2021-08-19 09:11:26 +00:00
|
|
|
|
using System;
|
|
|
|
|
using System.IO;
|
|
|
|
|
using System.Security.Cryptography;
|
|
|
|
|
using System.Text;
|
|
|
|
|
using System.Text.Json;
|
|
|
|
|
using System.Threading.Tasks;
|
|
|
|
|
|
|
|
|
|
using ASC.Common;
|
|
|
|
|
using ASC.Web.Api.Routing;
|
|
|
|
|
|
|
|
|
|
using Microsoft.AspNetCore.Mvc;
|
|
|
|
|
|
|
|
|
|
namespace ASC.Webhooks.Tests
|
|
|
|
|
{
|
|
|
|
|
[Scope]
|
|
|
|
|
[DefaultRoute]
|
|
|
|
|
[ApiController]
|
|
|
|
|
public class TestController : ControllerBase
|
|
|
|
|
{
|
|
|
|
|
private RequestHistory requestHistory;
|
|
|
|
|
private string secretKey = "testSecretKey";
|
|
|
|
|
public TestController(RequestHistory requestHistory)
|
|
|
|
|
{
|
|
|
|
|
this.requestHistory = requestHistory;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Read("testMethod")]
|
|
|
|
|
public string GetMethod()
|
|
|
|
|
{
|
2021-09-03 14:02:52 +00:00
|
|
|
|
return "testContent";
|
2021-08-19 09:11:26 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Create("testMethod")]
|
|
|
|
|
public string PostMethod()
|
|
|
|
|
{
|
2021-09-03 14:02:52 +00:00
|
|
|
|
return "testContent";
|
2021-08-19 09:11:26 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Create("SuccessRequest")]
|
|
|
|
|
public async Task<IActionResult> SuccessRequest()
|
|
|
|
|
{
|
|
|
|
|
requestHistory.SuccessCounter++;
|
|
|
|
|
await CheckSignature(secretKey);
|
|
|
|
|
return Ok();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Create("FailedRequest")]
|
|
|
|
|
public async Task<IActionResult> FailedRequest()
|
|
|
|
|
{
|
|
|
|
|
requestHistory.FailedCounter++;
|
|
|
|
|
await CheckSignature(secretKey);
|
|
|
|
|
return BadRequest();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private async Task CheckSignature(string secretKey)
|
|
|
|
|
{
|
|
|
|
|
if (!HttpContext.Request.Headers.ContainsKey("Secret"))
|
|
|
|
|
{
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
string body;
|
|
|
|
|
var bodyStream = HttpContext.Request.Body;
|
|
|
|
|
using (var responseReader = new StreamReader(bodyStream))
|
|
|
|
|
{
|
|
|
|
|
body = await responseReader.ReadToEndAsync();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var receivedSignature = HttpContext.Request.Headers["Secret"].ToString().Split("=");
|
|
|
|
|
|
|
|
|
|
string computedSignature;
|
|
|
|
|
switch (receivedSignature[0])
|
|
|
|
|
{
|
|
|
|
|
case "sha256":
|
|
|
|
|
case "SHA256":
|
|
|
|
|
var secretBytes = Encoding.UTF8.GetBytes(secretKey);
|
|
|
|
|
using (var hasher = new HMACSHA256(secretBytes))
|
|
|
|
|
{
|
|
|
|
|
var data = Encoding.UTF8.GetBytes(body);
|
|
|
|
|
computedSignature = BitConverter.ToString(hasher.ComputeHash(data));
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
throw new NotImplementedException();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
requestHistory.СorrectSignature = computedSignature == receivedSignature[1];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|