public static void TryRethrow(OAuthParameters parameters)
{
if (!parameters.HasProblem) {
OAuthRequestException ex = new OAuthRequestException(parameters.ProblemAdvice, parameters.ProblemType);
// Load additional parameter for specific types
switch (parameters.ProblemType) {
case OAuthProblemTypes.VersionRejected:
if (!String.IsNullOrEmpty(parameters.AcceptableVersions))
ex.AddParameter(OAuthErrorParameterKeys.AcceptableVersions, parameters.AcceptableVersions);
break;
case OAuthProblemTypes.ParameterAbsent:
if (!String.IsNullOrEmpty(parameters.ParametersAbsent))
ex.AddParameter(OAuthErrorParameterKeys.ParametersAbsent, parameters.ParametersAbsent);
break;
case OAuthProblemTypes.ParameterRejected:
if (!String.IsNullOrEmpty(parameters.ParametersRejected))
ex.AddParameter(OAuthErrorParameterKeys.ParametersRejected, parameters.ParametersRejected);
break;
case OAuthProblemTypes.TimestampRefused:
if (!String.IsNullOrEmpty(parameters.AcceptableTimestamps))
ex.AddParameter(OAuthErrorParameterKeys.AcceptableTimestamps, parameters.AcceptableTimestamps);
break;
}
// Throw the OAuthRequestException
throw ex;
}
}
private void DoGetRequestToken()
{
// Fire the OnBeforeGetRequestToken event
PreRequestEventArgs args = new PreRequestEventArgs(Service.RequestTokenUrl, Service.RequestTokenEndPoint.HttpMethod, CallbackUrl);
if (BeforeGetRequestToken != null)
{
BeforeGetRequestToken(this, args);
}
OAuthParameters authParams = CreateOAuthParameters(args.AdditionalParameters);
authParams.Callback = args.CallbackUrl == null ? OAuthOutOfBandCallback : args.CallbackUrl.AbsoluteUri;
SignParameters(args.RequestUri, args.HttpMethod, authParams, null);
// Create and sign the request
HttpWebRequest request = CreateRequest(
args.RequestUri,
authParams,
args.HttpMethod,
args.HttpMethod == "POST" ? HttpPostUrlEncodedContentType : String.Empty,
null);
OAuthParameters responseParameters;
// Get the service provider response
try {
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(response);
OAuthRequestException.TryRethrow(responseParameters);
} catch (WebException e) {
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse);
OAuthRequestException.TryRethrow(responseParameters);
// If no OAuthRequestException, rethrow the WebException
throw;
}
// Store the request token
RequestToken = new OAuthToken(TokenType.Request, responseParameters.Token, responseParameters.TokenSecret, Service.Consumer);
// Fire the OnReceiveRequestToken event
RequestTokenReceivedEventArgs responseArgs = new RequestTokenReceivedEventArgs(RequestToken);
responseArgs.Parameters.Add(responseParameters.AdditionalParameters);
if (ReceiveRequestToken != null)
{
ReceiveRequestToken(this, responseArgs);
}
}
public OAuthParameters Clone()
{
var clone = new OAuthParameters();
foreach (KeyValuePair <string, string> item in parameters)
{
clone.parameters[item.Key] = item.Value;
}
clone.additionalParameters = new NameValueCollection(additionalParameters);
return(clone);
}
protected override void ParseParameters(IHttpContext httpContext, OAuthRequestContext requestContext)
{
// Try to parse the parameters
OAuthParameters parameters = OAuthParameters.Parse(httpContext.Request, OAuthParameterSources.ServiceProviderDefault);
/*
* Check for missing required parameters:
*
* The consumer key, signature method, signature, timestamp and nonce parameters
* are all required
*/
parameters.RequireAllOf(
OAuthParameterKeys.ConsumerKey,
OAuthParameterKeys.Token,
OAuthParameterKeys.SignatureMethod,
OAuthParameterKeys.Signature,
OAuthParameterKeys.Timestamp,
OAuthParameterKeys.Nonce,
OAuthParameterKeys.Verifier);
/*
* The version parameter is optional, but it if is present its value must be 1.0
*/
if (parameters.Version != null)
{
parameters.RequireVersion("1.0");
}
/*
* Check that there are no other parameters except for realm, version and
* the required parameters
*/
parameters.AllowOnly(
OAuthParameterKeys.ConsumerKey,
OAuthParameterKeys.Token,
OAuthParameterKeys.SignatureMethod,
OAuthParameterKeys.Signature,
OAuthParameterKeys.Timestamp,
OAuthParameterKeys.Nonce,
OAuthParameterKeys.Verifier,
OAuthParameterKeys.Version, // (optional)
OAuthParameterKeys.Realm); // (optional)
requestContext.Parameters = parameters;
}
private void ParseParameters(IHttpContext httpContext, OAuthRequestContext context)
{
// Try to parse the parameters
OAuthParameters parameters = OAuthParameters.Parse(httpContext.Request);
/*
* Check for missing required parameters:
*
* The consumer key, token, signature method, signature, timestamp and nonce parameters
* are all required
*/
if (consumerRequests)
{
parameters.RequireAllOf(
OAuthParameterKeys.ConsumerKey,
OAuthParameterKeys.SignatureMethod,
OAuthParameterKeys.Signature,
OAuthParameterKeys.Timestamp,
OAuthParameterKeys.Nonce);
}
else
{
// For 3 legged TokenParameter is required
parameters.RequireAllOf(
OAuthParameterKeys.ConsumerKey,
OAuthParameterKeys.Token,
OAuthParameterKeys.SignatureMethod,
OAuthParameterKeys.Signature,
OAuthParameterKeys.Timestamp,
OAuthParameterKeys.Nonce);
}
/*
* The version parameter is optional, but it if is present its value must be 1.0
*/
if (parameters.Version != null)
{
parameters.RequireVersion("1.0");
}
context.Parameters = parameters;
}
public static void TryRethrow(OAuthParameters parameters)
{
if (!parameters.HasProblem)
{
OAuthRequestException ex = new OAuthRequestException(parameters.ProblemAdvice, parameters.ProblemType);
// Load additional parameter for specific types
switch (parameters.ProblemType)
{
case OAuthProblemTypes.VersionRejected:
if (!String.IsNullOrEmpty(parameters.AcceptableVersions))
{
ex.AddParameter(OAuthErrorParameterKeys.AcceptableVersions, parameters.AcceptableVersions);
}
break;
case OAuthProblemTypes.ParameterAbsent:
if (!String.IsNullOrEmpty(parameters.ParametersAbsent))
{
ex.AddParameter(OAuthErrorParameterKeys.ParametersAbsent, parameters.ParametersAbsent);
}
break;
case OAuthProblemTypes.ParameterRejected:
if (!String.IsNullOrEmpty(parameters.ParametersRejected))
{
ex.AddParameter(OAuthErrorParameterKeys.ParametersRejected, parameters.ParametersRejected);
}
break;
case OAuthProblemTypes.TimestampRefused:
if (!String.IsNullOrEmpty(parameters.AcceptableTimestamps))
{
ex.AddParameter(OAuthErrorParameterKeys.AcceptableTimestamps, parameters.AcceptableTimestamps);
}
break;
}
// Throw the OAuthRequestException
throw ex;
}
}
private void SignParameters(Uri requestUri, string httpMethod, OAuthParameters authParameters, IToken token)
{
// Check there is a signing provider for the signature method
ISignProvider signingProvider = context.GetSignProvider(Service.SignatureMethod);
if (signingProvider == null)
{
// There is no signing provider for this signature method
throw new OAuthRequestException(null, OAuthProblemTypes.SignatureMethodRejected);
}
// Double check the signing provider declares that it can handle the signature method
if (!signingProvider.SignatureMethod.Equals(Service.SignatureMethod))
{
throw new OAuthRequestException(null, OAuthProblemTypes.SignatureMethodRejected);
}
// Compute the signature
authParameters.Sign(requestUri, httpMethod, Service.Consumer, token, signingProvider);
}
private OAuthParameters CreateOAuthParameters(NameValueCollection additionalParameters)
{
int timestamp = UnixTime.ToUnixTime(DateTime.Now);
OAuthParameters authParameters = new OAuthParameters();
authParameters.ConsumerKey = Service.Consumer.Key;
authParameters.Realm = Service.Realm;
authParameters.SignatureMethod = Service.SignatureMethod;
authParameters.Timestamp = timestamp.ToString(CultureInfo.InvariantCulture);
authParameters.Nonce = context.NonceGenerator.GenerateNonce(timestamp);
authParameters.Version = Service.OAuthVersion;
if (additionalParameters != null && additionalParameters.Count > 0)
{
authParameters.AdditionalParameters.Add(additionalParameters);
}
return(authParameters);
}
public static string Create(string httpMethod, Uri requestUrl, OAuthParameters parameters)
{
StringBuilder sigbase = new StringBuilder();
// Http header
sigbase.Append(Rfc3986.Encode(httpMethod)).Append("&");
// Normalized request URL
sigbase.Append(Rfc3986.Encode(requestUrl.Scheme));
sigbase.Append(Rfc3986.Encode("://"));
sigbase.Append(Rfc3986.Encode(requestUrl.Authority.ToLowerInvariant()));
sigbase.Append(Rfc3986.Encode(requestUrl.AbsolutePath));
sigbase.Append("&");
// Normalized parameters
sigbase.Append(
Rfc3986.Encode(parameters.ToNormalizedString(OAuthParameterKeys.Realm, OAuthParameterKeys.Signature,
OAuthParameterKeys.TokenSecret)));
return sigbase.ToString();
}
public static string Create(string httpMethod, Uri requestUrl, OAuthParameters parameters)
{
StringBuilder sigbase = new StringBuilder();
// Http header
sigbase.Append(Rfc3986.Encode(httpMethod)).Append("&");
// Normalized request URL
sigbase.Append(Rfc3986.Encode(requestUrl.Scheme));
sigbase.Append(Rfc3986.Encode("://"));
sigbase.Append(Rfc3986.Encode(requestUrl.Authority.ToLowerInvariant()));
sigbase.Append(Rfc3986.Encode(requestUrl.AbsolutePath));
sigbase.Append("&");
// Normalized parameters
sigbase.Append(
Rfc3986.Encode(parameters.ToNormalizedString(OAuthParameterKeys.Realm, OAuthParameterKeys.Signature,
OAuthParameterKeys.TokenSecret)));
return(sigbase.ToString());
}
public OAuthRequestToken(string token, string secret, IConsumer consumer, TokenStatus status, OAuthParameters parameters, IIdentity user, string[] roles)
{
if (string.IsNullOrEmpty(token))
throw new ArgumentException("token must not be null or empty", "token");
if (secret == null)
throw new ArgumentNullException("secret", "secret must not be null");
if (consumer == null)
throw new ArgumentNullException("consumer", "consumer must not be null");
if (roles == null)
throw new ArgumentNullException("roles", "roles must not be null");
this.token = token;
this.secret = secret;
this.status = status;
consumerKey = consumer.Key;
this.parameters = parameters;
this.user = user;
this.roles = roles;
}
private OAuthResponse GetResource(NameValueCollection parameters, string contentType, Stream bodyStream)
{
OAuthResponse response;
HttpWebRequest request = PrepareProtectedResourceRequest(parameters, contentType, bodyStream);
// A null value for the HttpWebRequest is returned when a ResponseToken is returned
// and no one has returned in the AuthorizationHandler continue with getting an AccessToken
// or an RequestToken exists but the AccessToken request was refused.
if (request == null)
{
response = new OAuthResponse(RequestToken);
}
else
{
OAuthParameters responseParameters;
try {
OAuthResource resource = new OAuthResource((HttpWebResponse)request.GetResponse());
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(resource);
OAuthRequestException.TryRethrow(responseParameters);
// If nothing is thrown then we should have a valid resource.
response = new OAuthResponse(AccessToken ?? RequestToken, resource);
} catch (WebException e) {
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse);
OAuthRequestException.TryRethrow(responseParameters);
// If no OAuthRequestException, rethrow the WebException
#warning TODO: We have consumer the WebException's body so rethrowing it is pretty pointless; wrap the WebException in an OAuthProtocolException and store the body (create an OAuthResource before parsing parameters)
throw;
}
}
return(response);
}
private HttpWebRequest DoPrepareProtectedResourceRequest(NameValueCollection parameters, string contentType, Stream bodyStream)
{
// Fire the OnBeforeGetProtectedResource event
PreProtectedResourceRequestEventArgs preArgs = new PreProtectedResourceRequestEventArgs(ResourceUri,
ResourceEndPoint.HttpMethod,
RequestToken, AccessToken);
if (parameters != null)
{
preArgs.AdditionalParameters.Add(parameters);
}
if (BeforeGetProtectedResource != null)
{
BeforeGetProtectedResource(this, preArgs);
}
OAuthParameters authParams = CreateOAuthParameters(preArgs.AdditionalParameters);
SignParameters(preArgs.RequestUri, preArgs.HttpMethod, authParams, AccessToken);
return(CreateRequest(preArgs.RequestUri, authParams, preArgs.HttpMethod, contentType, bodyStream));
}
protected override void ParseParameters(IHttpContext httpContext, OAuthRequestContext requestContext)
{
// Try to parse the parameters
OAuthParameters parameters = OAuthParameters.Parse(httpContext.Request, OAuthParameterSources.ServiceProviderDefault);
/*
* Check for missing required parameters:
*
* The consumer key, signature method, signature, timestamp and nonce parameters
* are all required
*/
parameters.RequireAllOf(OAuthParameterKeys.ConsumerKey, OAuthParameterKeys.SignatureMethod,
OAuthParameterKeys.Signature, OAuthParameterKeys.Timestamp, OAuthParameterKeys.Nonce,
OAuthParameterKeys.Callback);
// The version parameter is optional, but it if is present its value must be 1.0
if (parameters.Version != null)
{
parameters.RequireVersion("1.0");
}
requestContext.Parameters = parameters;
}
private bool DoGetAccessToken()
{
// Fire the OnBeforeGetAccessToken event
PreAccessTokenRequestEventArgs preArgs = new PreAccessTokenRequestEventArgs(Service.AccessTokenUrl,
Service.AccessTokenEndPoint.HttpMethod,
RequestToken, RequestTokenVerifier);
if (BeforeGetAccessToken != null)
{
BeforeGetAccessToken(this, preArgs);
}
// Create and sign the request
OAuthParameters authParams = CreateOAuthParameters(null);
authParams.Verifier = preArgs.Verifier;
// We don't have a verifier so something has gone wrong in the process.
if (string.IsNullOrEmpty(authParams.Verifier))
{
return(false);
}
SignParameters(preArgs.RequestUri, preArgs.HttpMethod, authParams, RequestToken);
HttpWebRequest request = CreateRequest(preArgs.RequestUri, authParams, preArgs.HttpMethod,
preArgs.HttpMethod == "POST" ? HttpPostUrlEncodedContentType : String.Empty,
null);
OAuthParameters responseParameters;
// Get the service provider response
try {
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(response);
OAuthRequestException.TryRethrow(responseParameters);
} catch (WebException e) {
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse);
OAuthRequestException.TryRethrow(responseParameters);
// If no OAuthRequestException, rethrow the WebException
throw;
}
// Store the access token
AccessToken = new OAuthToken(TokenType.Access, responseParameters.Token, responseParameters.TokenSecret, Service.Consumer);
// Fire the OnReceiveAccessToken event
AccessTokenReceivedEventArgs responseArgs = new AccessTokenReceivedEventArgs(RequestToken, AccessToken);
responseArgs.AdditionalParameters.Add(responseParameters.AdditionalParameters);
if (ReceiveAccessToken != null)
{
ReceiveAccessToken(this, responseArgs);
}
return(true);
}
internal static OAuthParameters DoParse(string authHeader, string wwwAuthHeader, NameValueCollection form, NameValueCollection queryString, OAuthParameterSources sources, bool validateParameters)
{
if (sources == OAuthParameterSources.None)
throw new ArgumentException("sources must not be OAuthParameterSources.None", "sources");
bool useAuthHeader = (sources & OAuthParameterSources.AuthorizationHeader) == OAuthParameterSources.AuthorizationHeader;
bool useWwwAuthHeader = (sources & OAuthParameterSources.AuthenticateHeader) == OAuthParameterSources.AuthenticateHeader;
bool usePost = (sources & OAuthParameterSources.PostBody) == OAuthParameterSources.PostBody;
bool useQueryString = (sources & OAuthParameterSources.QueryString) == OAuthParameterSources.QueryString;
NameValueCollection authHeaderParams = useAuthHeader ? ParseAuthHeader(authHeader) : null;
NameValueCollection wwwAuthHeaderParams = useWwwAuthHeader ? ParseAuthHeader(wwwAuthHeader) : null;
NameValueCollection postParams = usePost ? form : null;
NameValueCollection queryStringParams = useQueryString ? queryString : null;
// Do validation if required
if (validateParameters) {
/*
* Check for any duplicated OAuth parameters
*/
ResultInfo<string[]> result = CheckForDuplicateReservedParameters(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
throw new ParametersRejectedException(null, result);
/*
* Check for non-reserved parameters prefixed with oauth_
*/
result = CheckForInvalidParameterNames(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
throw new ParametersRejectedException(null, result);
}
OAuthParameters parameters = new OAuthParameters();
parameters.Callback = GetParam(OAuthParameterKeys.Callback, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.ConsumerKey = GetParam(OAuthParameterKeys.ConsumerKey, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Nonce = GetParam(OAuthParameterKeys.Nonce, authHeaderParams, postParams, wwwAuthHeaderParams,
queryStringParams);
parameters.Realm = authHeaderParams != null ? authHeaderParams[OAuthParameterKeys.Realm] : null;
parameters.Signature = GetParam(OAuthParameterKeys.Signature, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.SignatureMethod = GetParam(OAuthParameterKeys.SignatureMethod, wwwAuthHeaderParams, authHeaderParams,
postParams, queryStringParams);
parameters.Timestamp = GetParam(OAuthParameterKeys.Timestamp, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Token = GetParam(OAuthParameterKeys.Token, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.TokenSecret = GetParam(OAuthParameterKeys.TokenSecret, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Version = GetParam(OAuthParameterKeys.Version, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Verifier = GetParam(OAuthParameterKeys.Verifier, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.additionalParameters = GetNonOAuthParameters(wwwAuthHeaderParams, postParams, queryStringParams);
return parameters;
}
private HttpWebRequest CreateRequest(Uri requestUri, OAuthParameters authParameters, string httpMethod, string contentType, Stream bodyStream) {
NameValueCollection requestSpecificParameters = new NameValueCollection(authParameters.AdditionalParameters);
if (!Service.UseAuthorizationHeader) {
////The OAuth params need to be added either into the querystring or into the post body.
requestSpecificParameters.Add(authParameters.OAuthRequestParams());
}
if (HttpPostUrlEncodedContentTypeRegex.IsMatch(contentType) && bodyStream == null) {
////All the requestSpecificParameters need to be encoded into the body bytes
string body = Rfc3986.EncodeAndJoin(requestSpecificParameters);
bodyStream = new MemoryStream(Encoding.ASCII.GetBytes(body));
} else {
////They go into the querystring.
string query = Rfc3986.EncodeAndJoin(requestSpecificParameters);
if (!string.IsNullOrEmpty(query)) {
UriBuilder mutableRequestUri = new UriBuilder(requestUri);
if (string.IsNullOrEmpty(mutableRequestUri.Query))
mutableRequestUri.Query = query;
else
mutableRequestUri.Query = mutableRequestUri.Query.Substring(1) + "&" + query;
requestUri = mutableRequestUri.Uri;
}
}
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(requestUri);
request.Method = httpMethod;
if (Service.UseAuthorizationHeader)
request.Headers.Add(HttpRequestHeader.Authorization, authParameters.ToHeader());
if (!String.IsNullOrEmpty(contentType)) {
request.ContentType = contentType;
if (bodyStream != null) {
if (bodyStream.CanSeek)
request.ContentLength = bodyStream.Length;
StreamCopier.CopyTo(bodyStream, request.GetRequestStream());
}
}
return request;
}
private HttpWebRequest CreateRequest(Uri requestUri, OAuthParameters authParameters, string httpMethod, string contentType, Stream bodyStream)
{
NameValueCollection requestSpecificParameters = new NameValueCollection(authParameters.AdditionalParameters);
if (!Service.UseAuthorizationHeader)
{
////The OAuth params need to be added either into the querystring or into the post body.
requestSpecificParameters.Add(authParameters.OAuthRequestParams());
}
if (HttpPostUrlEncodedContentTypeRegex.IsMatch(contentType) && bodyStream == null)
{
////All the requestSpecificParameters need to be encoded into the body bytes
string body = Rfc3986.EncodeAndJoin(requestSpecificParameters);
bodyStream = new MemoryStream(Encoding.ASCII.GetBytes(body));
}
else
{
////They go into the querystring.
string query = Rfc3986.EncodeAndJoin(requestSpecificParameters);
if (!string.IsNullOrEmpty(query))
{
UriBuilder mutableRequestUri = new UriBuilder(requestUri);
if (string.IsNullOrEmpty(mutableRequestUri.Query))
{
mutableRequestUri.Query = query;
}
else
{
mutableRequestUri.Query = mutableRequestUri.Query.Substring(1) + "&" + query;
}
requestUri = mutableRequestUri.Uri;
}
}
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(requestUri);
request.Method = httpMethod;
if (Service.UseAuthorizationHeader)
{
request.Headers.Add(HttpRequestHeader.Authorization, authParameters.ToHeader());
}
if (!String.IsNullOrEmpty(contentType))
{
request.ContentType = contentType;
if (bodyStream != null)
{
if (bodyStream.CanSeek)
{
request.ContentLength = bodyStream.Length;
}
StreamCopier.CopyTo(bodyStream, request.GetRequestStream());
}
}
return(request);
}
public Uri BuildAuthorizationUrl(IToken token, NameValueCollection additionalParameters)
{
if (token.Type == TokenType.Request) {
OAuthParameters authParameters = new OAuthParameters();
authParameters.Token = token.Token;
if (additionalParameters != null)
authParameters.AdditionalParameters.Add(additionalParameters);
// Construct final authorization Uri (HTTP method must be GET)
string query = authParameters.ToQueryString();
UriBuilder authUri = new UriBuilder(AuthorizationUrl);
if (String.IsNullOrEmpty(authUri.Query))
authUri.Query = query;
else
authUri.Query = authUri.Query.Substring(1) + "&" + query;
return authUri.Uri;
}
throw new ArgumentException("Invalid token type for Authorization");
}
public OAuthRequestToken(string token, string secret, IConsumer consumer, TokenStatus status, OAuthParameters parameters, IIdentity user, string[] roles)
{
if (string.IsNullOrEmpty(token))
{
throw new ArgumentException("token must not be null or empty", "token");
}
if (secret == null)
{
throw new ArgumentNullException("secret", "secret must not be null");
}
if (consumer == null)
{
throw new ArgumentNullException("consumer", "consumer must not be null");
}
if (roles == null)
{
throw new ArgumentNullException("roles", "roles must not be null");
}
this.token = token;
this.secret = secret;
this.status = status;
consumerKey = consumer.Key;
this.parameters = parameters;
this.user = user;
this.roles = roles;
}
public IRequestToken CreateRequestToken(IConsumer consumer, OAuthParameters parameters)
{
return new OAuthRequestToken(Guid.NewGuid().ToString(Format), Guid.NewGuid().ToString(Format), consumer,
TokenStatus.Unauthorized, parameters, null, new string[] {});
}
internal static OAuthParameters DoParse(string authHeader, string wwwAuthHeader, NameValueCollection form, NameValueCollection queryString, OAuthParameterSources sources, bool validateParameters)
{
if (sources == OAuthParameterSources.None)
{
throw new ArgumentException("sources must not be OAuthParameterSources.None", "sources");
}
bool useAuthHeader = (sources & OAuthParameterSources.AuthorizationHeader) == OAuthParameterSources.AuthorizationHeader;
bool useWwwAuthHeader = (sources & OAuthParameterSources.AuthenticateHeader) == OAuthParameterSources.AuthenticateHeader;
bool usePost = (sources & OAuthParameterSources.PostBody) == OAuthParameterSources.PostBody;
bool useQueryString = (sources & OAuthParameterSources.QueryString) == OAuthParameterSources.QueryString;
NameValueCollection authHeaderParams = useAuthHeader ? ParseAuthHeader(authHeader) : null;
NameValueCollection wwwAuthHeaderParams = useWwwAuthHeader ? ParseAuthHeader(wwwAuthHeader) : null;
NameValueCollection postParams = usePost ? form : null;
NameValueCollection queryStringParams = useQueryString ? queryString : null;
// Do validation if required
if (validateParameters)
{
/*
* Check for any duplicated OAuth parameters
*/
ResultInfo <string[]> result = CheckForDuplicateReservedParameters(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
{
throw new ParametersRejectedException(null, result);
}
/*
* Check for non-reserved parameters prefixed with oauth_
*/
result = CheckForInvalidParameterNames(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
{
throw new ParametersRejectedException(null, result);
}
}
OAuthParameters parameters = new OAuthParameters();
parameters.Callback = GetParam(OAuthParameterKeys.Callback, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.ConsumerKey = GetParam(OAuthParameterKeys.ConsumerKey, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Nonce = GetParam(OAuthParameterKeys.Nonce, authHeaderParams, postParams, wwwAuthHeaderParams,
queryStringParams);
parameters.Realm = authHeaderParams != null ? authHeaderParams[OAuthParameterKeys.Realm] : null;
parameters.Signature = GetParam(OAuthParameterKeys.Signature, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.SignatureMethod = GetParam(OAuthParameterKeys.SignatureMethod, wwwAuthHeaderParams, authHeaderParams,
postParams, queryStringParams);
parameters.Timestamp = GetParam(OAuthParameterKeys.Timestamp, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Token = GetParam(OAuthParameterKeys.Token, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.TokenSecret = GetParam(OAuthParameterKeys.TokenSecret, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Version = GetParam(OAuthParameterKeys.Version, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Verifier = GetParam(OAuthParameterKeys.Verifier, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.additionalParameters = GetNonOAuthParameters(wwwAuthHeaderParams, postParams, queryStringParams);
return(parameters);
}
private void SignParameters(Uri requestUri, string httpMethod, OAuthParameters authParameters, IToken token) {
// Check there is a signing provider for the signature method
ISignProvider signingProvider = context.GetSignProvider(Service.SignatureMethod);
if (signingProvider == null)
// There is no signing provider for this signature method
throw new OAuthRequestException(null, OAuthProblemTypes.SignatureMethodRejected);
// Double check the signing provider declares that it can handle the signature method
if (!signingProvider.SignatureMethod.Equals(Service.SignatureMethod))
throw new OAuthRequestException(null, OAuthProblemTypes.SignatureMethodRejected);
// Compute the signature
authParameters.Sign(requestUri, httpMethod, Service.Consumer, token, signingProvider);
}
public IRequestToken CreateRequestToken(IConsumer consumer, OAuthParameters parameters)
{
return(new OAuthRequestToken(Guid.NewGuid().ToString(Format), Guid.NewGuid().ToString(Format), consumer,
TokenStatus.Unauthorized, parameters, null, new string[] {}));
}
private OAuthParameters CreateOAuthParameters(NameValueCollection additionalParameters) {
int timestamp = UnixTime.ToUnixTime(DateTime.Now);
OAuthParameters authParameters = new OAuthParameters();
authParameters.ConsumerKey = Service.Consumer.Key;
authParameters.Realm = Service.Realm;
authParameters.SignatureMethod = Service.SignatureMethod;
authParameters.Timestamp = timestamp.ToString(CultureInfo.InvariantCulture);
authParameters.Nonce = context.NonceGenerator.GenerateNonce(timestamp);
authParameters.Version = Service.OAuthVersion;
if (additionalParameters != null && additionalParameters.Count > 0)
authParameters.AdditionalParameters.Add(additionalParameters);
return authParameters;
}
public OAuthParameters Clone()
{
var clone = new OAuthParameters();
foreach (KeyValuePair<string, string> item in parameters)
clone.parameters[item.Key] = item.Value;
clone.additionalParameters = new NameValueCollection(additionalParameters);
return clone;
}
