public void TestSignRequestToken()
{
var cert = new X509Certificate2("XeroApiNet-Sample.pfx", "password");
var consumerContext = new OAuthConsumerContext
{
// Partner and Private apps use RSA-SHA1 signing method
SignatureMethod = SignatureMethod.RsaSha1,
UseHeaderForOAuthParameters = true,
// Urls
RequestTokenUri = null,
UserAuthorizeUri = null,
AccessTokenUri = XeroApiEndpoints.PublicAccessTokenUri,
BaseEndpointUri = XeroApiEndpoints.PublicBaseEndpointUri,
Key = cert.PrivateKey,
ConsumerKey = ConsumerKey,
ConsumerSecret = string.Empty,
UserAgent = UserAgent,
};
var oauthContext = new OAuthContext
{
RequestMethod = "POST",
RawUri = new Uri("https://photos.example.net/request_token"),
ConsumerKey = "dpf43f3p2l4k3l03",
SignatureMethod = SignatureMethod.RsaSha1,
Timestamp = "1191242090",
Nonce = "hsu94j3884jdopsl",
Version = "1.0"
};
var signatureBase = oauthContext.GenerateSignatureBase();
consumerContext.Signer.SignContext(oauthContext,
new SigningContext
{
Algorithm = consumerContext.Key,
ConsumerSecret = null,
SignatureBase = signatureBase
});
Assert.That(oauthContext.Signature, Is.EqualTo("aIIAFPjD0uavubFeL/Hz4LSV6NsvAbrvfnPF6OcgGfhML5ezO0+E+tofLgp1SHbLyNFM7D1p/SJN1J4MY7T3HzvM8HX+3u5Q+Ui+en0/ewHZ+3ar6BA7r3zOYqDn8rfCGSnweia3fFYmjkeS8NvKShnewUu0jUFbnG4RXw8BiEk="));
}
public void generate_signature_when_token_is_url_encoded()
{
var context = new OAuthContext
{
RequestMethod = "GET",
RawUri = new Uri("https://www.google.com/m8/feeds/contacts/default/base"),
Token = "1/2",
ConsumerKey = "context",
SignatureMethod = SignatureMethod.RsaSha1
};
Assert.Equal(
"GET&https%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Fbase&oauth_consumer_key%3Dcontext%26oauth_signature_method%3DRSA-SHA1%26oauth_token%3D1%252F2",
context.GenerateSignatureBase());
Assert.Equal(
"https://www.google.com/m8/feeds/contacts/default/base?oauth_token=1%2F2&oauth_consumer_key=context&oauth_signature_method=RSA-SHA1",
context.GenerateUrl());
}
public void generate_signature_with_hello_world_body()
{
// generate a signature base, as per the oauth body hash spec example
// http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html
var context = new OAuthContext
{
RequestMethod = "POST",
RawUri = new Uri("http://www.example.com/resource"),
RawContentType = "text/plain",
RawContent = Encoding.UTF8.GetBytes("Hello World!"),
ConsumerKey = "consumer",
SignatureMethod = "HMAC-SHA1",
Timestamp = "1236874236",
Version = "1.0",
IncludeOAuthRequestBodyHashInSignature = true,
Nonce = "10369470270925",
Token = "token"
};
Assert.Equal(
"POST&http%3A%2F%2Fwww.example.com%2Fresource&oauth_body_hash%3DLve95gjOVATpfV8EL5X4nxwjKHE%253D%26oauth_consumer_key%3Dconsumer%26oauth_nonce%3D10369470270925%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1236874236%26oauth_token%3Dtoken%26oauth_version%3D1.0",
context.GenerateSignatureBase());
}
public void TestSignAccessToken()
{
var cert = new X509Certificate2("XeroApiNet-Sample.pfx", "password");
var consumerContext = new OAuthConsumerContext
{
// Partner and Private apps use RSA-SHA1 signing method
SignatureMethod = SignatureMethod.RsaSha1,
UseHeaderForOAuthParameters = true,
// Urls
RequestTokenUri = null,
UserAuthorizeUri = null,
AccessTokenUri = XeroApiEndpoints.PublicAccessTokenUri,
BaseEndpointUri = XeroApiEndpoints.PublicBaseEndpointUri,
Key = cert.PrivateKey,
ConsumerKey = ConsumerKey,
ConsumerSecret = string.Empty,
UserAgent = UserAgent,
};
var oauthContext = new OAuthContext
{
RequestMethod = "POST",
RawUri = new Uri("https://photos.example.net/access_token"),
ConsumerKey = "dpf43f3p2l4k3l03",
SignatureMethod = SignatureMethod.RsaSha1,
Timestamp = "1191242090",
Token = "hh5s93j4hdidpola",
TokenSecret = "hdhd0244k9j7ao03",
Nonce = "hsu94j3884jdopsl",
Verifier = "hfdp7dh39dks9884",
Version = "1.0"
};
var signatureBase = oauthContext.GenerateSignatureBase();
consumerContext.Signer.SignContext(oauthContext,
new SigningContext
{
Algorithm = consumerContext.Key,
ConsumerSecret = null,
SignatureBase = signatureBase
});
Assert.That(oauthContext.Signature, Is.EqualTo("32vGleSAIeMbgW9E0pC+PUkyZ1Y05zuEd+FZwg+w4jZzj3E1zldbrGY5SnVpypZfjixWuHMtV4mwGwptwiTZRkrLBudWqJDEddvlwuIMY1j6WkQulz/IXzbGuPNgTya/KTEhQ5IExJXCKE1LZ9bNsMXBDpyi7/ayZe9ONqoVzS8="));
}
public void generate_signature_with_xauth()
{
// generate a signature base, as per the twitter example
// http://dev.twitter.com/pages/xauth
var context = new OAuthContext
{
RawUri = new Uri("https://api.twitter.com/oauth/access_token"),
RequestMethod = "POST",
ConsumerKey = "JvyS7DO2qd6NNTsXJ4E7zA",
SignatureMethod = "HMAC-SHA1",
Timestamp = "1284565601",
Version = "1.0",
Nonce = "6AN2dKRzxyGhmIXUKSmp1JcB4pckM8rD3frKMTmVAo",
XAuthMode = "client_auth",
XAuthUsername = "******",
XAuthPassword = "******"
};
Assert.Equal(
"POST&https%3A%2F%2Fapi.twitter.com%2Foauth%2Faccess_token&oauth_consumer_key%3DJvyS7DO2qd6NNTsXJ4E7zA%26oauth_nonce%3D6AN2dKRzxyGhmIXUKSmp1JcB4pckM8rD3frKMTmVAo%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1284565601%26oauth_version%3D1.0%26x_auth_mode%3Dclient_auth%26x_auth_password%3Dtwitter-xauth%26x_auth_username%3Doauth_test_exec",
context.GenerateSignatureBase());
}
