public ChatterProxyService()
        {
            WriteLogToFile("Starting ChatterProxyService");
            url           = ConfigurationSettings.AppSettings["SalesForceUrl"];
            userName      = ConfigurationSettings.AppSettings["SalesForceUserName"];
            password      = ConfigurationSettings.AppSettings["SalesForcePassword"];
            token         = ConfigurationSettings.AppSettings["SalesForceToken"];
            clientId      = ConfigurationSettings.AppSettings["SalesForceClientId"];
            grantType     = ConfigurationSettings.AppSettings["SalesForceGrantType"];
            clientSecret  = ConfigurationSettings.AppSettings["SalesForceClientSecret"];
            cacheInterval = Int32.Parse(ConfigurationSettings.AppSettings["CacheInterval"]);
            cacheCapacity = Int32.Parse(ConfigurationSettings.AppSettings["cacheCapacity"]);
            logService    = Boolean.Parse(ConfigurationSettings.AppSettings["LogService"]);
            signedFetch   = Boolean.Parse(ConfigurationSettings.AppSettings["SignedFetch"]);

            ServicePointManager.ServerCertificateValidationCallback += new RemoteCertificateValidationCallback(customXertificateValidation);
            profilesService = new ProfilesServices();
            getChatterSoapService();

            if (signedFetch)
            {
                // load default cert
                X509Certificate2 cert = new X509Certificate2(ConfigurationSettings.AppSettings["OAuthCert"]);
                provider       = cert.PublicKey.Key;
                signer         = new OAuthContextSigner();
                signingContext = new SigningContext();
                //signingContext.ConsumerSecret = ...; // if there is a consumer secret
                signingContext.Algorithm = provider;
            }

            activitiesFetcher = new Timer(GetActivities, null, 0, cacheInterval * 1000);
        }
Beispiel #2
0
        public void SignContext(OAuthContext context, TokenBase accessToken)
        {
            EnsureStateIsValid();

            if (accessToken.ConsumerKey != ConsumerKey)
            {
                throw Error.SuppliedTokenWasNotIssuedToThisConsumer(ConsumerKey, accessToken.ConsumerKey);
            }

            var signer = new OAuthContextSigner();
            var auth   = new NonceGenerator();

            context.UseAuthorizationHeader = UseHeaderForOAuthParameters;
            context.ConsumerKey            = accessToken.ConsumerKey;
            context.Token           = accessToken.Token;
            context.TokenSecret     = accessToken.TokenSecret;
            context.SignatureMethod = SignatureMethod;
            context.Timestamp       = DateTime.Now.EpocString();
            context.Nonce           = auth.GenerateNonce();
            context.Version         = "1.0";

            string signatureBase = context.GenerateSignatureBase();

            Console.WriteLine("signature_base: {0}", signatureBase);

            signer.SignContext(context,
                               new SigningContext
            {
                Algorithm = Key, SignatureBase = signatureBase, ConsumerSecret = ConsumerSecret
            });

            Console.WriteLine("oauth_singature: {0}", context.Signature);
        }
        public void ValidateWithTrailingAmpersand_ForUrl()
        {
            string url =
                "http://demo.devdefined.com/OpenSocial/HelloWorld.aspx?oauth_nonce=c39f4e3e6c309988763eb8af85fcb74b&oauth_timestamp=1221992254&oauth_consumer_key=friendster.com&synd=friendster&container=default&opensocial_owner_id=82474146&opensocial_viewer_id=82474146&opensocial_app_id=52ae97f7aa8a7e7565dd40a4e00eb0f5&oauth_token=&xoauth_signature_publickey=http%3A%2F%2Fwww.fmodules.com%2Fpublic080813.crt&oauth_signature_method=RSA-SHA1&oauth_signature=PLOkRKwLLeJRZz18PsAVQgL5y9Rdf0AW5eicdT0xwauRe3bE2NTDFHoMsUtO6UMHEY0v9GRcKbvkgEWEGGtiGA%3D%3D&";

            IOAuthContext context        = new OAuthContextBuilder().FromUrl("GET", url);
            var           signer         = new OAuthContextSigner();
            var           signingContext = new SigningContext {
                Algorithm = FriendsterCertificate.PublicKey.Key
            };

            Assert.True(signer.ValidateSignature(context, signingContext));
        }
Beispiel #4
0
        public OAuthContext BuildExchangeRequestTokenForAccessTokenContext(TokenBase requestToken,
                                                                           NameValueCollection additionalQueryParameters)
        {
            EnsureStateIsValid();

            if (requestToken.ConsumerKey != ConsumerKey)
            {
                throw Error.SuppliedTokenWasNotIssuedToThisConsumer(ConsumerKey, requestToken.ConsumerKey);
            }

            var auth = new NonceGenerator();

            var          factory = new OAuthContextFactory();
            var          signer  = new OAuthContextSigner();
            OAuthContext context = factory.FromUri("GET", AccessTokenUri);

            if (additionalQueryParameters != null)
            {
                context.QueryParameters.Add(additionalQueryParameters);
            }

            context.ConsumerKey     = ConsumerKey;
            context.Token           = requestToken.Token;
            context.TokenSecret     = requestToken.TokenSecret;
            context.RequestMethod   = "GET";
            context.SignatureMethod = SignatureMethod;
            context.Timestamp       = DateTime.Now.EpocString();
            context.Nonce           = auth.GenerateNonce();
            context.Version         = "1.0";

            string signatureBase = context.GenerateSignatureBase();

            Console.WriteLine("signature_base: {0}", signatureBase);

            signer.SignContext(context,
                               new SigningContext
            {
                Algorithm = Key, SignatureBase = signatureBase, ConsumerSecret = ConsumerSecret
            });

            Console.WriteLine("oauth_singature: {0}", context.Signature);

            Uri uri = context.GenerateUri();

            Console.WriteLine("Uri: {0}", uri);

            return(context);
        }
Beispiel #5
0
        private bool IsOAuthValid(string secret)
        {
            try {
                var context = new OAuthContextBuilder().FromHttpRequest(Request);

                IOAuthContextSigner signer = new OAuthContextSigner();

                SigningContext signingContext = new SigningContext {
                    ConsumerSecret = secret
                };

                return(signer.ValidateSignature(context, signingContext));
            } catch (OAuthException) {
                return(false);
            }
        }
        private bool IsOAuthSignatureValid()
        {
            string oauthKey = System.Configuration.ConfigurationManager.AppSettings["OauthKey"];
            // Normally would use key to lookup appropriate secret for the specifc LMS

            string oauthSecret = System.Configuration.ConfigurationManager.AppSettings["OauthSecret"];

            var context = new OAuthContextBuilder().FromHttpRequest(Request);

            IOAuthContextSigner signer = new OAuthContextSigner();

            SigningContext signingContext = new SigningContext {
                ConsumerSecret = oauthSecret
            };

            return(signer.ValidateSignature(context, signingContext));
        }
Beispiel #7
0
        public void ValidateWithTrailingAmpersand()
        {
            // As reported in issue here:  http://code.google.com/p/devdefined-tools/issues/detail?id=1
            // validating OAuth requests from Friendster was failing - turns out to be OpenSocial platforms
            // incorrectly placing a "&" on the end of their query parameters, which was tripping up
            // query parameters collection - there is now a fix in the context builder to remove the problematic
            // character when parsing requests/Uri's.

            var uri =
                new Uri(
                    "http://demo.devdefined.com/OpenSocial/HelloWorld.aspx?oauth_nonce=c39f4e3e6c309988763eb8af85fcb74b&oauth_timestamp=1221992254&oauth_consumer_key=friendster.com&synd=friendster&container=default&opensocial_owner_id=82474146&opensocial_viewer_id=82474146&opensocial_app_id=52ae97f7aa8a7e7565dd40a4e00eb0f5&oauth_token=&xoauth_signature_publickey=http%3A%2F%2Fwww.fmodules.com%2Fpublic080813.crt&oauth_signature_method=RSA-SHA1&oauth_signature=PLOkRKwLLeJRZz18PsAVQgL5y9Rdf0AW5eicdT0xwauRe3bE2NTDFHoMsUtO6UMHEY0v9GRcKbvkgEWEGGtiGA%3D%3D&");

            IOAuthContext context        = new OAuthContextBuilder().FromUri("GET", uri);
            var           signer         = new OAuthContextSigner();
            var           signingContext = new SigningContext {
                Algorithm = FriendsterCertificate.PublicKey.Key
            };

            Assert.IsTrue(signer.ValidateSignature(context, signingContext));
        }
        void ValidateWithDevDefinedOAuth()
        {
            try
            {
                var context        = new OAuthContextBuilder().FromHttpRequest(Request);
                var signer         = new OAuthContextSigner();
                var signingContext = new SigningContext {
                    Algorithm = OpenSocialCertificates.FriendsterCertificate.PublicKey.Key
                };

                if (!signer.ValidateSignature(context, signingContext))
                {
                    throw new OAuthException(context, OAuthProblems.SignatureInvalid, "check certificate is still valid");
                }
            }
            catch (OAuthException authEx)
            {
                Response.Clear();
                Response.Write(authEx.Report.ToString());
                Response.End();
            }
        }
Beispiel #9
0
        public void TestOAuth()
        {
            X509Certificate2    cert           = new X509Certificate2(ConfigurationSettings.AppSettings["OAuthCert"]);
            AsymmetricAlgorithm provider       = cert.PublicKey.Key;
            OAuthContextSigner  signer         = new OAuthContextSigner();
            SigningContext      signingContext = new SigningContext();

            //signingContext.ConsumerSecret = ...; // if there is a consumer secret
            signingContext.Algorithm = provider;

            Uri uri = new Uri(
                "http://dev-profiles.campus.net.ucsf.edu/chatter/ChatterProxyService.svc/user/5138614/unfollow/4621800?accessToken=00DZ0000000jhLQ!ARIAQAlqX_qtYj95uzEftkMIKQggfo.RoJ3KnvvakO97Xrjptfq89vTtwGFgR1jnyeNSm1CwnLSSz0N3g8.bQrX.jCpJ6Np3&oauth_body_hash=2jmj7l5rSw0yVb/vlWAYkK/YBwk=&opensocial_owner_id=4621800&opensocial_viewer_id=5138614&opensocial_app_id=http://dev-profiles.ucsf.edu/ORNG/ChatterFollow.xml&opensocial_app_url=http://dev-profiles.ucsf.edu/ORNG/ChatterFollow.xml&oauth_consumer_key=&xoauth_signature_publickey=mytestkey&xoauth_public_key=mytestkey&oauth_version=1.0&oauth_timestamp=1349466703&oauth_nonce=7533897618501371565&oauth_consumer_key=&oauth_signature_method=RSA-SHA1&oauth_signature=d0UIIXK+HwbkLD4VE59ylZ9XoBreMBqc0Kcf4v2DjzWT0AE1JtCUhDmS1Uy1P9K54tpeoQwjcu8mnWsA7PQpTRTYyU1k+ueT4M2ihoaB+CunpZz6Q3KE8MUZn4Sy0D7iNuje6WdgHZ80f9Ln8OwRPzrfHA5v0KowATRv7T2h+x0="
                );

            IOAuthContext context = new OAuthContextBuilder().FromUri("GET", uri);

            // use context.ConsumerKey to fetch information required for signature validation for this consumer.
            if (!signer.ValidateSignature(context, signingContext))
            {
                throw new Exception("Invalid signature : " + uri);
            }
        }