/// <summary>
/// Generates a <see cref="OAuthWebQueryInfo"/> instance to pass to an
/// <see cref="IAuthenticator" /> for the purpose of requesting an
/// unauthorized request token.
/// </summary>
/// <param name="method">The HTTP method for the intended request</param>
/// <param name="parameters">Any existing, non-OAuth query parameters desired in the request</param>
/// <seealso cref="http://oauth.net/core/1.0#anchor9"/>
/// <returns></returns>
public virtual OAuthWebQueryInfo BuildRequestTokenInfo(string method, WebParameterCollection parameters)
{
ValidateTokenRequestState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
AddAuthParameters(parameters, timestamp, nonce);
var signatureBase = OAuthTools.ConcatenateRequestElements(method, RequestTokenUrl, parameters);
var signature = OAuthTools.GetSignature(SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret);
var info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = ParameterHandling,
ConsumerKey = ConsumerKey,
SignatureMethod = SignatureMethod.ToRequestValue(),
SignatureTreatment = SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = Version ?? "1.0",
Callback = OAuthTools.UrlEncodeRelaxed(CallbackUrl ?? ""),
TokenSecret = TokenSecret,
ConsumerSecret = ConsumerSecret
};
return info;
}
/// <summary>
/// Creates a request elements concatentation value to send with a request.
/// This is also known as the signature base.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.1.3"/>
/// <seealso cref="http://oauth.net/core/1.0#sig_base_example"/>
/// <param name="method">The request's HTTP method type</param>
/// <param name="url">The request URL</param>
/// <param name="parameters">The request's parameters</param>
/// <returns>A signature base string</returns>
public static string ConcatenateRequestElements(string method, string url, WebParameterCollection parameters)
{
StringBuilder sb = new StringBuilder();
// Separating &'s are not URL encoded
string requestMethod = method.ToUpper().Then("&");
string requestUrl = UrlEncodeRelaxed(ConstructRequestUrl(url.AsUri())).Then("&");
string requestParameters = UrlEncodeRelaxed(NormalizeRequestParameters(parameters));
sb.Append(requestMethod);
sb.Append(requestUrl);
sb.Append(requestParameters);
return(sb.ToString());
}
public static WebParameterCollection SortParametersExcludingSignature(WebParameterCollection parameters)
{
WebParameterCollection webParameterCollection = new WebParameterCollection(parameters);
IEnumerable <WebPair> parameters2 = from n in webParameterCollection
where n.Name.EqualsIgnoreCase("oauth_signature")
select n;
webParameterCollection.RemoveAll(parameters2);
webParameterCollection.ForEach(delegate(WebPair p)
{
p.Name = UrlEncodeStrict(p.Name);
p.Value = UrlEncodeStrict(p.Value);
});
webParameterCollection.Sort((WebPair x, WebPair y) => (string.CompareOrdinal(x.Name, y.Name) != 0) ? string.CompareOrdinal(x.Name, y.Name) : string.CompareOrdinal(x.Value, y.Value));
return(webParameterCollection);
}
public virtual OAuthWebQueryInfo BuildProtectedResourceInfo(string method, WebParameterCollection parameters, string url)
{
ValidateProtectedResourceState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
Uri uri = new Uri(url);
NameValueCollection nameValueCollection = HttpUtility.ParseQueryString(uri.Query);
string[] allKeys = nameValueCollection.AllKeys;
foreach (string name in allKeys)
{
string text = method.ToUpperInvariant();
if (text != null && text == "POST")
{
parameters.Add(new HttpPostParameter(name, nameValueCollection[name]));
}
else
{
parameters.Add(name, nameValueCollection[name]);
}
}
string timestamp = OAuthTools.GetTimestamp();
string nonce = OAuthTools.GetNonce();
AddAuthParameters(parameters, timestamp, nonce);
string signatureBase = OAuthTools.ConcatenateRequestElements(method, url, parameters);
string signature = OAuthTools.GetSignature(SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret, TokenSecret);
OAuthWebQueryInfo oAuthWebQueryInfo = new OAuthWebQueryInfo();
oAuthWebQueryInfo.WebMethod = method;
oAuthWebQueryInfo.ParameterHandling = ParameterHandling;
oAuthWebQueryInfo.ConsumerKey = ConsumerKey;
oAuthWebQueryInfo.Token = Token;
oAuthWebQueryInfo.SignatureMethod = SignatureMethod.ToRequestValue();
oAuthWebQueryInfo.SignatureTreatment = SignatureTreatment;
oAuthWebQueryInfo.Signature = signature;
oAuthWebQueryInfo.Timestamp = timestamp;
oAuthWebQueryInfo.Nonce = nonce;
oAuthWebQueryInfo.Version = (Version ?? "1.0");
oAuthWebQueryInfo.Callback = CallbackUrl;
oAuthWebQueryInfo.ConsumerSecret = ConsumerSecret;
oAuthWebQueryInfo.TokenSecret = TokenSecret;
return(oAuthWebQueryInfo);
}
/// <summary>
/// Sorts a <see cref="WebParameterCollection"/> by name, and then value if equal.
/// </summary>
/// <param name="parameters">A collection of parameters to sort</param>
/// <returns>A sorted parameter collection</returns>
public static WebParameterCollection SortParametersExcludingSignature(WebParameterCollection parameters)
{
WebParameterCollection copy = new WebParameterCollection(parameters);
IEnumerable <WebPair> exclusions = copy.Where(n => n.Name.EqualsIgnoreCase("oauth_signature"));
copy.RemoveAll(exclusions);
copy.ForEach(p =>
{
p.Name = UrlEncodeStrict(p.Name);
p.Value = UrlEncodeStrict(p.Value);
});
copy.Sort((x, y) => string.CompareOrdinal(x.Name, y.Name) != 0
? string.CompareOrdinal(x.Name, y.Name)
: string.CompareOrdinal(x.Value, y.Value));
return(copy);
}
/// <summary>
/// Generates a <see cref="OAuthWebQueryInfo" /> instance to pass to an
/// <see cref="IAuthenticator" /> for the purpose of exchanging user credentials
/// for an access token authorized by the user at the Service Provider site.
/// </summary>
/// <param name="method">The HTTP method for the intended request</param>
/// <param name="parameters">Any existing, non-OAuth query parameters desired in the request</param>
public virtual OAuthWebQueryInfo BuildClientAuthAccessTokenInfo(
string method,
WebParameterCollection parameters
)
{
ValidateClientAuthAccessRequestState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
var uri = new Uri(AccessTokenUrl);
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
AddXAuthParameters(parameters, timestamp, nonce);
var signatureBase = OAuthTools.ConcatenateRequestElements(method, uri.ToString(), parameters);
var signature = OAuthTools.GetSignature(
SignatureMethod, SignatureTreatment, signatureBase,
ConsumerSecret
);
var info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = ParameterHandling,
ClientMode = "client_auth",
ClientUsername = ClientUsername,
ClientPassword = ClientPassword,
ConsumerKey = ConsumerKey,
SignatureMethod = SignatureMethod.ToRequestValue(),
SignatureTreatment = SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = Version ?? "1.0",
TokenSecret = TokenSecret,
ConsumerSecret = ConsumerSecret
};
return(info);
}
private void AddXAuthParameters(ICollection <WebPair> parameters, string timestamp, string nonce)
{
WebParameterCollection webParameterCollection = new WebParameterCollection();
webParameterCollection.Add(new WebPair("x_auth_username", ClientUsername));
webParameterCollection.Add(new WebPair("x_auth_password", ClientPassword));
webParameterCollection.Add(new WebPair("x_auth_mode", "client_auth"));
webParameterCollection.Add(new WebPair("oauth_consumer_key", ConsumerKey));
webParameterCollection.Add(new WebPair("oauth_signature_method", SignatureMethod.ToRequestValue()));
webParameterCollection.Add(new WebPair("oauth_timestamp", timestamp));
webParameterCollection.Add(new WebPair("oauth_nonce", nonce));
webParameterCollection.Add(new WebPair("oauth_version", Version ?? "1.0"));
WebParameterCollection webParameterCollection2 = webParameterCollection;
foreach (WebPair item in webParameterCollection2)
{
parameters.Add(item);
}
}
private void AddXAuthParameters(ICollection <WebPair> parameters, string timestamp, string nonce)
{
var authParameters = new WebParameterCollection
{
new WebPair("x_auth_username", ClientUsername),
new WebPair("x_auth_password", ClientPassword),
new WebPair("x_auth_mode", "client_auth"),
new WebPair("oauth_consumer_key", ConsumerKey),
new WebPair("oauth_signature_method", SignatureMethod.ToRequestValue()),
new WebPair("oauth_timestamp", timestamp),
new WebPair("oauth_nonce", nonce),
new WebPair("oauth_version", Version ?? "1.0")
};
foreach (var authParameter in authParameters)
{
parameters.Add(authParameter);
}
}
/// <summary>
/// Generates a <see cref="OAuthWebQueryInfo"/> instance to pass to an
/// <see cref="IAuthenticator" /> for the purpose of exchanging a request token
/// for an access token authorized by the user at the Service Provider site.
/// </summary>
/// <param name="method">The HTTP method for the intended request</param>
/// <seealso cref="http://oauth.net/core/1.0#anchor9"/>
/// <param name="parameters">Any existing, non-OAuth query parameters desired in the request</param>
public virtual OAuthWebQueryInfo BuildAccessTokenInfo(string method, WebParameterCollection parameters)
{
this.ValidateAccessRequestState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
Uri uri = new Uri(this.AccessTokenUrl);
string timestamp = OAuthTools.GetTimestamp();
string nonce = OAuthTools.GetNonce();
this.AddAuthParameters(parameters, timestamp, nonce);
string signatureBase = OAuthTools.ConcatenateRequestElements(method, uri.ToString(), parameters);
string signature = OAuthTools.GetSignature(this.SignatureMethod, this.SignatureTreatment, signatureBase,
this.ConsumerSecret, this.TokenSecret);
OAuthWebQueryInfo info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = this.ParameterHandling,
ConsumerKey = this.ConsumerKey,
Token = this.Token,
SignatureMethod = this.SignatureMethod.ToRequestValue(),
SignatureTreatment = this.SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = this.Version ?? "1.0",
Verifier = this.Verifier,
Callback = this.CallbackUrl,
TokenSecret = this.TokenSecret,
ConsumerSecret = this.ConsumerSecret,
};
return(info);
}
private void AddAuthParameters(ICollection <WebPair> parameters, string timestamp, string nonce)
{
var authParameters = new WebParameterCollection
{
new WebPair("oauth_consumer_key", ConsumerKey),
new WebPair("oauth_nonce", nonce),
new WebPair("oauth_signature_method", SignatureMethod.ToRequestValue()),
new WebPair("oauth_timestamp", timestamp),
new WebPair("oauth_version", Version ?? "1.0")
};
if (!Token.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_token", Token));
}
if (!CallbackUrl.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_callback", CallbackUrl));
}
if (!Verifier.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_verifier", Verifier));
}
if (!SessionHandle.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_session_handle", SessionHandle));
}
foreach (var authParameter in authParameters)
{
parameters.Add(authParameter);
}
}
public virtual OAuthWebQueryInfo BuildProtectedResourceInfo(string method, WebParameterCollection parameters,
string url)
{
this.ValidateProtectedResourceState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
// Include url parameters in query pool
Uri uri = new Uri(url);
#if !SILVERLIGHT && !WINDOWS_PHONE
NameValueCollection urlParameters = HttpUtility.ParseQueryString(uri.Query);
#else
IDictionary <string, string> urlParameters = uri.Query.ParseQueryString();
#endif
#if !SILVERLIGHT && !WINDOWS_PHONE
foreach (string parameter in urlParameters.AllKeys)
#else
foreach (string parameter in urlParameters.Keys)
#endif
{
switch (method.ToUpperInvariant())
{
case "POST":
parameters.Add(new HttpPostParameter(parameter, urlParameters[parameter]));
break;
default:
parameters.Add(parameter, urlParameters[parameter]);
break;
}
}
string timestamp = OAuthTools.GetTimestamp();
string nonce = OAuthTools.GetNonce();
this.AddAuthParameters(parameters, timestamp, nonce);
string signatureBase = OAuthTools.ConcatenateRequestElements(method, url, parameters);
string signature = OAuthTools.GetSignature(this.SignatureMethod, this.SignatureTreatment, signatureBase,
this.ConsumerSecret, this.TokenSecret);
OAuthWebQueryInfo info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = this.ParameterHandling,
ConsumerKey = this.ConsumerKey,
Token = this.Token,
SignatureMethod = this.SignatureMethod.ToRequestValue(),
SignatureTreatment = this.SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = this.Version ?? "1.0",
Callback = this.CallbackUrl,
ConsumerSecret = this.ConsumerSecret,
TokenSecret = this.TokenSecret
};
return(info);
}
public static string NormalizeRequestParameters(WebParameterCollection parameters)
{
WebParameterCollection collection = SortParametersExcludingSignature(parameters);
return(collection.Concatenate("=", "&"));
}
/// <summary>
/// Sorts a <see cref="WebParameterCollection"/> by name, and then value if equal.
/// </summary>
/// <param name="parameters">A collection of parameters to sort</param>
/// <returns>A sorted parameter collection</returns>
public static WebParameterCollection SortParametersExcludingSignature(WebParameterCollection parameters)
{
var copy = new WebParameterCollection(parameters);
var exclusions = copy.Where(n => n.Name.EqualsIgnoreCase("oauth_signature"));
copy.RemoveAll(exclusions);
copy.ForEach(p => p.Value = UrlEncodeStrict(p.Value));
copy.Sort((x, y) => x.Name.Equals(y.Name) ? x.Value.CompareTo(y.Value) : x.Name.CompareTo(y.Name));
return copy;
}
private void AddXAuthParameters(ICollection<WebPair> parameters, string timestamp, string nonce)
{
var authParameters = new WebParameterCollection
{
new WebPair("x_auth_username", ClientUsername),
new WebPair("x_auth_password", ClientPassword),
new WebPair("x_auth_mode", "client_auth"),
new WebPair("oauth_consumer_key", ConsumerKey),
new WebPair("oauth_signature_method", SignatureMethod.ToRequestValue()),
new WebPair("oauth_timestamp", timestamp),
new WebPair("oauth_nonce", nonce),
new WebPair("oauth_version", Version ?? "1.0")
};
foreach (var authParameter in authParameters)
{
parameters.Add(authParameter);
}
}
private void AddAuthParameters(ICollection<WebPair> parameters, string timestamp, string nonce)
{
var authParameters = new WebParameterCollection
{
new WebPair("oauth_consumer_key", ConsumerKey),
new WebPair("oauth_nonce", nonce),
new WebPair("oauth_signature_method", SignatureMethod.ToRequestValue()),
new WebPair("oauth_timestamp", timestamp),
new WebPair("oauth_version", Version ?? "1.0")
};
if (!Token.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_token", Token));
}
if (!CallbackUrl.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_callback", CallbackUrl));
}
if (!Verifier.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_verifier", Verifier));
}
if (!SessionHandle.IsNullOrBlank())
{
authParameters.Add(new WebPair("oauth_session_handle", SessionHandle));
}
foreach (var authParameter in authParameters)
{
parameters.Add(authParameter);
}
}
public virtual OAuthWebQueryInfo BuildProtectedResourceInfo(string method, WebParameterCollection parameters, string url)
{
ValidateProtectedResourceState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
// Include url parameters in query pool
var uri = new Uri(url);
#if !SILVERLIGHT && !WINDOWS_PHONE && !PocketPC && !WINDOWS_UAP
var urlParameters = HttpUtility.ParseQueryString(uri.Query);
#else
var urlParameters = uri.Query.ParseQueryString();
#endif
#if !SILVERLIGHT && !WINDOWS_PHONE && !PocketPC && !WINDOWS_UAP
foreach (var parameter in urlParameters.AllKeys)
#else
foreach (var parameter in urlParameters.Keys)
#endif
{
#if PocketPC
switch (method.ToUpper())
#else
switch (method.ToUpperInvariant())
#endif
{
case "POST":
parameters.Add(new HttpPostParameter(parameter, urlParameters[parameter]));
break;
default:
parameters.Add(parameter, urlParameters[parameter]);
break;
}
}
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
AddAuthParameters(parameters, timestamp, nonce);
var signatureBase = OAuthTools.ConcatenateRequestElements(method, url, parameters);
var signature = OAuthTools.GetSignature(
SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret, TokenSecret);
var info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = ParameterHandling,
ConsumerKey = ConsumerKey,
Token = Token,
SignatureMethod = SignatureMethod.ToRequestValue(),
SignatureTreatment = SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = Version ?? "1.0",
Callback = CallbackUrl,
ConsumerSecret = ConsumerSecret,
TokenSecret = TokenSecret
};
return info;
}
public virtual OAuthWebQueryInfo BuildClientAuthAccessTokenInfo(string method, WebParameterCollection parameters)
{
ValidateClientAuthAccessRequestState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
Uri uri = new Uri(AccessTokenUrl);
string timestamp = OAuthTools.GetTimestamp();
string nonce = OAuthTools.GetNonce();
AddXAuthParameters(parameters, timestamp, nonce);
string signatureBase = OAuthTools.ConcatenateRequestElements(method, uri.ToString(), parameters);
string signature = OAuthTools.GetSignature(SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret);
OAuthWebQueryInfo oAuthWebQueryInfo = new OAuthWebQueryInfo();
oAuthWebQueryInfo.WebMethod = method;
oAuthWebQueryInfo.ParameterHandling = ParameterHandling;
oAuthWebQueryInfo.ClientMode = "client_auth";
oAuthWebQueryInfo.ClientUsername = ClientUsername;
oAuthWebQueryInfo.ClientPassword = ClientPassword;
oAuthWebQueryInfo.ConsumerKey = ConsumerKey;
oAuthWebQueryInfo.SignatureMethod = SignatureMethod.ToRequestValue();
oAuthWebQueryInfo.SignatureTreatment = SignatureTreatment;
oAuthWebQueryInfo.Signature = signature;
oAuthWebQueryInfo.Timestamp = timestamp;
oAuthWebQueryInfo.Nonce = nonce;
oAuthWebQueryInfo.Version = (Version ?? "1.0");
oAuthWebQueryInfo.TokenSecret = TokenSecret;
oAuthWebQueryInfo.ConsumerSecret = ConsumerSecret;
return(oAuthWebQueryInfo);
}
public void Properly_Encodes_Parameter_Names()
{
var postData = new WebParameterCollection { { "name[first]", "Chuck" }, { "name[last]", "Testa" }};
var sortedParams = OAuthTools.SortParametersExcludingSignature(postData);
Assert.Equal("name%5Bfirst%5D", sortedParams[0].Name);
}
/// <summary>
/// Sorts a <see cref="WebParameterCollection"/> by name, and then value if equal.
/// </summary>
/// <param name="parameters">A collection of parameters to sort</param>
/// <returns>A sorted parameter collection</returns>
public static WebParameterCollection SortParametersExcludingSignature(WebParameterCollection parameters)
{
WebParameterCollection copy = new WebParameterCollection(parameters);
IEnumerable<WebPair> exclusions = copy.Where(n => n.Name.EqualsIgnoreCase("oauth_signature"));
copy.RemoveAll(exclusions);
copy.ForEach(p =>
{
p.Name = UrlEncodeStrict(p.Name);
p.Value = UrlEncodeStrict(p.Value);
});
copy.Sort((x, y) => string.CompareOrdinal(x.Name, y.Name) != 0
? string.CompareOrdinal(x.Name, y.Name)
: string.CompareOrdinal(x.Value, y.Value));
return copy;
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
string url = client.BuildUri(request)
.ToString();
int queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
{
url = url.Substring(0, queryStringStart);
}
OAuthWebQueryInfo oauth;
string method = request.Method.ToString()
.ToUpperInvariant();
WebParameterCollection parameters = new WebParameterCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a seperate class for each OAuth version
if (!request.AlwaysMultipartFormData && !request.Files.Any())
{
parameters.AddRange(
client.DefaultParameters
.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)
.Select(p => new WebPair(p.Name, p.Value.ToString())));
parameters.AddRange(
request.Parameters
.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)
.Select(p => new WebPair(p.Name, p.Value.ToString())));
}
else
{
// if we are sending a multipart request, only the "oauth_" parameters should be included in the signature
parameters.AddRange(
client.DefaultParameters
.Where(p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)
&& p.Name.StartsWith("oauth_"))
.Select(p => new WebPair(p.Name, p.Value.ToString())));
parameters.AddRange(
request.Parameters
.Where(p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)
&& p.Name.StartsWith("oauth_"))
.Select(p => new WebPair(p.Name, p.Value.ToString())));
}
switch (this.Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (this.ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddHeader("Authorization", this.GetAuthorizationHeader(parameters));
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", oauth.Signature);
request.Parameters.AddRange(
parameters.Where(p => !p.Name.IsNullOrBlank() &&
(p.Name.StartsWith("oauth_") || p.Name.StartsWith("x_auth_")))
.Select(p => new Parameter
{
Name = p.Name,
Value = HttpUtility.UrlDecode(p.Value),
Type = ParameterType.GetOrPost
}));
break;
default:
throw new ArgumentOutOfRangeException();
}
}
private void AddOAuthData(RestClient client, RestRequest request, OAuthWorkflow workflow)
{
var url = client.BuildUri(request).ToString();
OAuthWebQueryInfo oauth;
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebParameterCollection();
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddHeader("Authorization", GetAuthorizationHeader(parameters));
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", HttpUtility.UrlDecode(oauth.Signature));
foreach (var parameter in parameters)
{
request.AddParameter(parameter.Name, parameter.Value);
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
/// <summary>
/// Sorts a collection of key-value pairs by name, and then value if equal,
/// concatenating them into a single string. This string should be encoded
/// prior to, or after normalization is run.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.1.1"/>
/// <param name="parameters"></param>
/// <returns></returns>
public static string NormalizeRequestParameters(WebParameterCollection parameters)
{
WebParameterCollection copy = SortParametersExcludingSignature(parameters);
string concatenated = copy.Concatenate("=", "&");
return concatenated;
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var url = client.BuildUri(request).ToString();
var queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
url = url.Substring(0, queryStringStart);
OAuthWebQueryInfo oauth;
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebParameterCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a seperate class for each OAuth version
foreach (var p in client.DefaultParameters.Where(p => p.Type == ParameterType.GetOrPost))
{
parameters.Add( new WebPair( p.Name, p.Value.ToString() ) );
}
foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddHeader("Authorization", GetAuthorizationHeader(parameters));
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", oauth.Signature);
foreach (var parameter in parameters.Where(parameter => !parameter.Name.IsNullOrBlank() && parameter.Name.StartsWith("oauth_")))
{
request.AddParameter(parameter.Name, HttpUtility.UrlDecode(parameter.Value));
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
/// <summary>
/// Creates a request elements concatentation value to send with a request.
/// This is also known as the signature base.
/// </summary>
/// <seealso cref="http://oauth.net/core/1.0#rfc.section.9.1.3"/>
/// <seealso cref="http://oauth.net/core/1.0#sig_base_example"/>
/// <param name="method">The request's HTTP method type</param>
/// <param name="url">The request URL</param>
/// <param name="parameters">The request's parameters</param>
/// <returns>A signature base string</returns>
public static string ConcatenateRequestElements(string method, string url, WebParameterCollection parameters)
{
StringBuilder sb = new StringBuilder();
// Separating &'s are not URL encoded
string requestMethod = method.ToUpper().Then("&");
string requestUrl = UrlEncodeRelaxed(ConstructRequestUrl(url.AsUri())).Then("&");
string requestParameters = UrlEncodeRelaxed(NormalizeRequestParameters(parameters));
sb.Append(requestMethod);
sb.Append(requestUrl);
sb.Append(requestParameters);
return sb.ToString();
}
public virtual OAuthWebQueryInfo BuildProtectedResourceInfo(string method, WebParameterCollection parameters, string url)
{
ValidateProtectedResourceState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
// Include url parameters in query pool
var uri = new Uri(url);
#if !SILVERLIGHT && !WINDOWS_PHONE && !WindowsCE
var urlParameters = HttpUtility.ParseQueryString(uri.Query);
#else
var urlParameters = uri.Query.ParseQueryString();
#endif
#if !SILVERLIGHT && !WINDOWS_PHONE && !WindowsCE
foreach (var parameter in urlParameters.AllKeys)
#else
foreach (var parameter in urlParameters.Keys)
#endif
{
#if WindowsCE
switch (method.ToUpper(CultureInfo.InvariantCulture))
#else
switch (method.ToUpperInvariant())
#endif
{
case "POST":
parameters.Add(new HttpPostParameter(parameter, urlParameters[parameter]));
break;
default:
parameters.Add(parameter, urlParameters[parameter]);
break;
}
}
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
AddAuthParameters(parameters, timestamp, nonce);
var signatureBase = OAuthTools.ConcatenateRequestElements(method, url, parameters);
var signature = OAuthTools.GetSignature(
SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret, TokenSecret
);
var info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = ParameterHandling,
ConsumerKey = ConsumerKey,
Token = Token,
SignatureMethod = SignatureMethod.ToRequestValue(),
SignatureTreatment = SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = Version ?? "1.0",
Callback = CallbackUrl,
ConsumerSecret = ConsumerSecret,
TokenSecret = TokenSecret
};
return(info);
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var url = client.BuildUri(request).ToString();
OAuthWebQueryInfo oauth;
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebParameterCollection();
// for non-GET style requests make sure params are part of oauth signature
if (request.Method != Method.GET && request.Method != Method.DELETE)
{
foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
}
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddHeader("Authorization", GetAuthorizationHeader(parameters));
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", HttpUtility.UrlDecode(oauth.Signature));
foreach (var parameter in parameters)
{
request.AddParameter(parameter.Name, parameter.Value);
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
/// <summary>
/// Generates a <see cref="OAuthWebQueryInfo"/> instance to pass to an
/// <see cref="IAuthenticator" /> for the purpose of exchanging a request token
/// for an access token authorized by the user at the Service Provider site.
/// </summary>
/// <param name="method">The HTTP method for the intended request</param>
/// <seealso cref="http://oauth.net/core/1.0#anchor9"/>
/// <param name="parameters">Any existing, non-OAuth query parameters desired in the request</param>
public virtual OAuthWebQueryInfo BuildAccessTokenInfo(string method, WebParameterCollection parameters)
{
ValidateAccessRequestState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
var uri = new Uri(AccessTokenUrl);
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
AddAuthParameters(parameters, timestamp, nonce);
var signatureBase = OAuthTools.ConcatenateRequestElements(method, uri.ToString(), parameters);
var signature = OAuthTools.GetSignature(SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret, TokenSecret);
var info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = ParameterHandling,
ConsumerKey = ConsumerKey,
Token = Token,
SignatureMethod = SignatureMethod.ToRequestValue(),
SignatureTreatment = SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = Version ?? "1.0",
Verifier = Verifier,
Callback = CallbackUrl,
TokenSecret = TokenSecret,
ConsumerSecret = ConsumerSecret,
};
return info;
}
/// <summary>
/// Generates a <see cref="OAuthWebQueryInfo"/> instance to pass to an
/// <see cref="IAuthenticator" /> for the purpose of exchanging user credentials
/// for an access token authorized by the user at the Service Provider site.
/// </summary>
/// <param name="method">The HTTP method for the intended request</param>
/// <seealso cref="http://tools.ietf.org/html/draft-dehora-farrell-oauth-accesstoken-creds-00#section-4"/>
/// <param name="parameters">Any existing, non-OAuth query parameters desired in the request</param>
public virtual OAuthWebQueryInfo BuildClientAuthAccessTokenInfo(string method, WebParameterCollection parameters)
{
ValidateClientAuthAccessRequestState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
var uri = new Uri(AccessTokenUrl);
var timestamp = OAuthTools.GetTimestamp();
var nonce = OAuthTools.GetNonce();
AddXAuthParameters(parameters, timestamp, nonce);
var signatureBase = OAuthTools.ConcatenateRequestElements(method, uri.ToString(), parameters);
var signature = OAuthTools.GetSignature(SignatureMethod, SignatureTreatment, signatureBase, ConsumerSecret);
var info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = ParameterHandling,
ClientMode = "client_auth",
ClientUsername = ClientUsername,
ClientPassword = ClientPassword,
ConsumerKey = ConsumerKey,
SignatureMethod = SignatureMethod.ToRequestValue(),
SignatureTreatment = SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = Version ?? "1.0",
TokenSecret = TokenSecret,
ConsumerSecret = ConsumerSecret
};
return info;
}
public virtual OAuthWebQueryInfo BuildProtectedResourceInfo(string method, WebParameterCollection parameters,
string url)
{
this.ValidateProtectedResourceState();
if (parameters == null)
{
parameters = new WebParameterCollection();
}
// Include url parameters in query pool
Uri uri = new Uri(url);
#if !SILVERLIGHT && !WINDOWS_PHONE
NameValueCollection urlParameters = HttpUtility.ParseQueryString(uri.Query);
#else
IDictionary<string, string> urlParameters = uri.Query.ParseQueryString();
#endif
#if !SILVERLIGHT && !WINDOWS_PHONE
foreach (string parameter in urlParameters.AllKeys)
#else
foreach (string parameter in urlParameters.Keys)
#endif
{
switch (method.ToUpperInvariant())
{
case "POST":
parameters.Add(new HttpPostParameter(parameter, urlParameters[parameter]));
break;
default:
parameters.Add(parameter, urlParameters[parameter]);
break;
}
}
string timestamp = OAuthTools.GetTimestamp();
string nonce = OAuthTools.GetNonce();
this.AddAuthParameters(parameters, timestamp, nonce);
string signatureBase = OAuthTools.ConcatenateRequestElements(method, url, parameters);
string signature = OAuthTools.GetSignature(this.SignatureMethod, this.SignatureTreatment, signatureBase,
this.ConsumerSecret, this.TokenSecret);
OAuthWebQueryInfo info = new OAuthWebQueryInfo
{
WebMethod = method,
ParameterHandling = this.ParameterHandling,
ConsumerKey = this.ConsumerKey,
Token = this.Token,
SignatureMethod = this.SignatureMethod.ToRequestValue(),
SignatureTreatment = this.SignatureTreatment,
Signature = signature,
Timestamp = timestamp,
Nonce = nonce,
Version = this.Version ?? "1.0",
Callback = this.CallbackUrl,
ConsumerSecret = this.ConsumerSecret,
TokenSecret = this.TokenSecret
};
return info;
}
