public void meaningful_exception_for_unknown_auth_header()
{
//http://dotnetinside.com/en/type/ServiceStack.Client/AuthenticationInfo/4.0.20.0
//http://en.wikipedia.org/wiki/Basic_access_authentication
var good1 = new AuthenticationInfo("Basic realm=\"registrar\"");
Assert.IsNotNull(good1);
const string header = "Digest username=\"admin\"," +
"realm=\"The batcave\"," +
"nonce=\"49938e61ccaa\"," +
"uri=\"/\"," +
"response=\"98ccab4542f284c00a79b5957baaff23\"," +
"opaque=\"d8ea7aa61a1693024c4cc3a516f49b3c\"," +
"qop=auth, nc=00000001," +
"cnonce=\"8d1b34edb475994b\"";
var good2 = new AuthenticationInfo(header);
Assert.IsNotNull(good2);
var error = Assert.Throws<AuthenticationException>(() => new AuthenticationInfo("Negotiate,NTLM"));
Assert.AreEqual("Authentication header not supported: Negotiate,NTLM", error.Message);
}
internal static void AddDigestAuth(this WebRequest client, string userName, string password, AuthenticationInfo authInfo)
{
// by adamfowleruk
// See Client Request at http://en.wikipedia.org/wiki/Digest_access_authentication
string ncUse = padNC(authInfo.nc);
authInfo.nc++; // incrememnt for subsequent requests
string ha1raw = userName + ":" + authInfo.realm + ":" + password;
string ha1 = CalculateMD5Hash(ha1raw);
string ha2raw = client.Method + ":" + client.RequestUri.PathAndQuery;
string ha2 = CalculateMD5Hash(ha2raw);
string md5rraw = ha1 + ":" + authInfo.nonce + ":" + ncUse + ":" + authInfo.cnonce + ":" + authInfo.qop + ":" + ha2;
string response = CalculateMD5Hash(md5rraw);
string header =
"Digest username=\"" + userName + "\", realm=\"" + authInfo.realm + "\", nonce=\"" + authInfo.nonce + "\", uri=\"" +
client.RequestUri.PathAndQuery + "\", cnonce=\"" + authInfo.cnonce + "\", nc=" + ncUse + ", qop=\"" + authInfo.qop + "\", response=\"" + response +
"\", opaque=\"" + authInfo.opaque + "\"";
client.Headers[HttpHeaders.Authorization] = header;
}
internal static void AddAuthInfo(this WebRequest client, string userName, string password, AuthenticationInfo authInfo)
{
if ("basic".Equals(authInfo.method))
{
client.AddBasicAuth(userName, password); // FIXME AddBasicAuth ignores the server provided Realm property. Potential Bug.
}
else if ("digest".Equals(authInfo.method))
{
// do digest auth header using auth info
// auth info saved in ServiceClientBase for subsequent requests
client.AddDigestAuth(userName, password, authInfo);
}
}
internal static void AddAuthInfo(this WebRequest client, string userName, string password, AuthenticationInfo authInfo)
{
if ("basic".Equals(authInfo.method))
{
client.AddBasicAuth(userName, password); // FIXME AddBasicAuth ignores the server provided Realm property. Potential Bug.
}
else if ("digest".Equals(authInfo.method))
{
// do digest auth header using auth info
// auth info saved in ServiceClientBase for subsequent requests
client.AddDigestAuth(userName, password, authInfo);
}
}
internal static void AddDigestAuth(this WebRequest client, string userName, string password, AuthenticationInfo authInfo)
{
//Silverlight MD5 impl at: http://archive.msdn.microsoft.com/SilverlightMD5
#if !(SL5 || PCL || NETSTANDARD1_1)
// by adamfowleruk
// See Client Request at http://en.wikipedia.org/wiki/Digest_access_authentication
string ncUse = padNC(authInfo.nc);
authInfo.nc++; // incrememnt for subsequent requests
string ha1raw = userName + ":" + authInfo.realm + ":" + password;
string ha1 = CalculateMD5Hash(ha1raw);
string ha2raw = client.Method + ":" + client.RequestUri.PathAndQuery;
string ha2 = CalculateMD5Hash(ha2raw);
string md5rraw = ha1 + ":" + authInfo.nonce + ":" + ncUse + ":" + authInfo.cnonce + ":" + authInfo.qop + ":" + ha2;
string response = CalculateMD5Hash(md5rraw);
string header =
"Digest username=\"" + userName + "\", realm=\"" + authInfo.realm + "\", nonce=\"" + authInfo.nonce + "\", uri=\"" +
client.RequestUri.PathAndQuery + "\", cnonce=\"" + authInfo.cnonce + "\", nc=" + ncUse + ", qop=\"" + authInfo.qop + "\", response=\"" + response +
"\", opaque=\"" + authInfo.opaque + "\"";
client.Headers[HttpHeaders.Authorization] = header;
#else
throw new NotImplementedException();
#endif
}
internal static void AddDigestAuth(this WebRequest client, string userName, string password, AuthenticationInfo authInfo)
{
// by adamfowleruk
// See Client Request at http://en.wikipedia.org/wiki/Digest_access_authentication
string ncUse = padNC(authInfo.nc);
authInfo.nc++; // incrememnt for subsequent requests
string ha1raw = userName + ":" + authInfo.realm + ":" + password;
string ha1 = CalculateMD5Hash(ha1raw);
string ha2raw = client.Method + ":" + client.RequestUri.PathAndQuery;
string ha2 = CalculateMD5Hash(ha2raw);
string md5rraw = ha1 + ":" + authInfo.nonce + ":" + ncUse + ":" + authInfo.cnonce + ":" + authInfo.qop + ":" + ha2;
string response = CalculateMD5Hash(md5rraw);
string header =
"Digest username=\"" + userName + "\", realm=\"" + authInfo.realm + "\", nonce=\"" + authInfo.nonce + "\", uri=\"" +
client.RequestUri.PathAndQuery + "\", cnonce=\"" + authInfo.cnonce + "\", nc=" + ncUse + ", qop=\"" + authInfo.qop + "\", response=\"" + response +
"\", opaque=\"" + authInfo.opaque + "\"";
client.Headers [HttpHeaders.Authorization] = header;
}