Help
CodeShare
Have some code. Share some code.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

Are you an expert?    Interested in presenting at F5 AppWorld 2024?    Submit a proposal by Nov 29th!

Akamai G20 Header Authentication

Russell_Moore_8
Nimbostratus
Nimbostratus

on ‎30-Jan-2015 06:48

Problem this snippet solves:

iRule for detection and authentication of Akamai G2O headers. Requires TMOS 11.1 or above as this leverages "CRYPTO::sign". This code block is the basics needed to make a decisions about requests that may or may not contain Akamai G2O headers.

Code :

when HTTP_REQUEST {

#Requires TMOS 11.1 or above for support for "CRYPTO::sign"
#This code block detects if the Akamai authentication headers are there
#if so it then does the caculations based on the shared secret
#finally it compares the output and logs a match

if {[HTTP::header exists "X-Akamai-G2O-Auth-Data"] && [HTTP::header exists "X-Akamai-G2O-Auth-Sign"]} {

#set shared secret here
set secret_key "pass" 
set data "[HTTP::header value "X-Akamai-G2O-Auth-Data"][HTTP::path]"
set signature "[HTTP::header value "X-Akamai-G2O-Auth-Sign"]"
set signed_data [b64encode [CRYPTO::sign -alg hmac-md5 -key $secret_key $data]]

if { $signed_data eq $signature } {
log local0. "Signatures match"
}
}
}

Tested this on version:

11.1
0 Kudos
Comments
JRahm
Community Manager
Community Manager
‎30-Jan-2015 06:48
Contributed by Russell Moore
0 Kudos
Version history
Last update:
‎30-Jan-2015 06:48
Updated by:
Nimbostratus
Contributors
Copyright © 2023 Khoros, LLC