/// <summary> /// Initializes a new instance of the <see cref="HttpRequest" /> class. /// </summary> public HttpRequest() { _cookies = new HttpCookieCollection<IHttpCookie>(); _files = new HttpFileCollection(); _queryString = new ParameterCollection(); _form = new ParameterCollection(); }
public void DecodeAuthorization() { var str = @"username=""ddssd"", realm=""DragonsDen"", nonce=""f09b846b702648ba871d82a6f908a6cc"", uri=""/"", algorithm=MD5, response=""d02b37c0e90773b21d3b8c8c448b1e9b"", qop=auth, nc=00000006, cnonce=""ad22c414546923eb"""; var parameters = new ParameterCollection(); var parser = new NameValueParser(); parser.Parse(str, parameters); Assert.Equal("ddssd", parameters["username"]); Assert.Equal("DragonsDen", parameters["realm"]); Assert.Equal("f09b846b702648ba871d82a6f908a6cc", parameters["nonce"]); Assert.Equal("/", parameters["uri"]); Assert.Equal("MD5", parameters["algorithm"]); Assert.Equal("d02b37c0e90773b21d3b8c8c448b1e9b", parameters["response"]); Assert.Equal("auth", parameters["qop"]); Assert.Equal("00000006", parameters["nc"]); Assert.Equal("ad22c414546923eb", parameters["cnonce"]); }
public IAuthenticationUser Authenticate(IRequest request) { var authHeader = request.Headers["Authorization"]; if (authHeader == null) return null; var parser = new NameValueParser(); var parameters = new ParameterCollection(); parser.Parse(authHeader.Value.Remove(0, AuthenticationScheme.Length + 1), parameters); var nc = int.Parse(parameters["nc"], NumberStyles.AllowHexSpecifier); if (!_nonceService.IsValid(parameters["nonce"], nc) && !DisableNonceCheck) throw new HttpException(HttpStatusCode.Forbidden, "Invalid nonce/nc."); // request authentication information var username = parameters["username"]; var user = _userService.Lookup(username, request.Uri); if (user == null) return null; var uri = parameters["uri"]; // Encode authentication info var ha1 = string.IsNullOrEmpty(user.HA1) ? GetHa1(_realmRepository.GetRealm(request), username, user.Password) : user.HA1; // encode challenge info var a2 = String.Format("{0}:{1}", request.Method, uri); var ha2 = GetMd5HashBinHex(a2); var hashedDigest = Encrypt(ha1, ha2, parameters["qop"], parameters["nonce"], parameters["nc"], parameters["cnonce"]); //validate if (parameters["response"] == hashedDigest) { return user; } return null; }