/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.2" />
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(
OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (OAuthTools.IsNullOrBlank(tokenSecret))
{
tokenSecret = string.Empty;
}
consumerSecret = OAuthTools.UrlEncodeRelaxed(consumerSecret);
tokenSecret = OAuthTools.UrlEncodeRelaxed(tokenSecret);
if (signatureMethod != OAuthSignatureMethod.HmacSha1)
{
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
HMACSHA1 hmacshA1 = new HMACSHA1();
string s = consumerSecret + "&" + tokenSecret;
hmacshA1.Key = OAuthTools._encoding.GetBytes(s);
string str = OAuthTools.HashWith(signatureBase, (HashAlgorithm)hmacshA1);
return(signatureTreatment == OAuthSignatureTreatment.Escaped ? OAuthTools.UrlEncodeRelaxed(str) : str);
}
private IEnumerable <KeyValuePair <string, string> > GetOAuthParams(
string consumerKey, string token, string timeStamp, string nonce,
OAuthSignatureMethod sigMethod, string verifier, bool gettingRequestToken)
{
if (String.IsNullOrEmpty(consumerKey))
{
throw new ArgumentNullException("consumerKey");
}
var np = new List <KeyValuePair <string, string> >();
// original parameter
np.Add(new KeyValuePair <string, string>(VersionKey, Version));
np.Add(new KeyValuePair <string, string>(NonceKey, nonce));
np.Add(new KeyValuePair <string, string>(TimestampKey, timeStamp));
np.Add(new KeyValuePair <string, string>(SignatureMethodKey, GetOAuthSignatureMethodValue(sigMethod)));
np.Add(new KeyValuePair <string, string>(ConsumerKeyKey, consumerKey));
if (!String.IsNullOrEmpty(verifier))
{
np.Add(new KeyValuePair <string, string>(VerifierKey, verifier));
}
if (gettingRequestToken)
{
np.Add(new KeyValuePair <string, string>(CallbackKey, "oob")); // out of band
}
else if (!String.IsNullOrEmpty(token))
{
np.Add(new KeyValuePair <string, string>(TokenKey, token));
}
return(np);
}
public static string ToRequestValue(OAuthSignatureMethod signatureMethod)
{
var value = signatureMethod.ToString().ToUpper();
var shaIndex = value.IndexOf("SHA");
return(shaIndex > -1 ? value.Insert(shaIndex, "-") : value);
}
public static string GetSignature(OAuthSignatureMethod signatureMethod, OAuthSignatureTreatment signatureTreatment, string signatureBase, string consumerSecret, string tokenSecret)
{
if (tokenSecret.IsNullOrBlank())
{
tokenSecret = string.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string text;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
HMACSHA1 hMACSHA = new HMACSHA1();
string s = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
hMACSHA.Key = _encoding.GetBytes(s);
text = signatureBase.HashWith(hMACSHA);
break;
}
case OAuthSignatureMethod.PlainText:
text = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
break;
default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
return((signatureTreatment == OAuthSignatureTreatment.Escaped) ? UrlEncodeRelaxed(text) : text);
}
public static string ToRequestValue(this OAuthSignatureMethod signatureMethod)
{
var value = signatureMethod.ToString().ToUpper();
var shaIndex = value.IndexOf("SHA1", StringComparison.Ordinal);
return(shaIndex > -1 ? value.Insert(shaIndex, "-") : value);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret.
/// This method is used when the token secret is currently unknown.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.2" />
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer key</param>
/// <returns></returns>
public static string GetSignature(
OAuthSignatureMethod signatureMethod,
string signatureBase,
string consumerSecret)
{
return(OAuthTools.GetSignature(signatureMethod, OAuthSignatureTreatment.Escaped, signatureBase, consumerSecret, (string)null));
}
public static string ToRequestValue(this OAuthSignatureMethod signatureMethod)
{
string text = signatureMethod.ToString().ToUpper();
int num = text.IndexOf("SHA1");
return((num > -1) ? text.Insert(num, "-") : text);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret.
/// This method is used when the token secret is currently unknown.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer key</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret)
{
return(GetSignature(signatureMethod, signatureTreatment, signatureBase, consumerSecret, null));
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
return(GetSignature(signatureMethod, OAuthSignatureTreatment.Escaped, consumerSecret, tokenSecret));
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod, OAuthSignatureTreatment signatureTreatment,
string signatureBase, string consumerSecret, string tokenSecret)
{
if (tokenSecret.IsNullOrBlank())
{
tokenSecret = string.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
#if !WINDOWS_UWP
HMACSHA1 crypto = new HMACSHA1();
string key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
crypto.Key = encoding.GetBytes(key);
signature = signatureBase.HashWith(crypto);
#else
signature = signatureBase.HashWith(HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha1));
#endif
break;
}
case OAuthSignatureMethod.HmacSha256:
{
HMACSHA256 crypto = new HMACSHA256();
string key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
crypto.Key = encoding.GetBytes(key);
signature = signatureBase.HashWith(crypto);
break;
}
case OAuthSignatureMethod.PlainText:
{
signature = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
break;
}
default:
throw new NotImplementedException("Only HMAC-SHA1 and HMAC-SHA256 are currently supported.");
}
string result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return(result);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (tokenSecret.IsNullOrBlank())
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
#if !PocketPC
case OAuthSignatureMethod.HmacSha1:
{
var key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
#if NETFX_CORE
var crypto = MacAlgorithmProvider.OpenAlgorithm("HMAC_SHA1");
signature = signatureBase.HashWith(_encoding.GetBytes(key), crypto);
#else
var crypto = new HMACSHA1();
crypto.Key = _encoding.GetBytes(key);
signature = signatureBase.HashWith(crypto);
#endif
break;
}
#endif
case OAuthSignatureMethod.PlainText:
{
signature = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
break;
}
default:
#if PocketPC
throw new NotImplementedException("Only PlainText is currently supported.");
#else
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
#endif
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return(result);
}
public static string ToRequestValue(OAuthSignatureMethod signatureMethod)
{
string upper = signatureMethod.ToString().ToUpper();
int startIndex = upper.IndexOf("SHA1");
if (startIndex <= -1)
{
return(upper);
}
return(upper.Insert(startIndex, "-"));
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (IsNullOrBlank(tokenSecret))
{
tokenSecret = String.Empty;
}
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
case OAuthSignatureMethod.HmacSha256:
{
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
var key = string.Concat(consumerSecret, "&", tokenSecret);
#if WINRT
IBuffer keyMaterial = CryptographicBuffer.ConvertStringToBinary(key, _encoding);
string algorithm = OAuthSignatureMethod.HmacSha1 ? MacAlgorithmNames.HmacSha1 : MacAlgorithmNames.HmacSha256;
MacAlgorithmProvider hmacShaProvider = MacAlgorithmProvider.OpenAlgorithm(algorithm);
CryptographicKey macKey = hmacShaProvider.CreateKey(keyMaterial);
IBuffer dataToBeSigned = CryptographicBuffer.ConvertStringToBinary(signatureBase, _encoding);
IBuffer signatureBuffer = CryptographicEngine.Sign(macKey, dataToBeSigned);
signature = CryptographicBuffer.EncodeToBase64String(signatureBuffer);
#else
var crypto = signatureMethod == OAuthSignatureMethod.HmacSha1 ? (HMAC) new HMACSHA1() : new HMACSHA256();
crypto.Key = _encoding.GetBytes(key);
signature = HashWith(signatureBase, crypto);
#endif
break;
}
case OAuthSignatureMethod.RsaSha1:
signature = TextSigner.SignWithRsaSha1(signatureBase, consumerSecret);
break;
default:
throw new NotImplementedException("Only HMAC-SHA1, HMAC-SHA256 and RSA-SHA1 signatures are currently supported.");
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return(result);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known
/// token secret.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.2" />
/// <param name="signatureMethod">
/// The hashing method
/// </param>
/// <param name="signatureTreatment">
/// The treatment to use on a signature value
/// </param>
/// <param name="signatureBase">
/// The signature base
/// </param>
/// <param name="consumerSecret">
/// The consumer secret
/// </param>
/// <param name="tokenSecret">
/// The token secret
/// </param>
/// <returns>
/// </returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod, OAuthSignatureTreatment signatureTreatment, string?signatureBase,
string?consumerSecret, string?tokenSecret)
{
if (string.IsNullOrWhiteSpace(signatureBase))
{
throw new NullReferenceException($"parameter {nameof(signatureBase)} must not be null, empty or whitespace");
}
if (string.IsNullOrWhiteSpace(consumerSecret))
{
throw new NullReferenceException($"parameter {nameof(consumerSecret)} must not be null, empty or whitespace");
}
if (string.IsNullOrWhiteSpace(tokenSecret))
{
tokenSecret = string.Empty;
}
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
var key = string.Concat(consumerSecret, "&", tokenSecret);
var crypto = new HMACSHA1
{
Key = _encoding.GetBytes(key)
};
signature = HashWith(signatureBase, crypto);
break;
}
case OAuthSignatureMethod.RsaSha1:
signature = TextSigner.SignWithRsaSha1(signatureBase, consumerSecret);
break;
default:
throw new NotImplementedException("Only HMAC-SHA1 and RSA-SHA1 signatures are currently supported.");
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return(result);
}
public static OAuth1Authenticator ForAccessToken(string consumerKey, string consumerSecret, string token,
string tokenSecret, OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1)
=> new OAuth1Authenticator
{
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Token = token,
TokenSecret = tokenSecret,
Type = OAuthType.AccessToken
};
public static OAuth1Authenticator ForRequestToken(string consumerKey, string consumerSecret, OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1)
{
OAuth1Authenticator authenticator = new OAuth1Authenticator
{
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Type = OAuthType.RequestToken
};
return authenticator;
}
public static string ToRequestValue(OAuthSignatureMethod signatureMethod)
{
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha256:
return("HMAC-SHA2-256");
case OAuthSignatureMethod.HmacSha1:
return("HMAC-SHA1");
default:
return(null);
}
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret. This method is
/// used when the token secret is currently unknown.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.2" />
/// <param name="signatureMethod">
/// The hashing method
/// </param>
/// <param name="signatureTreatment">
/// The treatment to use on a signature value
/// </param>
/// <param name="signatureBase">
/// The signature base
/// </param>
/// <param name="consumerSecret">
/// The consumer key
/// </param>
/// <returns>
/// </returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod, OAuthSignatureTreatment signatureTreatment, string?signatureBase, string?consumerSecret)
{
if (string.IsNullOrWhiteSpace(signatureBase))
{
throw new NullReferenceException($"parameter {nameof(signatureBase)} must not be null, empty or whitespace");
}
if (string.IsNullOrWhiteSpace(consumerSecret))
{
throw new NullReferenceException($"parameter {nameof(consumerSecret)} must not be null, empty or whitespace");
}
return(GetSignature(signatureMethod, signatureTreatment, signatureBase, consumerSecret, null));
}
public static OAuth1Authenticator ForProtectedResource(string consumerKey, string consumerSecret,
string accessToken, string accessTokenSecret,
OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1)
=> new OAuth1Authenticator
{
Type = OAuthType.ProtectedResource,
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Token = accessToken,
TokenSecret = accessTokenSecret
};
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(
OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string?consumerSecret,
string?tokenSecret
)
{
if (tokenSecret.IsEmpty())
{
tokenSecret = string.Empty;
}
if (consumerSecret.IsEmpty())
{
consumerSecret = string.Empty;
}
var unencodedConsumerSecret = consumerSecret !;
consumerSecret = Uri.EscapeDataString(consumerSecret !);
tokenSecret = Uri.EscapeDataString(tokenSecret !);
var signature = signatureMethod switch
{
HmacSha1 => GetHmacSignature(new HMACSHA1(), consumerSecret, tokenSecret, signatureBase),
HmacSha256 => GetHmacSignature(new HMACSHA256(), consumerSecret, tokenSecret, signatureBase),
RsaSha1 => GetRsaSignature(),
PlainText => $"{consumerSecret}&{tokenSecret}",
_ => throw new NotImplementedException("Only HMAC-SHA1, HMAC-SHA256, and RSA-SHA1 are currently supported.")
};
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return(result);
string GetRsaSignature()
{
using var provider = new RSACryptoServiceProvider { PersistKeyInCsp = false };
provider.FromXmlString2(unencodedConsumerSecret);
var hasher = new SHA1Managed();
var hash = hasher.ComputeHash(Encoding.GetBytes(signatureBase));
return(Convert.ToBase64String(provider.SignHash(hash, CryptoConfig.MapNameToOID("SHA1"))));
}
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (IsNullOrBlank(tokenSecret))
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
var crypto = new HMACSHA1();
var key = string.Concat(consumerSecret, "&", tokenSecret);
crypto.Key = _encoding.GetBytes(key);
signature = HashWith(signatureBase, crypto);
break;
}
case OAuthSignatureMethod.HmacSha256: {
var crypto = new HMACSHA256();
var key = string.Concat(consumerSecret, "&", tokenSecret);
crypto.Key = _encoding.GetBytes(key);
signature = HashWith(signatureBase, crypto);
break;
}
default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return(result);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known
/// token secret.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.2" />
/// <param name="signatureMethod">
/// The hashing method
/// </param>
/// <param name="signatureBase">
/// The signature base
/// </param>
/// <param name="consumerSecret">
/// The consumer secret
/// </param>
/// <param name="tokenSecret">
/// The token secret
/// </param>
/// <returns>
/// </returns>
#pragma warning disable IDE0060 // Remove unused parameter
public static string GetSignature(OAuthSignatureMethod signatureMethod, string?signatureBase, string?consumerSecret, string?tokenSecret)
#pragma warning restore IDE0060 // Remove unused parameter
{
if (string.IsNullOrWhiteSpace(consumerSecret))
{
throw new NullReferenceException($"parameter {nameof(consumerSecret)} must not be null, empty or whitespace");
}
if (string.IsNullOrWhiteSpace(tokenSecret))
{
throw new NullReferenceException($"parameter {nameof(tokenSecret)} must not be null, empty or whitespace");
}
return(GetSignature(signatureMethod, OAuthSignatureTreatment.Escaped, consumerSecret, tokenSecret));
}
public static OAuth1Authenticator ForRequestToken(string consumerKey, string consumerSecret,
OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1)
{
var authenticator = new OAuth1Authenticator
{
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Type = OAuthType.RequestToken
};
return(authenticator);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (tokenSecret.IsNullOrBlank())
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
var key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
var keyMaterial = CryptographicBuffer.ConvertStringToBinary(key, BinaryStringEncoding.Utf8);
var hmacSha1Provider = MacAlgorithmProvider.OpenAlgorithm("HMAC_SHA1");
var macKey = hmacSha1Provider.CreateKey(keyMaterial);
var dataToBeSigned = CryptographicBuffer.ConvertStringToBinary(signatureBase, BinaryStringEncoding.Utf8);
var signatureBuffer = CryptographicEngine.Sign(macKey, dataToBeSigned);
signature = CryptographicBuffer.EncodeToBase64String(signatureBuffer);
break;
}
case OAuthSignatureMethod.PlainText:
{
signature = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
break;
}
default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return(result);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <a href="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (string.IsNullOrEmpty(tokenSecret))
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
var key = string.Format("{0}&{1}", consumerSecret, tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
var keyData = _encoding.GetBytes(key);
#if USE_BOUNCYCASTLE
var digest = new Org.BouncyCastle.Crypto.Digests.Sha1Digest();
var crypto = new Org.BouncyCastle.Crypto.Macs.HMac(digest);
crypto.Init(new Org.BouncyCastle.Crypto.Parameters.KeyParameter(keyData));
signature = signatureBase.HashWith(crypto);
#else
using (var digest = new System.Security.Cryptography.HMACSHA1(keyData))
signature = signatureBase.HashWith(digest);
#endif
break;
}
case OAuthSignatureMethod.PlainText:
{
signature = key;
break;
}
default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return(result);
}
private string GetOAuthSignatureMethodValue(OAuthSignatureMethod sigmethod)
{
switch (sigmethod)
{
case OAuthSignatureMethod.Hmac_Sha1:
return("HMAC-SHA1");
case OAuthSignatureMethod.PlainText:
return("PLAINTEXT");
case OAuthSignatureMethod.Rsa_Sha1:
return("RSA-SHA1");
default:
return(null);
}
}
public static OAuth1Authenticator ForClientAuthentication(
string consumerKey,
string consumerSecret,
string username,
string password,
OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1
)
=> new OAuth1Authenticator
{
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
ClientUsername = username,
ClientPassword = password,
Type = OAuthType.ClientAuthentication
};
public static string ToRequestValue(OAuthSignatureMethod signatureMethod)
{
var shaIndex = -1;
var value = signatureMethod.ToString().ToUpper();
//JOLIVEIRA - Handling SHA1 and SHA256 signature method string
if (value.Contains("SHA1"))
{
shaIndex = value.IndexOf("SHA1");
}
else if (value.Contains("SHA256"))
{
shaIndex = value.IndexOf("SHA256");
}
return(shaIndex > -1 ? value.Insert(shaIndex, "-") : value);
}
private string GetSignature(
Uri uri, string consumerSecret, string tokenSecret,
string joinedParam, OAuthSignatureMethod sigMethod,
string requestMethod)
{
switch (sigMethod)
{
case OAuthSignatureMethod.PlainText:
return(Util.HttpUtility.UrlEncode(consumerSecret + "&" + tokenSecret));
case OAuthSignatureMethod.Hmac_Sha1:
if (String.IsNullOrEmpty(requestMethod))
{
throw new ArgumentNullException("requestMethod");
}
// formatting URI
var regularUrl = uri.Scheme + "://" + uri.Host;
if (!((uri.Scheme == "http" && uri.Port == 80) || (uri.Scheme == "https" && uri.Port == 443)))
{
regularUrl += ":" + uri.Port;
}
regularUrl += uri.AbsolutePath;
// Generate signature
StringBuilder SigSource = new StringBuilder();
SigSource.Append(UrlEncode(requestMethod.ToUpper(), Encoding.UTF8, true) + "&");
SigSource.Append(UrlEncode(regularUrl, Encoding.UTF8, true) + "&");
SigSource.Append(UrlEncode(joinedParam, Encoding.UTF8, true));
// Calcuate hash
using (HMACSHA1 hmacsha1 = new HMACSHA1())
{
hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}&{1}", UrlEncode(consumerSecret, Encoding.UTF8, true), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret, Encoding.UTF8, true)));
return(UrlEncode(ComputeHash(hmacsha1, SigSource.ToString()), Encoding.UTF8, false));
}
case OAuthSignatureMethod.Rsa_Sha1:
throw new NotImplementedException();
default:
throw new ArgumentException("Unknown signature type", "signatureType");
}
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (tokenSecret.IsNullOrBlank())
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
#if NETFX_CORE
throw new NotImplementedException("What goes here?");
#else
var crypto = new HMACSHA1();
var key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
crypto.Key = _encoding.GetBytes(key);
signature = signatureBase.HashWith(crypto);
break;
#endif
}
default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return(result);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (tokenSecret.IsNullOrBlank())
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
var crypto = MacAlgorithmProvider.OpenAlgorithm(MacAlgorithmNames.HmacSha1);
var key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
signature = signatureBase.HashWith(crypto, key);
break;
}
default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return(result);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod, string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (tokenSecret.IsNullOrBlank())
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncode(consumerSecret);
tokenSecret = UrlEncode(tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
var crypto = new HMACSHA1();
var key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
crypto.Key = _encoding.GetBytes(key);
signature = signatureBase.HashWith(crypto);
break;
}
default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
return UrlEncode(signature);
}
public static string ToRequestValue(OAuthSignatureMethod signatureMethod)
{
switch (signatureMethod) {
case OAuthSignatureMethod.HmacSha256:
return "HMAC-SHA2-256";
case OAuthSignatureMethod.HmacSha1:
return "HMAC-SHA1";
default:
return null;
}
}
public static OAuth1Authenticator ForClientAuthentication(string consumerKey, string consumerSecret,
string username, string password, OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1)
{
OAuth1Authenticator authenticator = new OAuth1Authenticator
{
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
ClientUsername = username,
ClientPassword = password,
Type = OAuthType.ClientAuthentication
};
return authenticator;
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (tokenSecret.IsNullOrBlank())
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
#if !PocketPC
case OAuthSignatureMethod.HmacSha1:
{
var crypto = new HMACSHA1();
var key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
crypto.Key = _encoding.GetBytes(key);
signature = signatureBase.HashWith(crypto);
break;
}
#endif
case OAuthSignatureMethod.PlainText:
{
signature = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
break;
}
default:
#if PocketPC
throw new NotImplementedException("Only PlainText is currently supported.");
#else
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
#endif
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return result;
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (IsNullOrBlank(tokenSecret))
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
var key = string.Concat(consumerSecret, "&", tokenSecret);
var crypto = new HMACSHA1(_encoding.GetBytes(key));
signature = HashWith(signatureBase, crypto);
break;
}
default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return result;
}
public static string ToRequestValue(OAuthSignatureMethod signatureMethod)
{
var value = signatureMethod.ToString().ToUpper();
var shaIndex = value.IndexOf("SHA1");
return shaIndex > -1 ? value.Insert(shaIndex, "-") : value;
}
private IEnumerable<KeyValuePair<string, string>> GetOAuthParams(
string consumerKey, string token, string timeStamp, string nonce,
OAuthSignatureMethod sigMethod, string verifier, bool gettingRequestToken)
{
if (String.IsNullOrEmpty(consumerKey))
throw new ArgumentNullException("consumerKey");
var np = new List<KeyValuePair<string, string>>();
// original parameter
np.Add(new KeyValuePair<string, string>(VersionKey, Version));
np.Add(new KeyValuePair<string, string>(NonceKey, nonce));
np.Add(new KeyValuePair<string, string>(TimestampKey, timeStamp));
np.Add(new KeyValuePair<string, string>(SignatureMethodKey, GetOAuthSignatureMethodValue(sigMethod)));
np.Add(new KeyValuePair<string, string>(ConsumerKeyKey, consumerKey));
if (!String.IsNullOrEmpty(verifier))
np.Add(new KeyValuePair<string, string>(VerifierKey, verifier));
if (gettingRequestToken)
np.Add(new KeyValuePair<string, string>(CallbackKey, "oob")); // out of band
else if (!String.IsNullOrEmpty(token))
np.Add(new KeyValuePair<string, string>(TokenKey, token));
return np;
}
private string GetOAuthSignatureMethodValue(OAuthSignatureMethod sigmethod)
{
switch (sigmethod)
{
case OAuthSignatureMethod.Hmac_Sha1:
return "HMAC-SHA1";
case OAuthSignatureMethod.PlainText:
return "PLAINTEXT";
case OAuthSignatureMethod.Rsa_Sha1:
return "RSA-SHA1";
default:
return null;
}
}
private string GetSignature(
Uri uri, string consumerSecret, string tokenSecret,
string joinedParam, OAuthSignatureMethod sigMethod,
string requestMethod)
{
switch (sigMethod)
{
case OAuthSignatureMethod.PlainText:
return Util.HttpUtility.UrlEncode(consumerSecret + "&" + tokenSecret);
case OAuthSignatureMethod.Hmac_Sha1:
if (String.IsNullOrEmpty(requestMethod))
throw new ArgumentNullException("requestMethod");
// formatting URI
var regularUrl = uri.Scheme + "://" + uri.Host;
if (!((uri.Scheme == "http" && uri.Port == 80) || (uri.Scheme == "https" && uri.Port == 443)))
regularUrl += ":" + uri.Port;
regularUrl += uri.AbsolutePath;
// Generate signature
StringBuilder SigSource = new StringBuilder();
SigSource.Append(UrlEncode(requestMethod.ToUpper(), Encoding.UTF8, true) + "&");
SigSource.Append(UrlEncode(regularUrl, Encoding.UTF8, true) + "&");
SigSource.Append(UrlEncode(joinedParam, Encoding.UTF8, true));
// Calcuate hash
using (HMACSHA1 hmacsha1 = new HMACSHA1())
{
hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}&{1}", UrlEncode(consumerSecret, Encoding.UTF8, true), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret, Encoding.UTF8, true)));
return UrlEncode(ComputeHash(hmacsha1, SigSource.ToString()), Encoding.UTF8, false);
}
case OAuthSignatureMethod.Rsa_Sha1:
throw new NotImplementedException();
default:
throw new ArgumentException("Unknown signature type", "signatureType");
}
}
public static OAuth1Authenticator ForProtectedResource(string consumerKey, string consumerSecret,
string accessToken, string accessTokenSecret, OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1)
{
OAuth1Authenticator authenticator = new OAuth1Authenticator
{
Type = OAuthType.ProtectedResource,
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Token = accessToken,
TokenSecret = accessTokenSecret
};
return authenticator;
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod, string signatureBase, string consumerSecret,
string tokenSecret)
{
return GetSignature(signatureMethod, OAuthSignatureTreatment.Escaped, consumerSecret, tokenSecret);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret.
/// This method is used when the token secret is currently unknown.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer key</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod, OAuthSignatureTreatment signatureTreatment,
string signatureBase, string consumerSecret)
{
return GetSignature(signatureMethod, signatureTreatment, signatureBase, consumerSecret, null);
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso href="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (IsNullOrBlank(tokenSecret))
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
var key = String.Concat(consumerSecret, "&", tokenSecret);
#if NETFX_CORE
var crypto = MacAlgorithmProvider.OpenAlgorithm(MacAlgorithmNames.HmacSha1);
var cryptoKey = crypto.CreateKey(CryptographicBuffer.ConvertStringToBinary(key, BinaryStringEncoding.Utf8));
signature = HashWith(signatureBase, cryptoKey);
#endif
#if !NETFX_CORE
var crypto = new HMACSHA1();
crypto.Key = _encoding.GetBytes(key);
signature = HashWith(signatureBase, crypto);
#endif
break;
}
default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return result;
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod, OAuthSignatureTreatment signatureTreatment,
string signatureBase, string consumerSecret, string tokenSecret)
{
if (tokenSecret.IsNullOrBlank())
{
tokenSecret = string.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
#if !WINDOWS_UWP
HMACSHA1 crypto = new HMACSHA1();
string key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
crypto.Key = encoding.GetBytes(key);
signature = signatureBase.HashWith(crypto);
#else
signature = signatureBase.HashWith(HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Sha1));
#endif
break;
}
case OAuthSignatureMethod.HmacSha256:
{
HMACSHA256 crypto = new HMACSHA256();
string key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
crypto.Key = encoding.GetBytes(key);
signature = signatureBase.HashWith(crypto);
break;
}
case OAuthSignatureMethod.PlainText:
{
signature = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
break;
}
default:
throw new NotImplementedException("Only HMAC-SHA1 and HMAC-SHA256 are currently supported.");
}
string result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return result;
}
/// <summary>
/// Creates a signature value given a signature base and the consumer secret and a known token secret.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.2"/>
/// <param name="signatureMethod">The hashing method</param>
/// <param name="signatureTreatment">The treatment to use on a signature value</param>
/// <param name="signatureBase">The signature base</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="tokenSecret">The token secret</param>
/// <returns></returns>
public static string GetSignature(OAuthSignatureMethod signatureMethod,
OAuthSignatureTreatment signatureTreatment,
string signatureBase,
string consumerSecret,
string tokenSecret)
{
if (tokenSecret.IsNullOrBlank())
{
tokenSecret = String.Empty;
}
consumerSecret = UrlEncodeRelaxed(consumerSecret);
tokenSecret = UrlEncodeRelaxed(tokenSecret);
string signature;
switch (signatureMethod)
{
case OAuthSignatureMethod.HmacSha1:
{
var key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
var keyMaterial = CryptographicBuffer.ConvertStringToBinary(key, BinaryStringEncoding.Utf8);
var hmacSha1Provider = MacAlgorithmProvider.OpenAlgorithm("HMAC_SHA1");
var macKey = hmacSha1Provider.CreateKey(keyMaterial);
var dataToBeSigned = CryptographicBuffer.ConvertStringToBinary(signatureBase, BinaryStringEncoding.Utf8);
var signatureBuffer = CryptographicEngine.Sign(macKey, dataToBeSigned);
signature = CryptographicBuffer.EncodeToBase64String(signatureBuffer);
break;
}
case OAuthSignatureMethod.PlainText:
{
signature = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
break;
}
default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
}
var result = signatureTreatment == OAuthSignatureTreatment.Escaped
? UrlEncodeRelaxed(signature)
: signature;
return result;
}
