/// <summary>
/// Searches an incoming HTTP request for data that could be used to assemble
/// a protocol request message.
/// </summary>
/// <param name="request">The HTTP request to search.</param>
/// <returns>A dictionary of data in the request. Should never be null, but may be empty.</returns>
protected override IDirectedProtocolMessage ReadFromRequestInternal(HttpRequestInfo request)
{
ErrorUtilities.VerifyArgumentNotNull(request, "request");
// First search the Authorization header. Use it exclusively if it's present.
string authorization = request.Headers[HttpRequestHeader.Authorization];
if (authorization != null)
{
string[] authorizationSections = authorization.Split(';'); // TODO: is this the right delimiter?
string oauthPrefix = Protocol.Default.AuthorizationHeaderScheme + " ";
// The Authorization header may have multiple uses, and OAuth may be just one of them.
// Go through each one looking for an OAuth one.
foreach (string auth in authorizationSections)
{
string trimmedAuth = auth.Trim();
if (trimmedAuth.StartsWith(oauthPrefix, StringComparison.Ordinal))
{
// We found an Authorization: OAuth header.
// Parse it according to the rules in section 5.4.1 of the V1.0 spec.
var fields = new Dictionary <string, string>();
foreach (string stringPair in trimmedAuth.Substring(oauthPrefix.Length).Split(','))
{
string[] keyValueStringPair = stringPair.Trim().Split('=');
string key = Uri.UnescapeDataString(keyValueStringPair[0]);
string value = Uri.UnescapeDataString(keyValueStringPair[1].Trim('"'));
fields.Add(key, value);
}
return((IDirectedProtocolMessage)this.Receive(fields, request.GetRecipient()));
}
}
}
// We didn't find an OAuth authorization header. Revert to other payload methods.
IDirectedProtocolMessage message = base.ReadFromRequestInternal(request);
// Add receiving HTTP transport information required for signature generation.
var signedMessage = message as ITamperResistantOAuthMessage;
if (signedMessage != null)
{
signedMessage.Recipient = request.Url;
signedMessage.HttpMethod = request.HttpMethod;
}
return(message);
}
/// <summary>
/// Searches an incoming HTTP request for data that could be used to assemble
/// a protocol request message.
/// </summary>
/// <param name="request">The HTTP request to search.</param>
/// <returns>The deserialized message, if one is found. Null otherwise.</returns>
protected override IDirectedProtocolMessage ReadFromRequestCore(HttpRequestInfo request)
{
var fields = new Dictionary <string, string>();
// First search the Authorization header.
string authorization = request.Headers[HttpRequestHeader.Authorization];
if (authorization != null)
{
string[] authorizationSections = authorization.Split(';'); // TODO: is this the right delimiter?
string oauthPrefix = Protocol.AuthorizationHeaderScheme + " ";
// The Authorization header may have multiple uses, and OAuth may be just one of them.
// Go through each one looking for an OAuth one.
foreach (string auth in authorizationSections)
{
string trimmedAuth = auth.Trim();
if (trimmedAuth.StartsWith(oauthPrefix, StringComparison.Ordinal))
{
// We found an Authorization: OAuth header.
// Parse it according to the rules in section 5.4.1 of the V1.0 spec.
foreach (string stringPair in trimmedAuth.Substring(oauthPrefix.Length).Split(','))
{
string[] keyValueStringPair = stringPair.Trim().Split('=');
string key = Uri.UnescapeDataString(keyValueStringPair[0]);
string value = Uri.UnescapeDataString(keyValueStringPair[1].Trim('"'));
fields.Add(key, value);
}
}
}
}
// Scrape the entity
if (!string.IsNullOrEmpty(request.Headers[HttpRequestHeader.ContentType]))
{
ContentType contentType = new ContentType(request.Headers[HttpRequestHeader.ContentType]);
if (string.Equals(contentType.MediaType, HttpFormUrlEncoded, StringComparison.Ordinal))
{
foreach (string key in request.Form)
{
fields.Add(key, request.Form[key]);
}
}
}
// Scrape the query string
foreach (string key in request.QueryStringBeforeRewriting)
{
if (key != null)
{
fields.Add(key, request.QueryStringBeforeRewriting[key]);
}
else
{
Logger.OAuth.WarnFormat("Ignoring query string parameter '{0}' since it isn't a standard name=value parameter.", request.QueryStringBeforeRewriting[key]);
}
}
MessageReceivingEndpoint recipient;
try {
recipient = request.GetRecipient();
} catch (ArgumentException ex) {
Logger.OAuth.WarnFormat("Unrecognized HTTP request: " + ex.ToString());
return(null);
}
// Deserialize the message using all the data we've collected.
var message = (IDirectedProtocolMessage)this.Receive(fields, recipient);
// Add receiving HTTP transport information required for signature generation.
var signedMessage = message as ITamperResistantOAuthMessage;
if (signedMessage != null)
{
signedMessage.Recipient = request.UrlBeforeRewriting;
signedMessage.HttpMethod = request.HttpMethod;
}
return(message);
}