private async Task <Payload> CreateAndValidatePayloadAsync(Rule rule, HttpRequest request) { var payloadContent = rule switch { GitHubRule gitHubRule => await ReadAndValidateContentFromGitHubAsync(gitHubRule, request), AzureDevOpsRule azureDevopsRule => await ReadAndValidateContentFromAzureDevOpsAsync(azureDevopsRule, request), _ => await ReadAndValidateContentFromGenericAsync(rule, request) }; var payload = new Payload(request.Headers, payloadContent); return(payload); }
private async Task <byte[]> ReadAndValidateContentFromAzureDevOpsAsync(AzureDevOpsRule rule, HttpRequest request) { var payloadContent = await ReadAndValidateContentFromGenericAsync(rule, request); var credentialHash = await GetSecretAsync(rule.CredentialHash); var credentialSalt = await GetSecretAsync(rule.CredentialSalt); var authorizationHeader = request.Headers["Authorization"].ToString(); var base64EncodedCredentials = authorizationHeader.Replace("Basic ", ""); var base64EncodedCredentialsWithSalt = $"{base64EncodedCredentials}{credentialSalt}"; var base64EncodedCredentialsWithSaltBytes = Encoding.UTF8.GetBytes(base64EncodedCredentialsWithSalt); var generatedCredentialHashBytes = sha256.ComputeHash(base64EncodedCredentialsWithSaltBytes); var generatedCredentialHash = Convert.ToBase64String(generatedCredentialHashBytes); if (credentialHash != generatedCredentialHash) { throw new RouterAuthorizationException("Credential validation failed."); } return(payloadContent); }
private async Task <byte[]> ReadAndValidateContentFromAzureDevOpsAsync(AzureDevOpsRule rule, HttpRequest request) { var payloadContent = await ReadAndValidateContentFromGenericAsync(rule, request); return(payloadContent); }