/// <summary> /// Creates the HTTP Authorization header in hawk scheme. /// </summary> internal async Task CreateClientAuthorizationInternalAsync(HttpRequestMessage request, DateTime utcNow) { var credential = credentialFunc(); this.artifacts = new ArtifactsContainer() { Id = credential.Id, Timestamp = utcNow.AddSeconds(HawkClient.CompensatorySeconds).ToUnixTime(), Nonce = NonceGenerator.Generate() }; if (!String.IsNullOrWhiteSpace(this.ApplicationSpecificData)) { this.artifacts.ApplicationSpecificData = this.ApplicationSpecificData; } var normalizedRequest = new NormalizedRequest(request, this.artifacts); this.crypto = new Cryptographer(normalizedRequest, this.artifacts, credential); // Sign the request await crypto.SignAsync(request.Content); request.Headers.Authorization = new AuthenticationHeaderValue( HawkConstants.Scheme, this.artifacts.ToAuthorizationHeaderParameter()); }
/// <summary> /// Creates the HTTP Authorization header in hawk scheme. /// </summary> internal async Task CreateClientAuthorizationInternalAsync(IRequestMessage request, DateTime utcNow) { var credential = options.CredentialsCallback(); this.artifacts = new ArtifactsContainer() { Id = credential.Id, Timestamp = utcNow.AddSeconds(HawkClient.CompensatorySeconds).ToUnixTime(), Nonce = NonceGenerator.Generate() }; if (options.NormalizationCallback != null) { this.artifacts.ApplicationSpecificData = options.NormalizationCallback(request); } var normalizedRequest = new NormalizedRequest(request, this.artifacts, options.HostNameSource); this.crypto = new Cryptographer(normalizedRequest, this.artifacts, credential); // Sign the request bool includePayloadHash = options.RequestPayloadHashabilityCallback != null && options.RequestPayloadHashabilityCallback(request); string payload = includePayloadHash ? await request.ReadBodyAsStringAsync() : null; crypto.Sign(payload, request.ContentType); request.Authorization = new AuthenticationHeaderValue(HawkConstants.Scheme, this.artifacts.ToAuthorizationHeaderParameter()); }
public void HttpsMustSetPortTo443() { var request = new HttpRequestMessage(); request.RequestUri = new Uri("https://server/api/values"); var normalizedRequest = new NormalizedRequest(new WebApiRequestMessage(request), null); PrivateObject po = new PrivateObject(normalizedRequest); var port = (string)po.GetField("port"); Assert.AreEqual("443", port); }
public void PortMustDefaultTo443ForHttpsWhenHostHeaderDoesNotContainPort() { var request = new HttpRequestMessage(); request.RequestUri = new Uri("https://server/api/values"); request.Headers.Host = "myhost"; var normalizedRequest = new NormalizedRequest(new WebApiRequestMessage(request), null); PrivateObject po = new PrivateObject(normalizedRequest); var port = (string)po.GetField("port"); Assert.AreEqual("443", port); }
public void HostAndPortMustMatchWhatIsInRequestWhenHostAndXffHeadersAreAbsent() { var request = new HttpRequestMessage(); request.RequestUri = new Uri("http://server/api/values"); var normalizedRequest = new NormalizedRequest(new WebApiRequestMessage(request), null); PrivateObject po = new PrivateObject(normalizedRequest); var hostName = (string)po.GetField("hostName"); var port = (string)po.GetField("port"); Assert.AreEqual("server", hostName); Assert.AreEqual("80", port); }
public void HostAndPortMustMatchWhatIsInHostHeaderWhenPresent() { var request = new HttpRequestMessage(); request.RequestUri = new Uri("http://server/api/values"); request.Headers.Host = "myhost:899"; var normalizedRequest = new NormalizedRequest(request, null); PrivateObject po = new PrivateObject(normalizedRequest); var hostName = (string)po.GetField("hostName"); var port = (string)po.GetField("port"); Assert.AreEqual("myhost", hostName); Assert.AreEqual("899", port); }
public void HostAndPortMustMatchWhatIsInXffHeaderWhenPresentContainingIpv6() { var request = new HttpRequestMessage(); request.RequestUri = new Uri("http://server/api/values"); request.Headers.Host = "myhost:899"; request.Headers.Add("X-Forwarded-For", "[111:111:111]:4444"); var normalizedRequest = new NormalizedRequest(new WebApiRequestMessage(request), null); PrivateObject po = new PrivateObject(normalizedRequest); var hostName = (string)po.GetField("hostName"); var port = (string)po.GetField("port"); Assert.AreEqual("[111:111:111]", hostName); Assert.AreEqual("4444", port); }
public void HostAndPortMustMatchWhatIsInTheFirstXffHeaderWhenMultipleXffHeadersArePresentWithIpv6Address() { var request = new HttpRequestMessage(); request.RequestUri = new Uri("http://server/api/values"); request.Headers.Host = "myhost:899"; request.Headers.Add("X-Forwarded-For", "[111:111:111]:1111"); request.Headers.Add("X-Forwarded-For", "[222:222:222]:2222"); // Same as "[111:111:111]:1111, [222:222:222]:2222" var normalizedRequest = new NormalizedRequest(new WebApiRequestMessage(request), null); PrivateObject po = new PrivateObject(normalizedRequest); var hostName = (string)po.GetField("hostName"); var port = (string)po.GetField("port"); Assert.AreEqual("[111:111:111]", hostName); Assert.AreEqual("1111", port); }
/// <summary> /// Creates the HTTP Authorization header in hawk scheme. /// </summary> internal async Task CreateClientAuthorizationInternalAsync(HttpRequestMessage request, DateTime utcNow) { var credential = credentialFunc(); this.artifacts = new ArtifactsContainer() { Id = credential.Id, Timestamp = utcNow.AddSeconds(HawkClient.CompensatorySeconds).ToUnixTime(), Nonce = NonceGenerator.Generate() }; if (!String.IsNullOrWhiteSpace(this.ApplicationSpecificData)) this.artifacts.ApplicationSpecificData = this.ApplicationSpecificData; var normalizedRequest = new NormalizedRequest(request, this.artifacts); this.crypto = new Cryptographer(normalizedRequest, this.artifacts, credential); // Sign the request await crypto.SignAsync(request.Content); request.Headers.Authorization = new AuthenticationHeaderValue( HawkConstants.Scheme, this.artifacts.ToAuthorizationHeaderParameter()); }