コード例 #1
0
        /*
         * Generates the content of an Authorization header like this:
         *
         * MtWilson http_method="GET",
         * uri="http://localhost:8080/AttestationService/resources/hosts/trust?hostName=10.1.71.103",
         * username="******",
         * nonce="MjAxMi0wMy0wMVQxNToyMjoyOS42NDUyMTUyLTA4OjAwGHEbQHWC4C+P3d+Nz56EMA==",
         * signature_method="HMAC-SHA256",
         * timestamp="2012-03-01T15:22:29-08:00",
         * signature="HSDHAkTXgAHzrMMiOyBH0viESVHNiZ/KYjrnwln6rww="
         *
         * The request url must already have the query parameters in the query string.
         *
         */
        public string getAuthorization(string httpMethod, string requestUrl, string requestBody)
        {
            string         nonceStr       = System.Convert.ToBase64String(nonce());
            SignatureBlock signatureBlock = new SignatureBlock();

            signatureBlock.httpMethod      = httpMethod;
            signatureBlock.absoluteUrl     = new HttpRequestURL(requestUrl, null).GetURL();          // the NULL should be replaced with QUERY PARAMETERS ??? the server doesn't care (as of Feb 2012), it does not map the actual uri to the signature uri
            signatureBlock.fromToken       = System.Convert.ToBase64String(utf8.GetBytes(clientId)); // base-64 encoded version of client id.
            signatureBlock.nonce           = nonceStr;                                               // base-64 encoded nonce data, but this is opaque to the server: the server doesn't care what we put in the nonce or how we encoded it.
            signatureBlock.requestBody     = requestBody;
            signatureBlock.signatureMethod = "HMAC-SHA256";
            signatureBlock.timestamp       = DateTimeOffset.Now.ToString("yyyy-MM-ddTHH:mm:sszzz"); // example: 2012-03-01T15:22:29-08:00
            string content   = signatureBlock.GetText();
            string signature = sign(content);
            string realm     = null;
            string header    = String.Format("MtWilson {0}", headerParams(signatureBlock, realm, signature));

            Console.WriteLine("Generating Authorization: " + header);
            return(header);
        }
コード例 #2
0
        private string headerParams(SignatureBlock sb, string realm, string signature)
        {
            string[]      label  = new String[] { "http_method", "uri", "username", "nonce", "signature_method", "timestamp", "realm", "signature" };
            string[]      input  = new String[] { sb.httpMethod, sb.absoluteUrl, sb.fromToken, sb.nonce, sb.signatureMethod, sb.timestamp, realm, signature };
            List <string> errors = new List <string>();
            List <string> param  = new List <string>();

            for (int i = 0; i < input.Length; i++)
            {
                if (input[i] != null && input[i].Contains("\""))
                {
                    errors.Add(label[i] + " contains quotes");
                }
                if (!String.IsNullOrEmpty(input[i]))
                {
                    param.Add(String.Format("{0}=\"{1}\"", label[i], input[i]));
                }
            }
            if (errors.Count > 0)
            {
                throw new ArgumentException(String.Format("Cannot create authorization header: {0}", String.Join(", ", errors)));
            }
            return(String.Join(", ", param));
        }