public void AccessTokenWithHmacSha1() { IOAuthSession session = CreateConsumer(SignatureMethod.HmacSha1); IOAuthContext context = session.BuildAccessTokenContext("GET", "client_auth", "username", "password").Context; context.TokenSecret = null; IToken accessToken = provider.CreateAccessToken(context); Assert.Equal("accesskey", accessToken.Token); Assert.Equal("accesssecret", accessToken.TokenSecret); }
/// <summary> /// Create a authorise token from the request. /// </summary> /// <param name="rawUri">A System.Uri object containing information regarding the URL of the current request.</param> /// <param name="queryString">The collection of HTTP query string variables.</param> /// <param name="form">The collection of form variables.</param> /// <param name="headers">The collection of HTTP headers.</param> /// <param name="cookies">The collection of cookies sent by the client.</param> /// <param name="isApprovedByUser">Has the user approved the client to access the resources.</param> /// <returns>The formatted redirect url; else null.</returns> public string CreateAuthoriseToken(Uri rawUri, NameValueCollection queryString, NameValueCollection form, NameValueCollection headers, HttpCookieCollection cookies, bool isApprovedByUser = false) { try { // Make sure that all the passed parameters are valid. if (rawUri == null) { throw new ArgumentNullException("rawUri"); } if (queryString == null) { throw new ArgumentNullException("queryString"); } if (form == null) { throw new ArgumentNullException("form"); } if (headers == null) { throw new ArgumentNullException("headers"); } if (cookies == null) { throw new ArgumentNullException("cookies"); } // Only process if the user has approved the request. if (isApprovedByUser) { // Make sure that all the maditory OAuth parameters // have been passed to the provider from the consumer OAuthProblemReport validate = new OAuthProblemReport(queryString); validate.ValidateAuthoriseParametersAbsent(queryString); string validationError = validate.ToString(); // If any of the maditory OAuth parameters are missing. if (!String.IsNullOrEmpty(validationError)) { throw new OAuthException(OAuthProblemParameters.ParameterAbsent, "Absent Parameters", new Exception(validationError)); } // Create an assign each manditory parameter. IOAuthContext context = new OAuthContextProvider(); context.RawUri = rawUri; context.RequestMethod = "GET"; context.Headers = headers; context.QueryParameters = queryString; context.FormEncodedParameters = form; context.Token = queryString[Parameters.OAuth_Token]; context.CallbackUrl = queryString[Parameters.OAuth_Callback]; string companyUniqueUserID = queryString[Parameters.Company_Unique_User_Identifier]; // Assign each optional parameter GetOptionalAuthoriseParameters(context, queryString); // Create a new OAuth provider. _oAuthProvider = new OAuthProvider(_tokenStore, new NonceStoreInspector(_nonceStore), new TimestampRangeInspector(new TimeSpan(1, 0, 0)), new ConsumerValidationInspector(_consumerStore), new XAuthValidationInspector(ValidateXAuthMode, AuthenticateXAuthUsernameAndPassword)); // Create the access token from the stores, and create a new verification code. string verifier = _consumerStore.SetVerificationCode(context, companyUniqueUserID); IToken token = _oAuthProvider.CreateAccessToken(context); // Create the parameter response. NameValueCollection parameters = new NameValueCollection(); parameters[Parameters.OAuth_Token] = token.Token; parameters[Parameters.OAuth_Verifier] = verifier; // Return the token callback query string.. return(context.CallbackUrl + "?" + UriUtility.FormatQueryString(parameters)); } else { throw new OAuthException(OAuthProblemParameters.PermissionDenied, "Authorisation Denied", new Exception("User has denied access")); } } catch (OAuthException aex) { // Get the current token errors. _tokenError = aex.Report.ToString(); return(null); } catch (Exception ex) { // Transform the execption. OAuthException OAuthException = new OAuthException(OAuthProblemParameters.ParameterRejected, ex.Message, ex); // Get the current token errors. _tokenError = OAuthException.Report.ToString(); return(null); } }