Sticky FAQs

»

ID #1195

How can I generate HMAC Muse Proxy proxified links in .Net?

The instructions and code provided below are based on the following assumptions: 
-  MuseProxyFoundationHMAC  is the Muse Proxy application configured with HMAC authentication; 
-  quiet  is the value of the secret; 
-  userName  and  timestamp  are the signature parameters; 
-  SHA256  is the algorithm; 
- the separator between the signature parameters is . .

Integrate the following code into your ASPX page:

<%@ Page Language="C#" %>
<%@ Import Namespace="System" %>
<%@ Import Namespace="System.Linq" %>
<%@ Import Namespace="System.Security.Cryptography" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.IO" %>
<%@ Import Namespace="System.Collections.Generic" %>
<script runat=server>
public String getHmacURL(String museProxyURL, String applicationID, String generatedHmacDigest, String parametersToSend) {
return museProxyURL + "/" + applicationID + "?sig=" + generatedHmacDigest + parametersToSend;
}

public String getParametersToCreateURL(Dictionary<string, string> usedParameters){
String parametersToSend = "";
foreach( KeyValuePair<string, string> param in usedParameters )
{
String key = param.Key;
if (!key.Equals ("userAddress") && !key.Equals ("userAgent") && !key.Equals ("referer")) {
parametersToSend += "&" + key + "=" + param.Value;
}
}
return parametersToSend;
}

public String getValueForGenerateDigest(Dictionary<String, String> usedParameters, String separator){
String value = "";
int length = usedParameters.Count;
for (int i = 0; i < length; i++) {
if (i < length - 1) {
value += usedParameters.Values.ElementAt(i) + separator;
} else {
value += usedParameters.Values.ElementAt(i);
}
}
return value;
}

public String generateHmacDigest(String algorithm, String secret, String value){
byte[] key = System.Text.ASCIIEncoding.Default.GetBytes(secret);
byte[] byteArray = Encoding.ASCII.GetBytes(value);
MemoryStream stream = new MemoryStream(byteArray);
String digest = null;
if (algorithm.Equals ("sha1")) {
HMACSHA1 hmacSHA1 = new HMACSHA1 (key);
digest = hmacSHA1.ComputeHash (stream).Aggregate ("", (s, e) => s + String.Format ("{0:x2}", e), s => s);
} else if (algorithm.Equals ("md5")) {
HMACMD5 hmacMD5 = new HMACMD5 (key);
digest = hmacMD5.ComputeHash (stream).Aggregate ("", (s, e) => s + String.Format ("{0:x2}", e), s => s);
} else if (algorithm.Equals ("sha256")) {
HMACSHA256 hmacSHA256 = new HMACSHA256 (key);
digest = hmacSHA256.ComputeHash (stream).Aggregate ("", (s, e) => s + String.Format ("{0:x2}", e), s => s);
} else if (algorithm.Equals ("sha384")) {
HMACSHA384 hmacSHA384 = new HMACSHA384 (key);
digest = hmacSHA384.ComputeHash (stream).Aggregate ("", (s, e) => s + String.Format ("{0:x2}", e), s => s);
} else if(algorithm.Equals ("sha512")){
HMACSHA512 hmacSHA512 = new HMACSHA512 (key);
digest = hmacSHA512.ComputeHash (stream).Aggregate ("", (s, e) => s + String.Format ("{0:x2}", e), s => s);
}
return digest;
}

public Dictionary<String,String> initUsedParameters(){
// timestamp represent the current UNIX timestamp
long ticks = DateTime.UtcNow.Ticks - DateTime.Parse("01/01/1970 00:00:00").Ticks;
ticks /= 10000000; //Convert windows ticks to seconds
String timestamp = ticks.ToString();
// referer is the referer from request
String referer = Request.Url.GetLeftPart(UriPartial.Authority);
// userAddres is IP adress for user from request
String userAddress = GetIP();
// userAgent is userAgent from request header
String userAgent = HttpContext.Current.Request.UserAgent;

Dictionary<String, String> parameters = new Dictionary<String, String>();
parameters.Add ("userName", "username");
parameters.Add ("ts", timestamp);
//parameters.Add("referer", referer);
//parameters.Add("userAddress", userAddress);
//parameters.Add("userAgent", userAgent);
return parameters;
}

String algorithm = "sha256";
String secret = "quiet";
String proxyURL = "http://MUSE_PROXY_HOST:PORT";
String applicationID = "MuseProxyFoundationHMAC";
String separator = ".";

public String getDigest(){
String value = getValueForGenerateDigest(initUsedParameters(), separator);
return generateHmacDigest(algorithm,secret,value);
}

public String getURL(){
return getHmacURL(proxyURL, applicationID, getDigest(), getParametersToCreateURL(initUsedParameters()));
}

public static String GetIP()
{
String ip = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];

if (string.IsNullOrEmpty(ip))
{
ip = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
}
return ip;
}

</script>
<html>
<body>
<form id="form1" runat="server">
<a href="<%=getURL()%>" target="_blank"><%=getURL()%></a>
</form>
</body>
</html>

where replace  MUSE_PROXY_HOST:PORT  with your actual Muse Proxy host and port.

The aditional file  MuseProxyHMAC.cs  that needs to be integrated into your project can be dowloaded from here.

The commented lines are for the cases when you want to use in the signature the  userAgent/referer/userAddress  values.
Note that they must be specified in the Muse Proxy as well (in the  $MUSE_HOME\proxy\webcontexts\Applications\MuseProxyFoundationHMAC
\profiles\login\ProxyLoginModuleHMAC.xml
  file).

Tags: asp, can, generate, HMAC, how, links, muse, .Net, proxified, proxy

Related entries: -

Last update: 2017-05-23 12:29
Author: Administrator
Revision: 1.5

Print this record Send FAQ to a friend Show this as PDF file
Rate this FAQ

Average rating: 0 (0 Votes)

completely useless 1 2 3 4 5 most valuable

You cannot comment on this entry

powered by phpMyFAQ 2.7.2