static void Main(string[] args) { int flag = 1; while (flag > 0) { string inputPath = @"C:\Users\Harshdeep SIngh\source\repos\harshdave71720\ShoppingCartRepo\ShoppingCartSolution\ShoppingSystemApiConsoleClient\HashCodeInput.txt"; string outputPath = @"C:\Users\Harshdeep SIngh\source\repos\harshdave71720\ShoppingCartRepo\ShoppingCartSolution\ShoppingSystemApiConsoleClient\HashCodeOutput.txt"; using (StreamReader reader = new StreamReader(new FileStream(inputPath, FileMode.Open, FileAccess.Read))) { string rawData = ""; string[] arr = reader.ReadLine().Split(' '); var secretKey = arr[1].Trim(); var userId = arr[0].Trim(); rawData += userId; rawData += Guid.NewGuid().ToString("N"); rawData += Guid.NewGuid().ToString("N"); var hashSignature = HashSignatureGenerator.GenerateHash(rawData, secretKey); //Console.WriteLine(hashSignature); using (StreamWriter writer = new StreamWriter(new FileStream(outputPath, FileMode.Open, FileAccess.Write))) { writer.Write("Authorization Data =>" + rawData + ":" + hashSignature); } } Console.WriteLine("Enter something to do again"); flag = Console.Read(); } }
protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { IEnumerable <string> userData = null; IEnumerable <string> authData = null; //check for apikey if not present log in as guest if (!request.Headers.TryGetValues("apikey", out userData)) { IPrincipal principal = new GenericPrincipal(new GenericIdentity("Guest"), new string[] { "Guest" }); HttpContext.Current.User = principal; return(await base.SendAsync(request, cancellationToken)); } //check for Authorization data request.Headers.TryGetValues("Authorization", out authData); if (userData != null && (authData == null || authData.First() == null)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, "authorization header missing")); } var userId = userData.First(); var authUser = AuthUserRepository.GetAppUser(Guid.Parse(userId)); //user with wrong userid does not get access if (authUser == null) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, "authorization header missing")); } //checking authorization data is complete if (authData.First().Split(':').Length < 2) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, "authorization header incomplete")); } var temp = authData.First().Split(':'); var rawData = temp[0]; var hashSignature = temp[1]; var privateKey = authUser.PrivateKey.ToString("N"); var generatedSignature = HashSignatureGenerator.GenerateHash(rawData, authUser.PrivateKey.ToString("N")); if (!hashSignature.Equals(generatedSignature, StringComparison.Ordinal)) { return(request.CreateErrorResponse(HttpStatusCode.BadRequest, "User not authorized")); } IPrincipal principal1 = new GenericPrincipal(new GenericIdentity(userId), new string[] { "User" }); HttpContext.Current.User = principal1; return(await base.SendAsync(request, cancellationToken)); }