private void ParseResponseHeader(IRestResponse response)
{
var wwwAuthenticateHeader = response.Headers.GetValues("WWW-Authenticate").First();
_realm = GrabHeaderVar("realm", wwwAuthenticateHeader);
_nonce = GrabHeaderVar("nonce", wwwAuthenticateHeader);
var algorithm = GrabHeaderVar("algorithm", wwwAuthenticateHeader, "MD5");
switch (algorithm.ToLower())
{
case "md5":
_algorithm = Algorithm.MD5;
break;
case "md5-sess":
_algorithm = Algorithm.MD5sess;
break;
default:
throw new NotSupportedException(string.Format("Unsupported algorithm {0}", algorithm));
}
var qopParts = GrabHeaderVar("qop", wwwAuthenticateHeader, "")
.Split(',');
_qop = QualityOfProtection.Undefined;
foreach (var qopPart in qopParts.Where(x => !string.IsNullOrWhiteSpace(x)).Select(x => x.Trim().ToLower()))
{
switch (qopPart)
{
case "auth":
_qop |= QualityOfProtection.Auth;
break;
case "auth-int":
_qop |= QualityOfProtection.AuthInt;
break;
default:
throw new NotSupportedException(string.Format("Unsupported QOP {0}", qopPart));
}
}
_nc = 0;
_opaque = GrabHeaderVar("opaque", wwwAuthenticateHeader, string.Empty);
_cnonce = new Random().Next(123400, 9999999).ToString(CultureInfo.InvariantCulture);
_cnonceDate = DateTime.Now;
}
public static string GetQOPString(QualityOfProtection qop)
{
switch (qop)
{
case QualityOfProtection.AuthenticationOnly:
return("auth");
case QualityOfProtection.AuthenticationWithIntegrityProtection:
return("auth-int");
case QualityOfProtection.AuthenticationWithIntegrityAndPrivacyProtection:
return("auth-conf");
default:
return("");
}
}
private void ParseResponseHeader(string authenticateHeader)
{
_realm = GrabHeaderVar("realm", authenticateHeader);
_nonce = GrabHeaderVar("nonce", authenticateHeader);
var algorithm = GrabHeaderVar("algorithm", authenticateHeader, "MD5");
switch (algorithm.ToLower())
{
case "md5":
_algorithm = Algorithm.MD5;
break;
case "md5-sess":
_algorithm = Algorithm.MD5sess;
break;
default:
throw new NotSupportedException(string.Format("Unsupported algorithm {0}", algorithm));
}
var qopParts = GrabHeaderVar("qop", authenticateHeader, string.Empty)
.Split(',');
_qop = QualityOfProtection.Undefined;
foreach (var qopPart in qopParts.Where(x => !string.IsNullOrWhiteSpace(x)).Select(x => x.Trim().ToLower()))
{
switch (qopPart)
{
case "auth":
_qop |= QualityOfProtection.Auth;
break;
case "auth-int":
_qop |= QualityOfProtection.AuthInt;
break;
default:
throw new NotSupportedException(string.Format("Unsupported QOP {0}", qopPart));
}
}
_nc = 0;
_opaque = GrabHeaderVar("opaque", authenticateHeader, string.Empty);
_cnonce = new Random().Next(123400, 9999999).ToString(CultureInfo.InvariantCulture);
_cnonceDate = DateTime.Now;
}
/// <summary> Matches credentials. </summary>
/// <remarks> ebrown, 3/28/2011. </remarks>
/// <exception cref="ArgumentNullException"> Thrown when realm, nonce or password are null. </exception>
/// <exception cref="NotImplementedException"> Thrown when the current DigestHeader is set to 'auth-int', which is presently
/// unsupported. </exception>
/// <exception cref="NotSupportedException"> Thrown when the DigestHeaders HTTP method is unrecognized or not supported. </exception>
/// <param name="realm"> The realm. </param>
/// <param name="opaque"> The opaque. </param>
/// <param name="password"> The password. </param>
/// <returns> true if it succeeds, false if it fails. </returns>
public bool MatchesCredentials(string realm, string opaque, string password)
{
if (null == realm)
{
throw new ArgumentNullException("realm");
}
if (null == password)
{
throw new ArgumentNullException("password");
}
if (DigestQualityOfProtectionType.AuthenticationWithIntegrity == QualityOfProtection)
{
throw new NotImplementedException("auth-int is not currently supported");
}
if (!Verb.IsEnumFromEnumValue <HttpMethodNames>())
{
throw new NotSupportedException(String.Format("The verb {0} specified is not valid", Verb));
}
var encoding = Encoding.GetEncoding("ISO-8859-1");
using (var algorithm = MD5.Create())
{
//client to server opaque must match
if (Opaque != opaque)
{
return(false);
}
//client to server realm must match
if (realm != Realm)
{
return(false);
}
//valid for auth, auth-int and unspecified
string hash1 = HashHelpers.SafeHash(algorithm,
encoding.GetBytes(string.Format(CultureInfo.InvariantCulture, "{0}:{1}:{2}", UserName, Realm, password)));
//valid for auth and unspecified
string hash2 = HashHelpers.SafeHash(algorithm,
encoding.GetBytes(string.Format(CultureInfo.InvariantCulture, "{0}:{1}", Verb, Uri)));
if (QualityOfProtection == DigestQualityOfProtectionType.Authentication)
{
return(Response == HashHelpers.SafeHash(algorithm,
encoding.GetBytes(string.Format(CultureInfo.InvariantCulture, "{0}:{1}:{2:00000000.##}:{3}:{4}:{5}", hash1, Nonce,
RequestCounter, ClientNonce, QualityOfProtection.ToEnumValueString(), hash2))));
}
return(Response == HashHelpers.SafeHash(algorithm,
encoding.GetBytes(string.Format(CultureInfo.InvariantCulture, "{0}:{1}:{2}", hash1, Nonce, hash2))));
}
}
