IP address. </param>
/// <param name="privateHashEncoder"> The private hash encoder. </param>
/// <returns> A base64 nonce value representing time:privateValue. </returns>
public static string Generate(string ipAddress, PrivateHashEncoder privateHashEncoder)
{
if (null == ipAddress)
{
throw new ArgumentNullException("ipAddress");
}
if (string.IsNullOrWhiteSpace(ipAddress))
{
throw new ArgumentException("must not be empty", "ipAddress");
}
;
if (null == privateHashEncoder)
{
throw new ArgumentNullException("privateHashEncoder");
}
string dateTimeInMilliSecondsString = (Now() - DateTime.MinValue)
.TotalMilliseconds.ToString(CultureInfo.InvariantCulture);
string privateHash = privateHashEncoder.Encode(dateTimeInMilliSecondsString, ipAddress);
return(Convert.ToBase64String(encoding.GetBytes(
string.Format(CultureInfo.InvariantCulture, "{0}:{1}", dateTimeInMilliSecondsString, privateHash))));
}
