void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var requestUrl = client.BuildUriWithoutQueryParameters(request);
if (requestUrl.Contains('?'))
{
throw new ApplicationException(
"Using query parameters in the base URL is not supported for OAuth calls. Consider using AddDefaultQueryParameter instead."
);
}
var url = client.BuildUri(request).ToString();
var queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
{
url = url.Substring(0, queryStringStart);
}
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebPairCollection();
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var requestUrl = client.BuildUriWithoutQueryParameters(request);
if (requestUrl.Contains('?'))
{
throw new ApplicationException("Using query parameters in the base URL is not supported for OAuth calls. Consider using AddDefaultQueryParameter instead.");
}
var url = client.BuildUri(request).ToString();
var queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
{
url = url.Substring(0, queryStringStart);
}
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebParameterCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a seperate class for each OAuth version
if (!request.AlwaysMultipartFormData && !request.Files.Any())
{
parameters.AddRange(
client.DefaultParameters
.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)
.Select(p => new WebPair(p.Name, p.Value.ToString())));
parameters.AddRange(
request.Parameters
.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)
.Select(p => new WebPair(p.Name, p.Value.ToString())));
}
else
{
// if we are sending a multipart request, only the "oauth_" parameters should be included in the signature
parameters.AddRange(
client.DefaultParameters
.Where(p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) &&
p.Name.StartsWith("oauth_"))
.Select(p => new WebPair(p.Name, p.Value.ToString())));
parameters.AddRange(
request.Parameters
.Where(p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) &&
p.Name.StartsWith("oauth_"))
.Select(p => new WebPair(p.Name, p.Value.ToString())));
}
OAuthWebQueryInfo oauth;
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddOrUpdateParameter("Authorization", GetAuthorizationHeader(parameters), ParameterType.HttpHeader);
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", oauth.Signature);
var headers =
parameters.Where(p => !p.Name.IsNullOrBlank() &&
(p.Name.StartsWith("oauth_") || p.Name.StartsWith("x_auth_")))
.Select(p => new Parameter
{
Name = p.Name,
Value = HttpUtility.UrlDecode(p.Value),
Type = ParameterType.GetOrPost
});
foreach (var header in headers)
{
request.AddOrUpdateParameter(header);
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
public string BuildUriWithoutQueryParameters(IRestRequest request)
{
return(_innerClient.BuildUriWithoutQueryParameters(request));
}
void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var requestUrl = client.BuildUriWithoutQueryParameters(request);
if (requestUrl.Contains('?'))
{
throw new ApplicationException(
"Using query parameters in the base URL is not supported for OAuth calls. Consider using AddDefaultQueryParameter instead."
);
}
var url = client.BuildUri(request).ToString();
var queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
{
url = url.Substring(0, queryStringStart);
}
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebPairCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a separate class for each OAuth version
bool BaseQuery(Parameter x)
=> x.Type == ParameterType.GetOrPost || x.Type == ParameterType.QueryString || x.Type == ParameterType.QueryStringWithoutEncode;
var query =
request.AlwaysMultipartFormData || request.Files.Count > 0
? x => BaseQuery(x) && x.Name.StartsWith("oauth_")
: (Func <Parameter, bool>)BaseQuery;
parameters.AddRange(client.DefaultParameters.Where(query).ToWebParameters());
parameters.AddRange(request.Parameters.Where(query).ToWebParameters());
if (Type == OAuthType.RequestToken)
{
workflow.RequestTokenUrl = url;
}
else
{
workflow.AccessTokenUrl = url;
}
var oauth = Type switch
{
OAuthType.RequestToken => workflow.BuildRequestTokenInfo(method, parameters),
OAuthType.AccessToken => workflow.BuildAccessTokenSignature(method, parameters),
OAuthType.ClientAuthentication => workflow.BuildClientAuthAccessTokenSignature(method, parameters),
OAuthType.ProtectedResource => workflow.BuildProtectedResourceSignature(method, parameters, url),
_ => throw new ArgumentOutOfRangeException()
};
parameters.Add("oauth_signature", oauth);
var oauthParameters = ParameterHandling switch
{
OAuthParameterHandling.HttpAuthorizationHeader => CreateHeaderParameters(),
OAuthParameterHandling.UrlOrPostParameters => CreateUrlParameters(),
_ =>
throw new ArgumentOutOfRangeException()
};
request.AddOrUpdateParameters(oauthParameters);
IEnumerable <Parameter> CreateHeaderParameters()
=> new[] { new Parameter("Authorization", GetAuthorizationHeader(parameters), ParameterType.HttpHeader) };
IEnumerable <Parameter> CreateUrlParameters()
=> parameters.Where(p => !p.Name.IsNullOrBlank() && (p.Name.StartsWith("oauth_") || p.Name.StartsWith("x_auth_")))
.Select(p => new Parameter(p.Name, HttpUtility.UrlDecode(p.Value), ParameterType.GetOrPost));
}
string GetAuthorizationHeader(WebPairCollection parameters)
{
var oathParameters =
parameters
.OrderBy(x => x, WebPair.Comparer)
.Where(
p =>
!p.Name.IsNullOrBlank() && !p.Value.IsNullOrBlank() &&
(p.Name.StartsWith("oauth_") || p.Name.StartsWith("x_auth_"))
)
.Select(x => $"{x.Name}=\"{x.Value}\"")
.ToList();
if (!Realm.IsNullOrBlank())
{
oathParameters.Insert(0, $"realm=\"{OAuthTools.UrlEncodeRelaxed(Realm)}\"");
}
return("OAuth " + string.Join(",", oathParameters));
}
}
