public void Test_SignatureCompareWithSpaceInSignature()
{
OAuthParameters parameters = new OAuthParameters()
{
ConsumerKey = "key",
Nonce = "5b434e59-729a-444b-9a11-2d8e57b1f2fb",
SignatureMethod = "HMAC-SHA1",
Timestamp = "1251983826",
Version = "1.0",
Callback = "http://yourownsite.com/"
};
string sigbase = SignatureBase.Create(
"GET",
new Uri("http://localhost:3423/request-token.ashx"),
parameters);
string consumerSecret = "secret";
string tokenSecret = null;
HmacSha1SigningProvider signingProvider = new HmacSha1SigningProvider();
Assert.That(signingProvider.SignatureMethod, Is.EqualTo("HMAC-SHA1"));
string hash = signingProvider.ComputeSignature(sigbase, consumerSecret, tokenSecret);
Assert.That(hash, Is.EqualTo("zHTiQHg8X5Lpkh+/0MSatKeNEFg="));
Assert.That(signingProvider.CheckSignature(sigbase, Rfc3986.Decode("zHTiQHg8X5Lpkh+/0MSatKeNEFg="), consumerSecret, tokenSecret), "Signature did not match");
}
private HttpWebRequest GenerateRequest(string contentType, string requestMethod)
{
var ts = UnixTime.ToUnixTime(DateTime.Now);
//Create the needed OAuth Parameters.
//Refer - http://oauth.net/core/1.0/#sig_base_example
var param = new OAuthParameters()
{
ConsumerKey = _consumerKey,
SignatureMethod = SigningProvider.SignatureMethod,
Version = Constants.Version1_0,
Nonce = NonceProvider.GenerateNonce(ts),
Timestamp = ts.ToString(),
};
//Generate Signature Hash
var signatureBase = SignatureBase.Create(requestMethod.ToUpper(), _serviceProviderUri, param);
//Set Signature Hash as one of the OAuth Parameter
param.Signature = SigningProvider.ComputeSignature(signatureBase, _consumerSecret, null);
var httpWebRequest = (HttpWebRequest)WebRequest.Create(_serviceProviderUri);
httpWebRequest.Method = requestMethod;
httpWebRequest.ContentType = contentType;
httpWebRequest.Timeout = RequestTimeOut;
//Add the OAuth Parameters to Authorization Header of Request
httpWebRequest.Headers.Add(Constants.AuthorizationHeaderParameter, param.ToHeaderFormat());
return(httpWebRequest);
}
public Uri BuildEchoCallUri(params KeyValuePair <string, string>[] pairs)
{
int timestamp = UnixTime.ToUnixTime(DateTime.Now);
OAuthParameters parameters = new OAuthParameters();
parameters.ConsumerKey = ConsumerStore.FixedConsumer.Key;
parameters.Nonce = new GuidNonceProvider().GenerateNonce(timestamp);
parameters.SignatureMethod = "HMAC-SHA1";
parameters.Timestamp = timestamp.ToString(CultureInfo.InvariantCulture);
parameters.Version = "1.0";
parameters.Token = TokenGenerator.FixedAccessToken.Token;
foreach (KeyValuePair <string, string> pair in pairs)
{
parameters.AdditionalParameters.Add(pair.Key, pair.Value);
}
parameters.Signature = ServiceProviderContext.GetSigningProvider("HMAC-SHA1").ComputeSignature(
SignatureBase.Create("GET", this.EchoApiBaseUri, parameters),
ConsumerStore.FixedConsumer.Secret,
TokenGenerator.FixedAccessToken.Secret);
UriBuilder builder = new UriBuilder(this.EchoApiBaseUri)
{
Query = parameters.ToQueryStringFormat()
};
return(builder.Uri);
}
public Uri BuildRequestTokenUri()
{
int timestamp = UnixTime.ToUnixTime(DateTime.Now);
OAuthParameters parameters = new OAuthParameters();
parameters.ConsumerKey = ConsumerStore.FixedConsumer.Key;
parameters.Nonce = new GuidNonceProvider().GenerateNonce(timestamp);
parameters.SignatureMethod = "HMAC-SHA1";
parameters.Timestamp = timestamp.ToString(CultureInfo.InvariantCulture);
parameters.Version = "1.0";
parameters.Callback = "http://yourownsite.com/";
parameters.Signature = ServiceProviderContext.GetSigningProvider("HMAC-SHA1").ComputeSignature(
SignatureBase.Create("GET", this.RequestTokenBaseUri, parameters),
ConsumerStore.FixedConsumer.Secret,
null);
UriBuilder builder = new UriBuilder(this.RequestTokenBaseUri)
{
Query = parameters.ToQueryStringFormat()
};
return(builder.Uri);
}
public void ShouldGenerateSignatureForFlickr()
{
//given
OAuth.Net.Common.ISigningProvider provider = new OAuth.Net.Components.HmacSha1SigningProvider();
OAuth.Net.Common.INonceProvider nonceProvider = new OAuth.Net.Components.GuidNonceProvider();
DateTime time = DateTime.Now;
OAuthParameters parameters = new OAuthParameters()
{
Nonce = nonceProvider.GenerateNonce(),
SignatureMethod = "HMAC-SHA1",
Timestamp = "1316657628",
Version = "1.0",
Callback = "http://www.wackylabs.net/oauth/test",
ConsumerKey = "768fe946d252b119746fda82e1599980"
};
string baseString = SignatureBase.Create("GET", new Uri("http://www.flickr.com/services/oauth/request_token"), parameters);
string consumerSecret = "1a3c208e172d3edc";
string tokenSecret = string.Empty;
OAuthService testee = new OAuthService();
//when
string result = provider.ComputeSignature(baseString, consumerSecret, tokenSecret);
//then
Assert.AreEqual(expected, result);
}
public void TestCase()
{
ISigningProvider rsa = new RsaSha1SigningProvider()
{
// PFX file is copied to output directory
PfxFile = @"WikiTests\testcase.rsa.pfx"
};
OAuthParameters parameters = new OAuthParameters()
{
SignatureMethod = "RSA-SHA1",
Version = Constants.Version1_0,
ConsumerKey = "dpf43f3p2l4k3l03",
Timestamp = "1196666512",
Nonce = "13917289812797014437"
};
parameters.AdditionalParameters.Add("file", "vacaction.jpg");
parameters.AdditionalParameters.Add("size", "original");
Uri baseUri = new Uri("http://photos.example.net/photos");
string sigbase = SignatureBase.Create(
"GET",
baseUri,
parameters);
Assert.That(sigbase, Is.EqualTo("GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacaction.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3D13917289812797014437%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1196666512%26oauth_version%3D1.0%26size%3Doriginal"));
parameters.Signature = rsa.ComputeSignature(sigbase, "kd94hf93k423kf44", null);
Assert.That(parameters.Signature, Is.EqualTo("jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE="));
// There is no point comparing the URLs because order is not query string parameter important in URLs
}
public void TestGetHttpExampleDotComWithSlashWithNEqualsV()
{
OAuthParameters parameters = new OAuthParameters();
parameters.AdditionalParameters.Add("n", "v");
Assert.That(
SignatureBase.Create("GET", new Uri("http://example.com/"), parameters),
Is.EqualTo("GET&http%3A%2F%2Fexample.com%2F&n%3Dv"));
}
public void TestPostHttpsPhotosDotExampleDotNetSlashRequestUnderscoreTokenWithOAuthParameters()
{
OAuthParameters parameters = new OAuthParameters()
{
Version = Constants.Version1_0,
ConsumerKey = "dpf43f3p2l4k3l03",
Timestamp = "1191242090",
Nonce = "hsu94j3884jdopsl",
SignatureMethod = "PLAINTEXT",
Signature = "ignored"
};
Assert.That(
SignatureBase.Create("POST", new Uri("https://photos.example.net/request_token"), parameters),
Is.EqualTo("POST&https%3A%2F%2Fphotos.example.net%2Frequest_token&oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dhsu94j3884jdopsl%26oauth_signature_method%3DPLAINTEXT%26oauth_timestamp%3D1191242090%26oauth_version%3D1.0"));
}
public void Test_FunnyCharacters()
{
OAuthParameters parameters = new OAuthParameters()
{
ConsumerKey = "weitu.googlepages.com",
Nonce = "face868c-04a9-4e75-9534-0b58616c351c",
SignatureMethod = "RSA-SHA1",
Timestamp = "1213351382",
Token = "1/rTf4q3P05rP2xv2xP1ls8mATiaQZnWPB51nTvo8n9Sw",
Version = "1.0"
};
string basesig = SignatureBase.Create(
"GET",
new Uri("http://www.google.com/m8/feeds/contacts/default/base"),
parameters);
Assert.That(basesig, Is.EqualTo("GET&http%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Fbase&oauth_consumer_key%3Dweitu.googlepages.com%26oauth_nonce%3Dface868c-04a9-4e75-9534-0b58616c351c%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1213351382%26oauth_token%3D1%252FrTf4q3P05rP2xv2xP1ls8mATiaQZnWPB51nTvo8n9Sw%26oauth_version%3D1.0"));
}
public void TestGetHttpPhotosDotExampleDotNetSlashPhotosWithOAuthParametersAndFileEqualsVacationDotJpgAndSizeEqualsOriginal()
{
OAuthParameters parameters = new OAuthParameters()
{
Version = Constants.Version1_0,
ConsumerKey = "dpf43f3p2l4k3l03",
Token = "nnch734d00sl2jdk",
Timestamp = "1191242096",
Nonce = "kllo9940pd9333jh",
SignatureMethod = "HMAC-SHA1",
Signature = "ignored"
};
parameters.AdditionalParameters.Add("file", "vacation.jpg");
parameters.AdditionalParameters.Add("size", "original");
Assert.That(
SignatureBase.Create("GET", new Uri("http://photos.example.net/photos"), parameters),
Is.EqualTo("GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal"));
}
public void TestConsumerRequestSignature()
{
OAuthService service = OAuthService.Create(
new EndPoint("http://example.com/request_token"),
new Uri("http://example.com/authorize"),
new EndPoint("http://example.com/access_token"),
new MockConsumer()
{
Key = "dpf43f3p2l4k3l03",
Secret = "kd94hf93k423kf44",
Status = ConsumerStatus.Valid
});
OAuthRequest consumerRequest =
OAuthConsumerRequest.Create(
new EndPoint("http://provider.example.net/profile", "GET"),
service);
OAuthParameters authParameters = new OAuthParameters()
{
ConsumerKey = service.Consumer.Key,
Realm = service.Realm,
SignatureMethod = service.SignatureMethod,
Timestamp = "1191242096",
Nonce = "kllo9940pd9333jh",
Version = service.OAuthVersion
};
Assert.AreEqual(
SignatureBase.Create(consumerRequest.ResourceEndPoint.HttpMethod, consumerRequest.ResourceEndPoint.Uri, authParameters),
"GET&http%3A%2F%2Fprovider.example.net%2Fprofile&oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_version%3D1.0");
authParameters.Sign(consumerRequest.ResourceEndPoint.Uri,
consumerRequest.ResourceEndPoint.HttpMethod,
service.Consumer,
consumerRequest.RequestToken,
new OAuth.Net.Components.HmacSha1SigningProvider());
Assert.AreEqual(authParameters.Signature, "SGtGiOrgTGF5Dd4RUMguopweOSU=");
}
public static void SetSignature(HttpContext httpContext, OAuthRequestContext requestContext)
{
// Get the token to sign with
string tokenSecret;
if (requestContext.AccessToken != null)
{
tokenSecret = requestContext.AccessToken.Secret;
}
else if (requestContext.RequestToken != null)
{
tokenSecret = requestContext.RequestToken.Secret;
}
else
{
tokenSecret = null;
}
/*
* Check the signature
*/
bool isValid = requestContext.SigningProvider.CheckSignature(
SignatureBase.Create(
httpContext.Request.HttpMethod,
new Uri(httpContext.Request.Url.GetLeftPart(UriPartial.Authority) + httpContext.Request.RawUrl),
requestContext.Parameters),
requestContext.Parameters.Signature,
requestContext.Consumer.Secret,
tokenSecret);
if (!isValid)
{
OAuthRequestException.ThrowSignatureInvalid(null);
}
else
{
requestContext.IsSignatureValid = true;
}
}
//TODO: No anda todavia!!
private HttpWebResponse GetContacts()
{
yahooAccessToken = (string[])HttpContext.Current.Session["Yahoo_AccessToken"];
Uri RequestContactBaseUri = new Uri("http://social.yahooapis.com/v1/user/" + YGuid + "/contacts");
int timestamp = Common.GetTimestamp();
OAuthParameters parameters = new OAuthParameters();
parameters.ConsumerKey = apiKey;
parameters.Nonce = new GuidNonceProvider().GenerateNonce(timestamp);
parameters.SignatureMethod = "HMAC-SHA1";
parameters.Timestamp = timestamp.ToString(CultureInfo.InvariantCulture);
parameters.Token = Rfc3986.Decode(AccessToken);
parameters.Version = "1.0";
parameters.AdditionalParameters.Add("format", "xml");
string sigBase = SignatureBase.Create("GET", RequestContactBaseUri, parameters);
HmacSha1SigningProvider singProvier = new HmacSha1SigningProvider();
parameters.Signature = singProvier.ComputeSignature(
sigBase, (secret), Rfc3986.Encode(AccessTokenSecret));
HttpWebRequest request = (HttpWebRequest)WebRequest.Create("http://social.yahooapis.com/v1/user/" + YGuid + "/contacts?view=tinyusercard");
request.CookieContainer = new CookieContainer();
request.Headers["WWW-Authenticate"] = " OAuth realm='yahooapis.com',";
request.Headers["WWW-Authenticate"] += " oauth_consumer_key='" + parameters.ConsumerKey + "',";
request.Headers["WWW-Authenticate"] += " oauth_nonce='" + parameters.Nonce + "',";
request.Headers["WWW-Authenticate"] += " oauth_signature_method='" + parameters.SignatureMethod + "',";
request.Headers["WWW-Authenticate"] += " oauth_timestamp='" + parameters.Timestamp + "',";
request.Headers["WWW-Authenticate"] += " oauth_token='" + token + "',";
request.Headers["WWW-Authenticate"] += " oauth_version='" + parameters.Version + "',";
request.Headers["WWW-Authenticate"] += " oauth_signature='" + parameters.Signature + "'";
request.Method = "GET";
request.ContentType = "application/xml; charset=utf-8";
return((HttpWebResponse)request.GetResponse());
}
public void ShouldGenerateSignatureForExampleForFlickr()
{
//given
string expected = "0fhNGlzpFNAsTme/hDfUb5HPB5U=";
OAuthParameters parameters = new OAuthParameters()
{
Nonce = "C2F26CD5C075BA9050AD8EE90644CF29",
SignatureMethod = "HMAC-SHA1",
Timestamp = "1316657628",
Version = "1.0",
Callback = "http://www.wackylabs.net/oauth/test",
ConsumerKey = "768fe946d252b119746fda82e1599980"
};
string baseString = SignatureBase.Create("GET", new Uri("http://www.flickr.com/services/oauth/request_token"), parameters);
string consumerSecret = "1a3c208e172d3edc";
string tokenSecret = string.Empty;
OAuthService testee = new OAuthService();
//when
string result = testee.GenerateSignature(baseString, consumerSecret, tokenSecret);
//then
Assert.AreEqual(expected, result);
}
