/// <summary>This is the main code to sign a request.</summary> /// <param name="requestMessage">An HttpRequestMessage to be signed.</param> public void SignRequest(HttpRequestMessage requestMessage) { HttpMethod httpMethod = requestMessage.Method; HttpRequestHeaders httpHeaders = requestMessage.Headers; HttpContent body = requestMessage.Content; string requestMethodKey = httpMethod.Method.ToLowerInvariant(); // Verify if the http request Method is supported. if (!signingStrategy.RequiredHeaders.TryGetValue(requestMethodKey, out var requiredHeaders)) { throw new ArgumentException($"Http Request Method not found: {requestMethodKey}"); } var headersToSign = requiredHeaders.ToList(); // Add any missing required headers. SigningUtils.AddMissingHeaders(requestMessage, headersToSign); // Calculate the Signing string. var signingString = SigningUtils.CalculateStringToSign(requestMessage, headersToSign); logger.Debug($"signing string is {signingString}"); var bytes = Encoding.UTF8.GetBytes(signingString); this.signer.BlockUpdate(bytes, 0, bytes.Length); var signature = Convert.ToBase64String(this.signer.GenerateSignature()); var authorization = SigningUtils.CalculateAuthorization(headersToSign, SIGNATURE_VERSION, this.keyId, SIGNATURE_ALGORITHM, signature); httpHeaders.Add(Constants.AUTHORIZATION_HEADER, authorization); }
/// <summary>This is the main code to sign a request.</summary> /// <param name="requestMessage">An HttpRequestMessage to be signed.</param> public override void SignRequest(HttpRequestMessage requestMessage) { HttpMethod httpMethod = requestMessage.Method; HttpRequestHeaders httpHeaders = requestMessage.Headers; HttpContent body = requestMessage.Content; string requestMethodKey = httpMethod.Method.ToLowerInvariant(); // Verify if the http request Method is supported. if (!signingStrategy.RequiredHeaders.TryGetValue(requestMethodKey, out var requiredHeaders)) { throw new ArgumentException($"Http Request Method not found: {requestMethodKey}"); } var headersToSign = requiredHeaders.ToList(); //Add the Instance OBO User delegation token to request headers if the auth details provider implements IUserDelegationDetailsProvider and //if a token is available. var delegationToken = (AuthDetailsProvider as IUserDelegationDetailsProvider)?.GetDelegationToken(); if (delegationToken != null) { logger.Debug($"Adding {Constants.OPC_OBO_TOKEN} to request headers"); requestMessage.Headers.TryAddWithoutValidation(Constants.OPC_OBO_TOKEN, delegationToken); } // For PUT and POST, if the body is empty we still must explicitly set content-length = 0 and x-content-sha256. // The caller may already do this, but we shouldn't require it since we can determine it here. if (body == null && (string.Equals(requestMethodKey, "post") || string.Equals(requestMethodKey, "put"))) { requestMessage.Content = new StringContent(""); requestMessage.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json"); requestMessage.Content.Headers.TryAddWithoutValidation(Constants.CONTENT_LENGTH, "0"); requestMessage.Content.Headers.TryAddWithoutValidation(Constants.X_CONTENT_SHA256, Convert.ToBase64String(SHA256.Create().ComputeHash(new byte[0]))); } // Few requests accept Constants.OPTIONAL_HEADERS_NAMES headers. In such cases, if the request contains any of the optional headers, // we need to include them in request signature. if (signingStrategy.OptionalHeaders.TryGetValue(requestMethodKey, out var optionalHeaders)) { foreach (var optionalHeaderName in optionalHeaders) { if (httpHeaders.Contains(optionalHeaderName)) { headersToSign.Add(optionalHeaderName); } } } // Add any missing required headers. SigningUtils.AddMissingHeaders(requestMessage, headersToSign); // Calculate the Signing string. var signingString = SigningUtils.CalculateStringToSign(requestMessage, headersToSign); var bytes = Encoding.UTF8.GetBytes(signingString); this.signer.BlockUpdate(bytes, 0, bytes.Length); var signature = Convert.ToBase64String(this.signer.GenerateSignature()); var authorization = SigningUtils.CalculateAuthorization(headersToSign, SIGNATURE_VERSION, this.keyId, SIGNATURE_ALGORITHM, signature); httpHeaders.Add(Constants.AUTHORIZATION_HEADER, authorization); }