Exemplo n.º 1
0
        /// <summary>
        /// 生成预签名头信息
        /// </summary>
        /// <param name="builder">http 请求信息</param>
        /// <param name="contentSha256">http  content  计算过 hmac sha256 的内容信息</param>
        /// <returns>预签名头信息字符串</returns>
        private string CreateCanonicalRequest(SdkHttpFullRequestBuilder builder, string contentSha256)
        {
            string parameters = builder.GetParameters();

#if NET35
            if (!string.IsNullOrEmpty(parameters) && !string.IsNullOrEmpty(parameters.Trim()))
#else
            if (!string.IsNullOrWhiteSpace(parameters))
#endif
            {
                if (parameters.StartsWith("?"))
                {
                    parameters = parameters.Substring(1);
                }
            }
            string path             = SdkHttpUtils.AppendUri(builder.GetEndpoint().AbsolutePath, builder.GetResourcePath());
            string canonicalRequest = new StringBuilder(builder.GetHttpMethod().ToString().ToUpper())
                                      .Append(ParameterConstant.LINE_SEPARATOR)
                                      .Append(GetCanonicalizedResourcePath(path, _doubleUrlEncode))
                                      .Append(ParameterConstant.LINE_SEPARATOR)
                                      .Append(parameters)
                                      .Append(ParameterConstant.LINE_SEPARATOR)
                                      .Append(GetCanonicalizedHeaderString(builder))
                                      .Append(ParameterConstant.LINE_SEPARATOR)
                                      .Append(GetSignedHeadersString(builder))
                                      .Append(ParameterConstant.LINE_SEPARATOR)
                                      .Append(contentSha256)
                                      .ToString();

            return(canonicalRequest);
        }
Exemplo n.º 2
0
        /// <summary>
        /// 获取规范化的头信息
        /// </summary>
        /// <param name="builder">http 请求信息</param>
        /// <returns>规范化头信息字符串</returns>
        private string GetCanonicalizedHeaderString(SdkHttpFullRequestBuilder builder)
        {
            var           headers       = builder.GetHeaders();
            var           keys          = headers.Keys;
            List <string> keysList      = keys.ToList().OrderBy(p => p.ToLower(CultureInfo.GetCultureInfo("en-US"))).ToList();
            StringBuilder stringBuilder = new StringBuilder();

            foreach (var item in keysList)
            {
                if (ShouldExcludeHeaderFromSigning(item))
                {
                    continue;
                }
                string key = item.ToLower(CultureInfo.GetCultureInfo("en-US"));

                foreach (var headerValue in headers[item])
                {
                    string headerCompactedValue = StringUtils.AppendCompactedString(key);
                    stringBuilder.Append(key).Append(":");
                    if (headerValue != null)
                    {
                        string headerValueCompactedValue = StringUtils.AppendCompactedString(headerValue);
                        stringBuilder.Append(headerValueCompactedValue);
                    }
                    stringBuilder.Append("\n");
                }
            }


            return(stringBuilder.ToString());
        }
Exemplo n.º 3
0
        /// <summary>
        /// 构建Authorization头信息
        /// </summary>
        /// <param name="builder">请求参数封装信息</param>
        /// <param name="signature">签名信息</param>
        /// <param name="credentials">证书信息</param>
        /// <param name="signerParams">签名参数信息</param>
        /// <returns>http头 Authorization 信息字符串</returns>
        private string BuildAuthorizationHeader(SdkHttpFullRequestBuilder builder, byte[] signature, ICredentials credentials,
                                                SignerRequestParams signerParams)
        {
            string signingCredentials = credentials.AccessKeyId() + "/" + signerParams.Scope;
            string credential         = "Credential=" + signingCredentials;
            string signerHeaders      = "SignedHeaders=" + GetSignedHeadersString(builder);
            string signatureHeader    = "Signature=" + StringUtils.ByteToHex(signature, true);

            return(new StringBuilder().Append(ParameterConstant.JDCLOUD2_SIGNING_ALGORITHM)
                   .Append(" ")
                   .Append(credential)
                   .Append(", ")
                   .Append(signerHeaders)
                   .Append(", ")
                   .Append(signatureHeader)
                   .ToString());
        }
Exemplo n.º 4
0
        /// <summary>
        /// 添加头信息
        /// </summary>
        /// <param name="builder">http请求信息</param>
        private void AddHostHeader(ref SdkHttpFullRequestBuilder builder)
        {
            var endPoint = builder.GetEndpoint();

            if (endPoint == null)
            {
                throw new ArgumentNullException(" can not get the uri from de SdkHttpFullRequestBuilder , please check the param set ");
            }
            StringBuilder hostHeaderBuilder = new StringBuilder(endPoint.Host);

            if (SdkHttpUtils.IsUsingNonDefaultPort(endPoint))
            {
                hostHeaderBuilder.Append(":").Append(endPoint.Port);
            }

            builder.Header(ParameterConstant.HOST, hostHeaderBuilder.ToString());
            string contentSha256 = CalculateContentHash(builder);
        }
Exemplo n.º 5
0
        /// <summary>
        /// 生成签名头信息字符串
        /// </summary>
        /// <param name="builder">http 请求信息</param>
        /// <returns>签名头信息字符串</returns>
        private string GetSignedHeadersString(SdkHttpFullRequestBuilder builder)
        {
            var           headers       = builder.GetHeaders();
            var           keys          = headers.Keys;
            List <string> keysList      = keys.ToList().OrderBy(p => p.ToLower(CultureInfo.GetCultureInfo("en-US"))).ToList();
            StringBuilder stringBuilder = new StringBuilder();

            foreach (String header in keysList)
            {
                if (ShouldExcludeHeaderFromSigning(header))
                {
                    continue;
                }
                if (stringBuilder.Length > 0)
                {
                    stringBuilder.Append(";");
                }
                stringBuilder.Append(header.ToLower(CultureInfo.GetCultureInfo("en-US")));
            }
            return(stringBuilder.ToString());
        }
Exemplo n.º 6
0
        /// <summary>
        /// 计算http content SHA256 hash 校验值
        /// </summary>
        /// <param name="builder">http  请求信息</param>
        /// <returns>计算后的16进制加密的 content 信息</returns>
        protected string CalculateContentHash(SdkHttpFullRequestBuilder builder)
        {
            try
            {
                string content = builder.GetContent();
#if NET35
                if (string.IsNullOrEmpty(content) || string.IsNullOrEmpty(content.Trim()))
#else
                if (string.IsNullOrWhiteSpace(content))
#endif
                {
                    content = string.Empty;
                }
                string contentSha256 = StringUtils.ByteToHex(SignHash(content), true);
                return(contentSha256);
            }
            catch (Exception ex)
            {
                throw new Exception("get the request content sha256 error", ex);
            }
        }
Exemplo n.º 7
0
        /// <summary>
        /// 签名的具体实现
        /// </summary>
        /// <param name="builder">http请求信息</param>
        /// <param name="credentials">证书信息</param>
        /// <returns>请求后的http 信息</returns>
        private SdkHttpFullRequestBuilder DoSign(SdkHttpFullRequestBuilder builder, Credentials credentials)
        {
            Credentials sanitizedCredentials = SanitizeCredentials(credentials);

            if (credentials.GetType() == typeof(SessionCredentials))
            {
                AddSessionCredentials(builder, (SessionCredentials)credentials);
            }
            //20180627T065220Z
            //_overrddenDate = new DateTime(2018,6,27,6, 52, 20);
            SignerRequestParams signerRequestParams = new SignerRequestParams(builder, _overrddenDate,
                                                                              RegionName, ServiceName, ParameterConstant.JDCLOUD2_SIGNING_ALGORITHM);

            // SignerRequestParams
            AddHostHeader(ref builder);
            builder.Header(ParameterConstant.X_JDCLOUD_DATE, signerRequestParams.FormattedSigningDateTime);
            string contentSha256 = string.Empty;

            if (builder.GetHeaders() != null && builder.GetHeaders().ContainsKey(ParameterConstant.X_JDCLOUD_CONTENT_SHA256) &&
                builder.GetHeaders()[ParameterConstant.X_JDCLOUD_CONTENT_SHA256] != null &&
                builder.GetHeaders()[ParameterConstant.X_JDCLOUD_CONTENT_SHA256].Count > 0)
            {
                contentSha256 = builder.GetHeaders()[ParameterConstant.X_JDCLOUD_CONTENT_SHA256][0];
            }
            else
            {
                contentSha256 = CalculateContentHash(builder);
            }
            string canonicalRequest = CreateCanonicalRequest(builder, contentSha256);
            string stringToSign     = CreateStringToSign(canonicalRequest, signerRequestParams);

            byte[] signingKey = deriveSigningKey(credentials, signerRequestParams);
            byte[] signature  = ComputeSignature(stringToSign, signingKey);
            builder.Header(ParameterConstant.AUTHORIZATION, BuildAuthorizationHeader(builder, signature, credentials, signerRequestParams));

            return(builder);
        }
Exemplo n.º 8
0
        /// <summary>
        ///  进行签名操作
        /// </summary>
        /// <param name="signRequest">http请求信息</param>
        /// <returns>返回签名后的需要添加的HTTP header 信息</returns>
        public Dictionary <string, string> Sign(SignRequest signRequest)
        {
            Dictionary <string, string> header = new Dictionary <string, string>();

            // v4signer
            JdCloudSigner signer = new JdCloudSigner();

            signer.SetRegionName(signRequest.Region);
            signer.SetServiceName(signRequest.ServiceName);

            String nonceId = Guid.NewGuid().ToString().ToLower();

            //the default http request mothed is `GET`
            SdkHttpMethod method = SdkHttpMethod.GET;

#if NET35
            if (!string.IsNullOrEmpty(signRequest.RequestMothed) && !string.IsNullOrEmpty(signRequest.RequestMothed.Trim()))
            {
                method = (SdkHttpMethod)Enum.Parse(typeof(SdkHttpMethod), signRequest.RequestMothed.ToUpper());
            }
#else
            if (!string.IsNullOrWhiteSpace(signRequest.RequestMothed))
            {
                if (!Enum.TryParse <SdkHttpMethod>(signRequest.RequestMothed.ToUpper(), out method))
                {
                    throw new ArgumentException("the http request mothed cast fail , not support .");
                }
            }
#endif

            Uri endPoint = new Uri(signRequest.Host);
            // Builder
#if NET35
            string signRequestContent            = string.IsNullOrEmpty(signRequest.RequestContent) || string.IsNullOrEmpty(signRequest.RequestContent.Trim()) ? null : signRequest.RequestContent;
            SdkHttpFullRequestBuilder reqBuilder = DefaultSdkHttpFullRequest.Builder()
                                                   .HttpMethod(method)
                                                   .Endpoint(endPoint)
                                                   .ResourcePath(SdkHttpUtils.UrlEncode(signRequest.Path, true))
                                                   .Header(ParameterConstant.X_JDCLOUD_NONCE, nonceId)
                                                   // .Header(ParameterConstant.CONTENT_TYPE, signRequest.ContentType)
                                                   .Content(signRequestContent)
                                                   .QueryParameter(signRequest.QueryParam);
#else
            SdkHttpFullRequestBuilder reqBuilder = DefaultSdkHttpFullRequest.Builder()
                                                   .HttpMethod(method)
                                                   .Endpoint(endPoint)
                                                   .ResourcePath(SdkHttpUtils.UrlEncode(signRequest.Path, true))
                                                   .Header(ParameterConstant.X_JDCLOUD_NONCE, nonceId)
                                                   // .Header(ParameterConstant.CONTENT_TYPE, signRequest.ContentType)
                                                   .Content(string.IsNullOrWhiteSpace(signRequest.RequestContent) ? null : signRequest.RequestContent)
                                                   .QueryParameter(signRequest.QueryParam);
#endif
            //对http header 进行处理, 如果 请求为get head delete 默认不放置content-type 签名内不包含content-type
            if (method != SdkHttpMethod.GET && method != SdkHttpMethod.DELETE && method != SdkHttpMethod.HEAD)
            {
                reqBuilder.Header(ParameterConstant.CONTENT_TYPE, signRequest.ContentType);
                header.Add(ParameterConstant.CONTENT_TYPE, signRequest.ContentType);
            }


            // sign
            SdkHttpFullRequest signed = signer.Sign(reqBuilder, new Credentials(signRequest.Credentials.AccessKeyId(), signRequest.Credentials.SecretAccessKey()));

            var signedHeader = signed.GetHeaders();
            header.Add(ParameterConstant.X_JDCLOUD_NONCE, nonceId);
            header.Add(ParameterConstant.X_JDCLOUD_DATE, signedHeader[ParameterConstant.X_JDCLOUD_DATE][0]);
            header.Add(ParameterConstant.AUTHORIZATION, signedHeader[ParameterConstant.AUTHORIZATION][0]);

            foreach (var item in signedHeader)
            {
                if (!header.ContainsKey(item.Key))
                {
                    header.Add(item.Key, item.Value[0]);
                }
            }
            return(header);
        }
Exemplo n.º 9
0
 /// <summary>
 /// Adds session credentials to the request given.
 /// </summary>
 /// <param name="mutableRequest">request 构建对象</param>
 /// <param name="credentials">session 认证的 akey 和 skey 信息</param>
 protected abstract void AddSessionCredentials(SdkHttpFullRequestBuilder mutableRequest,
                                               SessionCredentials credentials);
Exemplo n.º 10
0
 /// <summary>
 /// 进行签名调用的方法
 /// </summary>
 /// <param name="builder">request 构建对象</param>
 /// <param name="credentials">认证的akey 和 skey 信息</param>
 /// <returns>返回签名后的http 请求信息</returns>
 public abstract SdkHttpFullRequest Sign(SdkHttpFullRequestBuilder builder, Credentials credentials);
Exemplo n.º 11
0
 /// <summary>
 /// 添加session 认证信息
 /// </summary>
 /// <param name="mutableRequest">http请求信息</param>
 /// <param name="credentials">session 认证信息</param>
 protected override void AddSessionCredentials(SdkHttpFullRequestBuilder mutableRequest, SessionCredentials credentials)
 {
     mutableRequest.Header(ParameterConstant.X_JDCLOUD_SECURITY_TOKEN, credentials.SessionToken());
 }
Exemplo n.º 12
0
 /// <summary>
 /// 进行签名
 /// </summary>
 /// <param name="builder">http 请求使用的信息</param>
 /// <param name="credentials">请求的认证信息</param>
 /// <returns>签名后得到的http 请求信息</returns>
 public override SdkHttpFullRequest Sign(SdkHttpFullRequestBuilder builder, Credentials credentials)
 {
     return(DoSign(builder, credentials).Build());
 }