예제 #1
0
 public override void ParseAccessPolicyFields(bool isDoubleSigned)
 {
     try
     {
         this.ValidateAndSetSASVersionToUse(base.QueryParams["sv"]);
         base.ParseAccessPolicyFields(false);
         string str = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(base.QueryParams);
         base.ValidateOptionalField(str, "sk");
         if (str != null)
         {
             base.KeyName = str.Trim();
             Logger <IRestProtocolHeadLogger> .Instance.Verbose.Log("Using secret key with KeyName '{0}' to authenticate SAS request.", new object[] { base.KeyName });
         }
         string item = base.QueryParams["ss"];
         base.ValidateMandatoryField(item, "ss");
         this.SignedService = AccountSasHelper.ParseSasService(item);
         string item1 = base.QueryParams["srt"];
         base.ValidateMandatoryField(item1, "srt");
         this.SignedResourceType = AccountSasHelper.ParseSasResourceType(item1);
         string str1 = base.QueryParams["sig"];
         base.ValidateMandatoryField(str1, "sig");
         base.ValidateSignatureFormat(str1);
         base.Signature = str1;
         string item2 = base.QueryParams["sp"];
         base.ValidateMandatoryField(item2, "sp");
         base.SignedPermission = new SASPermission?(AccountSasHelper.ParsePermissionsForAccountSas(item2));
     }
     catch (FormatException formatException)
     {
         throw new AuthenticationFailureException("Signature fields not well formed.", formatException);
     }
 }
예제 #2
0
 public override void ParseAccessPolicyFields(bool isDoubleSigned)
 {
     try
     {
         if (isDoubleSigned)
         {
             string str = base.ExtractSignedAuthorization(base.RequestContext);
             base.ValidateMandatoryField(str, "SignedKey");
             base.ValidateSignedAuthorizationFormat(str);
         }
         else
         {
             string item = base.QueryParams["sig"];
             base.ValidateMandatoryField(item, "sig");
             base.ValidateSignatureFormat(item);
             base.Signature = item;
         }
         string item1 = base.QueryParams["si"];
         base.ValidateOptionalField(item1, "si");
         base.SignedIdentifier = item1;
         string str1 = base.QueryParams["sv"];
         base.ValidateMandatoryField(str1, "sv");
         this.ValidateSASVersion(str1);
         base.ParseAccessPolicyFields(isDoubleSigned);
         string item2 = base.QueryParams["sp"];
         if (!base.IsRevocableAccess)
         {
             base.ValidateMandatoryField(item2, "sp");
             SASUtilities.ValidatePermissionOrdering(item2, SASPermission.Queue);
             base.SignedPermission = new SASPermission?(SASUtilities.ParseSASPermission(item2));
         }
         else
         {
             base.ValidateOptionalField(item2, "sp");
             if (item2 != null)
             {
                 SASUtilities.ValidatePermissionOrdering(item2, SASPermission.Queue);
                 base.SignedPermission = new SASPermission?(SASUtilities.ParseSASPermission(item2));
             }
         }
         string str2 = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(base.QueryParams);
         base.ValidateOptionalField(str2, "sk");
         if (str2 != null)
         {
             base.KeyName = str2.Trim();
             Logger <IRestProtocolHeadLogger> .Instance.Verbose.Log("Using secret key with KeyName '{0}' to authenticate SAS request.", new object[] { base.KeyName });
         }
     }
     catch (FormatException formatException)
     {
         throw new AuthenticationFailureException("Signature fields not well formed.", formatException);
     }
 }
예제 #3
0
        public static AuthDataEntry SignedKeyAuthenticate(string stringToSign, string requestSignature, AuthenticationInformation authInfo)
        {
            AuthDataEntry authDataEntry;

            NephosAssertionException.Assert(!string.IsNullOrEmpty(stringToSign));
            NephosAssertionException.Assert(!string.IsNullOrEmpty(requestSignature));
            NephosAssertionException.Assert(authInfo != null);
            RequestContext      requestContext  = authInfo.RequestContext;
            NephosUriComponents uriComponents   = authInfo.UriComponents;
            NameValueCollection queryParameters = requestContext.QueryParameters;
            string item  = queryParameters["st"];
            string str   = queryParameters["se"];
            string item1 = queryParameters["sp"];
            string str1  = queryParameters["si"];
            string item2 = queryParameters["sip"];
            string str2  = queryParameters["spr"];
            string item3 = queryParameters["sv"];
            string str3  = queryParameters["tn"];
            string item4 = queryParameters["spk"];
            string str4  = queryParameters["srk"];
            string item5 = queryParameters["epk"];
            string str5  = queryParameters["erk"];
            string item6 = queryParameters["sep"];

            byte[] sign = TableSignedAccessHelper.ComputeUrlDecodedUtf8EncodedStringToSign(item, str, item1, str1, item2, str2, item3, str3, item4, str4, item5, str5, item6, uriComponents);
            authInfo.AuthKeyName = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(queryParameters);
            using (IEnumerator <AuthDataEntry> enumerator = SharedKeyAuthInfoHelper.GetSharedKeys(authInfo).GetEnumerator())
            {
                while (enumerator.MoveNext())
                {
                    AuthDataEntry current  = enumerator.Current;
                    byte[]        numArray = SASUtilities.ComputeSignedKey(sign, current.AuthValue);
                    if (!SASUtilities.ComputeSignatureAndCompare((new UTF8Encoding()).GetBytes(stringToSign), numArray, requestSignature))
                    {
                        continue;
                    }
                    authDataEntry = current;
                    return(authDataEntry);
                }
                CultureInfo invariantCulture = CultureInfo.InvariantCulture;
                object[]    objArray         = new object[] { requestSignature, stringToSign };
                throw new AuthenticationFailureException(string.Format(invariantCulture, "The MAC signature found in the HTTP request '{0}' is not the same as any computed signature. Server used following string to sign: '{1}'.", objArray));
            }
            return(authDataEntry);
        }
예제 #4
0
 public override void ParseAccessPolicyFields(bool isDoubleSigned)
 {
     try
     {
         if (isDoubleSigned)
         {
             string str = base.ExtractSignedAuthorization(base.RequestContext);
             base.ValidateMandatoryField(str, "SignedKey");
             base.ValidateSignedAuthorizationFormat(str);
         }
         else
         {
             string item = base.QueryParams["sig"];
             base.ValidateMandatoryField(item, "sig");
             base.ValidateSignatureFormat(item);
             base.Signature = item;
         }
         string item1 = base.QueryParams["si"];
         base.ValidateOptionalField(item1, "si");
         base.SignedIdentifier = item1;
         string str1 = base.QueryParams["tn"];
         base.ValidateMandatoryField(str1, "tn");
         this.TableName = str1.ToLower();
         string item2 = base.QueryParams["spk"];
         this.StartingPartitionKey = item2;
         string str2 = base.QueryParams["srk"];
         if (item2 == null && str2 != null)
         {
             throw new AuthenticationFailureException(string.Format("{0} is required when {1} is provided.", "srk", "spk"));
         }
         this.StartingRowKey = str2;
         string item3 = base.QueryParams["epk"];
         this.EndingPartitionKey = item3;
         string str3 = base.QueryParams["erk"];
         if (item3 == null && str3 != null)
         {
             throw new AuthenticationFailureException(string.Format("{0} is required when {1} is provided.", "erk", "epk"));
         }
         this.EndingRowKey = str3;
         string item4 = base.QueryParams["sv"];
         base.ValidateMandatoryField(item4, "sv");
         this.ValidateSASVersion(item4);
         base.ParseAccessPolicyFields(isDoubleSigned);
         string str4 = base.QueryParams["sp"];
         if (!base.IsRevocableAccess)
         {
             base.ValidateMandatoryField(str4, "sp");
             SASUtilities.ValidatePermissionOrdering(str4, SASPermission.Table);
             base.SignedPermission = new SASPermission?(SASUtilities.ParseSASPermission(str4));
         }
         else
         {
             base.ValidateOptionalField(str4, "sp");
             if (str4 != null)
             {
                 SASUtilities.ValidatePermissionOrdering(str4, SASPermission.Table);
                 base.SignedPermission = new SASPermission?(SASUtilities.ParseSASPermission(str4));
             }
         }
         string str5 = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(base.QueryParams);
         base.ValidateOptionalField(str5, "sk");
         if (str5 != null)
         {
             base.KeyName = str5.Trim();
             Logger <IRestProtocolHeadLogger> .Instance.Verbose.Log("Using secret key with KeyName '{0}' to authenticate SAS request.", new object[] { base.KeyName });
         }
     }
     catch (FormatException formatException)
     {
         throw new AuthenticationFailureException("Signature fields not well formed.", formatException);
     }
 }
예제 #5
0
 public static string GetStringToSignForStandardSignedKeyAuth(RequestContext requestContext, NephosUriComponents uriComponents, SupportedAuthScheme requestAuthScheme, bool isFileService = false)
 {
     return(AuthenticationManagerHelper.GetStringToSignForStandardSharedKeyAuth(requestContext, uriComponents, SupportedAuthScheme.SharedKey, isFileService));
 }