public static AuthDataEntry SignedKeyAuthenticate(string stringToSign, string requestSignature, AuthenticationInformation authInfo)
{
AuthDataEntry authDataEntry;
NephosAssertionException.Assert(!string.IsNullOrEmpty(stringToSign));
NephosAssertionException.Assert(!string.IsNullOrEmpty(requestSignature));
NephosAssertionException.Assert(authInfo != null);
RequestContext requestContext = authInfo.RequestContext;
NephosUriComponents uriComponents = authInfo.UriComponents;
NameValueCollection queryParameters = requestContext.QueryParameters;
string item = queryParameters["sv"];
byte[] sign = BlobSignedAccessHelper.ComputeUrlDecodedUtf8EncodedStringToSign(queryParameters, uriComponents);
using (IEnumerator <AuthDataEntry> enumerator = SharedKeyAuthInfoHelper.GetSharedKeys(authInfo).GetEnumerator())
{
while (enumerator.MoveNext())
{
AuthDataEntry current = enumerator.Current;
byte[] numArray = SASUtilities.ComputeSignedKey(sign, current.AuthValue);
if (!SASUtilities.ComputeSignatureAndCompare((new UTF8Encoding()).GetBytes(stringToSign), numArray, requestSignature))
{
continue;
}
authDataEntry = current;
return(authDataEntry);
}
CultureInfo invariantCulture = CultureInfo.InvariantCulture;
object[] objArray = new object[] { requestSignature, stringToSign };
throw new AuthenticationFailureException(string.Format(invariantCulture, "The MAC signature found in the HTTP request '{0}' is not the same as any computed signature. Server used following string to sign: '{1}'.", objArray));
}
return(authDataEntry);
}
public SignedAccessHelper(Microsoft.Cis.Services.Nephos.Common.RequestContext requestContext, NephosUriComponents uriComponents)
{
NephosAssertionException.Assert(requestContext != null);
NephosAssertionException.Assert(uriComponents != null);
NephosAssertionException.Assert(requestContext.QueryParameters != null);
this.QueryParams = requestContext.QueryParameters;
this.RequestContext = requestContext;
this.UriComponents = uriComponents;
this.SignedProtocol = SasProtocol.All;
}
public AuthenticationInformation(string authScheme, SupportedAuthScheme originalRequestAuthScheme, Collection <AuthDataEntry> authData, Microsoft.Cis.Services.Nephos.Common.RequestContext requestContext, NephosUriComponents uriComponents, bool isInterStampAuthentication)
{
this.authScheme = authScheme;
this.authData = authData;
this.requestContext = requestContext;
this.uriComponents = uriComponents;
this.authKeyName = null;
if (originalRequestAuthScheme == SupportedAuthScheme.SignedKey && requestContext.QueryParameters["sv"] != null)
{
this.authKeyName = AuthenticationManagerHelper.ExtractKeyNameFromParamsWithConversion(requestContext.QueryParameters);
if (this.authKeyName != null)
{
Logger <IRestProtocolHeadLogger> .Instance.Verbose.Log("Using secret key with KeyName '{0}' to authenticate SAS/DSAS.", new object[] { this.authKeyName });
}
}
}
private static string GetCanonicalizedResource(NephosUriComponents uriComponents, string tableName, string signedVersion)
{
NephosAssertionException.Assert(!string.IsNullOrEmpty(uriComponents.AccountName));
NephosAssertionException.Assert(!string.IsNullOrEmpty(tableName));
StringBuilder stringBuilder = new StringBuilder();
if (signedVersion != null && VersioningHelper.CompareVersions(signedVersion, "2015-02-21") >= 0)
{
stringBuilder.Append("/table");
}
stringBuilder.Append("/");
stringBuilder.Append(uriComponents.AccountName);
stringBuilder.Append("/");
stringBuilder.Append(tableName.ToLower());
return(stringBuilder.ToString());
}
private static string GetCanonicalizedResource(NephosUriComponents uriComponents, SASAccessLevel signedResource, string signedVersion)
{
NephosAssertionException.Assert(!string.IsNullOrEmpty(uriComponents.AccountName));
NephosAssertionException.Assert(!string.IsNullOrEmpty(uriComponents.ContainerName));
StringBuilder stringBuilder = new StringBuilder();
if (signedVersion != null && VersioningHelper.CompareVersions(signedVersion, "2015-02-21") >= 0)
{
stringBuilder.Append("/blob");
}
stringBuilder.Append("/");
stringBuilder.Append(uriComponents.AccountName);
stringBuilder.Append("/");
stringBuilder.Append(uriComponents.ContainerName);
if (signedResource == SASAccessLevel.Blob)
{
NephosAssertionException.Assert(!string.IsNullOrEmpty(uriComponents.RemainingPart));
stringBuilder.Append("/");
stringBuilder.Append(uriComponents.RemainingPart);
}
return(stringBuilder.ToString());
}
public BlobSignedAccessHelper(Microsoft.Cis.Services.Nephos.Common.RequestContext requestContext, NephosUriComponents uriComponents) : base(requestContext, uriComponents)
{
this.SignedResource = SASAccessLevel.None;
}
public static byte[] ComputeUrlDecodedUtf8EncodedStringToSign(NameValueCollection queryParams, NephosUriComponents uriComponents)
{
string item = queryParams["st"];
string str = queryParams["se"];
string item1 = queryParams["sp"];
string str1 = queryParams["sr"];
string item2 = queryParams["si"];
string str2 = queryParams["sip"];
string item3 = queryParams["spr"];
string str3 = queryParams["sv"];
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.Append(item1 ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(item ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(str ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(BlobSignedAccessHelper.GetCanonicalizedResource(uriComponents, SASUtilities.ParseSasAccessLevel(str1), str3));
stringBuilder.Append("\n");
stringBuilder.Append(item2 ?? string.Empty);
if (str3 != null)
{
if (VersioningHelper.CompareVersions(str3, "2015-04-05") >= 0)
{
stringBuilder.Append("\n");
stringBuilder.Append(str2 ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(item3 ?? string.Empty);
}
stringBuilder.Append("\n");
stringBuilder.Append(queryParams["sv"]);
if (VersioningHelper.CompareVersions(str3, "2014-02-14") >= 0)
{
stringBuilder.Append("\n");
if (queryParams["rscc"] != null)
{
stringBuilder.Append(queryParams["rscc"]);
}
stringBuilder.Append("\n");
if (queryParams["rscd"] != null)
{
stringBuilder.Append(queryParams["rscd"]);
}
stringBuilder.Append("\n");
if (queryParams["rsce"] != null)
{
stringBuilder.Append(queryParams["rsce"]);
}
stringBuilder.Append("\n");
if (queryParams["rscl"] != null)
{
stringBuilder.Append(queryParams["rscl"]);
}
stringBuilder.Append("\n");
if (queryParams["rsct"] != null)
{
stringBuilder.Append(queryParams["rsct"]);
}
}
}
if (queryParams["sep"] != null)
{
stringBuilder.Append("\n");
stringBuilder.Append(queryParams["sep"]);
}
return((new UTF8Encoding()).GetBytes(stringBuilder.ToString()));
}
public override IAsyncResult BeginAuthenticate(IStorageAccount storageAccount, RequestContext requestContext, NephosUriComponents uriComponents, AuthenticationManager.GetStringToSignCallback getStringToSignCallback, TimeSpan timeout, AsyncCallback callback, object state)
{
AsyncIteratorContext <IAuthenticationResult> asyncIteratorContext = new AsyncIteratorContext <IAuthenticationResult>("XFEQueueAuthenticationManager.Authenticate", callback, state);
asyncIteratorContext.Begin(this.AuthenticateImpl(storageAccount, requestContext, uriComponents, getStringToSignCallback, timeout, asyncIteratorContext));
return(asyncIteratorContext);
}
public static string GetStringToSignForNephosSharedKeyLiteAuth(RequestContext requestContext, NephosUriComponents uriComponents)
{
Uri requestUrl = requestContext.RequestUrl;
StringBuilder stringBuilder = new StringBuilder(MessageCanonicalizer.GetNephosOrStandardDateString(requestContext.RequestHeaders));
string canonicalizedResource = MessageCanonicalizer.GetCanonicalizedResource(requestUrl, uriComponents, requestContext.RequestRawUrlString);
TableAuthenticationHelper.AppendStringToCanonicalizedString(stringBuilder, canonicalizedResource);
return(stringBuilder.ToString());
}
public AccountSasHelper(Microsoft.Cis.Services.Nephos.Common.RequestContext requestContext, NephosUriComponents uriComponents) : base(requestContext, uriComponents)
{
this.SignedService = SasService.None;
this.SignedResourceType = SasResourceType.None;
}
public SASAccessRestriction(FileSASAccessLevel accessLevel, NephosUriComponents accessPath)
{
this.FileAccessLevel = accessLevel;
this.AccessPath = accessPath;
}
public abstract IAuthenticationResult Authenticate(RequestContext requestContext, NephosUriComponents uriComponents, Microsoft.Cis.Services.Nephos.Common.Authentication.AuthenticationManager.GetStringToSignCallback getStringToSignCallback, TimeSpan timeout);
public abstract IAsyncResult BeginAuthenticate(IStorageAccount storageAccount, RequestContext requestContext, NephosUriComponents uriComponents, Microsoft.Cis.Services.Nephos.Common.Authentication.AuthenticationManager.GetStringToSignCallback getStringToSignCallback, TimeSpan timeout, AsyncCallback callback, object state);
private IEnumerator <IAsyncResult> AuthenticateImpl(IStorageAccount storageAccount, RequestContext requestContext, NephosUriComponents uriComponents, AuthenticationManager.GetStringToSignCallback getStringToSignCallback, TimeSpan timeout, AsyncIteratorContext <IAuthenticationResult> context)
{
bool flag;
bool flag1;
SignedAccessHelper queueSignedAccessHelper;
IStorageAccount operationStatus;
ContainerAclSettings containerAclSetting;
string signedVersion = null;
Duration startingNow = Duration.StartingNow;
NameValueCollection queryParameters = requestContext.QueryParameters;
if (AuthenticationManager.IsInvalidAccess(requestContext))
{
throw new InvalidAuthenticationInfoException("Ambiguous authentication scheme credentials providedRequest contains authentication credentials for signed access and authenticated access");
}
bool flag2 = AuthenticationManager.IsAuthenticatedAccess(requestContext);
bool flag3 = AuthenticationManager.IsSignatureAccess(requestContext);
flag = (!flag2 ? false : AuthenticationManager.IsAuthenticatedAccess(requestContext, "SignedKey"));
bool flag4 = flag;
flag1 = (flag2 ? false : !flag3);
if ((!flag2 || flag4) && !flag1)
{
NephosAssertionException.Assert((flag3 ? true : flag4));
bool flag5 = (flag3 ? false : flag4);
if (!AuthenticationManager.IsAccountSasAccess(requestContext.QueryParameters))
{
queueSignedAccessHelper = new QueueSignedAccessHelper(requestContext, uriComponents, flag5);
}
else
{
if (flag5)
{
throw new AuthenticationFailureException("SignedKey is not supported with account-level SAS.");
}
queueSignedAccessHelper = new AccountSasHelper(requestContext, uriComponents);
}
queueSignedAccessHelper.ParseAccessPolicyFields(flag5);
queueSignedAccessHelper.PerformSignedAccessAuthenticationFirstPhaseValidations();
AccountIdentifier signedAccessAccountIdentifier = null;
if (!flag5)
{
byte[] sign = queueSignedAccessHelper.ComputeUrlDecodedUtf8EncodedStringToSign();
if (storageAccount == null || !string.Equals(storageAccount.Name, uriComponents.AccountName))
{
try
{
operationStatus = this.storageManager.CreateAccountInstance(uriComponents.AccountName);
if (requestContext != null)
{
operationStatus.OperationStatus = requestContext.OperationStatus;
}
}
catch (ArgumentOutOfRangeException argumentOutOfRangeException)
{
throw new AuthenticationFailureException(string.Format(CultureInfo.InvariantCulture, "The account name is invalid.", new object[0]));
}
operationStatus.Timeout = startingNow.Remaining(timeout);
IAsyncResult asyncResult = operationStatus.BeginGetProperties(AccountPropertyNames.All, null, context.GetResumeCallback(), context.GetResumeState("XFEQueueAuthenticationManager.AuthenticateImpl"));
yield return(asyncResult);
try
{
operationStatus.EndGetProperties(asyncResult);
}
catch (AccountNotFoundException accountNotFoundException1)
{
AccountNotFoundException accountNotFoundException = accountNotFoundException1;
CultureInfo invariantCulture = CultureInfo.InvariantCulture;
object[] name = new object[] { operationStatus.Name };
throw new AuthenticationFailureException(string.Format(invariantCulture, "Cannot find the claimed account when trying to GetProperties for the account {0}.", name), accountNotFoundException);
}
catch (Exception exception1)
{
Exception exception = exception1;
IStringDataEventStream warning = Logger <IRestProtocolHeadLogger> .Instance.Warning;
object[] objArray = new object[] { operationStatus.Name, exception };
warning.Log("Rethrow exception when trying to GetProperties for the account {0}: {1}", objArray);
throw;
}
}
else
{
operationStatus = storageAccount;
}
if (!queueSignedAccessHelper.ComputeSignatureAndCompare(sign, operationStatus.SecretKeysV3))
{
throw new AuthenticationFailureException(string.Concat("Signature did not match. String to sign used was ", (new UTF8Encoding()).GetString(sign)));
}
NephosAssertionException.Assert(queueSignedAccessHelper.KeyUsedForSigning != null, "Key used for signing cannot be null");
signedAccessAccountIdentifier = queueSignedAccessHelper.CreateAccountIdentifier(operationStatus);
if (storageAccount != operationStatus)
{
operationStatus.Dispose();
}
}
else
{
IAsyncResult asyncResult1 = this.nephosAuthenticationManager.BeginAuthenticate(storageAccount, requestContext, uriComponents, getStringToSignCallback, startingNow.Remaining(timeout), context.GetResumeCallback(), context.GetResumeState("XFEQueueAuthenticationManager.AuthenticateImpl"));
yield return(asyncResult1);
IAuthenticationResult authenticationResult = this.nephosAuthenticationManager.EndAuthenticate(asyncResult1);
signedAccessAccountIdentifier = new SignedAccessAccountIdentifier(authenticationResult.AccountIdentifier);
}
signedVersion = queueSignedAccessHelper.SignedVersion;
if (queueSignedAccessHelper.IsRevocableAccess)
{
using (IQueueContainer queueContainer = this.storageManager.CreateQueueContainerInstance(uriComponents.AccountName, uriComponents.ContainerName))
{
if (requestContext != null)
{
queueContainer.OperationStatus = requestContext.OperationStatus;
}
ContainerPropertyNames containerPropertyName = ContainerPropertyNames.ServiceMetadata;
queueContainer.Timeout = startingNow.Remaining(timeout);
IAsyncResult asyncResult2 = queueContainer.BeginGetProperties(containerPropertyName, null, context.GetResumeCallback(), context.GetResumeState("XFEQueueAuthenticationManager.AuthenticateImpl"));
yield return(asyncResult2);
try
{
queueContainer.EndGetProperties(asyncResult2);
}
catch (Exception exception3)
{
Exception exception2 = exception3;
if (exception2 is ContainerNotFoundException)
{
throw new AuthenticationFailureException("Error locating SAS identifier", exception2);
}
IStringDataEventStream stringDataEventStream = Logger <IRestProtocolHeadLogger> .Instance.Warning;
object[] accountName = new object[] { uriComponents.AccountName, uriComponents.ContainerName, exception2 };
stringDataEventStream.Log("Rethrow exception when trying to fetch SAS identifier account {0} container {1} : {2}", accountName);
throw;
}
try
{
containerAclSetting = new ContainerAclSettings(queueContainer.ServiceMetadata);
}
catch (MetadataFormatException metadataFormatException1)
{
MetadataFormatException metadataFormatException = metadataFormatException1;
throw new NephosStorageDataCorruptionException(string.Format("Error decoding Acl setting for container {0}", uriComponents.ContainerName), metadataFormatException);
}
}
try
{
queueSignedAccessHelper.ValidateAndDeriveEffectiveAccessPolicy(queueSignedAccessHelper.LocateSasIdentifier(containerAclSetting.SASIdentifiers));
queueSignedAccessHelper.PerformSignedAccessAuthenticationSecondPhaseValidations();
signedAccessAccountIdentifier.Initialize(queueSignedAccessHelper);
context.ResultData = new AuthenticationResult(signedAccessAccountIdentifier, signedVersion, true);
}
catch (FormatException formatException)
{
throw new AuthenticationFailureException("Signature fields not well formed.", formatException);
}
}
else
{
signedAccessAccountIdentifier.Initialize(queueSignedAccessHelper);
context.ResultData = new AuthenticationResult(signedAccessAccountIdentifier, signedVersion, true);
}
}
else
{
IAsyncResult asyncResult3 = this.nephosAuthenticationManager.BeginAuthenticate(storageAccount, requestContext, uriComponents, getStringToSignCallback, startingNow.Remaining(timeout), context.GetResumeCallback(), context.GetResumeState("XFEQueueAuthenticationManager.AuthenticateImpl"));
yield return(asyncResult3);
context.ResultData = this.nephosAuthenticationManager.EndAuthenticate(asyncResult3);
}
}
public abstract string ParseAccountNameFromAuthorizationHeader(RequestContext requestContext, NephosUriComponents uriComponents);
public override IAuthenticationResult Authenticate(RequestContext requestContext, NephosUriComponents uriComponents, AuthenticationManager.GetStringToSignCallback getStringToSignCallback, TimeSpan timeout)
{
return(this.EndAuthenticate(this.BeginAuthenticate(null, requestContext, uriComponents, getStringToSignCallback, timeout, null, null)));
}
public static void SignedKeyParamsParser(SupportedAuthScheme scheme, string parameter, NephosUriComponents uriComponents, out string accountName, out string signature)
{
NephosAssertionException.Assert(scheme.Equals(SupportedAuthScheme.SignedKey));
NephosAssertionException.Assert((uriComponents == null ? false : !string.IsNullOrEmpty(uriComponents.AccountName)));
if (string.IsNullOrEmpty(parameter))
{
CultureInfo invariantCulture = CultureInfo.InvariantCulture;
object[] objArray = new object[] { "Authorization", string.Format("{0} {1}", scheme, parameter) };
throw new InvalidAuthenticationInfoException(string.Format(invariantCulture, "{0} value '{1}' is invalid.", objArray));
}
accountName = uriComponents.AccountName;
signature = parameter;
}
public override string ParseAccountNameFromAuthorizationHeader(RequestContext requestContext, NephosUriComponents uriComponents)
{
return(this.nephosAuthenticationManager.ParseAccountNameFromAuthorizationHeader(requestContext, uriComponents));
}
public static string GetStringToSignForStandardSharedKeyAuth(RequestContext requestContext, NephosUriComponents uriComponents, SupportedAuthScheme requestAuthScheme, bool isFileService = false)
{
if (MessageCanonicalizer.IsVersionBeforeSep09(requestContext.RequestHeaders))
{
if (requestAuthScheme != SupportedAuthScheme.SharedKey)
{
CultureInfo invariantCulture = CultureInfo.InvariantCulture;
object[] str = new object[] { requestAuthScheme.ToString() };
throw new NotSupportedException(string.Format(invariantCulture, "GetStringToSignForDefaultSharedKeyAuth must not be used for {0} auth scheme", str));
}
return(MessageCanonicalizer.CanonicalizeHttpRequest(requestContext, uriComponents, isFileService));
}
if (requestAuthScheme != SupportedAuthScheme.SharedKey && requestAuthScheme != SupportedAuthScheme.SharedKeyLite)
{
CultureInfo cultureInfo = CultureInfo.InvariantCulture;
object[] objArray = new object[] { requestAuthScheme.ToString() };
throw new NotSupportedException(string.Format(cultureInfo, "GetStringToSignForDefaultSharedKeyAuth must not be used for {0} auth scheme", objArray));
}
if (requestAuthScheme != SupportedAuthScheme.SharedKeyLite)
{
return(MessageCanonicalizer.CanonicalizeHttpRequest(requestContext, uriComponents, isFileService));
}
return(MessageCanonicalizer.CanonicalizeHttpRequestDefault(requestContext.RequestUrl, uriComponents, requestContext.HttpMethod, requestContext.RequestContentType, requestContext.RequestHeaders, isFileService, requestContext.RequestRawUrlString));
}
public static void ParseSignatureParametersFromAuthorizationHeader(RequestContext requestContext, NephosUriComponents uriComponents, bool swallowException, out string accountName, out string signature, out SupportedAuthScheme?requestAuthScheme, out bool isAnonymousAccount)
{
string authorizationScheme;
string authorizationSchemeParameters;
accountName = null;
signature = null;
isAnonymousAccount = false;
requestAuthScheme = null;
try
{
try
{
authorizationScheme = requestContext.AuthorizationScheme;
authorizationSchemeParameters = requestContext.AuthorizationSchemeParameters;
}
catch (HttpRequestHeaderNotFoundException httpRequestHeaderNotFoundException)
{
isAnonymousAccount = true;
return;
}
catch (HttpRequestInvalidHeaderException httpRequestInvalidHeaderException1)
{
HttpRequestInvalidHeaderException httpRequestInvalidHeaderException = httpRequestInvalidHeaderException1;
throw new InvalidAuthenticationInfoException(httpRequestInvalidHeaderException.Message, httpRequestInvalidHeaderException);
}
catch (HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException1)
{
HttpRequestDuplicateHeaderException httpRequestDuplicateHeaderException = httpRequestDuplicateHeaderException1;
throw new InvalidAuthenticationInfoException(httpRequestDuplicateHeaderException.Message, httpRequestDuplicateHeaderException);
}
DateTime?nephosOrStandardDateHeader = null;
try
{
nephosOrStandardDateHeader = HttpRequestAccessorCommon.GetNephosOrStandardDateHeader(requestContext.RequestHeaders);
}
catch (ArgumentException argumentException)
{
throw new AuthenticationFailureException("The Date header in the request is incorrect.", argumentException);
}
if (!nephosOrStandardDateHeader.HasValue)
{
throw new AuthenticationFailureException("Request date header not specified");
}
if (nephosOrStandardDateHeader.Value.Ticks < DateTime.UtcNow.Subtract(ParameterLimits.DateHeaderLag).Ticks)
{
DateTime value = nephosOrStandardDateHeader.Value;
throw new AuthenticationFailureException(string.Format("Request date header too old: '{0}'", HttpUtilities.ConvertDateTimeToHttpString(value.ToUniversalTime())));
}
try
{
requestAuthScheme = new SupportedAuthScheme?((SupportedAuthScheme)Enum.Parse(typeof(SupportedAuthScheme), authorizationScheme, true));
}
catch (ArgumentException argumentException1)
{
CultureInfo invariantCulture = CultureInfo.InvariantCulture;
object[] objArray = new object[] { authorizationScheme };
throw new AuthenticationFailureException(string.Format(invariantCulture, "Authentication scheme {0} is not supported", objArray));
}
if (!requestAuthScheme.Equals(SupportedAuthScheme.SharedKey) && !requestAuthScheme.Equals(SupportedAuthScheme.SharedKeyLite) && !requestAuthScheme.Equals(SupportedAuthScheme.SignedKey))
{
CultureInfo cultureInfo = CultureInfo.InvariantCulture;
object[] objArray1 = new object[] { authorizationScheme };
throw new AuthenticationFailureException(string.Format(cultureInfo, "Authentication scheme {0} is not supported", objArray1));
}
NephosAssertionException.Assert(requestAuthScheme.HasValue, "Authentication scheme in request has no value");
NephosAuthenticationManager.serviceSchemeParamsParserTable[requestContext.ServiceType][requestAuthScheme.Value](requestAuthScheme.Value, authorizationSchemeParameters, uriComponents, out accountName, out signature);
}
catch (Exception exception)
{
if (!swallowException)
{
throw;
}
}
}
public static string GetStringToSignForStandardSignedKeyAuth(RequestContext requestContext, NephosUriComponents uriComponents, SupportedAuthScheme requestAuthScheme, bool isFileService = false)
{
return(AuthenticationManagerHelper.GetStringToSignForStandardSharedKeyAuth(requestContext, uriComponents, SupportedAuthScheme.SharedKey, isFileService));
}
public TableSignedAccessHelper(Microsoft.Cis.Services.Nephos.Common.RequestContext requestContext, NephosUriComponents uriComponents) : base(requestContext, uriComponents)
{
}
public static byte[] ComputeUrlDecodedUtf8EncodedStringToSign(NameValueCollection queryParams, NephosUriComponents uriComponents)
{
string item = queryParams["st"];
string str = queryParams["se"];
string item1 = queryParams["sp"];
string str1 = queryParams["srt"];
string item2 = queryParams["ss"];
string str2 = queryParams["sip"];
string item3 = queryParams["spr"];
string str3 = queryParams["sv"];
string item4 = queryParams["sep"];
StringBuilder stringBuilder = new StringBuilder();
string accountName = uriComponents.AccountName;
stringBuilder.Append(accountName ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(item1 ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(item2 ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(str1 ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(item ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(str ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(str2 ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(item3 ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(str3 ?? string.Empty);
stringBuilder.Append("\n");
if (!string.IsNullOrWhiteSpace(item4))
{
stringBuilder.Append(item4);
stringBuilder.Append("\n");
}
return((new UTF8Encoding()).GetBytes(stringBuilder.ToString()));
}
public override string ParseAccountNameFromAuthorizationHeader(RequestContext requestContext, NephosUriComponents uriComponents)
{
SupportedAuthScheme?nullable;
string str = null;
string str1 = null;
bool flag = false;
NephosAuthenticationManager.ParseSignatureParametersFromAuthorizationHeader(requestContext, uriComponents, true, out str, out str1, out nullable, out flag);
return(str);
}
public static string CanonicalizeTableHttpRequestForSharedKeyAuth(Uri address, NephosUriComponents uriComponents, string method, string contentType, NameValueCollection headers, string rawUrl)
{
StringBuilder stringBuilder = new StringBuilder(method);
TableAuthenticationHelper.AppendStringToCanonicalizedString(stringBuilder, MessageCanonicalizer.GetContentMD5(headers));
TableAuthenticationHelper.AppendStringToCanonicalizedString(stringBuilder, contentType);
TableAuthenticationHelper.AppendStringToCanonicalizedString(stringBuilder, MessageCanonicalizer.GetNephosOrStandardDateString(headers));
TableAuthenticationHelper.AppendStringToCanonicalizedString(stringBuilder, MessageCanonicalizer.GetCanonicalizedResource(address, uriComponents, rawUrl));
return(stringBuilder.ToString());
}
public static void SharedKeyParamsParser(SupportedAuthScheme scheme, string parameter, NephosUriComponents uriComponents, out string accountName, out string signature)
{
NephosAssertionException.Assert((scheme.Equals(SupportedAuthScheme.SharedKey) ? true : scheme.Equals(SupportedAuthScheme.SharedKeyLite)));
NephosAssertionException.Assert(!string.IsNullOrEmpty(parameter));
string[] strArrays = parameter.Split(HttpRequestAccessorCommon.colonDelimiter, StringSplitOptions.RemoveEmptyEntries);
if ((int)strArrays.Length != 2)
{
CultureInfo invariantCulture = CultureInfo.InvariantCulture;
object[] objArray = new object[] { "Authorization", string.Format("{0} {1}", scheme, parameter) };
throw new InvalidAuthenticationInfoException(string.Format(invariantCulture, "{0} value '{1}' is invalid.", objArray));
}
accountName = strArrays[0];
signature = strArrays[1];
}
public static string CanonicalizeTableHttpRequestForSharedKeyAuth(Uri address, NephosUriComponents uriComponents, string method, string contentType, NameValueCollection headers)
{
return(TableAuthenticationHelper.CanonicalizeTableHttpRequestForSharedKeyAuth(address, uriComponents, method, contentType, headers, null));
}
public static string GetStringToSignForNephosSharedKeyAuth(RequestContext requestContext, NephosUriComponents uriComponents)
{
return(TableAuthenticationHelper.CanonicalizeTableHttpRequestForSharedKeyAuth(requestContext.RequestUrl, uriComponents, requestContext.HttpMethod, requestContext.RequestContentType, requestContext.RequestHeaders, requestContext.RequestRawUrlString));
}
public static byte[] ComputeUrlDecodedUtf8EncodedStringToSign(string st, string se, string sp, string si, string sip, string spr, string sv, string tn, string spk, string srk, string epk, string erk, string sep, NephosUriComponents uriComponents)
{
StringBuilder stringBuilder = new StringBuilder();
stringBuilder.Append(sp ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(st ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(se ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(TableSignedAccessHelper.GetCanonicalizedResource(uriComponents, tn, sv));
stringBuilder.Append("\n");
stringBuilder.Append(si ?? string.Empty);
stringBuilder.Append("\n");
if (!VersioningHelper.IsPreApril15OrInvalidVersion(sv))
{
stringBuilder.Append(sip ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(spr ?? string.Empty);
stringBuilder.Append("\n");
}
stringBuilder.Append(sv ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(spk ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(srk ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(epk ?? string.Empty);
stringBuilder.Append("\n");
stringBuilder.Append(erk ?? string.Empty);
if (sep != null)
{
stringBuilder.Append("\n");
stringBuilder.Append(sep);
}
return((new UTF8Encoding()).GetBytes(stringBuilder.ToString()));
}
private static AuthenticationInformation GetAuthInfoForScheme(IStorageAccount account, SupportedAuthScheme authScheme, RequestContext requestContext, NephosUriComponents uriComponents, bool isInterStampAuthentication)
{
if (authScheme != SupportedAuthScheme.SharedKey && authScheme != SupportedAuthScheme.SharedKeyLite && authScheme != SupportedAuthScheme.SignedKey)
{
return(null);
}
Collection <AuthDataEntry> authDataEntries = new Collection <AuthDataEntry>();
if (account.SecretKeysV3 == null)
{
Logger <IRestProtocolHeadLogger> .Instance.Critical.Log("Attempting to authenticate against account {0} which does not have secretKeyListV3", new object[] { account.Name });
}
else
{
foreach (SecretKeyV3 secretKeysV3 in account.SecretKeysV3)
{
authDataEntries.Add(new AuthDataEntry(secretKeysV3.Name, secretKeysV3.Value, secretKeysV3.Permissions));
}
}
return(new AuthenticationInformation("SharedKey", authScheme, authDataEntries, requestContext, uriComponents, isInterStampAuthentication));
}