public async Task Sign(HttpRequestMessage request, DateTimeOffset timeOfSigning, TimeSpan expires) { if (request == null) { throw new ArgumentNullException(nameof(request)); } try { if (timeOfSigning > _systemClock.UtcNow) { throw new HttpMessageSigningException("Cannot create a signature that is created in the future."); } if (timeOfSigning.Add(expires) < _systemClock.UtcNow) { throw new HttpMessageSigningException("Cannot create a signature that has already expired."); } var clonedSettings = (SigningSettings)_signingSettings.Clone(); var onRequestSigningTask = _signingSettings.Events?.OnRequestSigning?.Invoke(request, clonedSettings); if (onRequestSigningTask != null) { await onRequestSigningTask.ConfigureAwait(continueOnCapturedContext : false); } _signingSettingsSanitizer.SanitizeHeaderNamesToInclude(clonedSettings, request); clonedSettings.Validate(); await _signatureHeaderEnsurer.EnsureHeader(request, clonedSettings, timeOfSigning).ConfigureAwait(continueOnCapturedContext: false); var signature = await _signatureCreator.CreateSignature(request, clonedSettings, timeOfSigning, expires).ConfigureAwait(continueOnCapturedContext: false); var onSignatureCreatedTask = _signingSettings.Events?.OnSignatureCreated?.Invoke(request, signature, clonedSettings); if (onSignatureCreatedTask != null) { await onSignatureCreatedTask.ConfigureAwait(continueOnCapturedContext : false); } var authParam = _authorizationHeaderParamCreator.CreateParam(signature); _logger?.LogDebug("Setting Authorization scheme to '{0}' and param to '{1}'.", clonedSettings.AuthorizationScheme, authParam); request.Headers.Authorization = new AuthenticationHeaderValue(clonedSettings.AuthorizationScheme, authParam); var onRequestSignedTask = _signingSettings.Events?.OnRequestSigned?.Invoke(request, signature, clonedSettings); if (onRequestSignedTask != null) { await onRequestSignedTask.ConfigureAwait(continueOnCapturedContext : false); } } catch (Exception ex) { _logger?.LogError(ex, "Could not sign the specified request. See inner exception."); throw; } }
public async Task <Signature> CreateSignature(HttpRequestMessage request, SigningSettings settings, DateTimeOffset timeOfSigning) { if (request == null) { throw new ArgumentNullException(nameof(request)); } if (settings == null) { throw new ArgumentNullException(nameof(settings)); } _signingSettingsSanitizer.SanitizeHeaderNamesToInclude(settings, request); settings.Validate(); var nonce = settings.EnableNonce ? _nonceGenerator.GenerateNonce() : null; var requestForSigning = request.ToRequestForSigning(); var signingString = _signingStringComposer.Compose( requestForSigning, settings.SignatureAlgorithm.Name, settings.Headers, timeOfSigning, settings.Expires, nonce); var eventTask = settings.Events?.OnSigningStringComposed?.Invoke(request, signingString); if (eventTask != null) { await eventTask; } _logger?.LogDebug("Composed the following signing string for request signing: {0}", signingString); var signatureHash = settings.SignatureAlgorithm.ComputeHash(signingString); var signatureString = _base64Converter.ToBase64(signatureHash); _logger?.LogDebug("The base64 hash of the signature string for signing is '{0}'.", signatureString); var signature = new Signature { KeyId = settings.KeyId, Algorithm = $"{settings.SignatureAlgorithm.Name.ToLowerInvariant()}-{settings.SignatureAlgorithm.HashAlgorithm.ToString().ToLowerInvariant()}", Created = timeOfSigning, Expires = timeOfSigning.Add(settings.Expires), Headers = settings.Headers, Nonce = nonce, String = signatureString }; return(signature); }