public NegotiationToken GetToken()
{
WebRequest request = WebRequest.Create(requestUri);
request.Method = "POST";
Nonce nonce = Nonce.Generate();
TimeStamp timestamp = TimeStamp.Generate();
BaseString baseString = new BaseString(request.RequestUri,
request.Method, nonce, timestamp, credentials, HmacSha1Signature.MethodName);
Signature signature = new HmacSha1Signature(baseString.ToString(), credentials);
AuthorizationHeader header = new AuthorizationHeader(credentials, nonce, timestamp, signature);
request.Headers.Add(HttpRequestHeader.Authorization, header.ToString());
using (WebResponse res = request.GetResponse())
using (Stream s = res.GetResponseStream())
using (StreamReader sr = new StreamReader(s))
{
NameValueCollection response = HttpUtility.ParseQueryString(sr.ReadToEnd());
return(new NegotiationToken(response["oauth_token"], response["oauth_token_secret"]));
}
}
public void Shall_stringify_header()
{
var header = new AuthorizationHeader
{
AuthenticationType = "Basic",
Username = "******"a\"",
Realm = "\"b\"",
Nonce = "\"c\"",
Uri = "\"d\"",
Response = "\"e\"",
Digest = "\"f\"",
Algorithm = "\"g\"",
CNonce = "\"h\"",
Opaque = "\"i\"",
MessageQop = "\"j\"",
NonceCount = "00000001",
Version = "\"k\"",
TargetName = "\"l\"",
GssApiData = "\"m\"",
CRand = "\"n\"",
CNum = "\"o\""
};
Assert.That(
header.ToString(),
Is.EqualTo(
"Basic username=\"a\", realm=\"b\", nonce=\"c\", uri=\"d\", response=\"e\", digest=\"f\", " +
"algorithm=\"g\", cnonce=\"h\", opaque=\"i\", qop=\"j\", nc=00000001, version=\"k\", " +
"targetname=\"l\", gssapi-data=\"m\", crand=\"n\", cnum=\"o\""));
}
public static void AddAuthorizationHeader(this WebRequest request, ExceptionlessConfiguration configuration)
{
var authorizationHeader = new AuthorizationHeader {
Scheme = ExceptionlessHeaders.Bearer,
ParameterText = configuration.ApiKey
};
request.Headers[HttpRequestHeader.Authorization] = authorizationHeader.ToString();
}
/// <summary>
/// Populates the httpClient with signed request headers and the POST body data.
/// </summary>
/// <param name="message">
/// The http request message.
/// </param>
/// <param name="postBody">
/// The post body data of the request.
/// </param>
/// <param name="contentType">
/// Either JSON or XML.
/// </param>
/// <param name="developerKey">
/// The developer key used to create the signed header.
/// </param>
/// <param name="developerSecret">
/// The developer secret used to create the signed header.
/// </param>
private void CreateRequestHeaders(HttpRequestMessage message, string postBody, string contentType, string developerKey, string developerSecret)
{
AuthorizationHeader authorizationHeader = AuthorizationHeader.Create(message.Headers, message.RequestUri, postBody, message.Method.Method, "1.0", "TP-HMAC-SHA1", Guid.NewGuid().ToString(), DateTime.UtcNow.ToString("O"), developerKey, developerSecret);
message.Headers.Add("tp-authorization", authorizationHeader.ToString());
message.Headers.Add("tp-application-id", "1234");
message.Headers.Add("tp-application-name", "triPOS.CSharp");
message.Headers.Add("tp-application-version", "1.0.0");
message.Headers.Add("tp-return-logs", "false");
message.Headers.Add("accept", contentType);
message.Content = new StringContent(postBody, Encoding.UTF8, contentType);
}
private void AddAuthorizationHeaderToRequest(WebRequest request, AuthorizationHeader header)
{
request.Headers.Add(HttpRequestHeader.Authorization, header.ToString());
}
internal void ClearAuthReq(HttpWebRequest httpWebRequest)
{
//
// if we are authenticating and we're being redirected to
// another authentication space then remove the current
// authentication header
//
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::ClearAuthReq() httpWebRequest#" + ValidationHelper.HashString(httpWebRequest) + " " + AuthorizationHeader.ToString() + ": " + ValidationHelper.ToString(httpWebRequest.Headers[AuthorizationHeader]));
TriedPreAuth = false;
Authorization = null;
UniqueGroupId = null;
httpWebRequest.Headers.Remove(AuthorizationHeader);
}
//
// attempts to authenticate the request:
// returns true only if it succesfully called into the AuthenticationManager
// and got back a valid Authorization and succesfully set the appropriate auth headers
//
internal bool AttemptAuthenticate(HttpWebRequest httpWebRequest, ICredentials authInfo)
{
//
// Check for previous authentication attempts or the presence of credentials
//
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() httpWebRequest#" + ValidationHelper.HashString(httpWebRequest) + " AuthorizationHeader:" + AuthorizationHeader.ToString());
if (Authorization != null && Authorization.Complete)
{
//
// here the design gets "dirty".
// if this is proxy auth, we might have been challenged by an external
// server as well. in this case we will have to clear our previous proxy
// auth state before we go any further. this will be broken if the handshake
// requires more than one dropped connection (which NTLM is a border case for,
// since it droppes the connection on the 1st challenge but not on the second)
//
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() Authorization!=null Authorization.Complete:" + Authorization.Complete.ToString());
if (IsProxyAuth)
{
//
// so, we got passed a 407 but now we got a 401, the proxy probably
// dropped the connection on us so we need to reset our proxy handshake
// Consider: this should have been taken care by Update()
//
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() ProxyAuth cleaning up auth status");
ClearAuthReq(httpWebRequest);
}
return(false);
}
if (authInfo == null)
{
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() authInfo==null Authorization#" + ValidationHelper.HashString(Authorization));
return(false);
}
string challenge = httpWebRequest.AuthHeader(AuthenticateHeader);
if (challenge == null)
{
//
// the server sent no challenge, but this might be the case
// in which we're succeeding an authorization handshake to
// a proxy while a handshake with the server is still in progress.
// if the handshake with the proxy is complete and we actually have
// a handshake with the server in progress we can send the authorization header for the server as well.
//
if (!IsProxyAuth && Authorization != null && httpWebRequest.ProxyAuthenticationState.Authorization != null)
{
httpWebRequest.Headers.Set(AuthorizationHeader, Authorization.Message);
}
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() challenge==null Authorization#" + ValidationHelper.HashString(Authorization));
return(false);
}
//
// if the AuthenticationManager throws on Authenticate,
// bubble up that Exception to the user
//
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() challenge:" + challenge);
PrepareState(httpWebRequest);
try {
Authorization = AuthenticationManager.Authenticate(challenge, httpWebRequest, authInfo);
}
catch (Exception exception) {
Authorization = null;
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::PreAuthIfNeeded() PreAuthenticate() returned exception:" + exception.Message);
ClearSession(httpWebRequest);
throw;
}
if (Authorization == null)
{
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() Authorization==null");
return(false);
}
if (Authorization.Message == null)
{
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() Authorization.Message==null");
Authorization = null;
return(false);
}
UniqueGroupId = Authorization.ConnectionGroupId;
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() AuthorizationHeader:" + AuthorizationHeader + " blob: " + Authorization.Message.Length + "bytes Complete:" + Authorization.Complete.ToString());
try {
//
// a "bad" module could try sending bad characters in the HTTP headers.
// catch the exception from WebHeaderCollection.CheckBadChars()
// fail the auth process
// and return the exception to the user as InnerException
//
httpWebRequest.Headers.Set(AuthorizationHeader, Authorization.Message);
}
catch {
Authorization = null;
ClearSession(httpWebRequest);
throw;
}
return(true);
}
//
// attempts to authenticate the request:
// returns true only if it succesfully called into the AuthenticationManager
// and got back a valid Authorization and succesfully set the appropriate auth headers
//
internal bool AttemptAuthenticate(HttpWebRequest httpWebRequest, ICredentials authInfo)
{
//
// Check for previous authentication attempts or the presence of credentials
//
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() httpWebRequest#" + ValidationHelper.HashString(httpWebRequest) + " AuthorizationHeader:" + AuthorizationHeader.ToString());
if (Authorization != null && Authorization.Complete)
{
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() Authorization!=null Authorization.Complete:" + Authorization.Complete.ToString());
if (IsProxyAuth)
{
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() ProxyAuth cleaning up auth status");
ClearAuthReq(httpWebRequest);
}
return(false);
}
if (authInfo == null)
{
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() authInfo==null Authorization#" + ValidationHelper.HashString(Authorization));
return(false);
}
string challenge = httpWebRequest.AuthHeader(AuthenticateHeader);
if (challenge == null)
{
//
// the server sent no challenge, but this might be the case
// in which we're succeeding an authorization handshake to
// a proxy while a handshake with the server is still in progress.
// if the handshake with the proxy is complete and we actually have
// a handshake with the server in progress we can send the authorization header for the server as well.
//
if (!IsProxyAuth && Authorization != null && httpWebRequest.ProxyAuthenticationState.Authorization != null)
{
httpWebRequest.Headers.Set(AuthorizationHeader, Authorization.Message);
}
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() challenge==null Authorization#" + ValidationHelper.HashString(Authorization));
return(false);
}
//
// if the AuthenticationManager throws on Authenticate,
// bubble up that Exception to the user
//
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() challenge:" + challenge);
PrepareState(httpWebRequest);
try {
Authorization = AuthenticationManager.Authenticate(challenge, httpWebRequest, authInfo);
}
catch (Exception exception) {
Authorization = null;
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::PreAuthIfNeeded() PreAuthenticate() returned exception:" + exception.Message);
ClearSession(httpWebRequest);
throw;
}
catch {
Authorization = null;
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::PreAuthIfNeeded() PreAuthenticate() returned exception: Non-CLS Compliant Exception");
ClearSession(httpWebRequest);
throw;
}
if (Authorization == null)
{
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() Authorization==null");
return(false);
}
if (Authorization.Message == null)
{
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() Authorization.Message==null");
Authorization = null;
return(false);
}
UniqueGroupId = Authorization.ConnectionGroupId;
GlobalLog.Print("AuthenticationState#" + ValidationHelper.HashString(this) + "::AttemptAuthenticate() AuthorizationHeader:" + AuthorizationHeader + " blob: " + Authorization.Message.Length + "bytes Complete:" + Authorization.Complete.ToString());
try {
//
// a "bad" module could try sending bad characters in the HTTP headers.
// catch the exception from WebHeaderCollection.CheckBadChars()
// fail the auth process
// and return the exception to the user as InnerException
//
httpWebRequest.Headers.Set(AuthorizationHeader, Authorization.Message);
}
catch {
Authorization = null;
ClearSession(httpWebRequest);
throw;
}
return(true);
}
