/*
* Generates the content of an Authorization header like this:
*
* MtWilson http_method="GET",
* uri="http://localhost:8080/AttestationService/resources/hosts/trust?hostName=10.1.71.103",
* username="******",
* nonce="MjAxMi0wMy0wMVQxNToyMjoyOS42NDUyMTUyLTA4OjAwGHEbQHWC4C+P3d+Nz56EMA==",
* signature_method="HMAC-SHA256",
* timestamp="2012-03-01T15:22:29-08:00",
* signature="HSDHAkTXgAHzrMMiOyBH0viESVHNiZ/KYjrnwln6rww="
*
* The request url must already have the query parameters in the query string.
*
*/
public string getAuthorization(string httpMethod, string requestUrl, string requestBody)
{
string nonceStr = System.Convert.ToBase64String(nonce());
SignatureBlock signatureBlock = new SignatureBlock();
signatureBlock.httpMethod = httpMethod;
signatureBlock.absoluteUrl = new HttpRequestURL(requestUrl, null).GetURL(); // the NULL should be replaced with QUERY PARAMETERS ??? the server doesn't care (as of Feb 2012), it does not map the actual uri to the signature uri
signatureBlock.fromToken = System.Convert.ToBase64String(utf8.GetBytes(clientId)); // base-64 encoded version of client id.
signatureBlock.nonce = nonceStr; // base-64 encoded nonce data, but this is opaque to the server: the server doesn't care what we put in the nonce or how we encoded it.
signatureBlock.requestBody = requestBody;
signatureBlock.signatureMethod = "HMAC-SHA256";
signatureBlock.timestamp = DateTimeOffset.Now.ToString("yyyy-MM-ddTHH:mm:sszzz"); // example: 2012-03-01T15:22:29-08:00
string content = signatureBlock.GetText();
string signature = sign(content);
string realm = null;
string header = String.Format("MtWilson {0}", headerParams(signatureBlock, realm, signature));
Console.WriteLine("Generating Authorization: " + header);
return(header);
}
private string headerParams(SignatureBlock sb, string realm, string signature)
{
string[] label = new String[] { "http_method", "uri", "username", "nonce", "signature_method", "timestamp", "realm", "signature" };
string[] input = new String[] { sb.httpMethod, sb.absoluteUrl, sb.fromToken, sb.nonce, sb.signatureMethod, sb.timestamp, realm, signature };
List <string> errors = new List <string>();
List <string> param = new List <string>();
for (int i = 0; i < input.Length; i++)
{
if (input[i] != null && input[i].Contains("\""))
{
errors.Add(label[i] + " contains quotes");
}
if (!String.IsNullOrEmpty(input[i]))
{
param.Add(String.Format("{0}=\"{1}\"", label[i], input[i]));
}
}
if (errors.Count > 0)
{
throw new ArgumentException(String.Format("Cannot create authorization header: {0}", String.Join(", ", errors)));
}
return(String.Join(", ", param));
}