public static bool TryParse(string input, out ApiRequestSignature parsedValue) { parsedValue = null; var success = false; if (input != null) { var parts = input.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries); if (parts.Length == 3) { if (parts[2].Length == 64) { DateTime timestamp; if (DateTime.TryParseExact(parts[1], _timestampFormats, CultureInfo.InvariantCulture, DateTimeStyles.AdjustToUniversal, out timestamp)) { parsedValue = new ApiRequestSignature { AppId = parts[0], TimestampString = parts[1], Hash = parts[2], Timestamp = timestamp, }; success = true; } } } } return(success); }
private bool IsValidSignature(ApiRequestSignature signature, ApiAccountEntity credentials) { var parameters = new[] { new NameValuePair(null, signature.AppId), new NameValuePair(null, signature.TimestampString) }; var validSignature = HmacUtility.GetHashString(Options.HmacFactory, credentials.SecretKey, parameters); var isValid = string.Equals(signature.Hash, validSignature, StringComparison.OrdinalIgnoreCase); return(isValid); }
protected override string ExtractUserIdFromRequest() { string userId = null; var credentials = GetAuthenticationHeaderCredentials(); ApiRequestSignature signature; if (ApiRequestSignature.TryParse(credentials, out signature)) { if ((DateTime.UtcNow - signature.Timestamp).Duration() < Options.SignatureValidityPeriod) { var apiAccount = Options.ApiCredentialsProvider.GetAccountByAppId(ApiAccountType.Hmac, signature.AppId); if (apiAccount != null && IsValidSignature(signature, apiAccount)) { userId = apiAccount.AccountId; } } } return(userId); }
public static bool TryParse(string input, out ApiRequestSignature parsedValue) { parsedValue = null; var success = false; if (input != null) { var parts = input.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries); if (parts.Length == 3) { if (parts[2].Length == 64) { DateTime timestamp; if (DateTime.TryParseExact(parts[1], _timestampFormats, CultureInfo.InvariantCulture, DateTimeStyles.AdjustToUniversal, out timestamp)) { parsedValue = new ApiRequestSignature { AppId = parts[0], TimestampString = parts[1], Hash = parts[2], Timestamp = timestamp, }; success = true; } } } } return success; }