public DigestHeader(DigestHeader copy)
{
foreach (var kv in copy._values)
{
_values.Add(kv.Key, kv.Value);
}
}
void GivenAClientAuthzHeader(string httpMethod, string username, string password, string realm, string nonce,
string uri)
{
TheRequestAuthorizationHeader = new DigestHeader
{
Username = username,
Password = password,
Realm = realm,
Nonce = nonce,
Uri = uri,
QualityOfProtection = "auth",
ClientNonce = "clientNonce",
Opaque = "opaque"
};
TheRequestAuthorizationHeader.Response = TheRequestAuthorizationHeader.GetCalculatedResponse(httpMethod);
Context.Request.Headers["Authorization"] = TheRequestAuthorizationHeader.ClientRequestHeader;
}
public static DigestHeader Parse(string header)
{
if (!header.ToUpper().StartsWith("DIGEST"))
{
return(null);
}
var credentials = new DigestHeader();
string arguments = header.Substring(6);
string[] keyValues = arguments.Split(',');
foreach (string kv in keyValues)
{
string[] parts = kv.Split(new[] { '=' }, 2);
string key = parts[0].Trim(' ', '\t', '\r', '\n', '\"');
string value = parts[1].Trim(' ', '\t', '\r', '\n', '\"');
credentials._values.Add(key, value);
}
return(credentials);
}
IResponse RetryWithHttpAuthenticationCredentials(IClientRequest request, IResponse response)
{
if (response.Headers["WWW-Authenticate"] != null && response.Headers["WWW-Authenticate"].Contains("Digest"))
{
var responseDigest = DigestHeader.Parse(response.Headers["WWW-Authenticate"]);
var header = new OpenRasta.Security.DigestHeader(responseDigest)
{
Username = request.Credentials.Username,
Password = request.Credentials.Password,
Nonce = responseDigest.Nonce,
ClientNonce = "none",
Uri = request.Uri.GetLeftPart(UriPartial.Path)
};
header.Response = header.GetCalculatedResponse(request.HttpMethod);
request.Headers["Authorization"] = header.ClientRequestHeader;
return(_host.ProcessRequest(request));
}
return(response);
}
public PipelineContinuation ReadCredentials(ICommunicationContext context)
{
if (!_resolver.HasDependency(typeof(IAuthenticationProvider)))
return PipelineContinuation.Continue;
_authentication = _resolver.Resolve<IAuthenticationProvider>();
DigestHeader authorizeHeader = GetDigestHeader(context);
if (authorizeHeader == null)
return PipelineContinuation.Continue;
string digestUri = GetAbsolutePath(authorizeHeader.Uri);
if (digestUri != context.Request.Uri.AbsolutePath)
return ClientError(context);
Credentials creds = _authentication.GetByUsername(authorizeHeader.Username);
if (creds == null)
return NotAuthorized(context);
var checkHeader = new DigestHeader(authorizeHeader)
{
Password = creds.Password,
Uri = authorizeHeader.Uri
};
string hashedDigest = checkHeader.GetCalculatedResponse(context.Request.HttpMethod);
if (authorizeHeader.Response == hashedDigest)
{
IIdentity id = new GenericIdentity(creds.Username, "Digest");
context.User = new GenericPrincipal(id, creds.Roles);
return PipelineContinuation.Continue;
}
return NotAuthorized(context);
}
IResponse RetryWithHttpAuthenticationCredentials(IClientRequest request, IResponse response)
{
if (response.Headers["WWW-Authenticate"] != null && response.Headers["WWW-Authenticate"].Contains("Digest"))
{
var responseDigest = DigestHeader.Parse(response.Headers["WWW-Authenticate"]);
var header = new OpenRasta.Security.DigestHeader(responseDigest)
{
Username = request.Credentials.Username,
Password = request.Credentials.Password,
Nonce = responseDigest.Nonce,
ClientNonce = "none",
Uri = request.Uri.GetLeftPart(UriPartial.Path)
};
header.Response = header.GetCalculatedResponse(request.HttpMethod);
request.Headers["Authorization"] = header.ClientRequestHeader;
return _host.ProcessRequest(request);
}
return response;
}
public DigestHeader(DigestHeader copy)
{
foreach (var kv in copy._values)
_values.Add(kv.Key, kv.Value);
}
public static DigestHeader Parse(string header)
{
if (!header.ToUpper().StartsWith("DIGEST"))
return null;
var credentials = new DigestHeader();
string arguments = header.Substring(6);
string[] keyValues = arguments.Split(',');
foreach (string kv in keyValues)
{
string[] parts = kv.Split(new[] {'='}, 2);
string key = parts[0].Trim(' ', '\t', '\r', '\n', '\"');
string value = parts[1].Trim(' ', '\t', '\r', '\n', '\"');
credentials._values.Add(key, value);
}
return credentials;
}
