/// <summary>
/// Tries to parse an authorization header from an Authorization header style string.
/// </summary>
/// <param name="authorizationString">The authorization string.</param>
/// <param name="encoding">The encoding.</param>
/// <param name="header">The authorization header to output.</param>
/// <returns>true if the authorization was valid; otherwise, false.</returns>
public static bool TryParse(string authorizationString, Encoding encoding, out AuthorizationHeader header)
{
if (String.IsNullOrWhiteSpace(authorizationString))
{
header = null;
return false;
}
var items = ParseAuthorizationItems(authorizationString);
string authenticationType;
if (!items.TryGetValue(AuthenticationTypeKey, out authenticationType) || String.IsNullOrWhiteSpace(authenticationType))
{
header = null;
return false;
}
bool isBasic = String.Equals("Basic", authenticationType, StringComparison.OrdinalIgnoreCase);
string credentials, userName, password;
if (isBasic && items.TryGetValue(AuthenticationCredentialsKey, out credentials))
{
Tuple<string, string> basicCredentials = GetBasicCredentials(encoding, credentials);
userName = basicCredentials.Item1;
password = basicCredentials.Item2;
}
else
{
if (!items.TryGetValue(UserNameKey, out userName))
{
userName = null;
}
password = null;
}
header = new AuthorizationHeader(authenticationType, GenerateParameters(items))
{
UserName = userName,
Password = password
};
return true;
}
private Tuple<bool, bool> ValidateResponse(IServiceContext serviceContext, AuthorizationHeader header, Credentials credentials)
{
if (String.IsNullOrWhiteSpace(header.UserName) || header.Parameters == null)
{
return Tuple.Create(false, false);
}
string ipAddress = serviceContext.Request.ServerVariables.RemoteAddress;
if (String.IsNullOrWhiteSpace(ipAddress))
{
return Tuple.Create(false, false);
}
string response = header.Parameters.Get("response");
if (String.IsNullOrWhiteSpace(response))
{
return Tuple.Create(false, false);
}
string realm = header.Parameters.Get("realm");
if (String.IsNullOrWhiteSpace(realm))
{
return Tuple.Create(false, false);
}
string uri = header.Parameters.Get("uri");
if (String.IsNullOrWhiteSpace(uri))
{
return Tuple.Create(false, false);
}
if (String.IsNullOrEmpty(credentials.Password))
{
return Tuple.Create(false, false);
}
string nonce = header.Parameters.Get("nonce");
Tuple<bool, bool> nonceValidationResult = ValidateNonce(serviceContext, nonce);
if (!nonceValidationResult.Item1)
{
return nonceValidationResult;
}
string ha1 = m_encoder.Encode(String.Format(CultureInfo.InvariantCulture, "{0}:{1}:{2}", header.UserName, realm, credentials.Password));
string ha2 = m_encoder.Encode(String.Format(CultureInfo.InvariantCulture, "{0}:{1}", serviceContext.Request.Method.ToString().ToUpperInvariant(), uri));
string expectedResponse = GenerateExpectedResponse(header, ha1, ha2, nonce);
if (expectedResponse == null)
{
return Tuple.Create(false, false);
}
return Tuple.Create(String.Equals(expectedResponse, response, StringComparison.Ordinal), false);
}
private string GenerateExpectedResponse(AuthorizationHeader header, string ha1, string ha2, string nonce)
{
if (Qop != QualityOfProtection.Auth)
{
return m_encoder.Encode(String.Format(CultureInfo.InvariantCulture, "{0}:{1}:{2}", ha1, nonce, ha2));
}
string nonceCounter = header.Parameters.Get("nc");
string clientNonce = header.Parameters.Get("cnonce");
if (String.IsNullOrEmpty(nonceCounter) || String.IsNullOrEmpty(clientNonce))
{
return null;
}
return m_encoder.Encode(String.Format(CultureInfo.InvariantCulture, "{0}:{1}:{2}:{3}:{4}:{5}", ha1, nonce, nonceCounter, clientNonce, "auth", ha2));
}
/// <summary>
/// Tries to parse an authorization header from an Authorization header style string.
/// </summary>
/// <param name="authorizationString">The authorization string.</param>
/// <param name="header">The authorization header to output.</param>
/// <returns>true if the authorization was valid; otherwise, false.</returns>
public static bool TryParse(string authorizationString, out AuthorizationHeader header)
{
return TryParse(authorizationString, Encoding.UTF8, out header);
}