-
Notifications
You must be signed in to change notification settings - Fork 0
/
ZenfolioClient.cs
125 lines (110 loc) · 4.43 KB
/
ZenfolioClient.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
// Copyright (c) 2004-2012 Zenfolio, Inc. All rights reserved.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
// SOFTWARE.
//
// Convenience wrapper for generated web reference class.
//
using System;
using System.Net;
using System.Text;
using System.Security.Cryptography;
using Zenfolio.Examples.Browser.ZfApiRef;
using System.IO;
namespace Zenfolio.Examples.Browser
{
/// <summary>
/// Transparent helper inherited from the generated ZfApi web service proxy class.
/// Provides login sequence and manages the authentication token.
/// </summary>
public class ZenfolioClient: ZfApi
{
private string _token;
public ZenfolioClient()
{
}
/// <summary>
/// Computes salted data hash
/// </summary>
/// <param name="data">Data to hash</param>
/// <param name="salt">Salt</param>
/// <returns>Computed SHA-256 hash of salt+data pair</returns>
private static byte[] HashData(byte[] salt, byte[] data)
{
byte[] buffer = new byte[data.Length + salt.Length];
salt.CopyTo(buffer, 0);
data.CopyTo(buffer, salt.Length);
return new SHA256Managed().ComputeHash(buffer);
}
/// <summary>
/// Logs into Zenfolio API
/// </summary>
/// <param name="loginName">User's login name</param>
/// <param name="password">User's password</param>
/// <returns>True if login was successful, false otherwise.</returns>
public bool Login(string loginName, string password)
{
// Get API challenge
AuthChallenge ch = this.GetChallenge(loginName);
// Extract and hash password bytes
byte[] passwordHash = HashData(ch.PasswordSalt,
Encoding.UTF8.GetBytes(password));
// Compute secret proof
byte[] proof = HashData(ch.Challenge, passwordHash);
// Authenticate
try
{
_token = this.Authenticate(ch.Challenge, proof);
return _token != null;
}
catch
{
// Swallow all exceptions and return false
}
return false;
}
/// <summary>
/// Logs into Zenfolio API
/// </summary>
/// <param name="loginName">User's login name</param>
/// <param name="password">User's password</param>
/// <returns>True if login was successful, false otherwise.</returns>
public bool LoginPlain(string loginName, string password)
{
_token = this.AuthenticatePlain(loginName, password);
return _token != null;
}
/// <summary>
/// Returns the authentication token.
/// </summary>
public string Token { get { return _token; } }
/// <summary>
/// Creates a WebRequest instance for the specified URI.
/// Overridden to provide the authentication header.
/// </summary>
/// <param name="uri">The URI to use when creating the WebRequest.</param>
/// <returns>The WebRequest instance.</returns>
protected override WebRequest GetWebRequest(Uri uri)
{
WebRequest wr = base.GetWebRequest(uri);
if (_token != null)
wr.Headers.Add("X-Zenfolio-Token", _token);
return wr;
}
}
}