protected virtual async Task <(bool Result, string Body)> IsValid(RequestVerifier verifier, Microsoft.AspNetCore.Http.HttpRequest request)
{
long.TryParse(request.Headers[RequestVerifier.TimestampHeaderName], out var timestamp);
if (RequireBodyRewind)
{
request.EnableBuffering();
}
using var sr = new StreamReader(request.Body);
var bodyText = await sr.ReadToEndAsync();
if (RequireBodyRewind)
{
request.Body.Position = 0;
}
var result = verifier.Verify(request.Headers[RequestVerifier.SignatureHeaderName], timestamp, bodyText);
return(result, bodyText);
}
public void VerifierFailsAlteredSig()
{
var verifier = new RequestVerifier(SigningSecret);
Assert.False(verifier.Verify(ExpectedSig, Timestamp, Body));
}
public void VerifierValidatesExpectedSig()
{
var verifier = new RequestVerifier(SigningSecret, TimeSpan.MaxValue);
Assert.True(verifier.Verify(ExpectedSig, Timestamp, Body));
}