public virtual OAuthRequestToken GetRequestToken(string?callback) { if (_consumerKey == null || _consumerSecret == null) { throw new InvalidOperationException("_consumerKey == null || _consumerSecret == null"); } var args = new FunctionArguments ( _consumerKey, _consumerSecret ); var request = _requestTokenQuery.Invoke(args); if (!callback.IsNullOrBlank()) { request.AddParameter("oauth_callback", callback !); } var response = _oauth.Request(request); SetResponse(response); var query = OAuthWorkflow.ParseQuery(response.Content); var oauth = new OAuthRequestToken ( query["oauth_token"] ?? "?", query["oauth_token_secret"] ?? "?", Convert.ToBoolean(query["oauth_callback_confirmed"] ?? "false") ); return(oauth); }
/// <summary> /// Modifies the request to ensure that the authentication requirements are met. /// </summary> /// <param name="client">Client executing this request</param> /// <param name="request">Request to authenticate</param> /// <param name="credentials">The credentials used for the authentication</param> /// <returns>The task the authentication is performed on</returns> public Task PreAuthenticate(IRestClient client, IRestRequest request, ICredentials credentials) { var workflow = new OAuthWorkflow { ConsumerKey = ConsumerKey, ConsumerSecret = ConsumerSecret, ParameterHandling = ParameterHandling, SignatureProvider = SignatureProvider, SignatureTreatment = SignatureTreatment, Verifier = Verifier, Version = Version, CallbackUrl = CallbackUrl, SessionHandle = SessionHandle, Token = Token, TokenSecret = TokenSecret, ClientUsername = ClientUsername, ClientPassword = ClientPassword, CreateTimestampFunc = CreateTimestampFunc ?? OAuthTools.GetTimestamp, RandomNumberGenerator = RandomNumberGenerator ?? OAuthTools.DefaultRandomNumberGenerator, }; AddOAuthData(client, request, workflow); #if USE_TASKEX return(TaskEx.FromResult(0)); #else return(Task.FromResult(0)); #endif }
internal static OAuthWebQuery GetAccessTokenQuery(string requestToken, string RequestTokenSecret, string oAuthVerificationPin) { var oauth = new OAuthWorkflow { AccessTokenUrl = AppSettings.AccessTokenUri, ConsumerKey = AppSettings.consumerKey, ConsumerSecret = AppSettings.consumerKeySecret, ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader, SignatureMethod = OAuthSignatureMethod.HmacSha1, Token = HttpUtility.UrlEncode(requestToken), TokenSecret = RequestTokenSecret, Verifier = oAuthVerificationPin, Version = AppSettings.oAuthVersion // }; var info = oauth.BuildAccessTokenInfo(WebMethod.Post); ////replace signature //info.Signature = AppSettings.consumerKeySecret + "&" + oauth.TokenSecret; //info.Signature = HttpUtility.UrlEncode(info.Signature); ////replace signature var objOAuthWebQuery = new OAuthWebQuery(info, false); objOAuthWebQuery.HasElevatedPermissions = true; objOAuthWebQuery.SilverlightUserAgentHeader = "Hammock"; return(objOAuthWebQuery); }
internal static OAuthWebQuery RefreshAccessTokenQuery() { var oauth = new OAuthWorkflow { AccessTokenUrl = AppSettings.AccessTokenUri, ConsumerKey = AppSettings.consumerKey, ConsumerSecret = AppSettings.consumerKeySecret, ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader, SignatureMethod = OAuthSignatureMethod.HmacSha1, Token = MainUtil.GetKeyValue <string>("AccessToken"), TokenSecret = MainUtil.GetKeyValue <string>("AccessTokenSecret"), SessionHandle = MainUtil.GetKeyValue <string>("SessionHandle"), Version = AppSettings.oAuthVersion // }; var info = oauth.BuildAccessTokenInfo(WebMethod.Post); ////replace signature //info.Signature = AppSettings.consumerKeySecret + "&" + oauth.TokenSecret; //info.Signature = HttpUtility.UrlEncode(info.Signature); ////replace signature info.Token = HttpUtility.UrlEncode(info.Token); var sessionParameter = new WebPair("oauth_session_handle", MainUtil.GetKeyValue <string>("SessionHandle")); var objOAuthWebQuery = new OAuthWebQuery(info, false); objOAuthWebQuery.HasElevatedPermissions = true; objOAuthWebQuery.SilverlightUserAgentHeader = "Hammock"; objOAuthWebQuery.Parameters.Add(sessionParameter); return(objOAuthWebQuery); }
public virtual OAuthAccessToken GetAccessToken(OAuthRequestToken requestToken, string?verifier) { if (_consumerKey == null || _consumerSecret == null) { throw new InvalidOperationException("_consumerKey == null || _consumerSecret == null"); } var args = new FunctionArguments ( _consumerKey, _consumerSecret, requestToken.Token, requestToken.TokenSecret, verifier ); var request = _accessTokenQuery.Invoke(args); var response = _oauth.Request(request); SetResponse(response); var query = OAuthWorkflow.ParseQuery(response.Content); var accessToken = new OAuthAccessToken ( query["oauth_token"] ?? "?", query["oauth_token_secret"] ?? "?", Convert.ToInt64(query["user_id"] ?? "0"), query["screen_name"] ?? "?" ); return(accessToken); }
public virtual RestRequest PrepareEchoRequest(string realm = "http://api.twitter.com") { var args = new FunctionArguments { ConsumerKey = _consumerKey, ConsumerSecret = _consumerSecret, Token = _token, TokenSecret = _tokenSecret }; var request = _protectedResourceQuery.Invoke(args); request.Method = WebMethod.Get; request.Path = string.Concat("account/verify_credentials", FormatAsString); var credentials = (OAuthCredentials)request.Credentials; var url = request.BuildEndpoint(_oauth); var workflow = new OAuthWorkflow(credentials); var method = request.Method.HasValue ? request.Method.Value : WebMethod.Get; var info = workflow.BuildProtectedResourceInfo(method, request.GetAllHeaders(), url); var query = credentials.GetQueryFor(url, request, info, method, TraceEnabled); ((OAuthWebQuery)query).Realm = realm; var auth = query.GetAuthorizationContent(); var echo = new RestRequest(); echo.AddHeader("X-Auth-Service-Provider", url); echo.AddHeader("X-Verify-Credentials-Authorization", auth); return(echo); }
private static OAuthWebQuery GetRequestTokenQuery() { OAuthWorkflow oauthWorkflow = new OAuthWorkflow(); oauthWorkflow.ConsumerKey = "f5dowbYEtg4PfEOQZEdnHoHdT"; oauthWorkflow.ConsumerSecret = "cCosLgG0c7IeJL7qElkR9tMCMWPjDdMPDHGMY2QlOoHCbza09b"; oauthWorkflow.SignatureMethod = OAuthSignatureMethod.HmacSha1; oauthWorkflow.ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader; oauthWorkflow.RequestTokenUrl = "https://api.twitter.com/oauth/request_token"; oauthWorkflow.Version = "1.0a"; oauthWorkflow.CallbackUrl = "com.vk.vkclient://twitter-oauth/callback"; OAuthWebQuery oauthWebQuery = new OAuthWebQuery(oauthWorkflow.BuildRequestTokenInfo((WebMethod)0), false); oauthWebQuery.HasElevatedPermissions = true; return(oauthWebQuery); }
public virtual void GetAccessToken(OAuthRequestToken requestToken, string?verifier, Action <OAuthAccessToken?, TwitterResponse> action) { if (_consumerKey == null || _consumerSecret == null || requestToken.TokenSecret == null) { throw new InvalidOperationException("_consumerKey == null || _consumerSecret == null || requestToken.TokenSecret == null"); } var args = new FunctionArguments ( _consumerKey, _consumerSecret, requestToken.Token, requestToken.TokenSecret, verifier ); var request = _accessTokenQuery.Invoke(args); _oauth.BeginRequest(request, (req, resp, state) => { Exception?exception; var entity = TryAsyncResponse(() => { if (resp == null || resp.StatusCode != HttpStatusCode.OK) { return(null); } var query = OAuthWorkflow.ParseQuery(resp.Content); var accessToken = new OAuthAccessToken ( query["oauth_token"] ?? "?", query["oauth_token_secret"] ?? "?", Convert.ToInt64(query["user_id"] ?? "0"), query["screen_name"] ?? "?" ); return(accessToken); }, out exception); action(entity, new TwitterResponse(resp, exception)); } ); }
public virtual void GetRequestToken(string callback, Action <OAuthRequestToken?, TwitterResponse> action) { if (_consumerKey == null || _consumerSecret == null) { throw new InvalidOperationException("_consumerKey == null || _consumerSecret == null"); } var args = new FunctionArguments ( _consumerKey, _consumerSecret ); var request = _requestTokenQuery.Invoke(args); if (!callback.IsNullOrBlank()) { request.AddParameter("oauth_callback", callback); } _oauth.BeginRequest(request, (req, resp, state) => { Exception?exception; var entity = TryAsyncResponse(() => { if (resp == null || resp.StatusCode != HttpStatusCode.OK) { return(null); } var query = OAuthWorkflow.ParseQuery(resp.Content); var requestToken = new OAuthRequestToken ( query["oauth_token"] ?? "?", query["oauth_token_secret"] ?? "?", Convert.ToBoolean(query["oauth_callback_confirmed"] ?? "false") ); return(requestToken); }, out exception); action(entity, new TwitterResponse(resp, exception)); }); }
internal static OAuthWebQuery GetRequestTokenQuery() { var oauth = new OAuthWorkflow { ConsumerKey = Social.TwitterSettings.ConsumerKey, ConsumerSecret = Social.TwitterSettings.ConsumerSecret, SignatureMethod = OAuthSignatureMethod.HmacSha1, ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader, RequestTokenUrl = Social.TwitterSettings.RequestTokenUri, Version = Social.TwitterSettings.OAuthVersion, CallbackUrl = Social.TwitterSettings.CallbackUri }; var info = oauth.BuildRequestTokenInfo(WebMethod.Get); var objOAuthWebQuery = new OAuthWebQuery(info, false); objOAuthWebQuery.HasElevatedPermissions = true; objOAuthWebQuery.SilverlightUserAgentHeader = "Hammock"; return(objOAuthWebQuery); }
public ValueTask Authenticate(RestClient client, RestRequest request) { var workflow = new OAuthWorkflow { ConsumerKey = ConsumerKey, ConsumerSecret = ConsumerSecret, ParameterHandling = ParameterHandling, SignatureMethod = SignatureMethod, SignatureTreatment = SignatureTreatment, Verifier = Verifier, Version = Version, CallbackUrl = CallbackUrl, SessionHandle = SessionHandle, Token = Token, TokenSecret = TokenSecret, ClientUsername = ClientUsername, ClientPassword = ClientPassword }; AddOAuthData(client, request, workflow); return(default);
internal static OAuthWebQuery GetAccessTokenQuery(string requestToken, string RequestTokenSecret, string oAuthVerificationPin) { var oauth = new OAuthWorkflow { AccessTokenUrl = Social.TwitterSettings.AccessTokenUri, ConsumerKey = Social.TwitterSettings.ConsumerKey, ConsumerSecret = Social.TwitterSettings.ConsumerSecret, ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader, SignatureMethod = OAuthSignatureMethod.HmacSha1, Token = requestToken, Verifier = oAuthVerificationPin, Version = Social.TwitterSettings.OAuthVersion }; var info = oauth.BuildAccessTokenInfo(WebMethod.Post); var objOAuthWebQuery = new OAuthWebQuery(info, false); objOAuthWebQuery.HasElevatedPermissions = true; objOAuthWebQuery.SilverlightUserAgentHeader = "Hammock"; return(objOAuthWebQuery); }
public void Authenticate(IRestClient client, IRestRequest request) { OAuthWorkflow workflow = new OAuthWorkflow { ConsumerKey = this.ConsumerKey, ConsumerSecret = this.ConsumerSecret, ParameterHandling = this.ParameterHandling, SignatureMethod = this.SignatureMethod, SignatureTreatment = this.SignatureTreatment, Verifier = this.Verifier, Version = this.Version, CallbackUrl = this.CallbackUrl, SessionHandle = this.SessionHandle, Token = this.Token, TokenSecret = this.TokenSecret, ClientUsername = this.ClientUsername, ClientPassword = this.ClientPassword }; this.AddOAuthData(client, request, workflow); }
public void Authenticate(IRestClient client, IRestRequest request) { OAuthWorkflow oAuthWorkflow = new OAuthWorkflow(); oAuthWorkflow.ConsumerKey = ConsumerKey; oAuthWorkflow.ConsumerSecret = ConsumerSecret; oAuthWorkflow.ParameterHandling = ParameterHandling; oAuthWorkflow.SignatureMethod = SignatureMethod; oAuthWorkflow.SignatureTreatment = SignatureTreatment; oAuthWorkflow.Verifier = Verifier; oAuthWorkflow.Version = Version; oAuthWorkflow.CallbackUrl = CallbackUrl; oAuthWorkflow.SessionHandle = SessionHandle; oAuthWorkflow.Token = Token; oAuthWorkflow.TokenSecret = TokenSecret; oAuthWorkflow.ClientUsername = ClientUsername; oAuthWorkflow.ClientPassword = ClientPassword; OAuthWorkflow workflow = oAuthWorkflow; AddOAuthData(client, request, workflow); }
/// <summary> /// Modifies the request to ensure that the authentication requirements are met. /// </summary> /// <param name="client">Client executing this request</param> /// <param name="request">Request to authenticate</param> public void Authenticate(IRestClient client, IRestRequest request) { var workflow = new OAuthWorkflow { ConsumerKey = ConsumerKey, ConsumerSecret = ConsumerSecret, ParameterHandling = ParameterHandling, SignatureMethod = SignatureMethod, SignatureTreatment = SignatureTreatment, Verifier = Verifier, Version = Version, CallbackUrl = CallbackUrl, SessionHandle = SessionHandle, Token = Token, TokenSecret = TokenSecret, ClientUsername = ClientUsername, ClientPassword = ClientPassword, CreateTimestampFunc = CreateTimestampFunc ?? OAuthTools.GetTimestamp, }; AddOAuthData(client, request, workflow); }
void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow) { var requestUrl = client.BuildUriWithoutQueryParameters(request); if (requestUrl.Contains('?')) { throw new ApplicationException( "Using query parameters in the base URL is not supported for OAuth calls. Consider using AddDefaultQueryParameter instead." ); } var url = client.BuildUri(request).ToString(); var queryStringStart = url.IndexOf('?'); if (queryStringStart != -1) { url = url.Substring(0, queryStringStart); } var method = request.Method.ToString().ToUpperInvariant(); var parameters = new WebPairCollection();
private OAuthWebQuery GetAccessTokenQuery() { OAuthWorkflow oauthWorkflow = new OAuthWorkflow(); oauthWorkflow.ConsumerKey = "f5dowbYEtg4PfEOQZEdnHoHdT"; oauthWorkflow.ConsumerSecret = "cCosLgG0c7IeJL7qElkR9tMCMWPjDdMPDHGMY2QlOoHCbza09b"; oauthWorkflow.SignatureMethod = OAuthSignatureMethod.HmacSha1; oauthWorkflow.ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader; oauthWorkflow.AccessTokenUrl = "https://api.twitter.com/oauth/access_token"; oauthWorkflow.Version = "1.0a"; string oauthToken = this._oauthToken; oauthWorkflow.Token = oauthToken; string oauthVerifier = this._oauthVerifier; oauthWorkflow.Verifier = oauthVerifier; int num1 = 1; OAuthWebQuery oauthWebQuery = new OAuthWebQuery(oauthWorkflow.BuildAccessTokenInfo((WebMethod)num1), false); int num2 = 1; oauthWebQuery.HasElevatedPermissions = num2 != 0; return(oauthWebQuery); }
/// <summary> /// Modifies the request to ensure that the authentication requirements are met. /// </summary> /// <param name="client">Client executing this request</param> /// <param name="request">Request to authenticate</param> /// <param name="credentials">The credentials used for the authentication</param> /// <returns>The task the authentication is performed on</returns> public Task PreAuthenticate(IRestClient client, IRestRequest request, ICredentials credentials) { return(Task.Factory.StartNew(() => { var workflow = new OAuthWorkflow { ConsumerKey = ConsumerKey, ConsumerSecret = ConsumerSecret, ParameterHandling = ParameterHandling, SignatureProvider = SignatureProvider, SignatureTreatment = SignatureTreatment, Verifier = Verifier, Version = Version, CallbackUrl = CallbackUrl, SessionHandle = SessionHandle, Token = Token, TokenSecret = TokenSecret, ClientUsername = ClientUsername, ClientPassword = ClientPassword, CreateTimestampFunc = CreateTimestampFunc ?? OAuthTools.GetTimestamp }; AddOAuthData(client, request, workflow); })); }
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow) { string text = client.BuildUri(request).ToString(); int num = text.IndexOf('?'); if (num != -1) { text = text.Substring(0, num); } string method = request.Method.ToString().ToUpperInvariant(); WebParameterCollection webParameterCollection = new WebParameterCollection(); if (!request.AlwaysMultipartFormData && !request.Files.Any()) { foreach (Parameter item in from p in client.DefaultParameters where p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString select p) { webParameterCollection.Add(new WebPair(item.Name, item.Value.ToString())); } foreach (Parameter item2 in from p in request.Parameters where p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString select p) { webParameterCollection.Add(new WebPair(item2.Name, item2.Value.ToString())); } } else { foreach (Parameter item3 in from p in client.DefaultParameters where (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) && p.Name.StartsWith("oauth_") select p) { webParameterCollection.Add(new WebPair(item3.Name, item3.Value.ToString())); } foreach (Parameter item4 in from p in request.Parameters where (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) && p.Name.StartsWith("oauth_") select p) { webParameterCollection.Add(new WebPair(item4.Name, item4.Value.ToString())); } } OAuthWebQueryInfo oAuthWebQueryInfo; switch (Type) { case OAuthType.RequestToken: workflow.RequestTokenUrl = text; oAuthWebQueryInfo = workflow.BuildRequestTokenInfo(method, webParameterCollection); break; case OAuthType.AccessToken: workflow.AccessTokenUrl = text; oAuthWebQueryInfo = workflow.BuildAccessTokenInfo(method, webParameterCollection); break; case OAuthType.ClientAuthentication: workflow.AccessTokenUrl = text; oAuthWebQueryInfo = workflow.BuildClientAuthAccessTokenInfo(method, webParameterCollection); break; case OAuthType.ProtectedResource: oAuthWebQueryInfo = workflow.BuildProtectedResourceInfo(method, webParameterCollection, text); break; default: throw new ArgumentOutOfRangeException(); } switch (ParameterHandling) { case OAuthParameterHandling.HttpAuthorizationHeader: webParameterCollection.Add("oauth_signature", oAuthWebQueryInfo.Signature); request.AddHeader("Authorization", GetAuthorizationHeader(webParameterCollection)); break; case OAuthParameterHandling.UrlOrPostParameters: webParameterCollection.Add("oauth_signature", oAuthWebQueryInfo.Signature); foreach (WebPair item5 in from parameter in webParameterCollection where !parameter.Name.IsNullOrBlank() && (parameter.Name.StartsWith("oauth_") || parameter.Name.StartsWith("x_auth_")) select parameter) { request.AddParameter(item5.Name, HttpUtility.UrlDecode(item5.Value)); } break; default: throw new ArgumentOutOfRangeException(); } }
public void Authenticate(IRestClient client, IRestRequest request) { var workflow = new OAuthWorkflow { ConsumerKey = this.ConsumerKey, ConsumerSecret = this.ConsumerSecret, ParameterHandling = this.ParameterHandling, SignatureMethod = this.SignatureMethod, SignatureTreatment = this.SignatureTreatment, Verifier = this.Verifier, Version = this.Version, CallbackUrl = this.CallbackUrl, SessionHandle = this.SessionHandle, Token = this.Token, TokenSecret = this.TokenSecret, ClientUsername = this.ClientUsername, ClientPassword = this.ClientPassword }; this.AddOAuthData(client, request, workflow); }
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow) { var url = client.BuildUri(request).ToString(); var queryStringStart = url.IndexOf('?'); if (queryStringStart != -1) url = url.Substring(0, queryStringStart); OAuthWebQueryInfo oauth; #if PocketPC var method = request.Method.ToString().ToUpper(); #else var method = request.Method.ToString().ToUpperInvariant(); #endif var parameters = new WebParameterCollection(); // include all GET and POST parameters before generating the signature // according to the RFC 5849 - The OAuth 1.0 Protocol // http://tools.ietf.org/html/rfc5849#section-3.4.1 // if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level, // or implement a seperate class for each OAuth version if (!request.AlwaysMultipartFormData && !request.Files.Any()) { foreach (var p in client.DefaultParameters.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)) { parameters.Add(new WebPair(p.Name, p.Value.ToString())); } foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)) { parameters.Add(new WebPair(p.Name, p.Value.ToString())); } } else { // if we are sending a multipart request, only the "oauth_" parameters should be included in the signature foreach (var p in client.DefaultParameters.Where( p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) && p.Name.StartsWith("oauth_"))) { parameters.Add(new WebPair(p.Name, p.Value.ToString())); } foreach (var p in request.Parameters.Where( p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) && p.Name.StartsWith("oauth_"))) { parameters.Add(new WebPair(p.Name, p.Value.ToString())); } } switch (this.Type) { case OAuthType.RequestToken: workflow.RequestTokenUrl = url; oauth = workflow.BuildRequestTokenInfo(method, parameters); break; case OAuthType.AccessToken: workflow.AccessTokenUrl = url; oauth = workflow.BuildAccessTokenInfo(method, parameters); break; case OAuthType.ClientAuthentication: workflow.AccessTokenUrl = url; oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters); break; case OAuthType.ProtectedResource: oauth = workflow.BuildProtectedResourceInfo(method, parameters, url); break; default: throw new ArgumentOutOfRangeException(); } switch (this.ParameterHandling) { case OAuthParameterHandling.HttpAuthorizationHeader: parameters.Add("oauth_signature", oauth.Signature); request.AddHeader("Authorization", this.GetAuthorizationHeader(parameters)); break; case OAuthParameterHandling.UrlOrPostParameters: parameters.Add("oauth_signature", oauth.Signature); foreach (var parameter in parameters.Where(parameter => !parameter.Name.IsNullOrBlank() && (parameter.Name.StartsWith("oauth_") || parameter.Name.StartsWith("x_auth_")))) { request.AddParameter(parameter.Name, HttpUtility.UrlDecode(parameter.Value)); } break; default: throw new ArgumentOutOfRangeException(); } }
public void Create_Appropriate_OAuth1_Header_Signature_With_Querystring_Parameters() { const string consumerKey = "enterConsumerKeyHere"; const string consumerSecret = "enterConsumerSecretHere"; const string tokenAccess = "fooaccesstoken"; const string tokenSecret = "foosecrettoken"; const string baseUrl = "http://localhost:8888/oauth1_signature_test"; const string requestUrl = "youvegotmail"; const string qsParamName = "foo"; const string qsParamValue = "bar"; var authenticator = OAuth1Authenticator.ForProtectedResource(consumerKey, consumerSecret, tokenAccess, tokenSecret); authenticator.ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader; // not sure this matters var client = new RestClient(baseUrl); // add the offending parameter in two different ways var requestWithQs = new RestRequest(requestUrl + $"?{qsParamName}={qsParamValue}", Method.GET); var requestWithParameter = new RestRequest(requestUrl, Method.GET); requestWithParameter.AddParameter("foo", "bar"); authenticator.Authenticate(client, requestWithQs); authenticator.Authenticate(client, requestWithParameter); var headerWithQs = requestWithQs.Parameters.Single(p => p.Name == "Authorization"); var headerWithParameter = requestWithParameter.Parameters.Single(p => p.Name == "Authorization"); // just for eyeballing Console.WriteLine("===== Manually added to QS ====="); var urlQs = client.BuildUri(requestWithQs); Console.WriteLine(urlQs); foreach (var p in requestWithQs.Parameters) { Console.WriteLine($"{p.Name} {p.Type} = {p.Value}"); } Console.WriteLine("===== Added via Param ====="); var urlParams = client.BuildUri(requestWithParameter); Console.WriteLine(urlParams); foreach (var p in requestWithParameter.Parameters) { Console.WriteLine($"{p.Name} {p.Type} = {p.Value}"); } // just because they're constructed differently Assert.AreNotEqual(headerWithParameter, headerWithQs); // really need to validate against something that checks the signature, like http://lti.tools/oauth/ // can we test it this way? var oworkflow = new OAuthWorkflow { ConsumerKey = consumerKey, ConsumerSecret = consumerSecret, Token = tokenAccess, TokenSecret = tokenSecret, SignatureMethod = OAuthSignatureMethod.HmacSha1, ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader, SignatureTreatment = OAuthSignatureTreatment.Escaped, }; var qsWebParams = new WebParameterCollection(); var infoQs = oworkflow.BuildProtectedResourceInfo("GET", qsWebParams, urlQs.AbsoluteUri); var paramsWebParams = new WebParameterCollection(); var infoParams = oworkflow.BuildProtectedResourceInfo("GET", paramsWebParams, urlParams.AbsoluteUri); // no, can't really test it because of nonce and timestamp, but can compare it to something that checks the signature, like http://lti.tools/oauth/ Assert.AreNotEqual(infoQs.Signature, infoParams.Signature); Assert.Inconclusive("Unverifiable, must compare it to a signature checker like http://lti.tools/oauth/"); }
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow) { var url = client.BuildUri(request, false).ToString(); OAuthWebQueryInfo oauth; var method = request.Method.Method; var parameters = new WebParameterCollection(); // include all GET and POST parameters before generating the signature // according to the RFC 5849 - The OAuth 1.0 Protocol // http://tools.ietf.org/html/rfc5849#section-3.4.1 // if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level, // or implement a seperate class for each OAuth version var useMultiPart = request.ContentCollectionMode == ContentCollectionMode.MultiPart || (request.ContentCollectionMode == ContentCollectionMode.MultiPartForFileParameters && (client.DefaultParameters.GetFileParameters().Any() || request.Parameters.GetFileParameters().Any())); var requestParameters = client.MergeParameters(request).Where(x => x.Type == ParameterType.GetOrPost || x.Type == ParameterType.QueryString); if (!useMultiPart) { foreach (var p in requestParameters) { parameters.Add(new WebPair(p.Name, p.Value.ToString())); } } else { // if we are sending a multipart request, only the "oauth_" parameters should be included in the signature foreach (var p in requestParameters.Where(p => p.Name.StartsWith("oauth_", StringComparison.Ordinal))) { parameters.Add(new WebPair(p.Name, p.Value.ToString())); } } switch (Type) { case OAuthType.RequestToken: workflow.RequestTokenUrl = url; oauth = workflow.BuildRequestTokenInfo(method, parameters); break; case OAuthType.AccessToken: workflow.AccessTokenUrl = url; oauth = workflow.BuildAccessTokenInfo(method, parameters); break; case OAuthType.ClientAuthentication: workflow.AccessTokenUrl = url; oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters); break; case OAuthType.ProtectedResource: oauth = workflow.BuildProtectedResourceInfo(method, parameters, url); break; default: throw new ArgumentOutOfRangeException(); } switch (ParameterHandling) { case OAuthParameterHandling.HttpAuthorizationHeader: parameters.Add("oauth_signature", oauth.Signature); request.AddHeader("Authorization", GetAuthorizationHeader(parameters)); break; case OAuthParameterHandling.UrlOrPostParameters: parameters.Add("oauth_signature", oauth.Signature); foreach (var parameter in parameters.Where( parameter => !string.IsNullOrEmpty(parameter.Name) && (parameter.Name.StartsWith("oauth_") || parameter.Name.StartsWith("x_auth_")))) { var v = parameter.Value; v = Uri.UnescapeDataString(v.Replace('+', ' ')); request.AddParameter(parameter.Name, v); } break; default: throw new ArgumentOutOfRangeException(); } }
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow) { var url = client.BuildUri(request).ToString(); var queryStringStart = url.IndexOf('?'); if (queryStringStart != -1) { url = url.Substring(0, queryStringStart); } OAuthWebQueryInfo oauth; var method = request.Method.ToString().ToUpperInvariant(); var parameters = new WebParameterCollection(); // include all GET and POST parameters before generating the signature // according to the RFC 5849 - The OAuth 1.0 Protocol // http://tools.ietf.org/html/rfc5849#section-3.4.1 // if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level, // or implement a seperate class for each OAuth version foreach (var p in client.DefaultParameters.Where(p => p.Type == ParameterType.GetOrPost)) { parameters.Add(new WebPair(p.Name, p.Value.ToString())); } foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost)) { parameters.Add(new WebPair(p.Name, p.Value.ToString())); } switch (Type) { case OAuthType.RequestToken: workflow.RequestTokenUrl = url; oauth = workflow.BuildRequestTokenInfo(method, parameters); break; case OAuthType.AccessToken: workflow.AccessTokenUrl = url; oauth = workflow.BuildAccessTokenInfo(method, parameters); break; case OAuthType.ClientAuthentication: workflow.AccessTokenUrl = url; oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters); break; case OAuthType.ProtectedResource: oauth = workflow.BuildProtectedResourceInfo(method, parameters, url); break; default: throw new ArgumentOutOfRangeException(); } switch (ParameterHandling) { case OAuthParameterHandling.HttpAuthorizationHeader: parameters.Add("oauth_signature", oauth.Signature); request.AddHeader("Authorization", GetAuthorizationHeader(parameters)); break; case OAuthParameterHandling.UrlOrPostParameters: parameters.Add("oauth_signature", oauth.Signature); foreach (var parameter in parameters.Where(parameter => !parameter.Name.IsNullOrBlank() && parameter.Name.StartsWith("oauth_"))) { request.AddParameter(parameter.Name, HttpUtility.UrlDecode(parameter.Value)); } break; default: throw new ArgumentOutOfRangeException(); } }
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow) { var url = client.BuildUri(request).ToString(); OAuthWebQueryInfo oauth; var method = request.Method.ToString().ToUpperInvariant(); var parameters = new WebParameterCollection(); // for non-GET style requests make sure params are part of oauth signature if (request.Method != Method.GET && request.Method != Method.DELETE) { foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost)) { parameters.Add(new WebPair(p.Name, p.Value.ToString())); } } switch (Type) { case OAuthType.RequestToken: workflow.RequestTokenUrl = url; oauth = workflow.BuildRequestTokenInfo(method, parameters); break; case OAuthType.AccessToken: workflow.AccessTokenUrl = url; oauth = workflow.BuildAccessTokenInfo(method, parameters); break; case OAuthType.ClientAuthentication: workflow.AccessTokenUrl = url; oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters); break; case OAuthType.ProtectedResource: oauth = workflow.BuildProtectedResourceInfo(method, parameters, url); break; default: throw new ArgumentOutOfRangeException(); } switch (ParameterHandling) { case OAuthParameterHandling.HttpAuthorizationHeader: parameters.Add("oauth_signature", oauth.Signature); request.AddHeader("Authorization", GetAuthorizationHeader(parameters)); break; case OAuthParameterHandling.UrlOrPostParameters: parameters.Add("oauth_signature", HttpUtility.UrlDecode(oauth.Signature)); foreach (var parameter in parameters) { request.AddParameter(parameter.Name, parameter.Value); } break; default: throw new ArgumentOutOfRangeException(); } }
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow) { var requestUrl = client.BuildUriWithoutQueryParameters(request); if (requestUrl.Contains('?')) { throw new ApplicationException("Using query parameters in the base URL is not supported for OAuth calls. Consider using AddDefaultQueryParameter instead."); } var url = client.BuildUri(request).ToString(); var queryStringStart = url.IndexOf('?'); if (queryStringStart != -1) { url = url.Substring(0, queryStringStart); } var method = request.Method.ToString().ToUpperInvariant(); var parameters = new WebParameterCollection(); // include all GET and POST parameters before generating the signature // according to the RFC 5849 - The OAuth 1.0 Protocol // http://tools.ietf.org/html/rfc5849#section-3.4.1 // if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level, // or implement a seperate class for each OAuth version if (!request.AlwaysMultipartFormData && !request.Files.Any()) { parameters.AddRange( client.DefaultParameters .Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) .Select(p => new WebPair(p.Name, p.Value.ToString()))); parameters.AddRange( request.Parameters .Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) .Select(p => new WebPair(p.Name, p.Value.ToString()))); } else { // if we are sending a multipart request, only the "oauth_" parameters should be included in the signature parameters.AddRange( client.DefaultParameters .Where(p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) && p.Name.StartsWith("oauth_")) .Select(p => new WebPair(p.Name, p.Value.ToString()))); parameters.AddRange( request.Parameters .Where(p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) && p.Name.StartsWith("oauth_")) .Select(p => new WebPair(p.Name, p.Value.ToString()))); } OAuthWebQueryInfo oauth; switch (Type) { case OAuthType.RequestToken: workflow.RequestTokenUrl = url; oauth = workflow.BuildRequestTokenInfo(method, parameters); break; case OAuthType.AccessToken: workflow.AccessTokenUrl = url; oauth = workflow.BuildAccessTokenInfo(method, parameters); break; case OAuthType.ClientAuthentication: workflow.AccessTokenUrl = url; oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters); break; case OAuthType.ProtectedResource: oauth = workflow.BuildProtectedResourceInfo(method, parameters, url); break; default: throw new ArgumentOutOfRangeException(); } switch (ParameterHandling) { case OAuthParameterHandling.HttpAuthorizationHeader: parameters.Add("oauth_signature", oauth.Signature); request.AddOrUpdateParameter("Authorization", GetAuthorizationHeader(parameters), ParameterType.HttpHeader); break; case OAuthParameterHandling.UrlOrPostParameters: parameters.Add("oauth_signature", oauth.Signature); var headers = parameters.Where(p => !p.Name.IsNullOrBlank() && (p.Name.StartsWith("oauth_") || p.Name.StartsWith("x_auth_"))) .Select(p => new Parameter { Name = p.Name, Value = HttpUtility.UrlDecode(p.Value), Type = ParameterType.GetOrPost }); foreach (var header in headers) { request.AddOrUpdateParameter(header); } break; default: throw new ArgumentOutOfRangeException(); } }
void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow) { var requestUrl = client.BuildUriWithoutQueryParameters(request); if (requestUrl.Contains('?')) { throw new ApplicationException( "Using query parameters in the base URL is not supported for OAuth calls. Consider using AddDefaultQueryParameter instead." ); } var url = client.BuildUri(request).ToString(); var queryStringStart = url.IndexOf('?'); if (queryStringStart != -1) { url = url.Substring(0, queryStringStart); } var method = request.Method.ToString().ToUpperInvariant(); var parameters = new WebPairCollection(); // include all GET and POST parameters before generating the signature // according to the RFC 5849 - The OAuth 1.0 Protocol // http://tools.ietf.org/html/rfc5849#section-3.4.1 // if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level, // or implement a separate class for each OAuth version bool BaseQuery(Parameter x) => x.Type == ParameterType.GetOrPost || x.Type == ParameterType.QueryString || x.Type == ParameterType.QueryStringWithoutEncode; var query = request.AlwaysMultipartFormData || request.Files.Count > 0 ? x => BaseQuery(x) && x.Name.StartsWith("oauth_") : (Func <Parameter, bool>)BaseQuery; parameters.AddRange(client.DefaultParameters.Where(query).ToWebParameters()); parameters.AddRange(request.Parameters.Where(query).ToWebParameters()); if (Type == OAuthType.RequestToken) { workflow.RequestTokenUrl = url; } else { workflow.AccessTokenUrl = url; } var oauth = Type switch { OAuthType.RequestToken => workflow.BuildRequestTokenInfo(method, parameters), OAuthType.AccessToken => workflow.BuildAccessTokenSignature(method, parameters), OAuthType.ClientAuthentication => workflow.BuildClientAuthAccessTokenSignature(method, parameters), OAuthType.ProtectedResource => workflow.BuildProtectedResourceSignature(method, parameters, url), _ => throw new ArgumentOutOfRangeException() }; parameters.Add("oauth_signature", oauth); var oauthParameters = ParameterHandling switch { OAuthParameterHandling.HttpAuthorizationHeader => CreateHeaderParameters(), OAuthParameterHandling.UrlOrPostParameters => CreateUrlParameters(), _ => throw new ArgumentOutOfRangeException() }; request.AddOrUpdateParameters(oauthParameters); IEnumerable <Parameter> CreateHeaderParameters() => new[] { new Parameter("Authorization", GetAuthorizationHeader(parameters), ParameterType.HttpHeader) }; IEnumerable <Parameter> CreateUrlParameters() => parameters.Where(p => !p.Name.IsNullOrBlank() && (p.Name.StartsWith("oauth_") || p.Name.StartsWith("x_auth_"))) .Select(p => new Parameter(p.Name, HttpUtility.UrlDecode(p.Value), ParameterType.GetOrPost)); } string GetAuthorizationHeader(WebPairCollection parameters) { var oathParameters = parameters .OrderBy(x => x, WebPair.Comparer) .Where( p => !p.Name.IsNullOrBlank() && !p.Value.IsNullOrBlank() && (p.Name.StartsWith("oauth_") || p.Name.StartsWith("x_auth_")) ) .Select(x => $"{x.Name}=\"{x.Value}\"") .ToList(); if (!Realm.IsNullOrBlank()) { oathParameters.Insert(0, $"realm=\"{OAuthTools.UrlEncodeRelaxed(Realm)}\""); } return("OAuth " + string.Join(",", oathParameters)); } }