/// <summary>
/// Validate the signature against the requested payload.
/// </summary>
/// <param name="signature"></param>
/// <param name="key">The public key</param>
/// <param name="httpRequest"></param>
/// <returns></returns>
public static bool Validate(this HttpSignature signature, SecurityKey key, HttpRequest httpRequest)
{
var headers = httpRequest.Headers.ToDictionary(x => x.Key, x => (string)x.Value, StringComparer.OrdinalIgnoreCase);
var options = (HttpSignatureOptions)httpRequest.HttpContext.RequestServices.GetService(typeof(HttpSignatureOptions));
var forwardedPath = httpRequest.Headers[options.ForwardedPathHeaderName];
string rawTarget = null;
if (!string.IsNullOrWhiteSpace(forwardedPath))
{
rawTarget = forwardedPath;
}
else
{
var requestFeature = httpRequest.HttpContext.Features.Get <IHttpRequestFeature>();
rawTarget = $"{requestFeature.Path}{requestFeature.QueryString}";
}
headers.Add(HttpRequestTarget.HeaderName, new HttpRequestTarget(httpRequest.Method, rawTarget).ToString());
headers.Add(HeaderFieldNames.Created, httpRequest.Headers[options.RequestCreatedHeaderName]);
return(signature.Validate(key, headers));
}
/// <summary> /// Validate the signature against the requested payload. /// </summary> /// <param name="signature">The signature to validate.</param> /// <param name="key">The public key.</param> /// <param name="headers">The headers.</param> public static bool Validate(this HttpSignature signature, SecurityKey key, IDictionary <string, StringValues> headers) => signature.Validate(key, headers.ToDictionary(x => x.Key, x => (string)x.Value, StringComparer.OrdinalIgnoreCase));