Exemplo n.º 1
0
        /// <summary>
        /// Enqueue message thread safe
        /// </summary>
        /// <param name="message"></param>
        internal void AddMessageToQueue(SinricMessage message)
        {
            var payloadJson = JsonConvert.SerializeObject(message.Payload);

            message.RawPayload = new JRaw(payloadJson);

            // compute the signature using our secret key so that the service can verify authenticity
            message.Signature.Hmac = HmacSignature.Signature(payloadJson, SecretKey);

            OutgoingMessages.Enqueue(message);
            Debug.Print("Queued websocket message for sending");
        }
Exemplo n.º 2
0
        internal static bool ValidateMessageSignature(SinricMessage message, string secretKey)
        {
            var payloadString = message.RawPayload?.Value as string;

            if (!string.IsNullOrEmpty(payloadString))
            {
                // if the message contains a payload then we need to validate its signature

                // todo validate timestamp of message, must be within X seconds of local clock, and must be > than the last message time received to protect against replay attacks

                // compute a local signature from the raw payload using our secret key:
                var signature = HmacSignature.Signature(payloadString, secretKey);

                // compare the locally computed signature with the one supplied in the message:
                return(signature == message.Signature.Hmac);
            }

            return(true);
        }