public void TryGettingSspiTicketTest() { using (var contextSender = new SspiContext($"host/{Environment.MachineName}", "negotiate")) using (var contextReceiver = new SspiContext($"host/{Environment.MachineName}", "negotiate")) { byte[] token = null; byte[] serverResponse = null; do { token = contextSender.RequestToken(serverResponse); Assert.IsNotNull(token); if (token != null && token.Length > 0) { contextReceiver.AcceptToken(token, out serverResponse); Assert.IsNotNull(serverResponse); } }while (token != null && token.Length > 0); var serverContext = NegotiationToken.Decode(serverResponse); Assert.IsNotNull(serverContext); Assert.IsNotNull(serverContext.ResponseToken); Assert.IsNull(serverContext.InitialToken); Assert.IsNotNull(contextSender.SessionKey); Assert.IsTrue(KerberosCryptoTransformer.AreEqualSlow(contextSender.SessionKey, contextReceiver.SessionKey)); } }
protected AccessTokenRequest(Uri requestUri, ClientCredentials credentials, NegotiationToken negociationToken, string verifierCode) { this.requestUri = requestUri; this.clientCredentials = credentials; this.negotiationToken = negociationToken; this.verifierCode = verifierCode; }
static void Main(string[] args) { Uri requestTokenEndPoint = new Uri(REQUEST_TOKEN_END_POINT); Uri authorizeEndPoint = new Uri(AUTHORIZE_END_POINT); Uri accessTokenEndPoint = new Uri(ACCESS_TOKEN_END_POINT); ClientCredentials credentials = new ClientCredentials(CLIENT_IDENTIFIER, CLIENT_SHARED_SECRET); try { NegotiationTokenRequest negotiationTokenRequest = NegotiationTokenRequest.Create(requestTokenEndPoint, credentials); NegotiationToken negotiationToken = negotiationTokenRequest.GetToken(); Console.WriteLine("Negotiation Token: " + negotiationToken.Value); Console.WriteLine("Negotiation Token Secret: " + negotiationToken.Secret); Uri authorizationUri = AuthorizationUri.Create(authorizeEndPoint, negotiationToken); Console.WriteLine(authorizationUri); Console.ReadLine(); // Wait for user authorization. AccessTokenRequest accessTokenRequest = AccessTokenRequest.Create(accessTokenEndPoint, credentials, negotiationToken); AccessToken accessToken = accessTokenRequest.GetToken(); Console.WriteLine("Access Token: " + accessToken.Value); Console.WriteLine("Access Token Secret: " + accessToken.Secret); } catch (WebException ex) { Console.WriteLine(new StreamReader(ex.Response.GetResponseStream()).ReadToEnd()); Environment.Exit(0); } }
public void RetrieveRequestToken() { Uri uri = new Uri("http://term.ie/oauth/example/request_token.php"); NegotiationTokenRequest request = NegotiationTokenRequest.Create(uri, credentials); NegotiationToken token = request.GetToken(); Assert.That(token.Value, Is.Not.Empty); Assert.That(token.Secret, Is.Not.Empty); }
public void RetrieveRequestToken() { Uri uri = new Uri(REQUEST_TOKEN_END_POINT); NegotiationTokenRequest request = NegotiationTokenRequest.Create(uri, credentials); NegotiationToken token = request.GetToken(); Assert.That(token.Value, Is.Not.Empty); Assert.That(token.Secret, Is.Not.Empty); }
internal void ProcessMessage(byte[] message, string source = null) { if (messageParsed) { return; } ResetLayout(); object parsedMessage = null; try { parsedMessage = MessageParser.Parse(message); } catch { } if (parsedMessage == null) { try { var nego = NegotiationToken.Decode(message); if (nego.ResponseToken != null) { parsedMessage = MessageParser.Parse(nego.ResponseToken.ResponseToken.Value); } } catch { } } if (parsedMessage is NtlmContextToken ntlm) { ProcessNtlm(ntlm, source); } else if (parsedMessage is NegotiateContextToken nego) { ProcessNegotiate(nego.Token, source); } else if (parsedMessage is KerberosContextToken kerb) { ProcessKerberos(kerb, source); } try { if (KdcProxyMessage.TryDecode(message, out KdcProxyMessage proxyMessage)) { ProcessKdcProxy(proxyMessage, source); } } catch { } }
public static Uri Create(Uri authorize, NegotiationToken negotiationToken) { UriBuilder builder = new UriBuilder(authorize); if (QueryStringContainsParameters(builder.Query)) { builder.Query = builder.Query.Substring(1) + "&" + OAuthTokenParameter(negotiationToken); } else { builder.Query = OAuthTokenParameter(negotiationToken); } return(builder.Uri); }
public static T DecodeNegotiationToken <T>(byte[] token) where T : class { var negotiationToken = new NegotiationToken(); negotiationToken.BerDecode(new Asn1DecodingBuffer(token)); var data = negotiationToken.GetData(); if (data is T) { return(data as T); } else { return(null); } }
public void SPNegoInitTokenRoundtrip() { NegotiationToken negToken = new NegotiationToken { InitialToken = new NegTokenInit { MechTypes = new Oid[] { new Oid(MechType.NTLM) }, MechToken = new byte[] { 0, 1, 2, 3, 4, 5, 6, 7 } } }; var encoded = negToken.Encode(); var decoded = NegotiationToken.Decode(encoded); Assert.IsNotNull(decoded); Assert.IsNotNull(decoded.InitialToken); Assert.IsNull(decoded.ResponseToken); }
public void ChoiceEncoding() { NegotiationToken negToken = new NegotiationToken { InitialToken = new NegTokenInit { MechTypes = new Oid[] { new Oid(MechType.NTLM) }, MechToken = new byte[] { 0, 1, 2, 3, 4, 5, 6, 7 } }, ResponseToken = new NegTokenResp { State = NegotiateState.Rejected, SupportedMech = new Oid(MechType.NTLM), ResponseToken = new byte[] { 7, 6, 5, 4, 3, 2, 1, 0 } } }; negToken.Encode(); }
public void SPNegoResponseTokenRoundtrip() { NegotiationToken negToken = new NegotiationToken { ResponseToken = new NegTokenResp { State = NegotiateState.Rejected, SupportedMech = new Oid(MechType.NTLM), ResponseToken = new byte[] { 7, 6, 5, 4, 3, 2, 1, 0 } } }; var encoded = negToken.Encode(); var decoded = NegotiationToken.Decode(encoded); Assert.IsNotNull(decoded); Assert.IsNull(decoded.InitialToken); Assert.IsNotNull(decoded.ResponseToken); }
public static byte[] EncodeInitialNegToken(byte[] token, KerberosConstValue.OidPkt oidPkt) { int[] oidInt; if (oidPkt == KerberosConstValue.OidPkt.KerberosToken) { oidInt = KerberosConstValue.GetKerberosOidInt(); } else if (oidPkt == KerberosConstValue.OidPkt.MSKerberosToken) { oidInt = KerberosConstValue.GetMsKerberosOidInt(); } else { throw new NotSupportedException("oid not support"); } MechTypeList mechTypeList = new MechTypeList( new MechType[] { new MechType(oidInt) } ); Asn1OctetString octetString = new Asn1OctetString(token); NegTokenInit init = new NegTokenInit(mechTypeList, null, new Asn1OctetString(octetString.ByteArrayValue), new Asn1OctetString((byte[])null)); NegotiationToken negToken = new NegotiationToken(NegotiationToken.negTokenInit, init); MechType spnegoMech = new MechType(KerberosConstValue.GetSpngOidInt()); InitialNegToken initToken = new InitialNegToken(spnegoMech, negToken); Asn1BerEncodingBuffer buffer = new Asn1BerEncodingBuffer(); initToken.BerEncode(buffer); return(buffer.Data); }
public static byte[] DecodeNegotiationToken(byte[] token) { NegotiationToken decoder = new NegotiationToken(); decoder.BerDecode(new Asn1DecodingBuffer(token)); Asn1Object type = decoder.GetData(); switch (decoder.SelectedChoice) { case NegotiationToken.negTokenInit: return(((NegTokenInit)type).mechToken.ByteArrayValue); case NegotiationToken.negTokenResp: return(((NegTokenResp)type).responseToken.ByteArrayValue); case NegotiationToken.negTokenInit2: return(((NegTokenInit2)type).mechToken.ByteArrayValue); default: return(null); } }
public void TryGettingSspiTicketTest() { using (var contextSender = new SspiContext($"host/{Environment.MachineName}", "Negotiate")) using (var contextReceiver = new SspiContext($"host/{Environment.MachineName}", "Negotiate")) { var token = contextSender.RequestToken(); Assert.IsNotNull(token); var contextToken = MessageParser.Parse <NegotiateContextToken>(token); Assert.IsNotNull(contextToken); contextReceiver.AcceptToken(token, out byte[] serverResponse); Assert.IsNotNull(serverResponse); var serverContext = NegotiationToken.Decode(serverResponse); Assert.IsNotNull(serverContext); Assert.IsNotNull(serverContext.ResponseToken); Assert.IsNull(serverContext.InitialToken); } }
public static AccessTokenRequest Create(Uri requestUri, ClientCredentials credentials, NegotiationToken negociationToken, string verifierCode) { return(new AccessTokenRequest(requestUri, credentials, negociationToken, verifierCode)); }
private void ProcessNegotiate(NegotiationToken token, string source) { var parsed = MessageParser.Parse(token.InitialToken.MechToken.Value); ExplodeObject(parsed, $"Kerberos Message ({source})"); }
public static AccessTokenRequest Create(Uri requestUri, ClientCredentials credentials, NegotiationToken negociationToken) { return(new AccessTokenRequest(requestUri, credentials, negociationToken, "")); }
public static Uri Create(string authorize, NegotiationToken negotiationToken) { return(Create(new Uri(authorize), negotiationToken)); }
private static string OAuthTokenParameter(NegotiationToken negotiationToken) { return(AuthorizationHeaderFields.TOKEN + "=" + negotiationToken.Value); }