public void Can_verify_signature_with_multiple_signed_headers() { var uri = new Uri("https://intelliflo.com"); var method = "POST"; var body = "hey"; var unsignedRequest = SignatureRequest.CreateSignRequest(uri, time, appId, secret, method, body); unsignedRequest.Headers.Add("Content-Type", "text/plain"); unsignedRequest.Headers.Add("Accept", "text/plain"); unsignedRequest.SignedHeaders.Clear(); foreach (var key in unsignedRequest.Headers.Keys) { unsignedRequest.SignedHeaders.Add(key); } var signedUrl = underTest.Sign(unsignedRequest); var signedRequest = SignatureRequest.CreateVerificationRequest(signedUrl, time.AddSeconds(1), secret, method, 60, body, unsignedRequest.Headers); signedRequest.SignedHeaders.Clear(); foreach (var header in unsignedRequest.SignedHeaders) { signedRequest.SignedHeaders.Add(header); } underTest.Verify(signedRequest).Should().BeTrue(); }
public void CreateSignRequest_With_Default_Parameters_Should_Create_Expected_Request() { var actual = SignatureRequest.CreateSignRequest( new Uri("http://google.com?q=dragon"), new DateTime(2013, 5, 23, 10, 11, 13, DateTimeKind.Utc), "credential1", "secret1"); actual.Should().BeEquivalentTo( new SignatureRequest { Algorithm = "IO2-HMAC-SHA256", Body = null, Headers = new Dictionary <string, string> { ["Host"] = "google.com" }, Credential = "credential1", CurrentTime = DateTime.MinValue, Url = new Uri("http://google.com?q=dragon"), Method = "GET", ExpirySeconds = 60, SignedHeaders = new List <string> { "Host" }, Timestamp = new DateTime(2013, 5, 23, 10, 11, 13, DateTimeKind.Utc), Secret = "secret1", Signature = null }); }
public static IEnumerable <object[]> CreateTestCases() { yield return(new object[] { SignatureRequest.CreateSignRequest( new Uri( "http://development.matrix.local.co.uk/Pages/Account/IOAppInstall.aspx?event=before_appinstall&ioUserID=81960&ioAppID=fbd9844&ioReturnUrl=https://uat-apps.intelligent-office.net/preview-apps/fbd9844/install/preview?token=fbd9844-1518435999701"), new DateTime(2018, 2, 22, 11, 46, 39, DateTimeKind.Utc), "xxx", "fbd9844", "GET", null, 900), "http://development.matrix.local.co.uk/Pages/Account/IOAppInstall.aspx?event=before_appinstall&ioUserID=81960&ioAppID=fbd9844&ioReturnUrl=https://uat-apps.intelligent-office.net/preview-apps/fbd9844/install/preview?token=fbd9844-1518435999701&x-iflo-Algorithm=IO2-HMAC-SHA256&x-iflo-Credential=xxx&x-iflo-Date=20180222T114639Z&x-iflo-SignedHeaders=host&x-iflo-Signature=52ca5b4b18373eb2d255eb9ee68bc8968a0ace9d69b8870c4aed37dd1bc2e7c3" }); yield return(new object[] { SignatureRequest.CreateSignRequest( new Uri( "http://development.matrix.local.co.uk/Pages/Account/IOAppInstall.aspx?event=before_appinstall&ioUserID=81960&ioAppID=fbd9844&ioReturnUrl=https%3A%2F%2Fuat-apps.intelligent-office.net%2Fpreview-apps%2Ffbd9844%2Finstall%2Fpreview%3Ftoken%3Dfbd9844-1518435999701"), new DateTime(2019, 2, 22, 11, 46, 39, DateTimeKind.Utc), "aaa", "fbd9844"), "http://development.matrix.local.co.uk/Pages/Account/IOAppInstall.aspx?event=before_appinstall&ioUserID=81960&ioAppID=fbd9844&ioReturnUrl=https:%2F%2Fuat-apps.intelligent-office.net%2Fpreview-apps%2Ffbd9844%2Finstall%2Fpreview%3Ftoken%3Dfbd9844-1518435999701&x-iflo-Algorithm=IO2-HMAC-SHA256&x-iflo-Credential=aaa&x-iflo-Date=20190222T114639Z&x-iflo-SignedHeaders=host&x-iflo-Signature=1e8504d60c37391426e233818b9f2cd7dde4f2bd6e3719609103d09d28f30db6" }); yield return(new object[] { SignatureRequest.CreateSignRequest( new Uri( "http://dragon.local.co.uk/Pages/Account/IOAppInstall.aspx?event=before_appinstall&ioUserID=81960&ioAppID=fbd9844&ioReturnUrl=https://uat-apps.intelligent-office.net/preview-apps/fbd9844/install/preview?token=fbd9844-1518435999701"), new DateTime(2018, 2, 22, 11, 46, 39, DateTimeKind.Utc), "xxx", "fbd9844", "GET", null, 900), "http://dragon.local.co.uk/Pages/Account/IOAppInstall.aspx?event=before_appinstall&ioUserID=81960&ioAppID=fbd9844&ioReturnUrl=https://uat-apps.intelligent-office.net/preview-apps/fbd9844/install/preview?token=fbd9844-1518435999701&x-iflo-Algorithm=IO2-HMAC-SHA256&x-iflo-Credential=xxx&x-iflo-Date=20180222T114639Z&x-iflo-SignedHeaders=host&x-iflo-Signature=8cc267d46588af28dab6404eaa0e92986895ea21d3a369f3496634b92ad1921a" }); yield return(new object[] { SignatureRequest.CreateSignRequest( new Uri( "https://developer.intelliflo.com/docs/Pre-SignedURLs?x=y&foo=bar"), new DateTime(2018, 2, 22, 11, 46, 39, DateTimeKind.Utc), "myCredential", "mySecret", "GET", null, 900), "https://developer.intelliflo.com/docs/Pre-SignedURLs?x=y&foo=bar&x-iflo-Algorithm=IO2-HMAC-SHA256&x-iflo-Credential=myCredential&x-iflo-Date=20180222T114639Z&x-iflo-SignedHeaders=host&x-iflo-Signature=7664790e62b988b01ebff76716cd5c6c651cc6b0ba350c7b6be29278f347a77e" }); }
public void Verify_When_v2_Algorithm_User_Should_Return_True(string url, string method, string body, int futureSeconds) { var uri = new Uri(url); var unsignedRequest = SignatureRequest.CreateSignRequest(uri, time, appId, secret, method, body, algorithm: "IO2-HMAC-SHA256"); var signedUrl = underTest.Sign(unsignedRequest); var signedRequest = SignatureRequest.CreateVerificationRequest(signedUrl, time.AddSeconds(futureSeconds), secret, method, 60, body); underTest.Verify(signedRequest).Should().BeTrue(); }
public void Cannot_verify_signature(string url, string method, string body, string testSecret, int futureSeconds) { var uri = new Uri(First(url)); var unsignedRequest = SignatureRequest.CreateSignRequest(uri, time, appId, First(testSecret), First(method), First(body)); var signedUrl = underTest.Sign(unsignedRequest); signedUrl = new Uri(signedUrl.AbsoluteUri.Replace(First(url), Second(url))); var signedRequest = SignatureRequest.CreateVerificationRequest(signedUrl, time.AddSeconds(futureSeconds), testSecret, Second(method), 60, Second(body)); underTest.Verify(signedRequest).Should().BeFalse(); }