When running Example.Owin against a non-secured controller (no Authorize attribute) and no signed http client, the exception The format of value '< null >' is invalid is thrown. This is happening in the file hawknet.owin\hawkauthenticationhandler.cs, line 156 due to an unsafe attempt to parse Request.Headers["authorization"]:
When running Example.Owin against a non-secured controller (no Authorize attribute) and no signed http client, the exception The format of value '< null >' is invalid is thrown. This is happening in the file hawknet.owin\hawkauthenticationhandler.cs, line 156 due to an unsafe attempt to parse Request.Headers["authorization"]:
https://github.com/pcibraro/hawknet/blob/master/HawkNet.Owin/HawkAuthenticationHandler.cs#L156
I fixed it by modifying line 154 to: https://github.com/pcibraro/hawknet/blob/master/HawkNet.Owin/HawkAuthenticationHandler.cs#L154
Not sure if this breaks your security logic, if it doesn't do you think this fix could be included in the Nuget package?
Thanks
Camilo