/// <summary>
/// Parse the OAuth AuthenticationHeaderValue.Parameter into a NameValueCollection.
/// </summary>
/// <param name="authorizationHeader">The AuthorizationHeaderValue to parse.</param>
/// <returns>A NameValueCollection of all the parameters found.</returns>
public static NameValueCollection ParseOAuthAuthorizationHeader(this AuthenticationHeaderValue authorizationHeader)
{
if (!authorizationHeader.Scheme.Equals(OAuthConstants.AuthScheme))
{
throw new LtiException("Invalid Authorization scheme");
}
var parameters = new NameValueCollection();
foreach (var pair in authorizationHeader.Parameter.Split(','))
{
var keyValue = pair.Split('=');
var key = keyValue[0].Trim();
// Ignore unknown parameters
if (!OAuthConstants.OAuthParameters.Any(p => p.Equals(key)))
continue;
var value = WebUtility.UrlDecode(keyValue[1].Trim('"'));
parameters.AddParameter(key, value);
}
return parameters;
}
private static HttpWebRequest CreateLtiOutcomesRequest(imsx_POXEnvelopeType imsxEnvelope, string url, string consumerKey, string consumerSecret)
{
var webRequest = (HttpWebRequest) WebRequest.Create(url);
webRequest.Method = "POST";
webRequest.ContentType = "application/xml";
var parameters = new NameValueCollection();
parameters.AddParameter(OAuthConstants.ConsumerKeyParameter, consumerKey);
parameters.AddParameter(OAuthConstants.NonceParameter, Guid.NewGuid().ToString());
parameters.AddParameter(OAuthConstants.SignatureMethodParameter, OAuthConstants.SignatureMethodHmacSha1);
parameters.AddParameter(OAuthConstants.VersionParameter, OAuthConstants.Version10);
// Calculate the timestamp
var ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0);
var timestamp = Convert.ToInt64(ts.TotalSeconds);
parameters.AddParameter(OAuthConstants.TimestampParameter, timestamp);
// Calculate the body hash
using (var ms = new MemoryStream())
using (var sha1 = new SHA1CryptoServiceProvider())
{
ImsxRequestSerializer.Serialize(ms, imsxEnvelope);
ms.Position = 0;
ms.CopyTo(webRequest.GetRequestStream());
var hash = sha1.ComputeHash(ms.ToArray());
var hash64 = Convert.ToBase64String(hash);
parameters.AddParameter(OAuthConstants.BodyHashParameter, hash64);
}
// Calculate the signature
var signature = OAuthUtility.GenerateSignature(webRequest.Method, webRequest.RequestUri, parameters,
consumerSecret);
parameters.AddParameter(OAuthConstants.SignatureParameter, signature);
// Build the Authorization header
var authorization = new StringBuilder(OAuthConstants.AuthScheme).Append(" ");
foreach (var key in parameters.AllKeys)
{
authorization.AppendFormat("{0}=\"{1}\",", key, WebUtility.UrlEncode(parameters[key]));
}
webRequest.Headers["Authorization"] = authorization.ToString(0, authorization.Length - 1);
return webRequest;
}
