public ConsumerRequest(IOAuthContext context, IOAuthConsumerContext consumerContext, IToken token, ICertificateFactory clientSslCertificateFactory) { _context = context; _consumerContext = consumerContext; _token = token; _clientSslCertificateFactory = clientSslCertificateFactory; }
public void SignContextWithToken(IOAuthContext context, IToken token) { context.Token = token.Token; context.TokenSecret = token.TokenSecret; SignContext(context); }
public void InspectContext(ProviderPhase phase, IOAuthContext context) { if (!_nonceStore.RecordNonceAndCheckIsUnique(context, context.Nonce)) { throw Error.NonceHasAlreadyBeenUsed(context); } }
protected virtual void InspectRequest(IOAuthContext context) { foreach (IContextInspector inspector in _inspectors) { inspector.InspectContext(context); } }
public void InspectContext(ProviderPhase phase, IOAuthContext context) { if (phase != ProviderPhase.CreateAccessToken) { return; } var authMode = context.XAuthMode; if (string.IsNullOrEmpty(authMode)) { throw Error.EmptyXAuthMode(context); } if (!_validateModeFunc(authMode)) { throw Error.InvalidXAuthMode(context); } var username = context.XAuthUsername; if (string.IsNullOrEmpty(username)) { throw Error.EmptyXAuthUsername(context); } var password = context.XAuthPassword; if (string.IsNullOrEmpty(password)) { throw Error.EmptyXAuthPassword(context); } if (!_authenticateFunc(username, password)) { throw Error.FailedXAuthAuthentication(context); } }
static void ValidateCallbackUrlIsPartOfRequest(IOAuthContext context) { if (string.IsNullOrEmpty(context.CallbackUrl)) { throw Error.MissingRequiredOAuthParameter(context, Parameters.OAuth_Callback); } }
public bool AuthenticateClient(IOAuthContext context) { Client actual = ClientRepo.FindClient(context.Client.ClientId); if (actual == null) return false; return actual.ClientSecret == context.Client.ClientSecret; }
public IConsumerRequest CreateConsumerRequest(IOAuthContext context, IOAuthConsumerContext consumerContext, IToken token) { if (context == null) throw new ArgumentNullException("context"); if (consumerContext == null) throw new ArgumentNullException("consumerContext"); return new ConsumerRequest(context, consumerContext, token); }
public RequestForAccessStatus GetStatusOfRequestForAccess(IOAuthContext requestContext) { if (requestContext.ConsumerKey == "key" && requestContext.Token == "requestkey") return RequestForAccessStatus.Granted; return RequestForAccessStatus.Unknown; }
public OAuthException(IConsumerResponse consumerResponse, IOAuthContext requestContext, OAuthProblemReport problemReport) : base(problemReport.ProblemAdvice) { ConsumerResponse = consumerResponse; Report = problemReport; Context = requestContext; }
void AssertContextDoesNotIncludeToken(IOAuthContext context) { if (context.Token != null) { throw Error.RequestForTokenMustNotIncludeTokenInContext(context); } }
public void InspectContext(IOAuthContext context) { if (!_consumerStore.IsConsumer(context)) { throw Error.UnknownConsumerKey(context); } }
public ConsumerRequest(IOAuthSession oauthSession, IOAuthContext context, IOAuthConsumerContext consumerContext, ICertificateFactory clientSslCertificateFactory) { _oauthSession = oauthSession; _context = context; _consumerContext = consumerContext; _clientSslCertificateFactory = clientSslCertificateFactory; }
public void ConsumeRequestToken(IOAuthContext requestContext) { EnsureTestConsumer(requestContext); if (requestContext.Token != "requestkey") throw new OAuthException(requestContext, OAuthProblems.TokenRejected, "The supplied request token is unknown to the provider."); }
public void ConsumeAccessToken(IOAuthContext accessContext) { EnsureTestConsumer(accessContext); if (accessContext.Token != "accesskey") throw new OAuthException(accessContext, OAuthProblems.TokenRejected, "The supplied access token is unknown to the provider."); }
public virtual IToken GrantRequestToken(IOAuthContext context) { AssertContextDoesNotIncludeToken(context); InspectRequest(ProviderPhase.GrantRequestToken, context); return _tokenStore.CreateRequestToken(context); }
public ConsumerRequest(IOAuthContext context, IOAuthConsumerContext consumerContext, IToken token) { if (context == null) throw new ArgumentNullException("context"); if (consumerContext == null) throw new ArgumentNullException("consumerContext"); _context = context; _consumerContext = consumerContext; _token = token; }
public void RequestTokenWithRsaSha1() { IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1); IOAuthContext context = session.BuildRequestTokenContext("GET").Context; IToken token = provider.GrantRequestToken(context); Assert.Equal("requestkey", token.Token); Assert.Equal("requestsecret", token.TokenSecret); }
public static Exception MissingRequiredOAuthParameter(IOAuthContext context, string parameterName) { var exception = new OAuthException(context, OAuthProblems.ParameterAbset, string.Format("Missing required parameter : {0}", parameterName)); exception.Report.ParametersAbsent.Add(parameterName); return(exception); }
public OAuthException(IOAuthContext context, string problem, string advice, Exception innerException) : base(advice, innerException) { Context = context; Report = new OAuthProblemReport() { Problem = problem, ProblemAdvice = advice }; }
public RequestForAccessStatus GetStatusOfRequestForAccess(IOAuthContext requestContext) { if (requestContext.ConsumerKey == "key" && requestContext.Token == "requestkey") { return(RequestForAccessStatus.Granted); } return(RequestForAccessStatus.Unknown); }
public void ConsumeAccessToken(IOAuthContext accessContext) { AccessToken accessToken = GetAccessToken(accessContext); if (accessToken.ExpiryDate < Clock.Now) { throw new OAuthException(accessContext, OAuthProblems.TokenExpired, "Token has expired"); } }
public virtual void InspectContext(ProviderPhase phase, IOAuthContext context) { SigningContext signingContext = CreateSignatureContextForConsumer(context); if (!_signer.ValidateSignature(context, signingContext)) { throw Error.FailedToValidateSignature(context); } }
public static Exception MissingRequiredOAuthParameter(IOAuthContext context, string parameterName) { var exception = new OAuthException(context, OAuthProblems.ParameterAbset, string.Format("Missing required parameter : {0}", parameterName)); exception.Report.ParametersAbsent.Add(parameterName); return exception; }
public virtual void AccessProtectedResourceRequest(IOAuthContext context) { var token = _tokenStore.GetToken(context); if (token != null) context.TokenSecret = token.TokenSecret; InspectRequest(context); _tokenStore.ConsumeAccessToken(context); }
public ActionResult A(IOAuthContext context) { var tokenRepository = new TokenRepository(); var tokenStore = new SampleMemoryTokenStore(tokenRepository); var t = tokenStore.CreateRequestToken(context); return new EmptyResult(); }
IContextSignatureImplementation FindImplementationForAuthContext(IOAuthContext authContext) { IContextSignatureImplementation impl = _implementations.FirstOrDefault(i => i.MethodName == authContext.SignatureMethod); if (impl != null) return impl; throw Error.UnknownSignatureMethod(authContext.SignatureMethod); }
public IToken GetAccessTokenAssociatedWithRequestToken(IOAuthContext requestContext) { EnsureTestConsumer(requestContext); if (requestContext.Token != "requestkey") throw new OAuthException(requestContext, OAuthProblems.TokenRejected, "Expected Token \"requestkey\""); return new TokenBase {ConsumerKey = "key", Realm = null, Token = "accesskey", TokenSecret = AccessSecret}; }
public void ConsumeAccessToken(IOAuthContext accessContext) { AccessToken accessToken = _repository.GetAccessToken(accessContext.Token); if (accessToken.ExpireyDate < DateTime.Now) { throw new OAuthException(accessContext, OAuthProblems.TokenExpired, "Token has expired (they're only valid for 1 minute)"); } }
public void RequestTokenWithInvalidConsumerKeyThrowsException() { IOAuthSession session = CreateConsumer(SignatureMethod.PlainText); session.ConsumerContext.ConsumerKey = "invalid"; IOAuthContext context = session.BuildRequestTokenContext("GET").Context; var ex = Assert.Throws <OAuthException>(() => provider.GrantRequestToken(context)); Assert.Equal("Unknown Consumer (Realm: , Key: invalid)", ex.Message); }
public void RequestTokenWithHmacSha1WithInvalidSignatureThrows() { IOAuthSession session = CreateConsumer(SignatureMethod.HmacSha1); IOAuthContext context = session.BuildRequestTokenContext("GET").Context; context.Signature = "wrong"; var ex = Assert.Throws <OAuthException>(() => (provider.GrantRequestToken(context))); Assert.Equal("Failed to validate signature", ex.Message); }
public void InspectContext(ProviderPhase phase, IOAuthContext context) { if (context.SignatureMethod == SignatureMethod.PlainText || String.IsNullOrEmpty(context.BodyHash)) return; if (!context.BodyHash.EqualsInConstantTime(context.GenerateBodyHash())) { throw Error.FailedToValidateBodyHash(context); } }
public void ConsumeAccessToken(IOAuthContext accessContext) { AccessToken accessToken = GetAccessToken(accessContext); if (accessToken.ExpiryDateUtc < DateTime.UtcNow) { throw new OAuthException(accessContext, OAuthProblems.TokenExpired, "Token has expired (they're only valid for 1 minute)"); } }
static void UseUpRequestToken(IOAuthContext requestContext, RequestToken requestToken) { if (requestToken.UsedUp) { throw new OAuthException(requestContext, OAuthProblems.TokenRejected, "The request token has already be consumed."); } requestToken.UsedUp = true; }
public void ConsumeRequestToken(IOAuthContext requestContext) { EnsureTestConsumer(requestContext); if (requestContext.Token != "requestkey") { throw new OAuthException(requestContext, OAuthProblems.TokenRejected, "The supplied request token is unknown to the provider."); } }
public void ConsumeRequestToken(IOAuthContext requestContext) { if (requestContext == null) throw new ArgumentNullException("requestContext"); RequestToken requestToken = GetRequestToken(requestContext); UseUpRequestToken(requestContext, requestToken); _requestTokenRepository.SaveToken(requestToken); }
public void ExchangeTokensWhenVerifierIsWrongThrowsException() { IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1); IOAuthContext context = session.BuildExchangeRequestTokenForAccessTokenContext( new TokenBase { ConsumerKey = "key", Token = "requestkey" }, "GET", "wrong").Context; provider.ExchangeRequestTokenForAccessToken(context); }
public void ExchangeTokensWhenVerifierIsMatchDoesNotThrowException() { IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1); IOAuthContext context = session.BuildExchangeRequestTokenForAccessTokenContext( new TokenBase { ConsumerKey = "key", Token = "requestkey" }, "GET", "GzvVb5WjWfHKa/0JuFupaMyn").Context; provider.ExchangeRequestTokenForAccessToken(context); }
public void ConsumeAccessToken(IOAuthContext accessContext) { EnsureTestConsumer(accessContext); if (accessContext.Token != "accesskey") { throw new OAuthException(accessContext, OAuthProblems.TokenRejected, "The supplied access token is unknown to the provider."); } }
public void RequestTokenWithoutCallbackWillThrowException() { IOAuthSession session = CreateConsumer(SignatureMethod.PlainText); IOAuthContext context = session.BuildRequestTokenContext("GET").Context; context.CallbackUrl = null; // clear parameter, as it will default to "oob" var ex = Assert.Throws <OAuthException>(() => provider.GrantRequestToken(context)); Assert.Equal("Missing required parameter : oauth_callback", ex.Message); }
public IToken GetAccessTokenAssociatedWithRequestToken(IOAuthContext requestContext) { RequestToken requestToken = GetRequestToken(requestContext); var access_token = requestToken.AccessToken; // unlink the access token so we can't issue it again requestToken.AccessToken = null; this._requestTokenRepository.SaveToken(requestToken); return(access_token); }
public void ExchangeTokensWhenVerifierIsWrongThrowsException() { IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1); IOAuthContext context = session.BuildExchangeRequestTokenForAccessTokenContext( new TokenBase { ConsumerKey = "key", Token = "requestkey" }, "GET", "wrong").Context; var ex = Assert.Throws <OAuthException>(() => provider.ExchangeRequestTokenForAccessToken(context)); Assert.Equal("The parameter \"oauth_verifier\" was rejected", ex.Message); }
protected virtual SigningContext CreateSignatureContextForConsumer(IOAuthContext context) { var signingContext = new SigningContext {ConsumerSecret = _consumerStore.GetConsumerSecret(context)}; if (SignatureMethodRequiresCertificate(context.SignatureMethod)) { signingContext.Algorithm = _consumerStore.GetConsumerPublicKey(context); } return signingContext; }
public void AccessTokenWithHmacSha1() { IOAuthSession session = CreateConsumer(SignatureMethod.HmacSha1); IOAuthContext context = session.BuildAccessTokenContext("GET", "client_auth", "username", "password").Context; context.TokenSecret = null; IToken accessToken = provider.CreateAccessToken(context); Assert.Equal("accesskey", accessToken.Token); Assert.Equal("accesssecret", accessToken.TokenSecret); }
public void InspectContext(ProviderPhase phase, IOAuthContext context) { if (phase == ProviderPhase.GrantRequestToken) { ValidateCallbackUrlIsPartOfRequest(context); } else if (phase == ProviderPhase.ExchangeRequestTokenForAccessToken) { ValidateVerifierMatchesStoredVerifier(context); } }
public void RequestTokenWithRsaSha1WithInvalidSignatureThrows() { IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1); IOAuthContext context = session.BuildRequestTokenContext("GET").Context; context.Signature = "eeh8hLNIlNNq1Xrp7BOCc+xgY/K8AmjxKNM7UdLqqcvNSmJqcPcf7yQIOvu8oj5R/mDvBpSb3+CEhxDoW23gggsddPIxNdOcDuEOenugoCifEY6nRz8sbtYt3GHXsDS2esEse/N8bWgDdOm2FRDKuy9OOluQuKXLjx5wkD/KYMY="; var ex = Assert.Throws <OAuthException>(() => provider.GrantRequestToken(context)); Assert.Equal("Failed to validate signature", ex.Message); }
public IToken GetToken(IOAuthContext context) { var token = (IToken)null; if (!string.IsNullOrEmpty(context.Token)) { token = _repository.GetAccessToken(context.Token) ?? (IToken)_repository.GetRequestToken(context.Token); } return(token); }
public void setup() { _headers = new NameValueCollection(); _oAuthSession = MockRepository.GenerateMock<IOAuthSession>(); _oAuthContext = MockRepository.GenerateMock<IOAuthContext>(); _oAuthContext.Expect(x => x.Headers).Return(_headers); _consumerRequest = new ConsumerRequest(_oAuthSession, _oAuthContext, null, null); }
public bool AuthenticateClient(IOAuthContext context) { Client actual = ClientRepo.FindClient(context.Client.ClientId); if (actual == null) { return(false); } return(actual.ClientSecret == context.Client.ClientSecret); }
public void AccessProtectedResourceWithPlainText() { IOAuthSession session = CreateConsumer(SignatureMethod.PlainText); session.AccessToken = new TokenBase { ConsumerKey = "key", Token = "accesskey", TokenSecret = "accesssecret" }; IOAuthContext context = session.Request().Get().ForUrl("http://localhost/protected.rails").SignWithToken().Context; context.TokenSecret = null; provider.AccessProtectedResourceRequest(context); }
IContextSignatureImplementation FindImplementationForAuthContext(IOAuthContext authContext) { IContextSignatureImplementation impl = _implementations.FirstOrDefault(i => i.MethodName == authContext.SignatureMethod); if (impl != null) { return(impl); } throw Error.UnknownSignatureMethod(authContext.SignatureMethod); }
RequestToken GetRequestToken(IOAuthContext context) { try { return _requestTokenRepository.GetToken(context.Token); } catch (Exception exception) { // TODO: log exception throw Error.UnknownToken(context, context.Token, exception); } }
public virtual void AccessProtectedResourceRequest(IOAuthContext context) { var token = _tokenStore.GetToken(context); if (token != null) { context.TokenSecret = token.TokenSecret; } InspectRequest(context); _tokenStore.ConsumeAccessToken(context); }
AccessToken GetAccessToken(IOAuthContext context) { try { return(_accessTokenRepository.GetToken(context.Token)); } catch (Exception exception) { // TODO: log exception throw Error.UnknownToken(context, context.Token, exception); } }
public void ExchangeTokensWhenVerifierIsMissingThrowsException() { string verifier = null; IOAuthSession session = CreateConsumer(SignatureMethod.RsaSha1); IOAuthContext context = session.BuildExchangeRequestTokenForAccessTokenContext( new TokenBase { ConsumerKey = "key", Token = "requestkey" }, "GET", verifier).Context; var ex = Assert.Throws <OAuthException>(() => provider.ExchangeRequestTokenForAccessToken(context)); Assert.Equal("Missing required parameter : oauth_verifier", ex.Message); }
public IConsumerRequest CreateConsumerRequest(IOAuthContext context, IOAuthConsumerContext consumerContext, IToken token) { if (context == null) { throw new ArgumentNullException("context"); } if (consumerContext == null) { throw new ArgumentNullException("consumerContext"); } return(new ConsumerRequest(context, consumerContext, token)); }
protected virtual SigningContext CreateSignatureContextForConsumer(IOAuthContext context) { var signingContext = new SigningContext { ConsumerSecret = _consumerStore.GetConsumerSecret(context) }; if (SignatureMethodRequiresCertificate(context.SignatureMethod)) { signingContext.Algorithm = _consumerStore.GetConsumerPublicKey(context); } return(signingContext); }
public void ConsumeRequestToken(IOAuthContext requestContext) { if (requestContext == null) { throw new ArgumentNullException("requestContext"); } RequestToken requestToken = GetRequestToken(requestContext); UseUpRequestToken(requestContext, requestToken); _requestTokenRepository.SaveToken(requestToken); }