public void Test_EnumParsing_Flags()
{
OAuthParameterSources sources = (OAuthParameterSources)Enum.Parse(typeof(OAuthParameterSources), "HttpAuthorizationHeader, HttpPostBody");
Assert.That(sources & OAuthParameterSources.HttpAuthorizationHeader, Is.EqualTo(OAuthParameterSources.HttpAuthorizationHeader));
Assert.That(sources & OAuthParameterSources.HttpPostBody, Is.EqualTo(OAuthParameterSources.HttpPostBody));
}
public void Test_EnumFormatting_Flags()
{
OAuthParameterSources sources = OAuthParameterSources.HttpAuthorizationHeader | OAuthParameterSources.HttpPostBody;
Assert.That(Enum.Format(typeof(OAuthParameterSources), sources, "G"), Is.EqualTo("HttpAuthorizationHeader, HttpPostBody"));
}
/// <summary>
/// Parses the OAuth parameters from the HTTP request, sourcing
/// parameters from the sources specified by <paramref name="sources"/>.
///
/// TODO: Mention validation
/// </summary>
///
/// <param name="request">The HTTP request</param>
/// <param name="sources">The sources to collate parameters from
/// (must not be <c>OAuthParameterSources.None</c>)</param>
///
/// <returns>
/// An OAuthParameters object containing the parsed reserved OAuth
/// parameters and any additional, valid parameters
/// </returns>
public static OAuthParameters Parse(HttpRequest request, OAuthParameterSources sources)
{
return(OAuthParameters.DoParse(request.Headers[Constants.AuthorizationHeaderParameter], request.Headers[Constants.WwwAuthenticateHeaderParameter], request.Form, request.QueryString, sources, true));
}
internal static OAuthParameters DoParse(string authHeader, string wwwAuthHeader, NameValueCollection form, NameValueCollection queryString, OAuthParameterSources sources, bool validateParameters)
{
if (sources == OAuthParameterSources.None)
{
throw new ArgumentException("sources must not be OAuthParameterSources.None", "sources");
}
bool useAuthHeader = (sources & OAuthParameterSources.HttpAuthorizationHeader) == OAuthParameterSources.HttpAuthorizationHeader;
bool useWwwAuthHeader = (sources & OAuthParameterSources.HttpWwwAuthenticateHeader) == OAuthParameterSources.HttpWwwAuthenticateHeader;
bool usePost = (sources & OAuthParameterSources.HttpPostBody) == OAuthParameterSources.HttpPostBody;
bool useQueryString = (sources & OAuthParameterSources.HttpQueryString) == OAuthParameterSources.HttpQueryString;
NameValueCollection authHeaderParams = useAuthHeader ? ParseAuthHeader(authHeader) : null;
NameValueCollection wwwAuthHeaderParams = useWwwAuthHeader ? ParseAuthHeader(wwwAuthHeader) : null;
NameValueCollection postParams = usePost ? form : null;
NameValueCollection queryStringParams = useQueryString ? queryString : null;
// Do validation if required
if (validateParameters)
{
/*
* Check for any duplicated OAuth parameters
*/
ResultInfo <string[]> result = CheckForDuplicateReservedParameters(
authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
{
OAuthRequestException.ThrowParametersRejected(result, null);
}
/*
* Check for non-reserved parameters prefixed with oauth_
*/
result = CheckForInvalidParameterNames(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
{
OAuthRequestException.ThrowParametersRejected(result, null);
}
}
return(new OAuthParameters()
{
Callback = GetParam(Constants.CallbackParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
ConsumerKey = GetParam(Constants.ConsumerKeyParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
Nonce = GetParam(Constants.NonceParameter, authHeaderParams, postParams, wwwAuthHeaderParams, queryStringParams),
Realm = authHeaderParams != null ? authHeaderParams[Constants.RealmParameter] : null,
Signature = GetParam(Constants.SignatureParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
SignatureMethod = GetParam(Constants.SignatureMethodParameter, wwwAuthHeaderParams, authHeaderParams, postParams, queryStringParams),
Timestamp = GetParam(Constants.TimestampParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
Token = GetParam(Constants.TokenParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
TokenSecret = GetParam(Constants.TokenSecretParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
Version = GetParam(Constants.VersionParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
Verifier = GetParam(Constants.VerifierParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
AdditionalParameters = GetNonOAuthParameters(wwwAuthHeaderParams, postParams, queryStringParams)
});
}
internal static OAuthParameters DoParse(string authHeader, string wwwAuthHeader, NameValueCollection form, NameValueCollection queryString, OAuthParameterSources sources, bool validateParameters)
{
if (sources == OAuthParameterSources.None)
throw new ArgumentException("sources must not be OAuthParameterSources.None", "sources");
bool useAuthHeader = (sources & OAuthParameterSources.HttpAuthorizationHeader) == OAuthParameterSources.HttpAuthorizationHeader;
bool useWwwAuthHeader = (sources & OAuthParameterSources.HttpWwwAuthenticateHeader) == OAuthParameterSources.HttpWwwAuthenticateHeader;
bool usePost = (sources & OAuthParameterSources.HttpPostBody) == OAuthParameterSources.HttpPostBody;
bool useQueryString = (sources & OAuthParameterSources.HttpQueryString) == OAuthParameterSources.HttpQueryString;
NameValueCollection authHeaderParams = useAuthHeader ? ParseAuthHeader(authHeader) : null;
NameValueCollection wwwAuthHeaderParams = useWwwAuthHeader ? ParseAuthHeader(wwwAuthHeader) : null;
NameValueCollection postParams = usePost ? form : null;
NameValueCollection queryStringParams = useQueryString ? queryString : null;
// Do validation if required
if (validateParameters)
{
/*
* Check for any duplicated OAuth parameters
*/
ResultInfo<string[]> result = CheckForDuplicateReservedParameters(
authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
OAuthRequestException.ThrowParametersRejected(result, null);
/*
* Check for non-reserved parameters prefixed with oauth_
*/
result = CheckForInvalidParameterNames(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
OAuthRequestException.ThrowParametersRejected(result, null);
}
return new OAuthParameters()
{
Callback = GetParam(Constants.CallbackParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
ConsumerKey = GetParam(Constants.ConsumerKeyParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
Nonce = GetParam(Constants.NonceParameter, authHeaderParams, postParams, wwwAuthHeaderParams, queryStringParams),
Realm = authHeaderParams != null ? authHeaderParams[Constants.RealmParameter] : null,
Signature = GetParam(Constants.SignatureParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
SignatureMethod = GetParam(Constants.SignatureMethodParameter, wwwAuthHeaderParams, authHeaderParams, postParams, queryStringParams),
Timestamp = GetParam(Constants.TimestampParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
Token = GetParam(Constants.TokenParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
TokenSecret = GetParam(Constants.TokenSecretParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
Version = GetParam(Constants.VersionParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
Verifier = GetParam(Constants.VerifierParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams),
AdditionalParameters = GetNonOAuthParameters(wwwAuthHeaderParams, postParams, queryStringParams)
};
}
/// <summary>
/// Parses the OAuth parameters from the HTTP request, sourcing
/// parameters from the sources specified by <paramref name="sources"/>.
///
/// TODO: Mention validation
/// </summary>
///
/// <param name="request">The HTTP request</param>
/// <param name="sources">The sources to collate parameters from
/// (must not be <c>OAuthParameterSources.None</c>)</param>
///
/// <returns>
/// An OAuthParameters object containing the parsed reserved OAuth
/// parameters and any additional, valid parameters
/// </returns>
public static OAuthParameters Parse(HttpRequest request, OAuthParameterSources sources)
{
NameValueCollection form = new NameValueCollection();
foreach (var key in request.Form.AllKeys)
{
var @value = request.Form[key];
form.Add(key, @value);
}
foreach (var key in request.Files.AllKeys)
{
var file = request.Files[key];
var @value = HttpUtility.UrlDecode(file.FileName);
form.Add(key, @value);
}
return OAuthParameters.DoParse(request.Headers[Constants.AuthorizationHeaderParameter], request.Headers[Constants.WwwAuthenticateHeaderParameter], form, request.QueryString, sources, true);
}
internal static OAuthParameters DoParse(string authHeader, string wwwAuthHeader, NameValueCollection form, NameValueCollection queryString, OAuthParameterSources sources, bool validateParameters)
{
if (sources == OAuthParameterSources.None)
{
throw new ArgumentException("sources must not be OAuthParameterSources.None", "sources");
}
bool useAuthHeader = (sources & OAuthParameterSources.AuthorizationHeader) == OAuthParameterSources.AuthorizationHeader;
bool useWwwAuthHeader = (sources & OAuthParameterSources.AuthenticateHeader) == OAuthParameterSources.AuthenticateHeader;
bool usePost = (sources & OAuthParameterSources.PostBody) == OAuthParameterSources.PostBody;
bool useQueryString = (sources & OAuthParameterSources.QueryString) == OAuthParameterSources.QueryString;
NameValueCollection authHeaderParams = useAuthHeader ? ParseAuthHeader(authHeader) : null;
NameValueCollection wwwAuthHeaderParams = useWwwAuthHeader ? ParseAuthHeader(wwwAuthHeader) : null;
NameValueCollection postParams = usePost ? form : null;
NameValueCollection queryStringParams = useQueryString ? queryString : null;
// Do validation if required
if (validateParameters)
{
/*
* Check for any duplicated OAuth parameters
*/
ResultInfo <string[]> result = CheckForDuplicateReservedParameters(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
{
throw new ParametersRejectedException(null, result);
}
/*
* Check for non-reserved parameters prefixed with oauth_
*/
result = CheckForInvalidParameterNames(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
{
throw new ParametersRejectedException(null, result);
}
}
OAuthParameters parameters = new OAuthParameters();
parameters.Callback = GetParam(OAuthParameterKeys.Callback, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.ConsumerKey = GetParam(OAuthParameterKeys.ConsumerKey, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Nonce = GetParam(OAuthParameterKeys.Nonce, authHeaderParams, postParams, wwwAuthHeaderParams,
queryStringParams);
parameters.Realm = authHeaderParams != null ? authHeaderParams[OAuthParameterKeys.Realm] : null;
parameters.Signature = GetParam(OAuthParameterKeys.Signature, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.SignatureMethod = GetParam(OAuthParameterKeys.SignatureMethod, wwwAuthHeaderParams, authHeaderParams,
postParams, queryStringParams);
parameters.Timestamp = GetParam(OAuthParameterKeys.Timestamp, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Token = GetParam(OAuthParameterKeys.Token, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.TokenSecret = GetParam(OAuthParameterKeys.TokenSecret, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Version = GetParam(OAuthParameterKeys.Version, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Verifier = GetParam(OAuthParameterKeys.Verifier, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.additionalParameters = GetNonOAuthParameters(wwwAuthHeaderParams, postParams, queryStringParams);
return(parameters);
}
internal static OAuthParameters DoParse(string authHeader, string wwwAuthHeader, NameValueCollection form, NameValueCollection queryString, OAuthParameterSources sources, bool validateParameters)
{
if (sources == OAuthParameterSources.None)
throw new ArgumentException("sources must not be OAuthParameterSources.None", "sources");
bool useAuthHeader = (sources & OAuthParameterSources.AuthorizationHeader) == OAuthParameterSources.AuthorizationHeader;
bool useWwwAuthHeader = (sources & OAuthParameterSources.AuthenticateHeader) == OAuthParameterSources.AuthenticateHeader;
bool usePost = (sources & OAuthParameterSources.PostBody) == OAuthParameterSources.PostBody;
bool useQueryString = (sources & OAuthParameterSources.QueryString) == OAuthParameterSources.QueryString;
NameValueCollection authHeaderParams = useAuthHeader ? ParseAuthHeader(authHeader) : null;
NameValueCollection wwwAuthHeaderParams = useWwwAuthHeader ? ParseAuthHeader(wwwAuthHeader) : null;
NameValueCollection postParams = usePost ? form : null;
NameValueCollection queryStringParams = useQueryString ? queryString : null;
// Do validation if required
if (validateParameters) {
/*
* Check for any duplicated OAuth parameters
*/
ResultInfo<string[]> result = CheckForDuplicateReservedParameters(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
throw new ParametersRejectedException(null, result);
/*
* Check for non-reserved parameters prefixed with oauth_
*/
result = CheckForInvalidParameterNames(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams);
if (!result)
throw new ParametersRejectedException(null, result);
}
OAuthParameters parameters = new OAuthParameters();
parameters.Callback = GetParam(OAuthParameterKeys.Callback, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.ConsumerKey = GetParam(OAuthParameterKeys.ConsumerKey, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Nonce = GetParam(OAuthParameterKeys.Nonce, authHeaderParams, postParams, wwwAuthHeaderParams,
queryStringParams);
parameters.Realm = authHeaderParams != null ? authHeaderParams[OAuthParameterKeys.Realm] : null;
parameters.Signature = GetParam(OAuthParameterKeys.Signature, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.SignatureMethod = GetParam(OAuthParameterKeys.SignatureMethod, wwwAuthHeaderParams, authHeaderParams,
postParams, queryStringParams);
parameters.Timestamp = GetParam(OAuthParameterKeys.Timestamp, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Token = GetParam(OAuthParameterKeys.Token, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.TokenSecret = GetParam(OAuthParameterKeys.TokenSecret, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Version = GetParam(OAuthParameterKeys.Version, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.Verifier = GetParam(OAuthParameterKeys.Verifier, authHeaderParams, wwwAuthHeaderParams, postParams,
queryStringParams);
parameters.additionalParameters = GetNonOAuthParameters(wwwAuthHeaderParams, postParams, queryStringParams);
return parameters;
}
public static OAuthParameters Parse(IHttpRequest request, OAuthParameterSources sources)
{
return DoParse(request.Headers[AuthorizationHeaderParameter], request.Headers[WwwAuthenticateHeaderParameter],
request.Form, request.QueryString, sources, true);
}
