marcguyer/cheddargetter-webhook.cs

## 92 changes: 50 additions & 42 deletions cheddargetter-webhook.cs
@@ -1,51 +1,59 @@

    /// Grab The Authorization Header
/// Grab The Authorization Header

    var authorizationHeader = request.Headers["X-CG-SIGNATURE"];
var authorizationHeader = request.Headers["X-CG-SIGNATURE"];


    /// Set The Input Stream The Beginning
/// Set The Input Stream The Beginning

    request.InputStream.Seek(0, SeekOrigin.Begin);
request.InputStream.Seek(0, SeekOrigin.Begin);

    using (var reader = new StreamReader(request.InputStream))
using (var reader = new StreamReader(request.InputStream))

    {
{

        /// Read The Entire Body In
    /// Read The Entire Body In

        var httpBody = reader.ReadToEnd();
    var httpBody = reader.ReadToEnd();

        /// Get MD5 Hash of the Entire Body
    /// Get MD5 Hash of the Entire Body

        var md5String = CalculateMd5Hash(httpBody);
    var md5String = CalculateMd5Hash(httpBody);

        /// Get SHA256 HMAC Hash of the MD5 hash using my secret key as the salt
    /// Get SHA256 HMAC Hash of the MD5 hash using my secret key as the salt

        var sha256String = CalculateSha256Hash(md5String, ConfigurationManager.AppSettings["BillingRepositorySecretKey"]);
    var sha256String = CalculateSha256Hash(md5String, ConfigurationManager.AppSettings["BillingRepositorySecretKey"]);

        /// Check Against The Authorization Header
    /// Check Against The Authorization Header

        if (sha256String.ToLower() != authorizationHeader.ToLower())
    if (sha256String.ToLower() != authorizationHeader.ToLower())

        {
    {

            throw new Domain.Exceptions.Exception();
        throw new Domain.Exceptions.Exception();

        }
    }

    if (string.IsNullOrEmpty(authorizationHeader))
if (string.IsNullOrEmpty(authorizationHeader))

    {
{

        throw new Domain.Exceptions.Exception();
    throw new Domain.Exceptions.Exception();

    }
}


    public string CalculateMd5Hash(string input)
public string CalculateMd5Hash(string input)

    {
{

        /// fire up a new MD5 creator
    /// fire up a new MD5 creator

        var md5 = MD5.Create();
    var md5 = MD5.Create();

        /// get the byte array hash
    /// get the byte array hash

        var hash = md5.ComputeHash(Encoding.ASCII.GetBytes(input));
    var hash = md5.ComputeHash(Encoding.ASCII.GetBytes(input));

    request.InputStream.Seek(0, SeekOrigin.Begin);
request.InputStream.Seek(0, SeekOrigin.Begin);


        /// convert the byte array to a string and return
    /// convert the byte array to a string and return

        StringBuilder sb = new StringBuilder();
    StringBuilder sb = new StringBuilder();

        for (int i = 0; i < hash.Length; i++)
    for (int i = 0; i < hash.Length; i++)

        {
    {

            sb.Append(hash[i].ToString("X2"));
        sb.Append(hash[i].ToString("X2"));

        }
    }

        return sb.ToString();
    return sb.ToString();

    using (var reader = new StreamReader(request.InputStream))
using (var reader = new StreamReader(request.InputStream))

    {
{

    	// Read The Entire Body In
	// Read The Entire Body In

    		var httpBody = reader.ReadToEnd();
		var httpBody = reader.ReadToEnd();

    	// Get Token
	// Get Token

    	var token = CalculateMd5Hash(httpBody);
	var token = CalculateMd5Hash(httpBody);

    	// Get SHA256 HMAC Hash of the MD5 hash using my secret key as the salt
	// Get SHA256 HMAC Hash of the MD5 hash using my secret key as the salt

    	var sha256String = CalculateSha256Hash(_secretKey, token);
	var sha256String = CalculateSha256Hash(_secretKey, token);

    	// Check Against The Authorization Header
	// Check Against The Authorization Header

    	if (sha256String != authorizationHeader)
	if (sha256String != authorizationHeader)

    	{
	{

    		throw new Domain.Exceptions.Exception();
		throw new Domain.Exceptions.Exception();

    	}
	}

    }
}


    public string CalculateSha256Hash(string input, string secretKey)
public string CalculateSha256Hash(string input, string secretKey)

    {
{

        /// Build A SHA256 Hash Creator Using My Secret Key as the key
    /// Build A SHA256 Hash Creator Using My Secret Key as the key

        var hmac = new HMACSHA256(Encoding.ASCII.GetBytes(secretKey));
    var hmac = new HMACSHA256(Encoding.ASCII.GetBytes(secretKey));

        /// get the byte array hash
    /// get the byte array hash

        var hash = hmac.ComputeHash(Encoding.ASCII.GetBytes(input));
    var hash = hmac.ComputeHash(Encoding.ASCII.GetBytes(input));


        /// convert the byte array to a string and return
    /// convert the byte array to a string and return

        StringBuilder sb = new StringBuilder();
    StringBuilder sb = new StringBuilder();

        for (int i = 0; i < hash.Length; i++)
    for (int i = 0; i < hash.Length; i++)

        {
    {

            sb.Append(hash[i].ToString("X2"));
        sb.Append(hash[i].ToString("X2"));

        }
    }

        return sb.ToString();
    return sb.ToString();

    public string CalculateMd5Hash(string input)
public string CalculateMd5Hash(string input)

    {
{

    	// fire up a new MD5 creator
	// fire up a new MD5 creator

    	var md5 = MD5.Create();
	var md5 = MD5.Create();

    	// convert input to a byte array
	// convert input to a byte array

    	var inputBytes = Encoding.ASCII.GetBytes(input);
	var inputBytes = Encoding.ASCII.GetBytes(input);

    	// get the byte array hash
	// get the byte array hash

    	var hash = md5.ComputeHash(inputBytes);
	var hash = md5.ComputeHash(inputBytes);


    	// convert the byte array to a string and return
	// convert the byte array to a string and return

    	var sb = new StringBuilder();
	var sb = new StringBuilder();

    	for (var i = 0; i < hash.Length; i++)
	for (var i = 0; i < hash.Length; i++)

    	{
	{

    		sb.Append(hash[i].ToString("x2"));
		sb.Append(hash[i].ToString("x2"));

    	}
	}

    	return sb.ToString();
	return sb.ToString();

    }
}


    public string CalculateSha256Hash(string secretKey,string md5)
public string CalculateSha256Hash(string secretKey,string md5)

    {
{

    	// Get The Byte Array of My Secret Key
	// Get The Byte Array of My Secret Key

    	var secretKeyArray = Encoding.ASCII.GetBytes(secretKey);
	var secretKeyArray = Encoding.ASCII.GetBytes(secretKey);

    	// Build A SHA256 Hash Creator Using My Secret Key as the key
	// Build A SHA256 Hash Creator Using My Secret Key as the key

    	var hash = new HMACSHA256(secretKeyArray);
	var hash = new HMACSHA256(secretKeyArray);

    	var byteArray = hash.ComputeHash(Encoding.ASCII.GetBytes(md5));
	var byteArray = hash.ComputeHash(Encoding.ASCII.GetBytes(md5));


    	// convert the byte array to a string and return
	// convert the byte array to a string and return

    	var sb = new StringBuilder();
	var sb = new StringBuilder();

    	for (var i = 0; i < byteArray.Length; i++)
	for (var i = 0; i < byteArray.Length; i++)

    	{
	{

    		sb.Append(byteArray[i].ToString("x2"));
		sb.Append(byteArray[i].ToString("x2"));

    	}
	}

    	return sb.ToString();
	return sb.ToString();

    }
}

## 12 changes: 5 additions & 7 deletions cheddargetter-webhook.cs
@@ -10,7 +10,7 @@

        /// Get MD5 Hash of the Entire Body
    /// Get MD5 Hash of the Entire Body

        var md5String = CalculateMd5Hash(httpBody);
    var md5String = CalculateMd5Hash(httpBody);

        /// Get SHA256 HMAC Hash of the MD5 hash using my secret key as the salt
    /// Get SHA256 HMAC Hash of the MD5 hash using my secret key as the salt

        var sha256String = CalculateSha256Hash(md5String, _secretKey);
    var sha256String = CalculateSha256Hash(md5String, _secretKey);

        var sha256String = CalculateSha256Hash(md5String, ConfigurationManager.AppSettings["BillingRepositorySecretKey"]);
    var sha256String = CalculateSha256Hash(md5String, ConfigurationManager.AppSettings["BillingRepositorySecretKey"]);

        /// Check Against The Authorization Header
    /// Check Against The Authorization Header

        if (sha256String.ToLower() != authorizationHeader.ToLower())
    if (sha256String.ToLower() != authorizationHeader.ToLower())

        {
    {
@@ -22,10 +22,8 @@ public string CalculateMd5Hash(string input)

    {
{

        /// fire up a new MD5 creator
    /// fire up a new MD5 creator

        var md5 = MD5.Create();
    var md5 = MD5.Create();

        /// convert input to a byte array
    /// convert input to a byte array

        var inputBytes = Encoding.ASCII.GetBytes(input);
    var inputBytes = Encoding.ASCII.GetBytes(input);

        /// get the byte array hash
    /// get the byte array hash

        var hash = md5.ComputeHash(inputBytes);
    var hash = md5.ComputeHash(inputBytes);

        var hash = md5.ComputeHash(Encoding.ASCII.GetBytes(input));
    var hash = md5.ComputeHash(Encoding.ASCII.GetBytes(input));


        /// convert the byte array to a string and return
    /// convert the byte array to a string and return

        StringBuilder sb = new StringBuilder();
    StringBuilder sb = new StringBuilder();
@@ -38,10 +36,10 @@ public string CalculateMd5Hash(string input)


    public string CalculateSha256Hash(string input, string secretKey)
public string CalculateSha256Hash(string input, string secretKey)

    {
{

        /// Get The Byte Array of My Secret Key
    /// Get The Byte Array of My Secret Key

        var secretKeyArray = Encoding.ASCII.GetBytes(secretKey);
    var secretKeyArray = Encoding.ASCII.GetBytes(secretKey);

        /// Build A SHA256 Hash Creator Using My Secret Key as the key
    /// Build A SHA256 Hash Creator Using My Secret Key as the key

        var hash = new HMACSHA256(secretKeyArray);
    var hash = new HMACSHA256(secretKeyArray);

        var hmac = new HMACSHA256(Encoding.ASCII.GetBytes(secretKey));
    var hmac = new HMACSHA256(Encoding.ASCII.GetBytes(secretKey));

        /// get the byte array hash
    /// get the byte array hash

        var hash = hmac.ComputeHash(Encoding.ASCII.GetBytes(input));
    var hash = hmac.ComputeHash(Encoding.ASCII.GetBytes(input));


        /// convert the byte array to a string and return
    /// convert the byte array to a string and return

        StringBuilder sb = new StringBuilder();
    StringBuilder sb = new StringBuilder();


## 9 changes: 7 additions & 2 deletions cheddargetter-webhook.cs
@@ -20,10 +20,14 @@


    public string CalculateMd5Hash(string input)
public string CalculateMd5Hash(string input)

    {
{

        var md5 = MD5.Create();
    var md5 = MD5.Create();

        var inputBytes = Encoding.ASCII.GetBytes(input);
    var inputBytes = Encoding.ASCII.GetBytes(input);

        /// fire up a new MD5 creator
    /// fire up a new MD5 creator

        var md5 = MD5.Create();
    var md5 = MD5.Create();

        /// convert input to a byte array
    /// convert input to a byte array

        var inputBytes = Encoding.ASCII.GetBytes(input);
    var inputBytes = Encoding.ASCII.GetBytes(input);

        /// get the byte array hash
    /// get the byte array hash

        var hash = md5.ComputeHash(inputBytes);
    var hash = md5.ComputeHash(inputBytes);


        /// convert the byte array to a string and return
    /// convert the byte array to a string and return

        StringBuilder sb = new StringBuilder();
    StringBuilder sb = new StringBuilder();

        for (int i = 0; i < hash.Length; i++)
    for (int i = 0; i < hash.Length; i++)

        {
    {
@@ -39,6 +43,7 @@ public string CalculateSha256Hash(string input, string secretKey)

        /// Build A SHA256 Hash Creator Using My Secret Key as the key
    /// Build A SHA256 Hash Creator Using My Secret Key as the key

        var hash = new HMACSHA256(secretKeyArray);
    var hash = new HMACSHA256(secretKeyArray);


        /// convert the byte array to a string and return
    /// convert the byte array to a string and return

        StringBuilder sb = new StringBuilder();
    StringBuilder sb = new StringBuilder();

        for (int i = 0; i < hash.Length; i++)
    for (int i = 0; i < hash.Length; i++)

        {
    {


## 48 changes: 48 additions & 0 deletions cheddargetter-webhook.cs
@@ -0,0 +1,48 @@

    /// Grab The Authorization Header
/// Grab The Authorization Header

    var authorizationHeader = request.Headers["X-CG-SIGNATURE"];
var authorizationHeader = request.Headers["X-CG-SIGNATURE"];


    /// Set The Input Stream The Beginning
/// Set The Input Stream The Beginning

    request.InputStream.Seek(0, SeekOrigin.Begin);
request.InputStream.Seek(0, SeekOrigin.Begin);

    using (var reader = new StreamReader(request.InputStream))
using (var reader = new StreamReader(request.InputStream))

    {
{

        /// Read The Entire Body In
    /// Read The Entire Body In

        var httpBody = reader.ReadToEnd();
    var httpBody = reader.ReadToEnd();

        /// Get MD5 Hash of the Entire Body
    /// Get MD5 Hash of the Entire Body

        var md5String = CalculateMd5Hash(httpBody);
    var md5String = CalculateMd5Hash(httpBody);

        /// Get SHA256 HMAC Hash of the MD5 hash using my secret key as the salt
    /// Get SHA256 HMAC Hash of the MD5 hash using my secret key as the salt

        var sha256String = CalculateSha256Hash(md5String, _secretKey);
    var sha256String = CalculateSha256Hash(md5String, _secretKey);

        /// Check Against The Authorization Header
    /// Check Against The Authorization Header

        if (sha256String.ToLower() != authorizationHeader.ToLower())
    if (sha256String.ToLower() != authorizationHeader.ToLower())

        {
    {

            throw new Domain.Exceptions.Exception();
        throw new Domain.Exceptions.Exception();

        }
    }

    }
}


    public string CalculateMd5Hash(string input)
public string CalculateMd5Hash(string input)

    {
{

        var md5 = MD5.Create();
    var md5 = MD5.Create();

        var inputBytes = Encoding.ASCII.GetBytes(input);
    var inputBytes = Encoding.ASCII.GetBytes(input);

        var hash = md5.ComputeHash(inputBytes);
    var hash = md5.ComputeHash(inputBytes);


        StringBuilder sb = new StringBuilder();
    StringBuilder sb = new StringBuilder();

        for (int i = 0; i < hash.Length; i++)
    for (int i = 0; i < hash.Length; i++)

        {
    {

            sb.Append(hash[i].ToString("X2"));
        sb.Append(hash[i].ToString("X2"));

        }
    }

        return sb.ToString();
    return sb.ToString();

    }
}


    public string CalculateSha256Hash(string input, string secretKey)
public string CalculateSha256Hash(string input, string secretKey)

    {
{

        /// Get The Byte Array of My Secret Key
    /// Get The Byte Array of My Secret Key

        var secretKeyArray = Encoding.ASCII.GetBytes(secretKey);
    var secretKeyArray = Encoding.ASCII.GetBytes(secretKey);

        /// Build A SHA256 Hash Creator Using My Secret Key as the key
    /// Build A SHA256 Hash Creator Using My Secret Key as the key

        var hash = new HMACSHA256(secretKeyArray);
    var hash = new HMACSHA256(secretKeyArray);


        StringBuilder sb = new StringBuilder();
    StringBuilder sb = new StringBuilder();

        for (int i = 0; i < hash.Length; i++)
    for (int i = 0; i < hash.Length; i++)

        {
    {

            sb.Append(hash[i].ToString("X2"));
        sb.Append(hash[i].ToString("X2"));

        }
    }

        return sb.ToString();
    return sb.ToString();

    }
}