1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
|
//-----------------------------------------------------------------------
// <copyright file="SigningBindingElementBase.cs" company="Outercurve Foundation">
// Copyright (c) Outercurve Foundation. All rights reserved.
// </copyright>
//-----------------------------------------------------------------------
namespace DotNetOpenAuth.OAuth.ChannelElements {
using System;
using System.Collections.Generic;
using System.Collections.Specialized;
using System.Diagnostics.CodeAnalysis;
using System.Globalization;
using System.Linq;
using System.Text;
using System.Threading;
using System.Threading.Tasks;
using System.Web;
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.Messaging.Bindings;
using DotNetOpenAuth.Messaging.Reflection;
using Validation;
/// <summary>
/// A binding element that signs outgoing messages and verifies the signature on incoming messages.
/// </summary>
public abstract class SigningBindingElementBase : ITamperProtectionChannelBindingElement {
/// <summary>
/// The signature method this binding element uses.
/// </summary>
private string signatureMethod;
/// <summary>
/// Initializes a new instance of the <see cref="SigningBindingElementBase"/> class.
/// </summary>
/// <param name="signatureMethod">The OAuth signature method that the binding element uses.</param>
internal SigningBindingElementBase(string signatureMethod) {
this.signatureMethod = signatureMethod;
}
#region IChannelBindingElement Properties
/// <summary>
/// Gets the message protection provided by this binding element.
/// </summary>
public MessageProtections Protection {
get { return MessageProtections.TamperProtection; }
}
/// <summary>
/// Gets or sets the channel that this binding element belongs to.
/// </summary>
public Channel Channel { get; set; }
#endregion
#region ITamperProtectionChannelBindingElement members
/// <summary>
/// Gets or sets the delegate that will initialize the non-serialized properties necessary on a signed
/// message so that its signature can be correctly calculated for verification.
/// </summary>
public Action<ITamperResistantOAuthMessage> SignatureCallback { get; set; }
/// <summary>
/// Creates a new object that is a copy of the current instance.
/// </summary>
/// <returns>
/// A new object that is a copy of this instance.
/// </returns>
ITamperProtectionChannelBindingElement ITamperProtectionChannelBindingElement.Clone() {
ITamperProtectionChannelBindingElement clone = this.Clone();
clone.SignatureCallback = this.SignatureCallback;
return clone;
}
#endregion
#region IChannelBindingElement Methods
/// <summary>
/// Signs the outgoing message.
/// </summary>
/// <param name="message">The message to sign.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>
/// The protections (if any) that this binding element applied to the message.
/// Null if this binding element did not even apply to this binding element.
/// </returns>
public Task<MessageProtections?> ProcessOutgoingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken) {
var signedMessage = message as ITamperResistantOAuthMessage;
if (signedMessage != null && this.IsMessageApplicable(signedMessage)) {
if (this.SignatureCallback != null) {
this.SignatureCallback(signedMessage);
} else {
Logger.Bindings.Warn("Signing required, but callback delegate was not provided to provide additional data for signing.");
}
signedMessage.SignatureMethod = this.signatureMethod;
Logger.Bindings.DebugFormat("Signing {0} message using {1}.", message.GetType().Name, this.signatureMethod);
signedMessage.Signature = this.GetSignature(signedMessage);
return MessageProtectionTasks.TamperProtection;
}
return MessageProtectionTasks.Null;
}
/// <summary>
/// Verifies the signature on an incoming message.
/// </summary>
/// <param name="message">The message whose signature should be verified.</param>
/// <param name="cancellationToken">The cancellation token.</param>
/// <returns>
/// The protections (if any) that this binding element applied to the message.
/// Null if this binding element did not even apply to this binding element.
/// </returns>
/// <exception cref="InvalidSignatureException">Thrown if the signature is invalid.</exception>
public Task<MessageProtections?> ProcessIncomingMessageAsync(IProtocolMessage message, CancellationToken cancellationToken) {
var signedMessage = message as ITamperResistantOAuthMessage;
if (signedMessage != null && this.IsMessageApplicable(signedMessage)) {
Logger.Bindings.DebugFormat("Verifying incoming {0} message signature of: {1}", message.GetType().Name, signedMessage.Signature);
if (!string.Equals(signedMessage.SignatureMethod, this.signatureMethod, StringComparison.Ordinal)) {
Logger.Bindings.WarnFormat("Expected signature method '{0}' but received message with a signature method of '{1}'.", this.signatureMethod, signedMessage.SignatureMethod);
return MessageProtectionTasks.None;
}
if (this.SignatureCallback != null) {
this.SignatureCallback(signedMessage);
} else {
Logger.Bindings.Warn("Signature verification required, but callback delegate was not provided to provide additional data for signature verification.");
}
if (!this.IsSignatureValid(signedMessage)) {
Logger.Bindings.Error("Signature verification failed.");
throw new InvalidSignatureException(message);
}
return MessageProtectionTasks.TamperProtection;
}
return MessageProtectionTasks.Null;
}
#endregion
/// <summary>
/// Constructs the OAuth Signature Base String and returns the result.
/// </summary>
/// <param name="message">The message.</param>
/// <param name="messageDictionary">The message to derive the signature base string from.</param>
/// <returns>The signature base string.</returns>
/// <remarks>
/// This method implements OAuth 1.0 section 9.1.
/// </remarks>
[SuppressMessage("Microsoft.Maintainability", "CA1506:AvoidExcessiveClassCoupling", Justification = "Unavoidable")]
internal static string ConstructSignatureBaseString(ITamperResistantOAuthMessage message, MessageDictionary messageDictionary) {
Requires.NotNull(message, "message");
Requires.NotNull(message.HttpMethod, "message.HttpMethod");
Requires.NotNull(messageDictionary, "messageDictionary");
ErrorUtilities.VerifyInternal(messageDictionary.Message == message, "Message references are not equal.");
List<string> signatureBaseStringElements = new List<string>(3);
signatureBaseStringElements.Add(message.HttpMethod.ToString().ToUpperInvariant());
// For multipart POST messages, only include the message parts that are NOT
// in the POST entity (those parts that may appear in an OAuth authorization header).
var encodedDictionary = new Dictionary<string, string>();
IEnumerable<KeyValuePair<string, string>> partsToInclude = Enumerable.Empty<KeyValuePair<string, string>>();
var binaryMessage = message as IMessageWithBinaryData;
if (binaryMessage != null && binaryMessage.SendAsMultipart) {
HttpDeliveryMethods authHeaderInUseFlags = HttpDeliveryMethods.PostRequest | HttpDeliveryMethods.AuthorizationHeaderRequest;
ErrorUtilities.VerifyProtocol((binaryMessage.HttpMethods & authHeaderInUseFlags) == authHeaderInUseFlags, OAuthStrings.MultipartPostMustBeUsedWithAuthHeader);
// Include the declared keys in the signature as those will be signable.
// Cache in local variable to avoid recalculating DeclaredKeys in the delegate.
ICollection<string> declaredKeys = messageDictionary.DeclaredKeys;
partsToInclude = messageDictionary.Where(pair => declaredKeys.Contains(pair.Key));
} else {
partsToInclude = messageDictionary;
}
// If this message was deserialized, include only those explicitly included message parts (excludes defaulted values)
// in the signature.
var originalPayloadMessage = (IMessageOriginalPayload)message;
if (originalPayloadMessage.OriginalPayload != null) {
partsToInclude = partsToInclude.Where(pair => originalPayloadMessage.OriginalPayload.ContainsKey(pair.Key));
}
foreach (var pair in OAuthChannel.GetUriEscapedParameters(partsToInclude)) {
encodedDictionary[pair.Key] = pair.Value;
}
// An incoming message will already have included the query and form parameters
// in the message dictionary, but an outgoing message COULD have SOME parameters
// in the query that are not in the message dictionary because they were included
// in the receiving endpoint (the original URL).
// In an outgoing message, the POST entity can only contain parameters if they were
// in the message dictionary, so no need to pull out any parameters from there.
if (message.Recipient.Query != null) {
NameValueCollection nvc = HttpUtility.ParseQueryString(message.Recipient.Query);
foreach (string key in nvc) {
string escapedKey = MessagingUtilities.EscapeUriDataStringRfc3986(key);
string escapedValue = MessagingUtilities.EscapeUriDataStringRfc3986(nvc[key]);
string existingValue;
if (!encodedDictionary.TryGetValue(escapedKey, out existingValue)) {
encodedDictionary.Add(escapedKey, escapedValue);
} else {
ErrorUtilities.VerifyInternal(escapedValue == existingValue, "Somehow we have conflicting values for the '{0}' parameter.", escapedKey);
}
}
}
encodedDictionary.Remove("oauth_signature");
UriBuilder endpoint = new UriBuilder(message.Recipient);
endpoint.Query = null;
endpoint.Fragment = null;
signatureBaseStringElements.Add(endpoint.Uri.AbsoluteUri);
var sortedKeyValueList = new List<KeyValuePair<string, string>>(encodedDictionary);
sortedKeyValueList.Sort(SignatureBaseStringParameterComparer);
StringBuilder paramBuilder = new StringBuilder();
foreach (var pair in sortedKeyValueList) {
if (paramBuilder.Length > 0) {
paramBuilder.Append("&");
}
paramBuilder.Append(pair.Key);
paramBuilder.Append('=');
paramBuilder.Append(pair.Value);
}
signatureBaseStringElements.Add(paramBuilder.ToString());
StringBuilder signatureBaseString = new StringBuilder();
foreach (string element in signatureBaseStringElements) {
if (signatureBaseString.Length > 0) {
signatureBaseString.Append("&");
}
signatureBaseString.Append(MessagingUtilities.EscapeUriDataStringRfc3986(element));
}
Logger.Bindings.DebugFormat("Constructed signature base string: {0}", signatureBaseString);
return signatureBaseString.ToString();
}
/// <summary>
/// Calculates a signature for a given message.
/// </summary>
/// <param name="message">The message to sign.</param>
/// <returns>The signature for the message.</returns>
/// <remarks>
/// This method signs the message per OAuth 1.0 section 9.2.
/// </remarks>
internal string GetSignatureTestHook(ITamperResistantOAuthMessage message) {
return this.GetSignature(message);
}
/// <summary>
/// Gets the "ConsumerSecret&TokenSecret" string, allowing either property to be empty or null.
/// </summary>
/// <param name="message">The message to extract the secrets from.</param>
/// <returns>The concatenated string.</returns>
protected static string GetConsumerAndTokenSecretString(ITamperResistantOAuthMessage message) {
StringBuilder builder = new StringBuilder();
if (!string.IsNullOrEmpty(message.ConsumerSecret)) {
builder.Append(MessagingUtilities.EscapeUriDataStringRfc3986(message.ConsumerSecret));
}
builder.Append("&");
if (!string.IsNullOrEmpty(message.TokenSecret)) {
builder.Append(MessagingUtilities.EscapeUriDataStringRfc3986(message.TokenSecret));
}
return builder.ToString();
}
/// <summary>
/// Determines whether the signature on some message is valid.
/// </summary>
/// <param name="message">The message to check the signature on.</param>
/// <returns>
/// <c>true</c> if the signature on the message is valid; otherwise, <c>false</c>.
/// </returns>
protected virtual bool IsSignatureValid(ITamperResistantOAuthMessage message) {
Requires.NotNull(message, "message");
string signature = this.GetSignature(message);
return MessagingUtilities.EqualsConstantTime(message.Signature, signature);
}
/// <summary>
/// Clones this instance.
/// </summary>
/// <returns>A new instance of the binding element.</returns>
/// <remarks>
/// Implementations of this method need not clone the SignatureVerificationCallback member, as the
/// <see cref="SigningBindingElementBase"/> class does this.
/// </remarks>
protected abstract ITamperProtectionChannelBindingElement Clone();
/// <summary>
/// Calculates a signature for a given message.
/// </summary>
/// <param name="message">The message to sign.</param>
/// <returns>The signature for the message.</returns>
protected abstract string GetSignature(ITamperResistantOAuthMessage message);
/// <summary>
/// Checks whether this binding element applies to this message.
/// </summary>
/// <param name="message">The message that needs to be signed.</param>
/// <returns>True if this binding element can be used to sign the message. False otherwise.</returns>
protected virtual bool IsMessageApplicable(ITamperResistantOAuthMessage message) {
return string.IsNullOrEmpty(message.SignatureMethod) || message.SignatureMethod == this.signatureMethod;
}
/// <summary>
/// Sorts parameters according to OAuth signature base string rules.
/// </summary>
/// <param name="left">The first parameter to compare.</param>
/// <param name="right">The second parameter to compare.</param>
/// <returns>Negative, zero or positive.</returns>
private static int SignatureBaseStringParameterComparer(KeyValuePair<string, string> left, KeyValuePair<string, string> right) {
int result = string.CompareOrdinal(left.Key, right.Key);
if (result != 0) {
return result;
}
return string.CompareOrdinal(left.Value, right.Value);
}
}
}
|
