private void ParseResponseHeader(IRestResponse response) { var wwwAuthenticateHeader = response.Headers.GetValues("WWW-Authenticate").First(); _realm = GrabHeaderVar("realm", wwwAuthenticateHeader); _nonce = GrabHeaderVar("nonce", wwwAuthenticateHeader); var algorithm = GrabHeaderVar("algorithm", wwwAuthenticateHeader, "MD5"); switch (algorithm.ToLower()) { case "md5": _algorithm = Algorithm.MD5; break; case "md5-sess": _algorithm = Algorithm.MD5sess; break; default: throw new NotSupportedException(string.Format("Unsupported algorithm {0}", algorithm)); } var qopParts = GrabHeaderVar("qop", wwwAuthenticateHeader, "") .Split(','); _qop = QualityOfProtection.Undefined; foreach (var qopPart in qopParts.Where(x => !string.IsNullOrWhiteSpace(x)).Select(x => x.Trim().ToLower())) { switch (qopPart) { case "auth": _qop |= QualityOfProtection.Auth; break; case "auth-int": _qop |= QualityOfProtection.AuthInt; break; default: throw new NotSupportedException(string.Format("Unsupported QOP {0}", qopPart)); } } _nc = 0; _opaque = GrabHeaderVar("opaque", wwwAuthenticateHeader, string.Empty); _cnonce = new Random().Next(123400, 9999999).ToString(CultureInfo.InvariantCulture); _cnonceDate = DateTime.Now; }
public static string GetQOPString(QualityOfProtection qop) { switch (qop) { case QualityOfProtection.AuthenticationOnly: return("auth"); case QualityOfProtection.AuthenticationWithIntegrityProtection: return("auth-int"); case QualityOfProtection.AuthenticationWithIntegrityAndPrivacyProtection: return("auth-conf"); default: return(""); } }
private void ParseResponseHeader(string authenticateHeader) { _realm = GrabHeaderVar("realm", authenticateHeader); _nonce = GrabHeaderVar("nonce", authenticateHeader); var algorithm = GrabHeaderVar("algorithm", authenticateHeader, "MD5"); switch (algorithm.ToLower()) { case "md5": _algorithm = Algorithm.MD5; break; case "md5-sess": _algorithm = Algorithm.MD5sess; break; default: throw new NotSupportedException(string.Format("Unsupported algorithm {0}", algorithm)); } var qopParts = GrabHeaderVar("qop", authenticateHeader, string.Empty) .Split(','); _qop = QualityOfProtection.Undefined; foreach (var qopPart in qopParts.Where(x => !string.IsNullOrWhiteSpace(x)).Select(x => x.Trim().ToLower())) { switch (qopPart) { case "auth": _qop |= QualityOfProtection.Auth; break; case "auth-int": _qop |= QualityOfProtection.AuthInt; break; default: throw new NotSupportedException(string.Format("Unsupported QOP {0}", qopPart)); } } _nc = 0; _opaque = GrabHeaderVar("opaque", authenticateHeader, string.Empty); _cnonce = new Random().Next(123400, 9999999).ToString(CultureInfo.InvariantCulture); _cnonceDate = DateTime.Now; }
/// <summary> Matches credentials. </summary> /// <remarks> ebrown, 3/28/2011. </remarks> /// <exception cref="ArgumentNullException"> Thrown when realm, nonce or password are null. </exception> /// <exception cref="NotImplementedException"> Thrown when the current DigestHeader is set to 'auth-int', which is presently /// unsupported. </exception> /// <exception cref="NotSupportedException"> Thrown when the DigestHeaders HTTP method is unrecognized or not supported. </exception> /// <param name="realm"> The realm. </param> /// <param name="opaque"> The opaque. </param> /// <param name="password"> The password. </param> /// <returns> true if it succeeds, false if it fails. </returns> public bool MatchesCredentials(string realm, string opaque, string password) { if (null == realm) { throw new ArgumentNullException("realm"); } if (null == password) { throw new ArgumentNullException("password"); } if (DigestQualityOfProtectionType.AuthenticationWithIntegrity == QualityOfProtection) { throw new NotImplementedException("auth-int is not currently supported"); } if (!Verb.IsEnumFromEnumValue <HttpMethodNames>()) { throw new NotSupportedException(String.Format("The verb {0} specified is not valid", Verb)); } var encoding = Encoding.GetEncoding("ISO-8859-1"); using (var algorithm = MD5.Create()) { //client to server opaque must match if (Opaque != opaque) { return(false); } //client to server realm must match if (realm != Realm) { return(false); } //valid for auth, auth-int and unspecified string hash1 = HashHelpers.SafeHash(algorithm, encoding.GetBytes(string.Format(CultureInfo.InvariantCulture, "{0}:{1}:{2}", UserName, Realm, password))); //valid for auth and unspecified string hash2 = HashHelpers.SafeHash(algorithm, encoding.GetBytes(string.Format(CultureInfo.InvariantCulture, "{0}:{1}", Verb, Uri))); if (QualityOfProtection == DigestQualityOfProtectionType.Authentication) { return(Response == HashHelpers.SafeHash(algorithm, encoding.GetBytes(string.Format(CultureInfo.InvariantCulture, "{0}:{1}:{2:00000000.##}:{3}:{4}:{5}", hash1, Nonce, RequestCounter, ClientNonce, QualityOfProtection.ToEnumValueString(), hash2)))); } return(Response == HashHelpers.SafeHash(algorithm, encoding.GetBytes(string.Format(CultureInfo.InvariantCulture, "{0}:{1}:{2}", hash1, Nonce, hash2)))); } }