Пример #1
0
        private static void ValidateRequest(HttpRequestBase request)
        {
            string method = request.HttpMethod.ToUpper();
            string url = request.Url.AbsoluteUri;
            if (!string.IsNullOrEmpty(request.Url.Query))
            {
                url = url.Replace(request.Url.Query, string.Empty);
            }

            Dictionary<string, string> parameters = new Dictionary<string, string>();
            foreach (string k in request.Form.AllKeys)
            {
                parameters.Add(k, request.Form.Get(k));
            }
            foreach (string k in request.QueryString.AllKeys)
            {
                parameters.Add(k, request.QueryString.Get(k));
            }

            var tempParameters = from p in parameters where (p.Key != AuthSecretKey) && (p.Key != AuthFormat) orderby p.Key select p;
            Dictionary<string, string> lastParameters = tempParameters.ToDictionary<KeyValuePair<string, string>, string, string>(p => p.Key, p => p.Value);

            string secretKey = request.GetParameter(AuthSecretKey);
            if (string.IsNullOrEmpty(secretKey))
            {
                throw new APIAuthorizeException("SecretKey is not found");
            }
            string correctSecretKey = PublicFunctions.URLEncode(url);
            foreach (string parameter in lastParameters.Keys)
            {
                correctSecretKey = correctSecretKey + parameters[parameter];
            }
            if (secretKey != correctSecretKey)
            {
                throw new APIAuthorizeException("SecretKey is invalid");
            }
        }