public async Task MustReturn200WhenBewitIsValid() { using (var invoker = new HttpMessageInvoker(server)) { using (var request = new HttpRequestMessage(HttpMethod.Get, URI)) { var client = new HawkClient(() => ServerFactory.DefaultCredential); await client.CreateBewitAsync(request, 10); using (var response = await invoker.SendAsync(request, CancellationToken.None)) { Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); Assert.AreEqual("Thanks for flying Hawk", await response.Content.ReadAsAsync<string>()); Assert.IsFalse(response.Headers.Contains(HawkConstants.ServerAuthorizationHeaderName)); } } } }
static void Main(string[] args) { var credential = new Credential() { Id = "dh37fgj492je", Algorithm = SupportedAlgorithms.SHA256, User = "******", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn" }; string uri = "http://localhost:12345/api/values"; var client = new HttpClient(); // GET using the Authorization header var request = new HttpRequestMessage(HttpMethod.Get, uri); request.Headers.Add("X-Request-Header-To-Protect", "Swoosh"); var hawkClient = new HawkClient(() => credential); hawkClient.ApplicationSpecificData = "X-Request-Header-To-Protect:Swoosh"; // Normalized header hawkClient.CreateClientAuthorizationAsync(request).Wait(); var response = client.SendAsync(request).Result; var isAuthentic = hawkClient.AuthenticateAsync(response).Result; Console.WriteLine(isAuthentic ? response.Content.ReadAsStringAsync().Result : "Response is Tampered"); // GET using Bewit hawkClient = new HawkClient(() => credential); string bewit = hawkClient.CreateBewitAsync(new HttpRequestMessage() { RequestUri = new Uri(uri) }, lifeSeconds:60).Result; // Bewit is handed off to a client needing temporary access to the resource. var clientNeedingTempAccess = new WebClient(); var resource = clientNeedingTempAccess.DownloadString(uri + "?bewit=" + bewit); Console.WriteLine(resource); Console.Read(); }
static void Main(string[] args) { string uri = "http://localhost:12345/api/values"; string headerName = "X-Response-Header-To-Protect"; var credential = new Credential() { Id = "dh37fgj492je", Algorithm = SupportedAlgorithms.SHA256, User = "******", Key = "werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn" }; // GET and POST using the Authorization header var handler = new HawkValidationHandler(credentialsCallback: () => credential, verificationCallback: (r, ext) => ext.Equals(headerName + ":" + r.Headers.GetValues(headerName).First())); HttpClient client = HttpClientFactory.Create(handler); var response = client.GetAsync(uri).Result; Console.WriteLine(response.Content.ReadAsStringAsync().Result); response = client.PostAsJsonAsync(uri, credential.User).Result; Console.WriteLine(response.Content.ReadAsStringAsync().Result); // GET using Bewit var hawkClient = new HawkClient(() => credential); string bewit = hawkClient.CreateBewitAsync(new HttpRequestMessage() { RequestUri = new Uri(uri) }, lifeSeconds:60).Result; // Bewit is handed off to a client needing temporary access to the resource. var clientNeedingTempAccess = new WebClient(); var resource = clientNeedingTempAccess.DownloadString(uri + "?bewit=" + bewit); Console.WriteLine(resource); Console.Read(); }
public async Task MustReturn401WhenUriIsTampered() { using (var invoker = new HttpMessageInvoker(server)) { using (var request = new HttpRequestMessage(HttpMethod.Get, URI)) { var client = new HawkClient(() => ServerFactory.DefaultCredential); string bewit = await client.CreateBewitAsync(request, 10); var parts = bewit.ToUtf8StringFromBase64Url().Split('\\'); string id = parts[0]; string timestamp = parts[1]; string mac = parts[2]; string ext = parts[3]; string tamperedBewit = String.Format(@"{0}\{1}\{2}\{3}", "Id of my choice", timestamp, mac, ext); tamperedBewit = tamperedBewit.ToBytesFromUtf8().ToBase64UrlString(); using (var freshRequest = new HttpRequestMessage()) { string tamperedUri = URI + "/1"; freshRequest.RequestUri = new Uri(tamperedUri + "?bewit=" + tamperedBewit); using (var response = await invoker.SendAsync(freshRequest, CancellationToken.None)) { Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode); } } } } }
public async Task MustThrowInvalidOperationExceptionWhenBewitUsedWithPost() { using (var invoker = new HttpMessageInvoker(server)) { using (var request = new HttpRequestMessage(HttpMethod.Post, URI)) { var client = new HawkClient(() => ServerFactory.DefaultCredential); await client.CreateBewitAsync(request, 10); await invoker.SendAsync(request, CancellationToken.None); } } }
public async Task MustReturn401WhenBewitHasExpired() { using (var invoker = new HttpMessageInvoker(server)) { using (var request = new HttpRequestMessage(HttpMethod.Get, URI)) { var client = new HawkClient(() => ServerFactory.DefaultCredential); await client.CreateBewitAsync(request, 0); // no life in it using (var response = await invoker.SendAsync(request, CancellationToken.None)) { Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode); } } } }