예제 #1
0
        public override void Challenge(HttpContext httpContext)
        {
            var header    = DigestHeader.Unauthorized();
            var parameter = header.ToString();

            base.ApplyChallenge(httpContext, parameter);
        }
예제 #2
0
        public static DigestHeader Create(string headerParams, string method)
        {
            var digestHeader = new DigestHeader {
                Method = method
            };
            var keyValuePairs = headerParams.Replace("\"", String.Empty);

            foreach (var keyValuePair in keyValuePairs.Split(','))
            {
                int index = keyValuePair.IndexOf("=");
                if (index < 0)
                {
                    continue;
                }


                var key   = keyValuePair.Substring(0, index).Trim();
                var value = keyValuePair.Substring(index + 1).Trim();

                switch (key)
                {
                case "username":
                    digestHeader.UserName = value;
                    break;

                case "realm":
                    digestHeader.Realm = value;
                    break;

                case "nonce":
                    digestHeader.Nonce = value;
                    break;

                case "uri":
                    digestHeader.Uri = value;
                    break;

                case "nc":
                    digestHeader.NounceCounter = value;
                    break;

                case "cnonce":
                    digestHeader.Cnonce = value;
                    break;

                case "response":
                    digestHeader.Response = value;
                    break;

                case "method":
                    digestHeader.Method = value;
                    break;
                }
            }

            return(digestHeader);
        }
예제 #3
0
        protected override async Task <ApplicationUser> GetUserInfo(string headParams, HttpContext httpContext)
        {
            ApplicationUser currentUser = null;
            var             header      = DigestHeader.Create(headParams, httpContext.Request.Method);
            string          userName    = header.UserName;

            if (DigestNonce.IsValid(header.Nonce, header.NounceCounter))
            {
                currentUser = await _userManager.FindByNameAsync(header.UserName);
            }
            return(currentUser);
        }
예제 #4
0
        /// <summary>
        ///
        /// </summary>
        /// <param name="actionContext"></param>
        /// <returns></returns>
        protected override async Task <string> CheckUserInfo(string headParams, HttpContext httpContext)
        {
            var    header   = DigestHeader.Create(headParams, httpContext.Request.Method);
            string userName = header.UserName;

            if (DigestNonce.IsValid(header.Nonce, header.NounceCounter))
            {
                var user = await _userManager.FindByNameAsync(header.UserName);

                //此处密码需要改为明文密码才可校验
                var password = user.PasswordHash;


                var hash1 = String.Format(
                    "{0}:{1}:{2}",
                    header.UserName,
                    header.Realm,
                    password).ToMd5Hash();

                //查询参数中不能有逗号
                var hash2 = String.Format(
                    "{0}:{1}",
                    header.Method,
                    header.Uri).ToMd5Hash();

                var computedResponse = String.Format(
                    "{0}:{1}:{2}:{3}:{4}:{5}",
                    hash1,
                    header.Nonce,
                    header.NounceCounter,
                    header.Cnonce,
                    "auth",
                    hash2).ToMd5Hash();

                return(header.Response.Equals(computedResponse, StringComparison.Ordinal)
                ? userName
                : null);
            }
            return(null);
        }