public void AccessTokenWithHmacSha1()
{
IOAuthSession session = CreateConsumer(SignatureMethod.HmacSha1);
IOAuthContext context = session.BuildAccessTokenContext("GET", "client_auth", "username", "password").Context;
context.TokenSecret = null;
IToken accessToken = provider.CreateAccessToken(context);
Assert.Equal("accesskey", accessToken.Token);
Assert.Equal("accesssecret", accessToken.TokenSecret);
}
/// <summary>
/// Create a authorise token from the request.
/// </summary>
/// <param name="rawUri">A System.Uri object containing information regarding the URL of the current request.</param>
/// <param name="queryString">The collection of HTTP query string variables.</param>
/// <param name="form">The collection of form variables.</param>
/// <param name="headers">The collection of HTTP headers.</param>
/// <param name="cookies">The collection of cookies sent by the client.</param>
/// <param name="isApprovedByUser">Has the user approved the client to access the resources.</param>
/// <returns>The formatted redirect url; else null.</returns>
public string CreateAuthoriseToken(Uri rawUri, NameValueCollection queryString,
NameValueCollection form, NameValueCollection headers, HttpCookieCollection cookies, bool isApprovedByUser = false)
{
try
{
// Make sure that all the passed parameters are valid.
if (rawUri == null)
{
throw new ArgumentNullException("rawUri");
}
if (queryString == null)
{
throw new ArgumentNullException("queryString");
}
if (form == null)
{
throw new ArgumentNullException("form");
}
if (headers == null)
{
throw new ArgumentNullException("headers");
}
if (cookies == null)
{
throw new ArgumentNullException("cookies");
}
// Only process if the user has approved the request.
if (isApprovedByUser)
{
// Make sure that all the maditory OAuth parameters
// have been passed to the provider from the consumer
OAuthProblemReport validate = new OAuthProblemReport(queryString);
validate.ValidateAuthoriseParametersAbsent(queryString);
string validationError = validate.ToString();
// If any of the maditory OAuth parameters are missing.
if (!String.IsNullOrEmpty(validationError))
{
throw new OAuthException(OAuthProblemParameters.ParameterAbsent, "Absent Parameters", new Exception(validationError));
}
// Create an assign each manditory parameter.
IOAuthContext context = new OAuthContextProvider();
context.RawUri = rawUri;
context.RequestMethod = "GET";
context.Headers = headers;
context.QueryParameters = queryString;
context.FormEncodedParameters = form;
context.Token = queryString[Parameters.OAuth_Token];
context.CallbackUrl = queryString[Parameters.OAuth_Callback];
string companyUniqueUserID = queryString[Parameters.Company_Unique_User_Identifier];
// Assign each optional parameter
GetOptionalAuthoriseParameters(context, queryString);
// Create a new OAuth provider.
_oAuthProvider = new OAuthProvider(_tokenStore,
new NonceStoreInspector(_nonceStore),
new TimestampRangeInspector(new TimeSpan(1, 0, 0)),
new ConsumerValidationInspector(_consumerStore),
new XAuthValidationInspector(ValidateXAuthMode, AuthenticateXAuthUsernameAndPassword));
// Create the access token from the stores, and create a new verification code.
string verifier = _consumerStore.SetVerificationCode(context, companyUniqueUserID);
IToken token = _oAuthProvider.CreateAccessToken(context);
// Create the parameter response.
NameValueCollection parameters = new NameValueCollection();
parameters[Parameters.OAuth_Token] = token.Token;
parameters[Parameters.OAuth_Verifier] = verifier;
// Return the token callback query string..
return(context.CallbackUrl + "?" + UriUtility.FormatQueryString(parameters));
}
else
{
throw new OAuthException(OAuthProblemParameters.PermissionDenied, "Authorisation Denied", new Exception("User has denied access"));
}
}
catch (OAuthException aex)
{
// Get the current token errors.
_tokenError = aex.Report.ToString();
return(null);
}
catch (Exception ex)
{
// Transform the execption.
OAuthException OAuthException =
new OAuthException(OAuthProblemParameters.ParameterRejected, ex.Message, ex);
// Get the current token errors.
_tokenError = OAuthException.Report.ToString();
return(null);
}
}
