AlantaMedia/CommonValidations.cs at master · smithkl42/AlantaMedia · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
using System;
using System.IO;
using System.Linq;
using System.Security.Cryptography;
using System.Text;

namespace Alanta.Common
{
    /// <summary>
    ///     The CommonValidations class is shared between the client (Silverlight) and server-side (ASP.NET) applications, so
    ///     that they can share validations.
    /// </summary>
    public static class CommonValidations
    {
        /// <summary>
        ///     Secret key, shared on the client (Silverlight) and on the server (ASP.NET)
        /// </summary>
        private const string AlantaSecretKey = "eudfh8327imf";

        private static readonly string[] TagEquals =
        {
            "classes", "clientbin", "facebook", "contacts", "images", "resources", "site", "test", "login", "init",
            "invitationid",
            "proxy", "api", "simple", "bin", "site", "test", "_vti", "sharedfiles", "openid", "gmail", "linkedin",
            "opensocial", "home"
        };

        private static readonly string[] TagContains = new string[0]; // {"admin", "livechat", "liveads"};

        private static readonly string[] TagEndsWith =
        {
            ".jpg", ".png", ".cs", ".aspx", ".js", ".xml", ".ashx", ".htm",
            ".axd", ".ico", ".svc"
        };

        private static readonly string[] TagStartsWith =
        {
            "admin", "livechat", "liveads", "loginview", "roomview",
            "home", "admin", "alanta"
        };

#if SILVERLIGHT
		private static readonly char[] InvalidChars = new[] {'\\', '/', '|', ':', '*', '?'};
#else
        private static readonly char[] InvalidChars = Path.GetInvalidFileNameChars();
#endif

        /// <summary>
        ///     Check whether the tag is reserved.
        /// </summary>
        /// <remarks>
        ///     These values should basically shadow the rewrite rules contained in the website's Web.config value.
        /// </remarks>
        public static bool IsTagReserved(string tag)
        {
            var tagLower = tag.ToLower().Trim();
            if (TagContains.Any(tagLower.Contains))
            {
                return true;
            }
            if (TagEndsWith.Any(tagLower.EndsWith))
            {
                return true;
            }
            if (TagEquals.Any(tagLower.Equals))
            {
                return true;
            }
            if (TagStartsWith.Any(tagLower.StartsWith))
            {
                return true;
            }
            return false;
        }

        public static void CheckTagValidity(string tag)
        {
            if (string.IsNullOrEmpty(tag))
            {
                throw new ArgumentNullException("tag");
            }
            CheckNameValidity(tag); // All the rules which apply to names also apply to tags.

            if (tag.IndexOfAny(InvalidChars) != -1)
            {
                var message = new StringBuilder("The tag cannot contain any of the following characters: ");
                foreach (var c in InvalidChars)
                {
                    message.Append(c);
                }
                throw new ArgumentException(message.ToString());
            }

            if (tag.Contains(" "))
            {
                throw new ArgumentException("The tag cannot contain spaces.");
            }
        }

        public static void CheckNameValidity(string name)
        {
            if (string.IsNullOrEmpty(name))
            {
                throw new ArgumentNullException("name");
            }
            if (name.Length > 50)
            {
                throw new ArgumentException("The value must be 50 characters or less.");
            }
            if (name != name.Trim())
            {
                throw new ArgumentException("The value must not contain any leading or trailing spaces.");
            }
        }

        public static void CheckIdValidity(Guid id)
        {
            if (id == Guid.Empty)
            {
                throw new ArgumentException("The ID must not be empty.");
            }
        }

        /// <summary>
        ///     Get signature with using our secret key. Can be used for make securable calling our code from javascript.
        /// </summary>
        /// <param name="token">The token</param>
        /// <param name="parameters">Additional paramaters</param>
        /// <returns>Return hashed string</returns>
        public static string GetSignature(string token, params string[] parameters)
        {
            var hmac = new HMACSHA1(Encoding.UTF8.GetBytes(AlantaSecretKey));
            var data = new StringBuilder(token);
            foreach (var parameter in parameters)
            {
                data.Append(parameter);
            }

            var bytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(data.ToString()));
            var signature = new StringBuilder();
            foreach (var b in bytes)
                signature.Append(b.ToString("x2"));
            return signature.ToString();
        }
    }
}