public static string GenerateKeyAuthorizationSignature(string verb, string resourceId, string resourceType, INameValueCollection headers, IComputeHash stringHMACSHA256Helper, out ArrayOwner payload) { string authorizationToken = AuthorizationHelper.GenerateUrlEncodedAuthorizationTokenWithHashCore( verb: verb, resourceId: resourceId, resourceType: resourceType, headers: headers, stringHMACSHA256Helper: stringHMACSHA256Helper, payload: out payload); try { return(AuthorizationHelper.AuthorizationFormatPrefixUrlEncoded + authorizationToken); } catch { payload.Dispose(); throw; } }
public static string GenerateKeyAuthorizationSignature(string verb, string resourceId, string resourceType, INameValueCollection headers, IComputeHash stringHMACSHA256Helper, out ArrayOwner payload) { string authorizationToken = AuthorizationHelper.GenerateAuthorizationTokenWithHashCore( verb, resourceId, resourceType, headers, stringHMACSHA256Helper, out payload); try { return(HttpUtility.UrlEncode(string.Format(CultureInfo.InvariantCulture, Constants.Properties.AuthorizationFormat, Constants.Properties.MasterToken, Constants.Properties.TokenVersion, authorizationToken))); } catch { payload.Dispose(); throw; } }
private static string GenerateUrlEncodedAuthorizationTokenWithHashCore( string verb, string resourceId, string resourceType, INameValueCollection headers, IComputeHash stringHMACSHA256Helper, out ArrayOwner payload) { return(AuthorizationHelper.GenerateAuthorizationTokenWithHashCore( verb, resourceId, resourceType, headers, stringHMACSHA256Helper, urlEncode: true, out payload)); }
private static string GenerateKeyAuthorizationCore( string verb, string resourceId, string resourceType, INameValueCollection headers, string key, out ArraySegment <byte> payload, bool bUseUtcNowForMissingXDate = false) { string authorizationToken; // resourceId can be null for feed-read of /dbs if (string.IsNullOrEmpty(verb)) { throw new ArgumentException(RMResources.StringArgumentNullOrEmpty, nameof(verb)); } if (resourceType == null) { throw new ArgumentNullException(nameof(resourceType)); // can be empty } if (string.IsNullOrEmpty(key)) { throw new ArgumentException(RMResources.StringArgumentNullOrEmpty, nameof(key)); } if (headers == null) { throw new ArgumentNullException(nameof(headers)); } byte[] keyBytes = Convert.FromBase64String(key); using (HMACSHA256 hmacSha256 = new HMACSHA256(keyBytes)) { // Order of the values included in the message payload is a protocol that clients/BE need to follow exactly. // More headers can be added in the future. // If any of the value is optional, it should still have the placeholder value of "" // OperationType -> ResourceType -> ResourceId/OwnerId -> XDate -> Date string verbInput = verb ?? string.Empty; string resourceIdInput = resourceId ?? string.Empty; string resourceTypeInput = resourceType ?? string.Empty; string authResourceId = AuthorizationHelper.GetAuthorizationResourceIdOrFullName(resourceTypeInput, resourceIdInput); int memoryStreamCapacity = AuthorizationHelper.ComputeMemoryCapacity(verbInput, authResourceId, resourceTypeInput); byte[] buffer = ArrayPool <byte> .Shared.Rent(memoryStreamCapacity); using ArrayOwner owner = new ArrayOwner(ArrayPool <byte> .Shared, new ArraySegment <byte>(buffer, 0, buffer.Length)); Span <byte> payloadBytes = buffer; int length = AuthorizationHelper.SerializeMessagePayload( payloadBytes, verbInput, authResourceId, resourceTypeInput, headers); byte[] hashPayLoad = hmacSha256.ComputeHash(buffer, 0, length); authorizationToken = Convert.ToBase64String(hashPayLoad); } return(authorizationToken); }
private static string GenerateAuthorizationTokenWithHashCore( string verb, string resourceId, string resourceType, INameValueCollection headers, IComputeHash stringHMACSHA256Helper, out ArrayOwner payload) { // resourceId can be null for feed-read of /dbs if (string.IsNullOrEmpty(verb)) { throw new ArgumentException(RMResources.StringArgumentNullOrEmpty, nameof(verb)); } if (resourceType == null) { throw new ArgumentNullException(nameof(resourceType)); // can be empty } if (stringHMACSHA256Helper == null) { throw new ArgumentNullException(nameof(stringHMACSHA256Helper)); } if (headers == null) { throw new ArgumentNullException(nameof(headers)); } // Order of the values included in the message payload is a protocol that clients/BE need to follow exactly. // More headers can be added in the future. // If any of the value is optional, it should still have the placeholder value of "" // OperationType -> ResourceType -> ResourceId/OwnerId -> XDate -> Date string verbInput = verb ?? string.Empty; string resourceIdInput = resourceId ?? string.Empty; string resourceTypeInput = resourceType ?? string.Empty; string authResourceId = AuthorizationHelper.GetAuthorizationResourceIdOrFullName(resourceTypeInput, resourceIdInput); int capacity = AuthorizationHelper.ComputeMemoryCapacity(verbInput, authResourceId, resourceTypeInput); byte[] buffer = ArrayPool <byte> .Shared.Rent(capacity); try { Span <byte> payloadBytes = buffer; int length = AuthorizationHelper.SerializeMessagePayload( payloadBytes, verbInput, authResourceId, resourceTypeInput, headers); payload = new ArrayOwner(ArrayPool <byte> .Shared, new ArraySegment <byte>(buffer, 0, length)); byte[] hashPayLoad = stringHMACSHA256Helper.ComputeHash(payload.Buffer); string authorizationToken = Convert.ToBase64String(hashPayLoad); return(authorizationToken); } catch { ArrayPool <byte> .Shared.Return(buffer); throw; } }