private string GetAuthorizationHeader(WebParameterCollection parameters)
{
var sb = new StringBuilder();
if (!string.IsNullOrEmpty(Realm))
{
sb.Append(string.Format("realm=\"{0}\",", OAuthTools.UrlEncodeRelaxed(Realm)));
}
parameters.Sort((l, r) => string.Compare(l.Name, r.Name, StringComparison.Ordinal));
var parameterCount = 0;
var oathParameters = parameters.Where(
parameter => !string.IsNullOrEmpty(parameter.Name) &&
!string.IsNullOrEmpty(parameter.Value) &&
(parameter.Name.StartsWith("oauth_") || parameter.Name.StartsWith("x_auth_"))).ToList();
foreach (var parameter in oathParameters)
{
parameterCount++;
var format = parameterCount < oathParameters.Count ? "{0}=\"{1}\"," : "{0}=\"{1}\"";
sb.Append(string.Format(format, parameter.Name, parameter.Value));
}
var authorization = sb.ToString();
return(string.Format("{0} {1}", AuthenticationMethod, authorization));
}
/// <summary>
/// Sorts a <see cref="WebParameterCollection"/> by name, and then value if equal.
/// </summary>
/// <param name="parameters">A collection of parameters to sort</param>
/// <returns>A sorted parameter collection</returns>
public static WebParameterCollection SortParametersExcludingSignature(WebParameterCollection parameters)
{
var copy = new WebParameterCollection(parameters);
var exclusions = copy.Where(n => n.Name.EqualsIgnoreCase("oauth_signature"));
copy.RemoveAll(exclusions);
copy.ForEach(p => p.Value = UrlEncodeStrict(p.Value));
copy.Sort((x, y) => x.Name.Equals(y.Name) ? x.Value.CompareTo(y.Value) : x.Name.CompareTo(y.Name));
return(copy);
}
private byte[] PostProcessPostParameters(WebRequest request, Uri uri)
{
var body = "";
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
SetAuthorizationHeader(request, "Authorization");
#if SILVERLIGHT
var postParameters = new WebParameterCollection(uri.Query.ParseQueryString());
#else
var postParameters = new WebParameterCollection(uri.Query.ParseQueryString());
#endif
// Only use the POST parameters that exist in the body
postParameters = new WebParameterCollection(postParameters.Where(p => !p.Name.StartsWith("oauth_")));
// Append any leftover values to the POST body
var nonAuthParameters = GetPostParametersValue(postParameters, true /* escapeParameters */);
if (body.IsNullOrBlank())
{
body = nonAuthParameters;
}
else
{
if (!nonAuthParameters.IsNullOrBlank())
{
body += "&".Then(nonAuthParameters);
}
}
break;
case OAuthParameterHandling.UrlOrPostParameters:
body = GetPostParametersValue(Parameters, false /* escapeParameters */);
break;
}
var content = Encoding.UTF8.GetBytes(body);
return(content);
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var requestUrl = client.BuildUriWithoutQueryParameters(request);
if (requestUrl.Contains('?'))
{
throw new ApplicationException("Using query parameters in the base URL is not supported for OAuth calls. Consider using AddDefaultQueryParameter instead.");
}
var url = client.BuildUri(request).ToString();
var queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
{
url = url.Substring(0, queryStringStart);
}
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebParameterCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a seperate class for each OAuth version
if (!request.AlwaysMultipartFormData && !request.Files.Any())
{
parameters.AddRange(
client.DefaultParameters
.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)
.Select(p => new WebPair(p.Name, p.Value.ToString())));
parameters.AddRange(
request.Parameters
.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString)
.Select(p => new WebPair(p.Name, p.Value.ToString())));
}
else
{
// if we are sending a multipart request, only the "oauth_" parameters should be included in the signature
parameters.AddRange(
client.DefaultParameters
.Where(p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) &&
p.Name.StartsWith("oauth_"))
.Select(p => new WebPair(p.Name, p.Value.ToString())));
parameters.AddRange(
request.Parameters
.Where(p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) &&
p.Name.StartsWith("oauth_"))
.Select(p => new WebPair(p.Name, p.Value.ToString())));
}
OAuthWebQueryInfo oauth;
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddOrUpdateParameter("Authorization", GetAuthorizationHeader(parameters), ParameterType.HttpHeader);
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", oauth.Signature);
var headers =
parameters.Where(p => !p.Name.IsNullOrBlank() &&
(p.Name.StartsWith("oauth_") || p.Name.StartsWith("x_auth_")))
.Select(p => new Parameter
{
Name = p.Name,
Value = HttpUtility.UrlDecode(p.Value),
Type = ParameterType.GetOrPost
});
foreach (var header in headers)
{
request.AddOrUpdateParameter(header);
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var url = client.BuildUri(request, false).ToString();
OAuthWebQueryInfo oauth;
var method = request.Method.Method;
var parameters = new WebParameterCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a seperate class for each OAuth version
var useMultiPart = request.ContentCollectionMode == ContentCollectionMode.MultiPart ||
(request.ContentCollectionMode == ContentCollectionMode.MultiPartForFileParameters && (client.DefaultParameters.GetFileParameters().Any() || request.Parameters.GetFileParameters().Any()));
var requestParameters = client.MergeParameters(request).Where(x => x.Type == ParameterType.GetOrPost || x.Type == ParameterType.QueryString);
if (!useMultiPart)
{
foreach (var p in requestParameters)
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
}
else
{
// if we are sending a multipart request, only the "oauth_" parameters should be included in the signature
foreach (var p in requestParameters.Where(p => p.Name.StartsWith("oauth_", StringComparison.Ordinal)))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
}
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddHeader("Authorization", GetAuthorizationHeader(parameters));
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", oauth.Signature);
foreach (var parameter in parameters.Where(
parameter => !string.IsNullOrEmpty(parameter.Name) &&
(parameter.Name.StartsWith("oauth_") || parameter.Name.StartsWith("x_auth_"))))
{
var v = parameter.Value;
v = Uri.UnescapeDataString(v.Replace('+', ' '));
request.AddParameter(parameter.Name, v);
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
private string WriteAuthorizationHeader(WebParameterCollection parameters)
{
var sb = new StringBuilder("OAuth ");
if (!IsNullOrBlank(Realm))
{
sb.AppendFormat("realm=\"{0}\",", OAuthTools.UrlEncodeRelaxed(Realm));
}
parameters.Sort((l, r) => l.Name.CompareTo(r.Name));
var count = 0;
foreach (var parameter in parameters.Where(parameter =>
!IsNullOrBlank(parameter.Name) &&
!IsNullOrBlank(parameter.Value) &&
parameter.Name.StartsWith("oauth_")))
{
count++;
var format = count < parameters.Count ? "{0}=\"{1}\"," : "{0}=\"{1}\"";
sb.AppendFormat(format, parameter.Name, parameter.Value);
}
var authorization = sb.ToString();
return authorization;
}
private static string WriteAuthorizationQuery(WebParameterCollection parameters)
{
var sb = new StringBuilder();
parameters.Sort((l, r) => l.Name.CompareTo(r.Name));
var count = 0;
foreach (var parameter in parameters.Where(parameter =>
!IsNullOrBlank(parameter.Name) &&
!IsNullOrBlank(parameter.Value) &&
parameter.Name.StartsWith("oauth_")))
{
count++;
var format = count < parameters.Count ? "{0}={1}&" : "{0}={1}";
sb.AppendFormat(format, parameter.Name, parameter.Value);
}
var authorization = sb.ToString();
return authorization;
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var url = client.BuildUri(request).ToString();
var queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
{
url = url.Substring(0, queryStringStart);
}
OAuthWebQueryInfo oauth;
var method = request.Method.ToString().ToUpperInvariant();
var parameters = new WebParameterCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a seperate class for each OAuth version
foreach (var p in client.DefaultParameters.Where(p => p.Type == ParameterType.GetOrPost))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
switch (Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddHeader("Authorization", GetAuthorizationHeader(parameters));
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", oauth.Signature);
foreach (var parameter in parameters.Where(parameter => !parameter.Name.IsNullOrBlank() && parameter.Name.StartsWith("oauth_")))
{
request.AddParameter(parameter.Name, HttpUtility.UrlDecode(parameter.Value));
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}
/// <summary>
/// Sorts a <see cref="WebParameterCollection"/> by name, and then value if equal.
/// </summary>
/// <param name="parameters">A collection of parameters to sort</param>
/// <returns>A sorted parameter collection</returns>
public static WebParameterCollection SortParametersExcludingSignature(WebParameterCollection parameters)
{
var copy = new WebParameterCollection(parameters);
var exclusions = copy.Where(n => EqualsIgnoreCase(n.Name, "oauth_signature"));
copy.RemoveAll(exclusions);
foreach(var parameter in copy)
{
parameter.Value = UrlEncodeStrict(parameter.Value);
}
copy.Sort((x, y) => x.Name.Equals(y.Name) ? x.Value.CompareTo(y.Value) : x.Name.CompareTo(y.Name));
return copy;
}
private string WriteAuthorizationHeader(WebParameterCollection parameters)
{
var sb = new StringBuilder("OAuth ");
if (!IsNullOrBlank(Realm))
{
sb.AppendFormat("realm=\"{0}\",", OAuthTools.UrlEncodeRelaxed(Realm));
}
parameters.Sort((l, r) => l.Name.CompareTo(r.Name));
foreach (var parameter in parameters.Where(parameter =>
!IsNullOrBlank(parameter.Name) &&
!IsNullOrBlank(parameter.Value) &&
(parameter.Name.StartsWith("oauth_") || parameter.Name.StartsWith("x_auth_"))))
{
sb.AppendFormat("{0}=\"{1}\",", parameter.Name, parameter.Value);
}
sb.Remove(sb.Length - 1, 1);
var authorization = sb.ToString();
return authorization;
}
/// <summary>
/// Sorts a <see cref="WebParameterCollection"/> by name, and then value if equal.
/// </summary>
/// <param name="parameters">A collection of parameters to sort</param>
/// <returns>A sorted parameter collection</returns>
public static WebParameterCollection SortParametersExcludingSignature(WebParameterCollection parameters)
{
var copy = new WebParameterCollection(parameters);
var exclusions = copy.Where(n => n.Name.EqualsIgnoreCase("oauth_signature"));
copy.RemoveAll(exclusions);
copy.ForEach(p => p.Value = UrlEncode(p.Value)); // values are effectively double-encoded
copy.Sort((x, y) => x.Name.Equals(y.Name) ? x.Value.CompareTo(y.Value) : x.Name.CompareTo(y.Name));
return copy;
}
private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflow workflow)
{
var url = client.BuildUri(request).ToString();
var queryStringStart = url.IndexOf('?');
if (queryStringStart != -1)
url = url.Substring(0, queryStringStart);
OAuthWebQueryInfo oauth;
#if PocketPC
var method = request.Method.ToString().ToUpper();
#else
var method = request.Method.ToString().ToUpperInvariant();
#endif
var parameters = new WebParameterCollection();
// include all GET and POST parameters before generating the signature
// according to the RFC 5849 - The OAuth 1.0 Protocol
// http://tools.ietf.org/html/rfc5849#section-3.4.1
// if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
// or implement a seperate class for each OAuth version
if (!request.AlwaysMultipartFormData && !request.Files.Any())
{
foreach (var p in client.DefaultParameters.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
}
else
{
// if we are sending a multipart request, only the "oauth_" parameters should be included in the signature
foreach (var p in client.DefaultParameters.Where(
p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) && p.Name.StartsWith("oauth_")))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
foreach (var p in request.Parameters.Where(
p => (p.Type == ParameterType.GetOrPost || p.Type == ParameterType.QueryString) && p.Name.StartsWith("oauth_")))
{
parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
}
switch (this.Type)
{
case OAuthType.RequestToken:
workflow.RequestTokenUrl = url;
oauth = workflow.BuildRequestTokenInfo(method, parameters);
break;
case OAuthType.AccessToken:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildAccessTokenInfo(method, parameters);
break;
case OAuthType.ClientAuthentication:
workflow.AccessTokenUrl = url;
oauth = workflow.BuildClientAuthAccessTokenInfo(method, parameters);
break;
case OAuthType.ProtectedResource:
oauth = workflow.BuildProtectedResourceInfo(method, parameters, url);
break;
default:
throw new ArgumentOutOfRangeException();
}
switch (this.ParameterHandling)
{
case OAuthParameterHandling.HttpAuthorizationHeader:
parameters.Add("oauth_signature", oauth.Signature);
request.AddHeader("Authorization", this.GetAuthorizationHeader(parameters));
break;
case OAuthParameterHandling.UrlOrPostParameters:
parameters.Add("oauth_signature", oauth.Signature);
foreach (var parameter in parameters.Where(parameter =>
!parameter.Name.IsNullOrBlank() &&
(parameter.Name.StartsWith("oauth_") || parameter.Name.StartsWith("x_auth_"))))
{
request.AddParameter(parameter.Name, HttpUtility.UrlDecode(parameter.Value));
}
break;
default:
throw new ArgumentOutOfRangeException();
}
}