void GivenAClientAuthzHeader(string httpMethod, string username, string password, string realm, string nonce,
string uri)
{
TheRequestAuthorizationHeader = new DigestHeader
{
Username = username,
Password = password,
Realm = realm,
Nonce = nonce,
Uri = uri,
QualityOfProtection = "auth",
ClientNonce = "clientNonce",
Opaque = "opaque"
};
TheRequestAuthorizationHeader.Response = TheRequestAuthorizationHeader.GetCalculatedResponse(httpMethod);
Context.Request.Headers["Authorization"] = TheRequestAuthorizationHeader.ClientRequestHeader;
}
IResponse RetryWithHttpAuthenticationCredentials(IClientRequest request, IResponse response)
{
if (response.Headers["WWW-Authenticate"] != null && response.Headers["WWW-Authenticate"].Contains("Digest"))
{
var responseDigest = DigestHeader.Parse(response.Headers["WWW-Authenticate"]);
var header = new OpenRasta.Security.DigestHeader(responseDigest)
{
Username = request.Credentials.Username,
Password = request.Credentials.Password,
Nonce = responseDigest.Nonce,
ClientNonce = "none",
Uri = request.Uri.GetLeftPart(UriPartial.Path)
};
header.Response = header.GetCalculatedResponse(request.HttpMethod);
request.Headers["Authorization"] = header.ClientRequestHeader;
return(_host.ProcessRequest(request));
}
return(response);
}
public PipelineContinuation ReadCredentials(ICommunicationContext context)
{
if (!_resolver.HasDependency(typeof(IAuthenticationProvider)))
return PipelineContinuation.Continue;
_authentication = _resolver.Resolve<IAuthenticationProvider>();
DigestHeader authorizeHeader = GetDigestHeader(context);
if (authorizeHeader == null)
return PipelineContinuation.Continue;
string digestUri = GetAbsolutePath(authorizeHeader.Uri);
if (digestUri != context.Request.Uri.AbsolutePath)
return ClientError(context);
Credentials creds = _authentication.GetByUsername(authorizeHeader.Username);
if (creds == null)
return NotAuthorized(context);
var checkHeader = new DigestHeader(authorizeHeader)
{
Password = creds.Password,
Uri = authorizeHeader.Uri
};
string hashedDigest = checkHeader.GetCalculatedResponse(context.Request.HttpMethod);
if (authorizeHeader.Response == hashedDigest)
{
IIdentity id = new GenericIdentity(creds.Username, "Digest");
context.User = new GenericPrincipal(id, creds.Roles);
return PipelineContinuation.Continue;
}
return NotAuthorized(context);
}
IResponse RetryWithHttpAuthenticationCredentials(IClientRequest request, IResponse response)
{
if (response.Headers["WWW-Authenticate"] != null && response.Headers["WWW-Authenticate"].Contains("Digest"))
{
var responseDigest = DigestHeader.Parse(response.Headers["WWW-Authenticate"]);
var header = new OpenRasta.Security.DigestHeader(responseDigest)
{
Username = request.Credentials.Username,
Password = request.Credentials.Password,
Nonce = responseDigest.Nonce,
ClientNonce = "none",
Uri = request.Uri.GetLeftPart(UriPartial.Path)
};
header.Response = header.GetCalculatedResponse(request.HttpMethod);
request.Headers["Authorization"] = header.ClientRequestHeader;
return _host.ProcessRequest(request);
}
return response;
}
