/// <summary>
/// Generates a <see cref="OAuthWebQueryInfo"/> instance to pass to an
/// <see cref="OAuthWebQuery" /> for the purpose of requesting an
/// unauthorized request token.
/// </summary>
/// <param name="method">The HTTP method for the intended request</param>
/// <param name="parameters">Any existing, non-OAuth query parameters desired in the request</param>
/// <seealso cref="http://oauth.net/core/1.0#anchor9"/>
/// <returns></returns>
public OAuthWebQueryInfo BuildRequestTokenInfo(WebMethod method, WebParameterCollection parameters)
{
ValidateTokenRequestState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
AddAuthParameters(parameters, timestamp, nonce);
var signatureBase = OAuthTools.ConcatenateRequestElements(method, RequestTokenUrl, parameters);
var signature = OAuthTools.GetSignature(SignatureMethod, signatureBase, ConsumerSecret);
var info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = ParameterHandling,
ConsumerKey = ConsumerKey,
SignatureMethod = SignatureMethod.ToRequestValue(),
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = OAUTH_VERSION,
Callback = OAuthTools.UrlEncode(CallbackUrl ?? ""),
UserAgent = "TweetSharp",
TokenSecret = TokenSecret,
ConsumerSecret = ConsumerSecret
};
return info;
}
public WebQueryClient(IDictionary<string, string> headers, WebParameterCollection parameters, string userAgent,
bool useTransparentProxy)
{
_headers = headers;
Parameters = parameters;
UserAgent = userAgent;
UseTransparentProxy = useTransparentProxy;
}
private string GetSignatureAuthorizationHeader(WebParameterCollection parameters)
{
var signature = GetNewSignature(parameters);
parameters.Add("oauth_signature", signature);
return WriteAuthorizationHeader(parameters);
}
public WebQueryClient(IDictionary<string, string> headers, WebParameterCollection parameters, string userAgent,
string method)
{
_headers = headers;
Parameters = parameters;
UserAgent = userAgent;
Method = method;
}
public OAuthWebQueryClient(IDictionary<string, string> headers, WebParameterCollection parameters,
OAuthParameterHandling parameterHandling, string userAgent, string method)
{
_headers = headers;
Parameters = parameters;
ParameterHandling = parameterHandling;
UserAgent = userAgent;
Method = method;
}
public void NormalizeRequestParameters_Normalizes_And_Encodes_QueryString()
{
var parameters = new WebParameterCollection(new[]
{
new WebParameter("test", "value"),
new WebParameter("name", "joe"),
new WebParameter("grant_type", "code"),
new WebParameter("string", "this+is+a+string"),
});
var expected = "grant_type=code&name=joe&string=this%2Bis%2Ba%2Bstring&test=value";
var result = OAuthTools.NormalizeRequestParameters(parameters);
Assert.Equal(expected, result);
}
/// <summary>
/// Creates a request elements concatentation value to send with a request.
/// This is also known as the signature base.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.1.3"/>
/// <seealso href="http://oauth.net/core/1.0#sig_base_example"/>
/// <param name="method">The request's HTTP method type</param>
/// <param name="url">The request URL</param>
/// <param name="parameters">The request's parameters</param>
/// <returns>A signature base string</returns>
public static string ConcatenateRequestElements(string method, string url, WebParameterCollection parameters)
{
var sb = new StringBuilder();
// Separating &'s are not URL encoded
var requestMethod = string.Concat(method.ToUpper(), "&");
var requestUrl = string.Concat(UrlEncodeRelaxed(ConstructRequestUrl(new Uri(url))), "&");
var requestParameters = UrlEncodeRelaxed(NormalizeRequestParameters(parameters));
sb.Append(requestMethod);
sb.Append(requestUrl);
sb.Append(requestParameters);
return sb.ToString();
}
public static string UriMinusQuery(string uri, WebParameterCollection parameters)
{
int queryPos = uri.IndexOf('?');
if (queryPos < 0)
{
return(uri);
}
var query = uri.Substring(queryPos + 1).ParseQueryString();
foreach (var key in query.Keys)
{
parameters.Add(key, query[key].UrlDecode());
}
return(uri.Substring(0, queryPos));
}
public static string Concatenate(this WebParameterCollection collection, string separator, string spacer)
{
StringBuilder stringBuilder = new StringBuilder();
int count = collection.Count;
int num = 0;
foreach (WebPair item in collection)
{
stringBuilder.Append(item.Name);
stringBuilder.Append(separator);
stringBuilder.Append(item.Value);
num++;
if (num < count)
{
stringBuilder.Append(spacer);
}
}
return(stringBuilder.ToString());
}
public static string Concatenate(this WebParameterCollection collection, string separator, string spacer)
{
var sb = new StringBuilder();
var total = collection.Count;
var count = 0;
foreach (var item in collection)
{
sb.Append(item.Name);
sb.Append(separator);
sb.Append(item.Value);
count++;
if (count < total)
{
sb.Append(spacer);
}
}
return(sb.ToString());
}
private void AddXAuthParameters(ICollection <WebPair> parameters, string timestamp, string nonce)
{
var authParameters = new WebParameterCollection
{
new WebPair("x_auth_username", ClientUsername),
new WebPair("x_auth_password", ClientPassword),
new WebPair("x_auth_mode", "client_auth"),
new WebPair("oauth_consumer_key", ConsumerKey),
new WebPair("oauth_signature_method", SignatureMethod.ToRequestValue()),
new WebPair("oauth_timestamp", timestamp),
new WebPair("oauth_nonce", nonce),
new WebPair("oauth_version", Version ?? "1.0")
};
foreach (var authParameter in authParameters)
{
parameters.Add(authParameter);
}
}
public void Can_sort_and_normalize_parameters()
{
var input = new WebParameterCollection
{
{ "a", "1" },
{ "f", "50" },
{ "f", "25" },
{ "z", "t" },
{ "f", "a" },
{ "c", "hi there" },
{ "z", "p" },
};
const string expected = "a=1&c=hi%20there&f=25&f=50&f=a&z=p&z=t";
var actual = OAuthTools.NormalizeRequestParameters(input);
Console.WriteLine(actual);
Assert.AreEqual(expected, actual);
}
public string GetAuthorizationHeader(WebParameterCollection parameters)
{
switch (Type)
{
case OAuthRequestType.RequestToken:
ValidateRequestState();
return GetSignatureAuthorizationHeader(parameters);
case OAuthRequestType.AccessToken:
ValidateAccessRequestState();
return GetSignatureAuthorizationHeader(parameters);
case OAuthRequestType.ProtectedResource:
ValidateProtectedResourceState();
return GetSignatureAuthorizationHeader(parameters);
case OAuthRequestType.ClientAuthentication:
ValidateClientAuthAccessRequestState();
return GetClientSignatureAuthorizationHeader(parameters);
default:
throw new ArgumentOutOfRangeException();
}
}
void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var requestUrl = client.BuildUriWithoutQueryParameters(request);
if (requestUrl.Contains('?'))
{
throw new ApplicationException(
"Using query parameters in the base URL is not supported for OAuth calls. Consider using AddDefaultQueryParameter instead."
);
}
var url = client.BuildUri(request).ToString();
var queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
{
url = url.Substring(0, queryStringStart);
}
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebParameterCollection();
private byte[] PostProcessPostParameters(WebRequest request, Uri uri)
{
var body = "";
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
SetAuthorizationHeader(request, "Authorization");
#if SILVERLIGHT
var postParameters = new WebParameterCollection(uri.Query.ParseQueryString());
#else
var postParameters = new WebParameterCollection(uri.Query.ParseQueryString());
#endif
// Only use the POST parameters that exist in the body
postParameters = new WebParameterCollection(postParameters.Where(p => !p.Name.StartsWith("oauth_")));
// Append any leftover values to the POST body
var nonAuthParameters = GetPostParametersValue(postParameters, true /* escapeParameters */);
if (body.IsNullOrBlank())
{
body = nonAuthParameters;
}
else
{
if (!nonAuthParameters.IsNullOrBlank())
{
body += "&".Then(nonAuthParameters);
}
}
break;
case OAuthParameterHandling.UrlOrPostParameters:
body = GetPostParametersValue(Parameters, false /* escapeParameters */);
break;
}
var content = Encoding.UTF8.GetBytes(body);
return(content);
}
/// <summary>
/// Generates a <see cref="OAuthWebQueryInfo"/> instance to pass to an
/// <see cref="OAuthWebQuery" /> for the purpose of exchanging user credentials
/// for an access token authorized by the user at the Service Provider site.
/// </summary>
/// <param name="method">The HTTP method for the intended request</param>
/// <seealso cref="http://tools.ietf.org/html/draft-dehora-farrell-oauth-accesstoken-creds-00#section-4"/>
/// <param name="parameters">Any existing, non-OAuth query parameters desired in the request</param>
public virtual OAuthWebQueryInfo BuildClientAuthAccessTokenInfo(WebMethod method, WebParameterCollection parameters)
{
ValidateClientAuthAccessRequestState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
var uri = new Uri(AccessTokenUrl);
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
AddXAuthParameters(parameters, timestamp, nonce);
var signatureBase = OAuthTools.ConcatenateRequestElements(method, uri.ToString(), parameters);
var signature = OAuthTools.GetSignature(SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret);
var info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = ParameterHandling,
ClientMode = "client_auth",
ClientUsername = ClientUsername,
ClientPassword = ClientPassword,
ConsumerKey = ConsumerKey,
SignatureMethod = SignatureMethod.ToRequestValue(),
SignatureTreatment = SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = Version,
UserAgent = "Hammock",
TokenSecret = TokenSecret,
ConsumerSecret = ConsumerSecret
};
return(info);
}
private void AddAuthParameters(ICollection <WebPair> parameters, string timestamp, string nonce)
{
var authParameters = new WebParameterCollection
{
new WebPair("oauth_consumer_key", ConsumerKey),
new WebPair("oauth_nonce", nonce),
new WebPair("oauth_signature_method", SignatureMethod.ToRequestValue()),
new WebPair("oauth_timestamp", timestamp),
new WebPair("oauth_version", Version ?? "1.0")
};
if (!Token.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_token", Token));
}
if (!CallbackUrl.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_callback", CallbackUrl));
}
if (!Verifier.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_verifier", Verifier));
}
if (!SessionHandle.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_session_handle", SessionHandle));
}
foreach (var authParameter in authParameters)
{
parameters.Add(authParameter);
}
}
public static Uri UriMinusQuery(this Uri uri, out WebParameterCollection parameters)
{
var sb = new StringBuilder();
parameters = new WebParameterCollection();
var query = uri.Query.ParseQueryString();
foreach (var key in query.Keys)
{
parameters.Add(key, query[key].UrlDecode());
}
var port = uri.Scheme.Equals("http") && uri.Port != 80 ||
uri.Scheme.Equals("https") && uri.Port != 443 ?
":" + uri.Port : "";
sb.Append(uri.Scheme)
.Append("://")
.Append(uri.Host)
.Append(port)
.Append(uri.AbsolutePath);
return(new Uri(sb.ToString()));
}
/// <summary>
/// Generates a <see cref="OAuthWebQueryInfo"/> instance to pass to an
/// <see cref="OAuthWebQuery" /> for the purpose of requesting an
/// unauthorized request token.
/// </summary>
/// <param name="method">The HTTP method for the intended request</param>
/// <param name="parameters">Any existing, non-OAuth query parameters desired in the request</param>
/// <seealso cref="http://oauth.net/core/1.0#anchor9"/>
/// <returns></returns>
public virtual OAuthWebQueryInfo BuildRequestTokenInfo(WebMethod method, WebParameterCollection parameters)
{
ValidateTokenRequestState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
AddAuthParameters(parameters, timestamp, nonce);
var signatureBase = OAuthTools.ConcatenateRequestElements(method, RequestTokenUrl, parameters);
var signature = OAuthTools.GetSignature(SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret);
var info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = ParameterHandling,
ConsumerKey = ConsumerKey,
SignatureMethod = SignatureMethod.ToRequestValue(),
SignatureTreatment = SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = Version,
Callback = OAuthTools.UrlEncodeRelaxed(CallbackUrl ?? ""),
UserAgent = "Hammock",
TokenSecret = TokenSecret,
ConsumerSecret = ConsumerSecret
};
return(info);
}
/// <summary>
/// Sorts a <see cref="WebParameterCollection"/> by name, and then value if equal.
/// </summary>
/// <param name="parameters">A collection of parameters to sort</param>
/// <returns>A sorted parameter collection</returns>
public static WebParameterCollection SortParametersExcludingSignature(WebParameterCollection parameters)
{
var copy = new WebParameterCollection(parameters);
var exclusions = copy.Where(n => n.Name.EqualsIgnoreCase("oauth_signature"));
copy.RemoveAll(exclusions);
copy.ForEach(p => p.Value = UrlEncode(p.Value)); // values are effectively double-encoded
copy.Sort((x, y) => x.Name.Equals(y.Name) ? x.Value.CompareTo(y.Value) : x.Name.CompareTo(y.Name));
return copy;
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var url = client.BuildUri(request, false).ToString();
OAuthWebQueryInfo oauth;
var method = request.Method.Method;
var parameters = new WebParameterCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a seperate class for each OAuth version
var useMultiPart = request.ContentCollectionMode == ContentCollectionMode.MultiPart ||
(request.ContentCollectionMode == ContentCollectionMode.MultiPartForFileParameters && (client.DefaultParameters.GetFileParameters().Any() || request.Parameters.GetFileParameters().Any()));
var requestParameters = client.MergeParameters(request).Where(x => x.Type == ParameterType.GetOrPost || x.Type == ParameterType.QueryString);
if (!useMultiPart)
{
foreach (var p in requestParameters)
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
}
else
{
// if we are sending a multipart request, only the "oauth_" parameters should be included in the signature
foreach (var p in requestParameters.Where(p => p.Name.StartsWith("oauth_", StringComparison.Ordinal)))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
}
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddHeader("Authorization", GetAuthorizationHeader(parameters));
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", oauth.Signature);
foreach (var parameter in parameters.Where(
parameter => !string.IsNullOrEmpty(parameter.Name) &&
(parameter.Name.StartsWith("oauth_") || parameter.Name.StartsWith("x_auth_"))))
{
var v = parameter.Value;
v = Uri.UnescapeDataString(v.Replace('+', ' '));
request.AddParameter(parameter.Name, v);
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
private string GetNewSignatureXAuth(WebParameterCollection parameters)
{
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
AddXAuthParameters(parameters, timestamp, nonce);
var signatureBase = OAuthTools.ConcatenateRequestElements(Method.ToUpperInvariant(), RequestUrl, parameters);
var signature = OAuthTools.GetSignature(SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret);
return signature;
}
private void AddXAuthParameters(ICollection<WebParameter> parameters, string timestamp, string nonce)
{
var authParameters = new WebParameterCollection
{
new WebParameter("x_auth_username", ClientUsername),
new WebParameter("x_auth_password", ClientPassword),
new WebParameter("x_auth_mode", "client_auth"),
new WebParameter("oauth_consumer_key", ConsumerKey),
new WebParameter("oauth_signature_method", ToRequestValue(SignatureMethod)),
new WebParameter("oauth_timestamp", timestamp),
new WebParameter("oauth_nonce", nonce),
new WebParameter("oauth_version", Version ?? "1.0")
};
foreach (var authParameter in authParameters)
{
parameters.Add(authParameter);
}
}
private static string WriteAuthorizationQuery(WebParameterCollection parameters)
{
var sb = new StringBuilder();
parameters.Sort((l, r) => l.Name.CompareTo(r.Name));
var count = 0;
foreach (var parameter in parameters.Where(parameter =>
!IsNullOrBlank(parameter.Name) &&
!IsNullOrBlank(parameter.Value) &&
parameter.Name.StartsWith("oauth_")))
{
count++;
var format = count < parameters.Count ? "{0}={1}&" : "{0}={1}";
sb.AppendFormat(format, parameter.Name, parameter.Value);
}
var authorization = sb.ToString();
return authorization;
}
public string GetAuthorizationHeader(IDictionary<string, string> parameters)
{
var collection = new WebParameterCollection(parameters);
return GetAuthorizationHeader(collection);
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var url = client.BuildUri(request).ToString();
var queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
{
url = url.Substring(0, queryStringStart);
}
OAuthWebQueryInfo oauth;
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebParameterCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a seperate class for each OAuth version
foreach (var p in client.DefaultParameters.Where(p => p.Type == ParameterType.GetOrPost))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddHeader("Authorization", GetAuthorizationHeader(parameters));
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", oauth.Signature);
foreach (var parameter in parameters.Where(parameter => !parameter.Name.IsNullOrBlank() && parameter.Name.StartsWith("oauth_")))
{
request.AddParameter(parameter.Name, HttpUtility.UrlDecode(parameter.Value));
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
private void getCar2GoAccounts(string token, string token_secret, DownloadStringCompletedEventHandler requestCallback)
{
var car2GoRequestEndpoint = "https://www.car2go.com/api/v2.1/accounts";
var parameters = new WebParameterCollection();
parameters.Add("oauth_callback", "oob");
parameters.Add("oauth_signature_method", "HMAC-SHA1");
parameters.Add("oauth_token", token);
parameters.Add("oauth_version", "1.0");
parameters.Add("oauth_consumer_key", FreeCarsCredentials.Car2Go.ConsumerKey);
parameters.Add("oauth_timestamp", OAuthTools.GetTimestamp());
parameters.Add("oauth_nonce", OAuthTools.GetNonce());
parameters.Add("format", "json");
parameters.Add("loc", Car2Go.City);
//parameters.Add("test", "1");
var signatureBase = OAuthTools.ConcatenateRequestElements("GET", car2GoRequestEndpoint, parameters);
var signature = OAuthTools.GetSignature(OAuthSignatureMethod.HmacSha1, OAuthSignatureTreatment.Escaped, signatureBase, FreeCarsCredentials.Car2Go.SharedSecred, token_secret);
var requestParameters = OAuthTools.NormalizeRequestParameters(parameters);
var requestUrl = new Uri(car2GoRequestEndpoint + "?" + requestParameters + "&oauth_signature=" + signature, UriKind.Absolute);
var webClient = new WebClient();
webClient.DownloadStringCompleted += requestCallback;
webClient.DownloadStringAsync(requestUrl);
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
string text = client.BuildUri(request).ToString();
int num = text.IndexOf('?');
if (num != -1)
{
text = text.Substring(0, num);
}
string method = request.Method.ToString().ToUpperInvariant();
WebParameterCollection webParameterCollection = new WebParameterCollection();
if (!request.AlwaysMultipartFormData && !request.Files.Any())
{
foreach (Parameter item in from p in client.DefaultParameters
where p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString
select p)
{
webParameterCollection.Add(new WebPair(item.Name, item.Value.ToString()));
}
foreach (Parameter item2 in from p in request.Parameters
where p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString
select p)
{
webParameterCollection.Add(new WebPair(item2.Name, item2.Value.ToString()));
}
}
else
{
foreach (Parameter item3 in from p in client.DefaultParameters
where (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) && p.Name.StartsWith("oauth_")
select p)
{
webParameterCollection.Add(new WebPair(item3.Name, item3.Value.ToString()));
}
foreach (Parameter item4 in from p in request.Parameters
where (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) && p.Name.StartsWith("oauth_")
select p)
{
webParameterCollection.Add(new WebPair(item4.Name, item4.Value.ToString()));
}
}
OAuthWebQueryInfo oAuthWebQueryInfo;
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = text;
oAuthWebQueryInfo = workflow.BuildRequestTokenInfo(method, webParameterCollection);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = text;
oAuthWebQueryInfo = workflow.BuildAccessTokenInfo(method, webParameterCollection);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = text;
oAuthWebQueryInfo = workflow.BuildClientAuthAccessTokenInfo(method, webParameterCollection);
break;
case OAuthType.ProtectedResource:
oAuthWebQueryInfo = workflow.BuildProtectedResourceInfo(method, webParameterCollection, text);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
webParameterCollection.Add("oauth_signature", oAuthWebQueryInfo.Signature);
request.AddHeader("Authorization", GetAuthorizationHeader(webParameterCollection));
break;
case OAuthParameterHandling.UrlOrPostParameters:
webParameterCollection.Add("oauth_signature", oAuthWebQueryInfo.Signature);
foreach (WebPair item5 in from parameter in webParameterCollection
where !parameter.Name.IsNullOrBlank() && (parameter.Name.StartsWith("oauth_") || parameter.Name.StartsWith("x_auth_"))
select parameter)
{
request.AddParameter(item5.Name, HttpUtility.UrlDecode(item5.Value));
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
protected WebParameterCollection BuildRequestParameters()
{
var parameters = new Dictionary<string, string>();
var properties = Info.GetType().GetProperties();
Info.ParseAttributes<ParameterAttribute>(properties, parameters);
var collection = new WebParameterCollection();
parameters.ForEach(p => collection.Add(new WebParameter(p.Key, p.Value)));
return collection;
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var url = client.BuildUri(request).ToString();
OAuthWebQueryInfo oauth;
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebParameterCollection();
// for non-GET style requests make sure params are part of oauth signature
if (request.Method != Method.GET && request.Method != Method.DELETE)
{
foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
}
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddHeader("Authorization", GetAuthorizationHeader(parameters));
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", HttpUtility.UrlDecode(oauth.Signature));
foreach (var parameter in parameters)
{
request.AddParameter(parameter.Name, parameter.Value);
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
public virtual OAuthWebQueryInfo BuildProtectedResourceInfo(WebMethod method,
WebParameterCollection parameters,
string url)
{
ValidateProtectedResourceState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
// Include url parameters in query pool
var uri = new Uri(url);
#if !SILVERLIGHT && !MonoTouch
var urlParameters = ParseQuery(uri.Query);
#else
var urlParameters = uri.Query.ParseQueryString();
#endif
#if !SILVERLIGHT && !MonoTouch
foreach (var parameter in urlParameters)
#else
foreach (var parameter in urlParameters.Keys)
#endif
{
switch (method)
{
case WebMethod.Post:
parameters.Add(new HttpPostParameter(parameter.Key, parameter.Value));
break;
default:
parameters.Add(parameter.Key, parameter.Value);
break;
}
}
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
// [DC] Make a copy of the parameters so that the signature double-encode isn't used
var copy = new WebParameterCollection();
foreach (var parameter in parameters)
{
copy.Add(new WebPair(parameter.Name, parameter.Value));
}
AddAuthParameters(copy, timestamp, nonce);
// [DC] Escape parameters at this point; do not escape again if recalculating
var signatureBase = OAuthTools.ConcatenateRequestElements(method, url, copy);
var signature = OAuthTools.GetSignature(
SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret, TokenSecret
);
var info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = ParameterHandling,
ConsumerKey = ConsumerKey,
Token = Token,
SignatureMethod = SignatureMethod.ToRequestValue(),
SignatureTreatment = SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = Version ?? "1.0",
Callback = CallbackUrl,
UserAgent = "Hammock",
ConsumerSecret = ConsumerSecret,
TokenSecret = TokenSecret
};
return(info);
}
private void LoadBookedCars()
{
HasBooking = false;
try {
var token = (string)App.GetAppSetting("car2go.oauth_token");
var tokenSecret = (string)App.GetAppSetting("car2go.oauth_token_secret");
if (null == token || null == tokenSecret)
{
return;
}
const string car2GoRequestEndpoint = "https://www.car2go.com/api/v2.1/booking";
var parameters = new WebParameterCollection {
{ "oauth_callback", "oob" },
{ "oauth_signature_method", "HMAC-SHA1" },
{ "oauth_token", token },
{ "oauth_version", "1.0" },
{ "oauth_consumer_key", consumerkey },
{ "oauth_timestamp", OAuthTools.GetTimestamp() },
{ "oauth_nonce", OAuthTools.GetNonce() },
{ "format", "json" },
{ "loc", City },
};
//parameters.Add("test", "1");
var signatureBase = OAuthTools.ConcatenateRequestElements("GET", car2GoRequestEndpoint, parameters);
var signature = OAuthTools.GetSignature(OAuthSignatureMethod.HmacSha1, OAuthSignatureTreatment.Escaped, signatureBase, FreeCarsCredentials.Car2Go.SharedSecred, tokenSecret);
var requestParameters = OAuthTools.NormalizeRequestParameters(parameters);
var requestUrl = new Uri(car2GoRequestEndpoint + "?" + requestParameters + "&oauth_signature=" + signature, UriKind.Absolute);
var webClient = new WebClient();
webClient.OpenReadCompleted += (sender, args) => {
try {
if (0 == args.Result.Length)
{
return;
}
try {
var serializer = new DataContractJsonSerializer(typeof(Car2GoBookingResult));
var bookingResult = (Car2GoBookingResult)serializer.ReadObject(args.Result);
var car2GoCars = new List <Car2GoMarker>();
if (0 == bookingResult.ReturnValue.Code)
{
if (bookingResult.Booking.Length > 0)
{
lastBookedCarsUpdate = DateTime.Now;
}
foreach (var booking in bookingResult.Booking)
{
var car = booking.Vehicle;
GeoCoordinate carPosition = null;
try {
carPosition = new GeoCoordinate(car.Position.Latitude, car.Position.Longitude);
} catch {}
var carInfo = new Car2GoMarker {
model = ("CE" == car.EngineType) ? "C-Smart" : "Smart ElectricDrive",
fuelState = car.Fuel,
position = carPosition,
licensePlate = car.NumberPlate,
ID = car.VIN,
exterior = car.Exterior,
interior = car.Interior,
isBooked = true,
BookingId = bookingResult.Booking[0].BookingId,
};
HasBooking = true;
car2GoCars.Add(carInfo);
}
Markers = car2GoCars;
if (null != Updated)
{
Updated(this, null);
}
}
} catch (NullReferenceException) { }
} catch (WebException) { }
};
webClient.OpenReadAsync(requestUrl);
} catch (Exception e) {
Console.WriteLine(e);
}
}
private string WriteAuthorizationHeader(WebParameterCollection parameters)
{
var sb = new StringBuilder("OAuth ");
if (!IsNullOrBlank(Realm))
{
sb.AppendFormat("realm=\"{0}\",", OAuthTools.UrlEncodeRelaxed(Realm));
}
parameters.Sort((l, r) => l.Name.CompareTo(r.Name));
foreach (var parameter in parameters.Where(parameter =>
!IsNullOrBlank(parameter.Name) &&
!IsNullOrBlank(parameter.Value) &&
(parameter.Name.StartsWith("oauth_") || parameter.Name.StartsWith("x_auth_"))))
{
sb.AppendFormat("{0}=\"{1}\",", parameter.Name, parameter.Value);
}
sb.Remove(sb.Length - 1, 1);
var authorization = sb.ToString();
return authorization;
}
private void CancelCar2GoBooking()
{
var item = (Car2GoMarker)Item;
var car2GoRequestEndpoint = "https://www.car2go.com/api/v2.1/booking/" + item.BookingId;
var oauthToken = (string)App.GetAppSetting("car2go.oauth_token");
var oauthTokenSecret = (string)App.GetAppSetting("car2go.oauth_token_secret");
if (null == oauthToken || null == oauthTokenSecret) {
HandleNotConnectedToCar2Go();
}
var accountId = "";
try {
accountId = ((int)App.GetAppSetting("car2go.oauth_account_id")).ToString();
} catch (NullReferenceException) {
return;
}
var parameters = new WebParameterCollection();
parameters.Add("oauth_callback", "oob");
parameters.Add("oauth_signature_method", "HMAC-SHA1");
parameters.Add("oauth_token", oauthToken);
parameters.Add("oauth_version", "1.0");
parameters.Add("oauth_consumer_key", FreeCarsCredentials.Car2Go.ConsumerKey);
parameters.Add("oauth_timestamp", OAuthTools.GetTimestamp());
parameters.Add("oauth_nonce", OAuthTools.GetNonce());
parameters.Add("format", "json");
parameters.Add("account", accountId);
var signatureBase = OAuthTools.ConcatenateRequestElements("DELETE", car2GoRequestEndpoint, parameters);
var signature = OAuthTools.GetSignature(
OAuthSignatureMethod.HmacSha1,
OAuthSignatureTreatment.Escaped,
signatureBase,
FreeCarsCredentials.Car2Go.SharedSecred,
oauthTokenSecret);
var requestParameters = OAuthTools.NormalizeRequestParameters(parameters);
var para = requestParameters + "&oauth_signature=" + signature;
Helpers.Delete(car2GoRequestEndpoint, para, delegate(Stream args) {
if (null == args) return;
try {
var serializer = new DataContractJsonSerializer(typeof(Car2GoCancelBookingResult));
var resultAccount = (Car2GoCancelBookingResult)serializer.ReadObject(args);
Dispatcher.BeginInvoke(() => {
var mbResult = MessageBoxResult.None;
try {
if (0 == resultAccount.ReturnValue.Code) {
var message = (resultAccount.CancelBooking[0].cancelFeeExists)
? String.Format(
Strings.BookingPageC2GCancelationSuccessful,
resultAccount.CancelBooking[0].cancelFee,
resultAccount.CancelBooking[0].cancelFeeCurrency)
: String.Format(
Strings.BookingPageC2GCancelationSuccessful,
0, "");
mbResult = MessageBox.Show(
message,
resultAccount.ReturnValue.Description, MessageBoxButton.OK);
} else {
mbResult = MessageBox.Show(resultAccount.ReturnValue.Description);
}
} catch (Exception) {
Deactivate();
}
if (mbResult != MessageBoxResult.OK) {
return;
}
InvokeActionCompleted();
});
} catch (SerializationException) {
InvokeActionCompleted();
}
});
}
private static IWebQueryClient CreateOAuthWebQueryClient(IDictionary<string, string> headers,
WebParameterCollection parameters,
OAuthParameterHandling parameterHandling,
string userAgent, string method)
{
return new OAuthWebQueryClient(headers, parameters, parameterHandling, userAgent, method);
}
private static IWebQueryClient CreateWebQueryClient(IDictionary<string, string> headers,
WebParameterCollection parameters, string userAgent,
bool mockClient, IEnumerable<IModel> graph,
bool useTransparentProxy)
{
return CreateWebQueryClient(headers, parameters, userAgent, mockClient, graph, useTransparentProxy, "GET");
}
/// <summary>
/// Creates a request elements concatentation value to send with a request.
/// This is also known as the signature base.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.1.3"/>
/// <seealso cref="http://oauth.net/core/1.0#sig_base_example"/>
/// <param name="method">The request's HTTP method type</param>
/// <param name="url">The request URL</param>
/// <param name="parameters">The request's parameters</param>
/// <returns>A signature base string</returns>
public static string ConcatenateRequestElements(WebMethod method, string url, WebParameterCollection parameters)
{
var sb = new StringBuilder();
// separating &'s are not URL encoded
var requestMethod = method.ToUpper().Then("&");
var requestUrl = UrlEncode(ConstructRequestUrl(url.AsUri())).Then("&");
var requestParameters = UrlEncode(NormalizeRequestParameters(parameters));
sb.Append(requestMethod);
sb.Append(requestUrl);
sb.Append(requestParameters);
return sb.ToString();
}
private static IWebQueryClient CreateWebQueryClient(IDictionary<string, string> headers,
WebParameterCollection parameters, string userAgent,
bool mockClient, IEnumerable<IModel> graph,
bool useTransparentProxy, string method)
{
return
#if !SILVERLIGHT
mockClient
? (IWebQueryClient) new WebQueryClientMock(graph) :
new WebQueryClient(headers, parameters, userAgent, method);
#else
new WebQueryClient(headers, parameters, userAgent, useTransparentProxy);
#endif
}
public WebQuery GetQueryFor(string url, WebParameterCollection parameters, IWebQueryInfo info, WebMethod method, bool enableTrace)
{
return(GetQueryForImpl(info, enableTrace));
}
public async Task <object> Execute(WebParameterCollection webParameters, bool isRegenAccessTokenValue = false)
{
if (_reader == null)
{
return(null);
}
IResponse resp = null;
try
{
_refreshTokenValue = _getRefreshTokenValue == null ? null : _getRefreshTokenValue();
_accessTokenValue = _getAccessTokenValue == null ? null : _getAccessTokenValue();
webParameters.AccessValue = _accessTokenValue;
webParameters.LangCode = _getLanguageCode == null ? "" : _getLanguageCode();
webParameters.LangCode = string.IsNullOrEmpty(webParameters.LangCode) ? "en" : webParameters.LangCode;
resp = await _reader.Execute(webParameters);
if (resp.Error != null)
{
if (resp.Error.GetErrorMsgID() == MessageIdentifier.ACCESS_CONNECTION_TOKEN_EXPIRED &&
!isRegenAccessTokenValue &&
webParameters != null)
{
if (webParameters.WebParameters == null)
{
webParameters.WebParameters = new WebParameter[0];
}
webParameters.WebParameters = (new WebParameter[] { WebParameter.Create("RegenAccessTokenValue", new object[] { _refreshTokenValue }) }).Concat(webParameters.WebParameters).ToArray();
return(await Execute(webParameters, true));
}
throw resp.Error.ToException();
}
if (resp is JSonMultiResponse)
{
var mResp = (JSonMultiResponse)resp;
if (mResp.Result != null &&
mResp.Result.Length > 0 &&
mResp.Result[0].MethodName == "RegenAccessTokenValue")
{
if (mResp.Result[0] == null)
{
throw new NullReferenceException("RegenAccessTokenValue");
}
if (mResp.Result[0].Error != null)
{
throw mResp.Result[0].Error.ToException();
}
var regenResp = mResp.Result[0];
if (regenResp.Result is AccessToken)
{
OnChangeAccessToken(((AccessToken)regenResp.Result).Value, ((AccessToken)regenResp.Result).InvalidPsswrdFormat);
}
mResp.Result = mResp.Result.Skip(1).ToArray();
if (mResp.Result.Length > 0 &&
mResp.Result[0].MethodName == "VerifyConnectionToken")
{
mResp.Result[0].Error = regenResp.Error;
mResp.Result[0].Result = regenResp.Result;
}
regenResp = null;
}
if (mResp.Result != null &&
mResp.Result.Length == 1)
{
resp = mResp.Result[0];
if (resp.Error != null)
{
throw resp.Error.ToException();
}
}
mResp = null;
}
return(resp.Result);
}
catch (Exception ex)
{
throw ex;
}
finally
{
resp = null;
}
}
public WebQuery GetQueryFor(string url, WebParameterCollection parameters, IWebQueryInfo info, WebMethod method)
{
return(GetQueryForImpl(info));
}
public void Create_Appropriate_OAuth1_Header_Signature_With_Querystring_Parameters()
{
const string consumerKey = "enterConsumerKeyHere";
const string consumerSecret = "enterConsumerSecretHere";
const string tokenAccess = "fooaccesstoken";
const string tokenSecret = "foosecrettoken";
const string baseUrl = "http://localhost:8888/oauth1_signature_test";
const string requestUrl = "youvegotmail";
const string qsParamName = "foo";
const string qsParamValue = "bar";
var authenticator = OAuth1Authenticator.ForProtectedResource(consumerKey, consumerSecret, tokenAccess, tokenSecret);
authenticator.ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader; // not sure this matters
var client = new RestClient(baseUrl);
// add the offending parameter in two different ways
var requestWithQs = new RestRequest(requestUrl + $"?{qsParamName}={qsParamValue}", Method.GET);
var requestWithParameter = new RestRequest(requestUrl, Method.GET);
requestWithParameter.AddParameter("foo", "bar");
authenticator.Authenticate(client, requestWithQs);
authenticator.Authenticate(client, requestWithParameter);
var headerWithQs = requestWithQs.Parameters.Single(p => p.Name == "Authorization");
var headerWithParameter = requestWithParameter.Parameters.Single(p => p.Name == "Authorization");
// just for eyeballing
Console.WriteLine("===== Manually added to QS =====");
var urlQs = client.BuildUri(requestWithQs);
Console.WriteLine(urlQs);
foreach (var p in requestWithQs.Parameters)
{
Console.WriteLine($"{p.Name} {p.Type} = {p.Value}");
}
Console.WriteLine("===== Added via Param =====");
var urlParams = client.BuildUri(requestWithParameter);
Console.WriteLine(urlParams);
foreach (var p in requestWithParameter.Parameters)
{
Console.WriteLine($"{p.Name} {p.Type} = {p.Value}");
}
// just because they're constructed differently
Assert.AreNotEqual(headerWithParameter, headerWithQs);
// really need to validate against something that checks the signature, like http://lti.tools/oauth/
// can we test it this way?
var oworkflow = new OAuthWorkflow
{
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Token = tokenAccess,
TokenSecret = tokenSecret,
SignatureMethod = OAuthSignatureMethod.HmacSha1,
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
};
var qsWebParams = new WebParameterCollection();
var infoQs = oworkflow.BuildProtectedResourceInfo("GET", qsWebParams, urlQs.AbsoluteUri);
var paramsWebParams = new WebParameterCollection();
var infoParams = oworkflow.BuildProtectedResourceInfo("GET", paramsWebParams, urlParams.AbsoluteUri);
// no, can't really test it because of nonce and timestamp, but can compare it to something that checks the signature, like http://lti.tools/oauth/
Assert.AreNotEqual(infoQs.Signature, infoParams.Signature);
Assert.Inconclusive("Unverifiable, must compare it to a signature checker like http://lti.tools/oauth/");
}
private void RecalculateSignature(string url)
{
var info = (OAuthWebQueryInfo) Info;
if (!string.IsNullOrEmpty(info.Token) && !string.IsNullOrEmpty(info.TokenSecret))
{
var oauth = new OAuthWorkflow
{
ConsumerKey = info.ConsumerKey,
ConsumerSecret = info.ConsumerSecret,
Token = info.Token,
TokenSecret = info.TokenSecret,
ClientUsername = info.ClientUsername,
ClientPassword = info.ClientPassword,
SignatureMethod = OAuthSignatureMethod.HmacSha1,
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
CallbackUrl = info.Callback,
Verifier = info.Verifier
};
var parameters = new WebParameterCollection();
Info = oauth.BuildProtectedResourceInfo(Method, parameters, url);
Parameters = BuildRequestParameters();
}
}
public string GetAuthorizationHeader(NameValueCollection parameters)
{
var collection = new WebParameterCollection(parameters);
return GetAuthorizationHeader(collection);
}
private void AddAuthParameters(ICollection<WebParameter> parameters, string timestamp, string nonce)
{
var authParameters = new WebParameterCollection
{
new WebParameter("oauth_consumer_key", ConsumerKey),
new WebParameter("oauth_nonce", nonce),
new WebParameter("oauth_signature_method", SignatureMethod.ToRequestValue()),
new WebParameter("oauth_timestamp", timestamp),
new WebParameter("oauth_version", OAUTH_VERSION)
};
if (!Token.IsNullOrBlank())
{
authParameters.Add(new WebParameter("oauth_token", Token));
}
if (!CallbackUrl.IsNullOrBlank())
{
authParameters.Add(new WebParameter("oauth_callback", CallbackUrl));
}
if (!Verifier.IsNullOrBlank())
{
authParameters.Add(new WebParameter("oauth_verifier", Verifier));
}
foreach (var authParameter in authParameters)
{
parameters.Add(authParameter);
}
}
public string GetAuthorizationQuery()
{
var collection = new WebParameterCollection(0);
return GetAuthorizationQuery(collection);
}
/// <summary>
/// Sorts a <see cref="WebParameterCollection"/> by name, and then value if equal.
/// </summary>
/// <param name="parameters">A collection of parameters to sort</param>
/// <returns>A sorted parameter collection</returns>
public static WebParameterCollection SortParametersExcludingSignature(WebParameterCollection parameters)
{
var copy = new WebParameterCollection(parameters);
var exclusions = copy.Where(n => EqualsIgnoreCase(n.Name, "oauth_signature"));
copy.RemoveAll(exclusions);
foreach(var parameter in copy)
{
parameter.Value = UrlEncodeStrict(parameter.Value);
}
copy.Sort((x, y) => x.Name.Equals(y.Name) ? x.Value.CompareTo(y.Value) : x.Name.CompareTo(y.Name));
return copy;
}
private void AddAuthParameters(ICollection<WebParameter> parameters, string timestamp, string nonce)
{
var authParameters = new WebParameterCollection
{
new WebParameter("oauth_consumer_key", ConsumerKey),
new WebParameter("oauth_nonce", nonce),
new WebParameter("oauth_signature_method", ToRequestValue(SignatureMethod)),
new WebParameter("oauth_timestamp", timestamp),
new WebParameter("oauth_version", Version ?? "1.0")
};
if (!IsNullOrBlank(Token))
{
authParameters.Add(new WebParameter("oauth_token", Token));
}
if (!IsNullOrBlank(CallbackUrl))
{
authParameters.Add(new WebParameter("oauth_callback", CallbackUrl));
}
if (!IsNullOrBlank(Verifier))
{
authParameters.Add(new WebParameter("oauth_verifier", Verifier));
}
if (!IsNullOrBlank(SessionHandle))
{
authParameters.Add(new WebParameter("oauth_session_handle", SessionHandle));
}
foreach (var authParameter in authParameters)
{
parameters.Add(authParameter);
}
}
private void CreateCar2GoBooking(DownloadStringCompletedEventHandler requestCallback)
{
var item = (Car2GoMarker)Item;
var car2GoRequestEndpoint = "https://www.car2go.com/api/v2.1/bookings";
var oauth_timestamp = (DateTime?)App.GetAppSetting("car2go.oauth_token_timestamp");
if (null == oauth_timestamp) {
App.ClearAppSetting("car2go.oauth_token");
App.ClearAppSetting("car2go.oauth_token_secret");
} else if (((DateTime)oauth_timestamp).AddDays(90.0).CompareTo(DateTime.UtcNow) <= 0) {
App.ClearAppSetting("car2go.oauth_token");
App.ClearAppSetting("car2go.oauth_token_secret");
}
var oauthToken = (string)App.GetAppSetting("car2go.oauth_token");
var oauthTokenSecret = (string)App.GetAppSetting("car2go.oauth_token_secret");
if (null == oauthToken || null == oauthTokenSecret) {
HandleNotConnectedToCar2Go(null == oauth_timestamp ? "" : Strings.SettingsPageCar2GoAuthExpired);
}
var accountId = "";
try {
accountId = ((int)App.GetAppSetting("car2go.oauth_account_id")).ToString();
} catch (NullReferenceException) {
return;
}
var parameters = new WebParameterCollection();
parameters.Add("oauth_callback", "oob");
parameters.Add("oauth_signature_method", "HMAC-SHA1");
parameters.Add("oauth_token", oauthToken);
parameters.Add("oauth_version", "1.0");
parameters.Add("oauth_consumer_key", FreeCarsCredentials.Car2Go.ConsumerKey);
parameters.Add("oauth_timestamp", OAuthTools.GetTimestamp());
parameters.Add("oauth_nonce", OAuthTools.GetNonce());
parameters.Add("format", "json");
parameters.Add("loc", Car2Go.City);
parameters.Add("vin", item.ID);
parameters.Add("account", accountId);
var signatureBase = OAuthTools.ConcatenateRequestElements("POST", car2GoRequestEndpoint, parameters);
var signature = OAuthTools.GetSignature(
OAuthSignatureMethod.HmacSha1,
OAuthSignatureTreatment.Escaped,
signatureBase,
FreeCarsCredentials.Car2Go.SharedSecred,
oauthTokenSecret);
var requestParameters = OAuthTools.NormalizeRequestParameters(parameters);
var para = requestParameters + "&oauth_signature=" + signature;
Helpers.Post(car2GoRequestEndpoint, para, delegate(Stream response) {
if (null == response) return;
var serializer = new DataContractJsonSerializer(typeof(Car2GoBookingResult));
var resultAccounts = (Car2GoBookingResult)serializer.ReadObject(response);
Dispatcher.BeginInvoke(() => {
var mbResult = MessageBoxResult.None;
try {
mbResult = 0 == resultAccounts.ReturnValue.Code
? MessageBox.Show(resultAccounts.Booking[0].Vehicle.Position.Address, resultAccounts.ReturnValue.Description, MessageBoxButton.OK)
: MessageBox.Show(resultAccounts.ReturnValue.Description);
} catch (Exception) {
Deactivate();
}
if (mbResult == MessageBoxResult.OK) {
InvokeActionCompleted();
FlurryWP7SDK.Api.LogEvent("Car2GoBookingSucessfull");
}
});
});
FlurryWP7SDK.Api.LogEvent("Car2GoookingStarted");
}
private string GetClientSignatureAuthorizationQuery(WebParameterCollection parameters)
{
var signature = GetNewSignatureXAuth(parameters);
parameters.Add("oauth_signature", signature);
return WriteAuthorizationQuery(parameters);
}
private string RequestHeaderString(string requestMethod, string url, Dictionary <string, object> parameters = null)
{
if (!this.isInitialized)
{
throw new Exception();
}
string authorizationHeader;
if (requestMethod == "GET")
{
WebParameterCollection webParameterCollection = new WebParameterCollection();
int num = url.IndexOf('?');
if (num != -1)
{
string text = url.Substring(num + 1);
string[] array = text.Split(new char[]
{
'&'
});
foreach (string text2 in array)
{
string[] array3 = text2.Split(new char[]
{
'='
});
webParameterCollection.Add(array3[0], array3[1]);
}
}
OAuthRequest oauthRequest = new OAuthRequest
{
Method = "GET",
ConsumerKey = this.counsumerKey,
ConsumerSecret = this.counsumerSecret,
RequestUrl = string.Format(url, "request_token"),
Token = this.tokenKey,
TokenSecret = this.tokenSecret
};
authorizationHeader = oauthRequest.GetAuthorizationHeader(webParameterCollection);
}
else
{
WebParameterCollection webParameterCollection2 = new WebParameterCollection();
int num2 = url.IndexOf('?');
if (num2 != -1)
{
string text3 = url.Substring(num2 + 1);
string[] array4 = text3.Split(new char[]
{
'&'
});
foreach (string text4 in array4)
{
string[] array6 = text4.Split(new char[]
{
'='
});
webParameterCollection2.Add(array6[0], array6[1]);
}
}
if (parameters != null)
{
foreach (KeyValuePair <string, object> keyValuePair in parameters)
{
webParameterCollection2.Add(Uri.EscapeUriString(keyValuePair.Key), Uri.EscapeUriString(keyValuePair.Value.ToString()));
}
}
OAuthRequest oauthRequest2 = new OAuthRequest
{
Method = "POST",
ConsumerKey = this.counsumerKey,
ConsumerSecret = this.counsumerSecret,
RequestUrl = string.Format(url, "request_token"),
Token = this.tokenKey,
TokenSecret = this.tokenSecret
};
authorizationHeader = oauthRequest2.GetAuthorizationHeader(webParameterCollection2);
}
return(authorizationHeader);
}
private string WriteAuthorizationHeader(WebParameterCollection parameters)
{
var sb = new StringBuilder("OAuth ");
if (!IsNullOrBlank(Realm))
{
sb.AppendFormat("realm=\"{0}\",", OAuthTools.UrlEncodeRelaxed(Realm));
}
parameters.Sort((l, r) => l.Name.CompareTo(r.Name));
var count = 0;
foreach (var parameter in parameters.Where(parameter =>
!IsNullOrBlank(parameter.Name) &&
!IsNullOrBlank(parameter.Value) &&
parameter.Name.StartsWith("oauth_")))
{
count++;
var format = count < parameters.Count ? "{0}=\"{1}\"," : "{0}=\"{1}\"";
sb.AppendFormat(format, parameter.Name, parameter.Value);
}
var authorization = sb.ToString();
return authorization;
}
/// <summary>
/// Creates a request elements concatentation value to send with a request.
/// This is also known as the signature base.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.1.3"/>
/// <seealso cref="http://oauth.net/core/1.0#sig_base_example"/>
/// <param name="method">The request's HTTP method type</param>
/// <param name="url">The request URL</param>
/// <param name="parameters">The request's parameters</param>
/// <returns>A signature base string</returns>
public static string ConcatenateRequestElements(WebMethod method, string url, WebParameterCollection parameters)
{
var sb = new StringBuilder();
// Separating &'s are not URL encoded
var requestMethod = method.ToUpper().Then("&");
var requestUrl = UrlEncodeRelaxed(ConstructRequestUrl(url.AsUri())).Then("&");
var requestParameters = UrlEncodeRelaxed(NormalizeRequestParameters(parameters));
sb.Append(requestMethod);
sb.Append(requestUrl);
sb.Append(requestParameters);
return(sb.ToString());
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var requestUrl = client.BuildUriWithoutQueryParameters(request);
if (requestUrl.Contains('?'))
{
throw new ApplicationException("Using query parameters in the base URL is not supported for OAuth calls. Consider using AddDefaultQueryParameter instead.");
}
var url = client.BuildUri(request).ToString();
var queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
{
url = url.Substring(0, queryStringStart);
}
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebParameterCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a seperate class for each OAuth version
if (!request.AlwaysMultipartFormData && !request.Files.Any())
{
parameters.AddRange(
client.DefaultParameters
.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)
.Select(p => new WebPair(p.Name, p.Value.ToString())));
parameters.AddRange(
request.Parameters
.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)
.Select(p => new WebPair(p.Name, p.Value.ToString())));
}
else
{
// if we are sending a multipart request, only the "oauth_" parameters should be included in the signature
parameters.AddRange(
client.DefaultParameters
.Where(p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) &&
p.Name.StartsWith("oauth_"))
.Select(p => new WebPair(p.Name, p.Value.ToString())));
parameters.AddRange(
request.Parameters
.Where(p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) &&
p.Name.StartsWith("oauth_"))
.Select(p => new WebPair(p.Name, p.Value.ToString())));
}
OAuthWebQueryInfo oauth;
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddOrUpdateParameter("Authorization", GetAuthorizationHeader(parameters), ParameterType.HttpHeader);
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", oauth.Signature);
var headers =
parameters.Where(p => !p.Name.IsNullOrBlank() &&
(p.Name.StartsWith("oauth_") || p.Name.StartsWith("x_auth_")))
.Select(p => new Parameter
{
Name = p.Name,
Value = HttpUtility.UrlDecode(p.Value),
Type = ParameterType.GetOrPost
});
foreach (var header in headers)
{
request.AddOrUpdateParameter(header);
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
/// <summary>
/// Sorts a collection of key-value pairs by name, and then value if equal,
/// concatenating them into a single string. This string should be encoded
/// prior to, or after normalization is run.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.1.1"/>
/// <param name="parameters"></param>
/// <returns></returns>
public static string NormalizeRequestParameters(WebParameterCollection parameters)
{
var copy = SortParametersExcludingSignature(parameters);
foreach (var param in copy)
{
param.Value = UrlEncodeParameterString(param.Value);
}
var concatenated = copy.Concatenate("=", "&");
return concatenated;
}
// todo duplicated in OAuthWebQueryClient, consolidate
protected override WebRequest BuildPostOrPutWebRequest(PostOrPut method, string url, out byte[] content)
{
// remove POST parameters from query
var uri = url.AsUri();
url = uri.Scheme.Then("://")
#if !SILVERLIGHT
.Then(uri.Authority)
#else
.Then(uri.Host)
#endif
;
if (uri.Port != 80)
{
url = url.Then(":" + uri.Port);
}
url = url.Then(uri.AbsolutePath);
var request = (HttpWebRequest) WebRequest.Create(url);
request.Method = method == PostOrPut.Post ? "POST" : "PUT";
request.ContentType = "application/x-www-form-urlencoded";
#if !SILVERLIGHT
if (!Proxy.IsNullOrBlank())
{
SetWebProxy(request);
}
#endif
foreach (var header in Headers)
{
#if !SILVERLIGHT
request.Headers.Add(header.Key, header.Value);
#else
request.Headers[header.Key] = header.Value;
#endif
}
if (!UserAgent.IsNullOrBlank())
{
#if !SILVERLIGHT
request.UserAgent = UserAgent;
#else
request.Headers["User-Agent"] = UserAgent;
#endif
}
if (UseCompression)
{
#if !SILVERLIGHT
request.AutomaticDecompression = DecompressionMethods.GZip;
#else
request.Accept = "gzip,deflate";
#endif
}
#if !SILVERLIGHT
if (RequestTimeout.HasValue)
{
request.Timeout = (int)RequestTimeout.Value.TotalMilliseconds;
}
if (KeepAlive)
{
request.KeepAlive = true;
}
#endif
var body = "";
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
SetAuthorizationHeader(request, "Authorization");
break;
case OAuthParameterHandling.UrlOrPostParameters:
body = GetPostParametersValue(Parameters, false);
break;
}
// Only use the POST parameters that exist in the body
#if SILVERLIGHT
var postParameters = new WebParameterCollection(uri.Query.ParseQueryString());
#else
var postParameters = new WebParameterCollection(HttpUtility.ParseQueryString(uri.Query));
#endif
// Append any leftover values to the POST body
var nonAuthParameters = GetPostParametersValue(postParameters, true);
if (body.IsNullOrBlank())
{
body = nonAuthParameters;
}
else
{
if (!nonAuthParameters.IsNullOrBlank())
{
body += "&".Then(nonAuthParameters);
}
}
content = Encoding.UTF8.GetBytes(body);
#if !SILVERLIGHT
request.ContentLength = content.Length;
// Silverlight sets this dynamically
#endif
return request;
}
/// <summary>
/// Sorts a collection of key-value pairs by name, and then value if equal,
/// concatenating them into a single string. This string should be encoded
/// prior to, or after normalization is run.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.1.1"/>
/// <param name="parameters"></param>
/// <returns></returns>
public static string NormalizeRequestParameters(WebParameterCollection parameters)
{
var copy = SortParametersExcludingSignature(parameters);
var concatenated = Concatenate(copy, "=", "&");
return concatenated;
}
