public void Test_SignatureCompareWithSpaceInSignature() { OAuthParameters parameters = new OAuthParameters() { ConsumerKey = "key", Nonce = "5b434e59-729a-444b-9a11-2d8e57b1f2fb", SignatureMethod = "HMAC-SHA1", Timestamp = "1251983826", Version = "1.0", Callback = "http://yourownsite.com/" }; string sigbase = SignatureBase.Create( "GET", new Uri("http://localhost:3423/request-token.ashx"), parameters); string consumerSecret = "secret"; string tokenSecret = null; HmacSha1SigningProvider signingProvider = new HmacSha1SigningProvider(); Assert.That(signingProvider.SignatureMethod, Is.EqualTo("HMAC-SHA1")); string hash = signingProvider.ComputeSignature(sigbase, consumerSecret, tokenSecret); Assert.That(hash, Is.EqualTo("zHTiQHg8X5Lpkh+/0MSatKeNEFg=")); Assert.That(signingProvider.CheckSignature(sigbase, Rfc3986.Decode("zHTiQHg8X5Lpkh+/0MSatKeNEFg="), consumerSecret, tokenSecret), "Signature did not match"); }
private HttpWebRequest GenerateRequest(string contentType, string requestMethod) { var ts = UnixTime.ToUnixTime(DateTime.Now); //Create the needed OAuth Parameters. //Refer - http://oauth.net/core/1.0/#sig_base_example var param = new OAuthParameters() { ConsumerKey = _consumerKey, SignatureMethod = SigningProvider.SignatureMethod, Version = Constants.Version1_0, Nonce = NonceProvider.GenerateNonce(ts), Timestamp = ts.ToString(), }; //Generate Signature Hash var signatureBase = SignatureBase.Create(requestMethod.ToUpper(), _serviceProviderUri, param); //Set Signature Hash as one of the OAuth Parameter param.Signature = SigningProvider.ComputeSignature(signatureBase, _consumerSecret, null); var httpWebRequest = (HttpWebRequest)WebRequest.Create(_serviceProviderUri); httpWebRequest.Method = requestMethod; httpWebRequest.ContentType = contentType; httpWebRequest.Timeout = RequestTimeOut; //Add the OAuth Parameters to Authorization Header of Request httpWebRequest.Headers.Add(Constants.AuthorizationHeaderParameter, param.ToHeaderFormat()); return(httpWebRequest); }
public Uri BuildEchoCallUri(params KeyValuePair <string, string>[] pairs) { int timestamp = UnixTime.ToUnixTime(DateTime.Now); OAuthParameters parameters = new OAuthParameters(); parameters.ConsumerKey = ConsumerStore.FixedConsumer.Key; parameters.Nonce = new GuidNonceProvider().GenerateNonce(timestamp); parameters.SignatureMethod = "HMAC-SHA1"; parameters.Timestamp = timestamp.ToString(CultureInfo.InvariantCulture); parameters.Version = "1.0"; parameters.Token = TokenGenerator.FixedAccessToken.Token; foreach (KeyValuePair <string, string> pair in pairs) { parameters.AdditionalParameters.Add(pair.Key, pair.Value); } parameters.Signature = ServiceProviderContext.GetSigningProvider("HMAC-SHA1").ComputeSignature( SignatureBase.Create("GET", this.EchoApiBaseUri, parameters), ConsumerStore.FixedConsumer.Secret, TokenGenerator.FixedAccessToken.Secret); UriBuilder builder = new UriBuilder(this.EchoApiBaseUri) { Query = parameters.ToQueryStringFormat() }; return(builder.Uri); }
public Uri BuildRequestTokenUri() { int timestamp = UnixTime.ToUnixTime(DateTime.Now); OAuthParameters parameters = new OAuthParameters(); parameters.ConsumerKey = ConsumerStore.FixedConsumer.Key; parameters.Nonce = new GuidNonceProvider().GenerateNonce(timestamp); parameters.SignatureMethod = "HMAC-SHA1"; parameters.Timestamp = timestamp.ToString(CultureInfo.InvariantCulture); parameters.Version = "1.0"; parameters.Callback = "http://yourownsite.com/"; parameters.Signature = ServiceProviderContext.GetSigningProvider("HMAC-SHA1").ComputeSignature( SignatureBase.Create("GET", this.RequestTokenBaseUri, parameters), ConsumerStore.FixedConsumer.Secret, null); UriBuilder builder = new UriBuilder(this.RequestTokenBaseUri) { Query = parameters.ToQueryStringFormat() }; return(builder.Uri); }
public void ShouldGenerateSignatureForFlickr() { //given OAuth.Net.Common.ISigningProvider provider = new OAuth.Net.Components.HmacSha1SigningProvider(); OAuth.Net.Common.INonceProvider nonceProvider = new OAuth.Net.Components.GuidNonceProvider(); DateTime time = DateTime.Now; OAuthParameters parameters = new OAuthParameters() { Nonce = nonceProvider.GenerateNonce(), SignatureMethod = "HMAC-SHA1", Timestamp = "1316657628", Version = "1.0", Callback = "http://www.wackylabs.net/oauth/test", ConsumerKey = "768fe946d252b119746fda82e1599980" }; string baseString = SignatureBase.Create("GET", new Uri("http://www.flickr.com/services/oauth/request_token"), parameters); string consumerSecret = "1a3c208e172d3edc"; string tokenSecret = string.Empty; OAuthService testee = new OAuthService(); //when string result = provider.ComputeSignature(baseString, consumerSecret, tokenSecret); //then Assert.AreEqual(expected, result); }
public void TestCase() { ISigningProvider rsa = new RsaSha1SigningProvider() { // PFX file is copied to output directory PfxFile = @"WikiTests\testcase.rsa.pfx" }; OAuthParameters parameters = new OAuthParameters() { SignatureMethod = "RSA-SHA1", Version = Constants.Version1_0, ConsumerKey = "dpf43f3p2l4k3l03", Timestamp = "1196666512", Nonce = "13917289812797014437" }; parameters.AdditionalParameters.Add("file", "vacaction.jpg"); parameters.AdditionalParameters.Add("size", "original"); Uri baseUri = new Uri("http://photos.example.net/photos"); string sigbase = SignatureBase.Create( "GET", baseUri, parameters); Assert.That(sigbase, Is.EqualTo("GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacaction.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3D13917289812797014437%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1196666512%26oauth_version%3D1.0%26size%3Doriginal")); parameters.Signature = rsa.ComputeSignature(sigbase, "kd94hf93k423kf44", null); Assert.That(parameters.Signature, Is.EqualTo("jvTp/wX1TYtByB1m+Pbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2/9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW//e+RinhejgCuzoH26dyF8iY2ZZ/5D1ilgeijhV/vBka5twt399mXwaYdCwFYE=")); // There is no point comparing the URLs because order is not query string parameter important in URLs }
public void TestGetHttpExampleDotComWithSlashWithNEqualsV() { OAuthParameters parameters = new OAuthParameters(); parameters.AdditionalParameters.Add("n", "v"); Assert.That( SignatureBase.Create("GET", new Uri("http://example.com/"), parameters), Is.EqualTo("GET&http%3A%2F%2Fexample.com%2F&n%3Dv")); }
public void TestPostHttpsPhotosDotExampleDotNetSlashRequestUnderscoreTokenWithOAuthParameters() { OAuthParameters parameters = new OAuthParameters() { Version = Constants.Version1_0, ConsumerKey = "dpf43f3p2l4k3l03", Timestamp = "1191242090", Nonce = "hsu94j3884jdopsl", SignatureMethod = "PLAINTEXT", Signature = "ignored" }; Assert.That( SignatureBase.Create("POST", new Uri("https://photos.example.net/request_token"), parameters), Is.EqualTo("POST&https%3A%2F%2Fphotos.example.net%2Frequest_token&oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dhsu94j3884jdopsl%26oauth_signature_method%3DPLAINTEXT%26oauth_timestamp%3D1191242090%26oauth_version%3D1.0")); }
public void Test_FunnyCharacters() { OAuthParameters parameters = new OAuthParameters() { ConsumerKey = "weitu.googlepages.com", Nonce = "face868c-04a9-4e75-9534-0b58616c351c", SignatureMethod = "RSA-SHA1", Timestamp = "1213351382", Token = "1/rTf4q3P05rP2xv2xP1ls8mATiaQZnWPB51nTvo8n9Sw", Version = "1.0" }; string basesig = SignatureBase.Create( "GET", new Uri("http://www.google.com/m8/feeds/contacts/default/base"), parameters); Assert.That(basesig, Is.EqualTo("GET&http%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds%2Fcontacts%2Fdefault%2Fbase&oauth_consumer_key%3Dweitu.googlepages.com%26oauth_nonce%3Dface868c-04a9-4e75-9534-0b58616c351c%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1213351382%26oauth_token%3D1%252FrTf4q3P05rP2xv2xP1ls8mATiaQZnWPB51nTvo8n9Sw%26oauth_version%3D1.0")); }
public void TestGetHttpPhotosDotExampleDotNetSlashPhotosWithOAuthParametersAndFileEqualsVacationDotJpgAndSizeEqualsOriginal() { OAuthParameters parameters = new OAuthParameters() { Version = Constants.Version1_0, ConsumerKey = "dpf43f3p2l4k3l03", Token = "nnch734d00sl2jdk", Timestamp = "1191242096", Nonce = "kllo9940pd9333jh", SignatureMethod = "HMAC-SHA1", Signature = "ignored" }; parameters.AdditionalParameters.Add("file", "vacation.jpg"); parameters.AdditionalParameters.Add("size", "original"); Assert.That( SignatureBase.Create("GET", new Uri("http://photos.example.net/photos"), parameters), Is.EqualTo("GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal")); }
public void TestConsumerRequestSignature() { OAuthService service = OAuthService.Create( new EndPoint("http://example.com/request_token"), new Uri("http://example.com/authorize"), new EndPoint("http://example.com/access_token"), new MockConsumer() { Key = "dpf43f3p2l4k3l03", Secret = "kd94hf93k423kf44", Status = ConsumerStatus.Valid }); OAuthRequest consumerRequest = OAuthConsumerRequest.Create( new EndPoint("http://provider.example.net/profile", "GET"), service); OAuthParameters authParameters = new OAuthParameters() { ConsumerKey = service.Consumer.Key, Realm = service.Realm, SignatureMethod = service.SignatureMethod, Timestamp = "1191242096", Nonce = "kllo9940pd9333jh", Version = service.OAuthVersion }; Assert.AreEqual( SignatureBase.Create(consumerRequest.ResourceEndPoint.HttpMethod, consumerRequest.ResourceEndPoint.Uri, authParameters), "GET&http%3A%2F%2Fprovider.example.net%2Fprofile&oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_version%3D1.0"); authParameters.Sign(consumerRequest.ResourceEndPoint.Uri, consumerRequest.ResourceEndPoint.HttpMethod, service.Consumer, consumerRequest.RequestToken, new OAuth.Net.Components.HmacSha1SigningProvider()); Assert.AreEqual(authParameters.Signature, "SGtGiOrgTGF5Dd4RUMguopweOSU="); }
public static void SetSignature(HttpContext httpContext, OAuthRequestContext requestContext) { // Get the token to sign with string tokenSecret; if (requestContext.AccessToken != null) { tokenSecret = requestContext.AccessToken.Secret; } else if (requestContext.RequestToken != null) { tokenSecret = requestContext.RequestToken.Secret; } else { tokenSecret = null; } /* * Check the signature */ bool isValid = requestContext.SigningProvider.CheckSignature( SignatureBase.Create( httpContext.Request.HttpMethod, new Uri(httpContext.Request.Url.GetLeftPart(UriPartial.Authority) + httpContext.Request.RawUrl), requestContext.Parameters), requestContext.Parameters.Signature, requestContext.Consumer.Secret, tokenSecret); if (!isValid) { OAuthRequestException.ThrowSignatureInvalid(null); } else { requestContext.IsSignatureValid = true; } }
//TODO: No anda todavia!! private HttpWebResponse GetContacts() { yahooAccessToken = (string[])HttpContext.Current.Session["Yahoo_AccessToken"]; Uri RequestContactBaseUri = new Uri("http://social.yahooapis.com/v1/user/" + YGuid + "/contacts"); int timestamp = Common.GetTimestamp(); OAuthParameters parameters = new OAuthParameters(); parameters.ConsumerKey = apiKey; parameters.Nonce = new GuidNonceProvider().GenerateNonce(timestamp); parameters.SignatureMethod = "HMAC-SHA1"; parameters.Timestamp = timestamp.ToString(CultureInfo.InvariantCulture); parameters.Token = Rfc3986.Decode(AccessToken); parameters.Version = "1.0"; parameters.AdditionalParameters.Add("format", "xml"); string sigBase = SignatureBase.Create("GET", RequestContactBaseUri, parameters); HmacSha1SigningProvider singProvier = new HmacSha1SigningProvider(); parameters.Signature = singProvier.ComputeSignature( sigBase, (secret), Rfc3986.Encode(AccessTokenSecret)); HttpWebRequest request = (HttpWebRequest)WebRequest.Create("http://social.yahooapis.com/v1/user/" + YGuid + "/contacts?view=tinyusercard"); request.CookieContainer = new CookieContainer(); request.Headers["WWW-Authenticate"] = " OAuth realm='yahooapis.com',"; request.Headers["WWW-Authenticate"] += " oauth_consumer_key='" + parameters.ConsumerKey + "',"; request.Headers["WWW-Authenticate"] += " oauth_nonce='" + parameters.Nonce + "',"; request.Headers["WWW-Authenticate"] += " oauth_signature_method='" + parameters.SignatureMethod + "',"; request.Headers["WWW-Authenticate"] += " oauth_timestamp='" + parameters.Timestamp + "',"; request.Headers["WWW-Authenticate"] += " oauth_token='" + token + "',"; request.Headers["WWW-Authenticate"] += " oauth_version='" + parameters.Version + "',"; request.Headers["WWW-Authenticate"] += " oauth_signature='" + parameters.Signature + "'"; request.Method = "GET"; request.ContentType = "application/xml; charset=utf-8"; return((HttpWebResponse)request.GetResponse()); }
public void ShouldGenerateSignatureForExampleForFlickr() { //given string expected = "0fhNGlzpFNAsTme/hDfUb5HPB5U="; OAuthParameters parameters = new OAuthParameters() { Nonce = "C2F26CD5C075BA9050AD8EE90644CF29", SignatureMethod = "HMAC-SHA1", Timestamp = "1316657628", Version = "1.0", Callback = "http://www.wackylabs.net/oauth/test", ConsumerKey = "768fe946d252b119746fda82e1599980" }; string baseString = SignatureBase.Create("GET", new Uri("http://www.flickr.com/services/oauth/request_token"), parameters); string consumerSecret = "1a3c208e172d3edc"; string tokenSecret = string.Empty; OAuthService testee = new OAuthService(); //when string result = testee.GenerateSignature(baseString, consumerSecret, tokenSecret); //then Assert.AreEqual(expected, result); }