static ClientAuthenticationHeaderContext()
 {
     HeaderInformation = new AuthenticationData();
 }
Пример #2
0
        public object AfterReceiveRequest(ref Message request, IClientChannel channel, InstanceContext instanceContext)
        {
            try
            {
                var header = request.Headers.GetHeader <AuthenticationHeader>("authentication-header", "chsakell.com");

                if (header != null)
                {
                    string headerPassword = string.Empty;
                    string headerUsername = string.Empty;
                    string headerTimeSpan = string.Empty;

                    try
                    {
                        string decryptedSignature = Encryption.Decrypt(header.EncryptedSignature, true);

                        AuthenticationData headerData = Serializer.JsonDeserialize <AuthenticationData>(decryptedSignature);

                        headerUsername = headerData.Username;
                        headerPassword = headerData.Password;
                        headerTimeSpan = headerData.Timespan;
                    }
                    catch
                    {
                        throw new UnauthorizedAccessException("Unable to decrypt signature");
                    }

                    if (!string.IsNullOrEmpty(headerPassword) && (!string.IsNullOrEmpty(headerUsername)) && (!string.IsNullOrEmpty(headerTimeSpan)))
                    {
                        if (IsRequestValid(headerPassword, headerUsername, headerTimeSpan))
                        {
                            return(null);
                        }
                        else
                        {
                            throw new UnauthorizedAccessException("Wrong credentials");
                        }
                    }
                    else
                    {
                        throw new MessageHeaderException("Missing credentials from request");
                    }
                }
                else
                {
                    throw new MessageHeaderException("Authentication header not found");
                }
            }
            catch (UnauthorizedAccessException ex)
            {
                throw new FaultException(ex.Message);
            }
            catch (MessageHeaderException ex)
            {
                throw new FaultException(ex.Message);
            }
            catch (Exception ex)
            {
                throw new FaultException(ex.Message);
            }
        }