protected async override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
var client = new HawkClient(this.credentialsCallback);
if (this.normalizationCallback != null)
{
client.ApplicationSpecificData = this.normalizationCallback(request);
}
await client.CreateClientAuthorizationAsync(request);
var response = await base.SendAsync(request, cancellationToken);
if (!await client.AuthenticateAsync(response))
{
throw new SecurityException("Invalid Mac and/or hash. Response possibly tampered.");
}
bool isValidAppSpecificData = this.verificationCallback == null ||
this.verificationCallback(response, client.WebApiSpecificData);
if (!isValidAppSpecificData)
{
throw new SecurityException("Invalid Application Specific Data");
}
return(response);
}
protected async override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
var client = new HawkClient(options);
await client.CreateClientAuthorizationAsync(new WebApiRequestMessage(request));
var response = await base.SendAsync(request, cancellationToken);
var responseMessage = new WebApiResponseMessage(response);
if (!await client.AuthenticateAsync(responseMessage))
throw new SecurityException("Invalid Mac and/or hash. Response possibly tampered.");
return response;
}
static void Main(string[] args)
{
string uri = "http://localhost:12345/values";
var credential = new Credential()
{
Id = "dh37fgj492je",
Algorithm = SupportedAlgorithms.SHA256,
User = "******",
Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn"
};
// GET and POST using the Authorization header
var options = new ClientOptions()
{
CredentialsCallback = () => credential,
RequestPayloadHashabilityCallback = (r) => true,
NormalizationCallback = (req) =>
{
string name = "X-Request-Header-To-Protect";
return req.Headers.ContainsKey(name) ?
name + ":" + req.Headers[name].First() : null;
}
};
var handler = new HawkValidationHandler(options);
HttpClient client = HttpClientFactory.Create(handler);
client.DefaultRequestHeaders.Add("X-Request-Header-To-Protect", "secret");
var response = client.GetAsync(uri).Result;
Console.WriteLine(response.Content.ReadAsStringAsync().Result);
response = client.PostAsJsonAsync(uri, credential.User).Result;
Console.WriteLine(response.Content.ReadAsStringAsync().Result);
// GET using Bewit
var hawkClient = new HawkClient(options);
var request = new HttpRequestMessage() { RequestUri = new Uri(uri) };
string bewit = hawkClient.CreateBewit(new WebApiRequestMessage(request),
lifeSeconds: 60);
// Bewit is handed off to a client needing temporary access to the resource.
var clientNeedingTempAccess = new WebClient();
var resource = clientNeedingTempAccess.DownloadString(uri + "?bewit=" + bewit);
Console.WriteLine(resource);
Console.Read();
}
protected async override Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
{
var client = new HawkClient(options);
await client.CreateClientAuthorizationAsync(new WebApiRequestMessage(request));
var response = await base.SendAsync(request, cancellationToken);
var responseMessage = new WebApiResponseMessage(response);
if (!await client.AuthenticateAsync(responseMessage))
{
throw new SecurityException("Invalid Mac and/or hash. Response possibly tampered.");
}
return(response);
}
