Skip to content

Latest commit

 

History

History
60 lines (41 loc) · 3.29 KB

README.md

File metadata and controls

60 lines (41 loc) · 3.29 KB

HttpMessageSigning NuGet Package

A .NET implementation of "Signing HTTP Messages" (Cavage, draft 12) for WCF and HttpClient.

Usage

When hooking up HTTP message signing, there's a bunch of configuration options available:

Option Default Description
AddRecommendedHeaders true Automatically adds recommended headers, such as (request-target), (created), (expires), Date and Digest to HeadersToInclude based on the specification and configuration.
DigestAlgorithm None If set, enables digest calculation of the request body. If AddRecommendedHeaders has been turned off, you also have to add Digest to HeadersToInclude in order to enable the digest calculation.
GetCurrentTimestamp DateTimeOffset.UtcNow Gets the current UTC timestamp. Useful for testing.
HeadersToInclude Empty A set of headers to include in the signature.
Expires None If set, enables signature expiry after the specified amount of time.
AddHeaderValue N/A Adds a header with a value to all signed requests and their signatures.
AddHeaderValues N/A Adds a collection of headers to all signed requests and their signatures.
RequestTargetUriFormat UriFormat.Unescaped Gets or sets the URI format used when constructing the (request-target) header.

When using a certificate for signing, there's a convenience method called HttpMessageSigningConfiguration.FromCertificate that can be used to get a configuration with crypto settings based on the certificate.

WCF

To use HTTP message signing with WCF, call UseHttpMessageSigning on your client:

var signatureAlgorithm = SignatureAlgorithm.Create(rsaOrECDsaAlgorithm);

var config = new HttpMessageSigningConfiguration("key-id", signatureAlgorithm);

using var client = new TheEndpointClient(binding, endpointAddress);

client.UseHttpMessageSigning(config);

// Make calls using client :)

snippet source | anchor

HttpClient

To use HTTP message signing with HttpClient, create an instance of SigningHttpMessageHandler and pass it when creating the HttpClient instance:

var signatureAlgorithm = SignatureAlgorithm.Create(rsaOrECDsaAlgorithm);

var config = new HttpMessageSigningConfiguration("key-id", signatureAlgorithm);

var handler = new SigningHttpMessageHandler(config);

using var client = new HttpClient(handler);

// Make requests using client :)

snippet source | anchor