void GivenAClientAuthzHeader(string httpMethod, string username, string password, string realm, string nonce, string uri) { TheRequestAuthorizationHeader = new DigestHeader { Username = username, Password = password, Realm = realm, Nonce = nonce, Uri = uri, QualityOfProtection = "auth", ClientNonce = "clientNonce", Opaque = "opaque" }; TheRequestAuthorizationHeader.Response = TheRequestAuthorizationHeader.GetCalculatedResponse(httpMethod); Context.Request.Headers["Authorization"] = TheRequestAuthorizationHeader.ClientRequestHeader; }
IResponse RetryWithHttpAuthenticationCredentials(IClientRequest request, IResponse response) { if (response.Headers["WWW-Authenticate"] != null && response.Headers["WWW-Authenticate"].Contains("Digest")) { var responseDigest = DigestHeader.Parse(response.Headers["WWW-Authenticate"]); var header = new OpenRasta.Security.DigestHeader(responseDigest) { Username = request.Credentials.Username, Password = request.Credentials.Password, Nonce = responseDigest.Nonce, ClientNonce = "none", Uri = request.Uri.GetLeftPart(UriPartial.Path) }; header.Response = header.GetCalculatedResponse(request.HttpMethod); request.Headers["Authorization"] = header.ClientRequestHeader; return(_host.ProcessRequest(request)); } return(response); }
public PipelineContinuation ReadCredentials(ICommunicationContext context) { if (!_resolver.HasDependency(typeof(IAuthenticationProvider))) return PipelineContinuation.Continue; _authentication = _resolver.Resolve<IAuthenticationProvider>(); DigestHeader authorizeHeader = GetDigestHeader(context); if (authorizeHeader == null) return PipelineContinuation.Continue; string digestUri = GetAbsolutePath(authorizeHeader.Uri); if (digestUri != context.Request.Uri.AbsolutePath) return ClientError(context); Credentials creds = _authentication.GetByUsername(authorizeHeader.Username); if (creds == null) return NotAuthorized(context); var checkHeader = new DigestHeader(authorizeHeader) { Password = creds.Password, Uri = authorizeHeader.Uri }; string hashedDigest = checkHeader.GetCalculatedResponse(context.Request.HttpMethod); if (authorizeHeader.Response == hashedDigest) { IIdentity id = new GenericIdentity(creds.Username, "Digest"); context.User = new GenericPrincipal(id, creds.Roles); return PipelineContinuation.Continue; } return NotAuthorized(context); }
IResponse RetryWithHttpAuthenticationCredentials(IClientRequest request, IResponse response) { if (response.Headers["WWW-Authenticate"] != null && response.Headers["WWW-Authenticate"].Contains("Digest")) { var responseDigest = DigestHeader.Parse(response.Headers["WWW-Authenticate"]); var header = new OpenRasta.Security.DigestHeader(responseDigest) { Username = request.Credentials.Username, Password = request.Credentials.Password, Nonce = responseDigest.Nonce, ClientNonce = "none", Uri = request.Uri.GetLeftPart(UriPartial.Path) }; header.Response = header.GetCalculatedResponse(request.HttpMethod); request.Headers["Authorization"] = header.ClientRequestHeader; return _host.ProcessRequest(request); } return response; }