public static void TryRethrow(OAuthParameters parameters) { if (!parameters.HasProblem) { OAuthRequestException ex = new OAuthRequestException(parameters.ProblemAdvice, parameters.ProblemType); // Load additional parameter for specific types switch (parameters.ProblemType) { case OAuthProblemTypes.VersionRejected: if (!String.IsNullOrEmpty(parameters.AcceptableVersions)) ex.AddParameter(OAuthErrorParameterKeys.AcceptableVersions, parameters.AcceptableVersions); break; case OAuthProblemTypes.ParameterAbsent: if (!String.IsNullOrEmpty(parameters.ParametersAbsent)) ex.AddParameter(OAuthErrorParameterKeys.ParametersAbsent, parameters.ParametersAbsent); break; case OAuthProblemTypes.ParameterRejected: if (!String.IsNullOrEmpty(parameters.ParametersRejected)) ex.AddParameter(OAuthErrorParameterKeys.ParametersRejected, parameters.ParametersRejected); break; case OAuthProblemTypes.TimestampRefused: if (!String.IsNullOrEmpty(parameters.AcceptableTimestamps)) ex.AddParameter(OAuthErrorParameterKeys.AcceptableTimestamps, parameters.AcceptableTimestamps); break; } // Throw the OAuthRequestException throw ex; } }
private void DoGetRequestToken() { // Fire the OnBeforeGetRequestToken event PreRequestEventArgs args = new PreRequestEventArgs(Service.RequestTokenUrl, Service.RequestTokenEndPoint.HttpMethod, CallbackUrl); if (BeforeGetRequestToken != null) { BeforeGetRequestToken(this, args); } OAuthParameters authParams = CreateOAuthParameters(args.AdditionalParameters); authParams.Callback = args.CallbackUrl == null ? OAuthOutOfBandCallback : args.CallbackUrl.AbsoluteUri; SignParameters(args.RequestUri, args.HttpMethod, authParams, null); // Create and sign the request HttpWebRequest request = CreateRequest( args.RequestUri, authParams, args.HttpMethod, args.HttpMethod == "POST" ? HttpPostUrlEncodedContentType : String.Empty, null); OAuthParameters responseParameters; // Get the service provider response try { HttpWebResponse response = (HttpWebResponse)request.GetResponse(); // Parse the parameters and re-throw any OAuthRequestException from the service provider responseParameters = OAuthParameters.Parse(response); OAuthRequestException.TryRethrow(responseParameters); } catch (WebException e) { // Parse the parameters and re-throw any OAuthRequestException from the service provider responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse); OAuthRequestException.TryRethrow(responseParameters); // If no OAuthRequestException, rethrow the WebException throw; } // Store the request token RequestToken = new OAuthToken(TokenType.Request, responseParameters.Token, responseParameters.TokenSecret, Service.Consumer); // Fire the OnReceiveRequestToken event RequestTokenReceivedEventArgs responseArgs = new RequestTokenReceivedEventArgs(RequestToken); responseArgs.Parameters.Add(responseParameters.AdditionalParameters); if (ReceiveRequestToken != null) { ReceiveRequestToken(this, responseArgs); } }
public OAuthParameters Clone() { var clone = new OAuthParameters(); foreach (KeyValuePair <string, string> item in parameters) { clone.parameters[item.Key] = item.Value; } clone.additionalParameters = new NameValueCollection(additionalParameters); return(clone); }
protected override void ParseParameters(IHttpContext httpContext, OAuthRequestContext requestContext) { // Try to parse the parameters OAuthParameters parameters = OAuthParameters.Parse(httpContext.Request, OAuthParameterSources.ServiceProviderDefault); /* * Check for missing required parameters: * * The consumer key, signature method, signature, timestamp and nonce parameters * are all required */ parameters.RequireAllOf( OAuthParameterKeys.ConsumerKey, OAuthParameterKeys.Token, OAuthParameterKeys.SignatureMethod, OAuthParameterKeys.Signature, OAuthParameterKeys.Timestamp, OAuthParameterKeys.Nonce, OAuthParameterKeys.Verifier); /* * The version parameter is optional, but it if is present its value must be 1.0 */ if (parameters.Version != null) { parameters.RequireVersion("1.0"); } /* * Check that there are no other parameters except for realm, version and * the required parameters */ parameters.AllowOnly( OAuthParameterKeys.ConsumerKey, OAuthParameterKeys.Token, OAuthParameterKeys.SignatureMethod, OAuthParameterKeys.Signature, OAuthParameterKeys.Timestamp, OAuthParameterKeys.Nonce, OAuthParameterKeys.Verifier, OAuthParameterKeys.Version, // (optional) OAuthParameterKeys.Realm); // (optional) requestContext.Parameters = parameters; }
private void ParseParameters(IHttpContext httpContext, OAuthRequestContext context) { // Try to parse the parameters OAuthParameters parameters = OAuthParameters.Parse(httpContext.Request); /* * Check for missing required parameters: * * The consumer key, token, signature method, signature, timestamp and nonce parameters * are all required */ if (consumerRequests) { parameters.RequireAllOf( OAuthParameterKeys.ConsumerKey, OAuthParameterKeys.SignatureMethod, OAuthParameterKeys.Signature, OAuthParameterKeys.Timestamp, OAuthParameterKeys.Nonce); } else { // For 3 legged TokenParameter is required parameters.RequireAllOf( OAuthParameterKeys.ConsumerKey, OAuthParameterKeys.Token, OAuthParameterKeys.SignatureMethod, OAuthParameterKeys.Signature, OAuthParameterKeys.Timestamp, OAuthParameterKeys.Nonce); } /* * The version parameter is optional, but it if is present its value must be 1.0 */ if (parameters.Version != null) { parameters.RequireVersion("1.0"); } context.Parameters = parameters; }
public static void TryRethrow(OAuthParameters parameters) { if (!parameters.HasProblem) { OAuthRequestException ex = new OAuthRequestException(parameters.ProblemAdvice, parameters.ProblemType); // Load additional parameter for specific types switch (parameters.ProblemType) { case OAuthProblemTypes.VersionRejected: if (!String.IsNullOrEmpty(parameters.AcceptableVersions)) { ex.AddParameter(OAuthErrorParameterKeys.AcceptableVersions, parameters.AcceptableVersions); } break; case OAuthProblemTypes.ParameterAbsent: if (!String.IsNullOrEmpty(parameters.ParametersAbsent)) { ex.AddParameter(OAuthErrorParameterKeys.ParametersAbsent, parameters.ParametersAbsent); } break; case OAuthProblemTypes.ParameterRejected: if (!String.IsNullOrEmpty(parameters.ParametersRejected)) { ex.AddParameter(OAuthErrorParameterKeys.ParametersRejected, parameters.ParametersRejected); } break; case OAuthProblemTypes.TimestampRefused: if (!String.IsNullOrEmpty(parameters.AcceptableTimestamps)) { ex.AddParameter(OAuthErrorParameterKeys.AcceptableTimestamps, parameters.AcceptableTimestamps); } break; } // Throw the OAuthRequestException throw ex; } }
private void SignParameters(Uri requestUri, string httpMethod, OAuthParameters authParameters, IToken token) { // Check there is a signing provider for the signature method ISignProvider signingProvider = context.GetSignProvider(Service.SignatureMethod); if (signingProvider == null) { // There is no signing provider for this signature method throw new OAuthRequestException(null, OAuthProblemTypes.SignatureMethodRejected); } // Double check the signing provider declares that it can handle the signature method if (!signingProvider.SignatureMethod.Equals(Service.SignatureMethod)) { throw new OAuthRequestException(null, OAuthProblemTypes.SignatureMethodRejected); } // Compute the signature authParameters.Sign(requestUri, httpMethod, Service.Consumer, token, signingProvider); }
private OAuthParameters CreateOAuthParameters(NameValueCollection additionalParameters) { int timestamp = UnixTime.ToUnixTime(DateTime.Now); OAuthParameters authParameters = new OAuthParameters(); authParameters.ConsumerKey = Service.Consumer.Key; authParameters.Realm = Service.Realm; authParameters.SignatureMethod = Service.SignatureMethod; authParameters.Timestamp = timestamp.ToString(CultureInfo.InvariantCulture); authParameters.Nonce = context.NonceGenerator.GenerateNonce(timestamp); authParameters.Version = Service.OAuthVersion; if (additionalParameters != null && additionalParameters.Count > 0) { authParameters.AdditionalParameters.Add(additionalParameters); } return(authParameters); }
public static string Create(string httpMethod, Uri requestUrl, OAuthParameters parameters) { StringBuilder sigbase = new StringBuilder(); // Http header sigbase.Append(Rfc3986.Encode(httpMethod)).Append("&"); // Normalized request URL sigbase.Append(Rfc3986.Encode(requestUrl.Scheme)); sigbase.Append(Rfc3986.Encode("://")); sigbase.Append(Rfc3986.Encode(requestUrl.Authority.ToLowerInvariant())); sigbase.Append(Rfc3986.Encode(requestUrl.AbsolutePath)); sigbase.Append("&"); // Normalized parameters sigbase.Append( Rfc3986.Encode(parameters.ToNormalizedString(OAuthParameterKeys.Realm, OAuthParameterKeys.Signature, OAuthParameterKeys.TokenSecret))); return sigbase.ToString(); }
public static string Create(string httpMethod, Uri requestUrl, OAuthParameters parameters) { StringBuilder sigbase = new StringBuilder(); // Http header sigbase.Append(Rfc3986.Encode(httpMethod)).Append("&"); // Normalized request URL sigbase.Append(Rfc3986.Encode(requestUrl.Scheme)); sigbase.Append(Rfc3986.Encode("://")); sigbase.Append(Rfc3986.Encode(requestUrl.Authority.ToLowerInvariant())); sigbase.Append(Rfc3986.Encode(requestUrl.AbsolutePath)); sigbase.Append("&"); // Normalized parameters sigbase.Append( Rfc3986.Encode(parameters.ToNormalizedString(OAuthParameterKeys.Realm, OAuthParameterKeys.Signature, OAuthParameterKeys.TokenSecret))); return(sigbase.ToString()); }
public OAuthRequestToken(string token, string secret, IConsumer consumer, TokenStatus status, OAuthParameters parameters, IIdentity user, string[] roles) { if (string.IsNullOrEmpty(token)) throw new ArgumentException("token must not be null or empty", "token"); if (secret == null) throw new ArgumentNullException("secret", "secret must not be null"); if (consumer == null) throw new ArgumentNullException("consumer", "consumer must not be null"); if (roles == null) throw new ArgumentNullException("roles", "roles must not be null"); this.token = token; this.secret = secret; this.status = status; consumerKey = consumer.Key; this.parameters = parameters; this.user = user; this.roles = roles; }
private OAuthResponse GetResource(NameValueCollection parameters, string contentType, Stream bodyStream) { OAuthResponse response; HttpWebRequest request = PrepareProtectedResourceRequest(parameters, contentType, bodyStream); // A null value for the HttpWebRequest is returned when a ResponseToken is returned // and no one has returned in the AuthorizationHandler continue with getting an AccessToken // or an RequestToken exists but the AccessToken request was refused. if (request == null) { response = new OAuthResponse(RequestToken); } else { OAuthParameters responseParameters; try { OAuthResource resource = new OAuthResource((HttpWebResponse)request.GetResponse()); // Parse the parameters and re-throw any OAuthRequestException from the service provider responseParameters = OAuthParameters.Parse(resource); OAuthRequestException.TryRethrow(responseParameters); // If nothing is thrown then we should have a valid resource. response = new OAuthResponse(AccessToken ?? RequestToken, resource); } catch (WebException e) { // Parse the parameters and re-throw any OAuthRequestException from the service provider responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse); OAuthRequestException.TryRethrow(responseParameters); // If no OAuthRequestException, rethrow the WebException #warning TODO: We have consumer the WebException's body so rethrowing it is pretty pointless; wrap the WebException in an OAuthProtocolException and store the body (create an OAuthResource before parsing parameters) throw; } } return(response); }
private HttpWebRequest DoPrepareProtectedResourceRequest(NameValueCollection parameters, string contentType, Stream bodyStream) { // Fire the OnBeforeGetProtectedResource event PreProtectedResourceRequestEventArgs preArgs = new PreProtectedResourceRequestEventArgs(ResourceUri, ResourceEndPoint.HttpMethod, RequestToken, AccessToken); if (parameters != null) { preArgs.AdditionalParameters.Add(parameters); } if (BeforeGetProtectedResource != null) { BeforeGetProtectedResource(this, preArgs); } OAuthParameters authParams = CreateOAuthParameters(preArgs.AdditionalParameters); SignParameters(preArgs.RequestUri, preArgs.HttpMethod, authParams, AccessToken); return(CreateRequest(preArgs.RequestUri, authParams, preArgs.HttpMethod, contentType, bodyStream)); }
protected override void ParseParameters(IHttpContext httpContext, OAuthRequestContext requestContext) { // Try to parse the parameters OAuthParameters parameters = OAuthParameters.Parse(httpContext.Request, OAuthParameterSources.ServiceProviderDefault); /* * Check for missing required parameters: * * The consumer key, signature method, signature, timestamp and nonce parameters * are all required */ parameters.RequireAllOf(OAuthParameterKeys.ConsumerKey, OAuthParameterKeys.SignatureMethod, OAuthParameterKeys.Signature, OAuthParameterKeys.Timestamp, OAuthParameterKeys.Nonce, OAuthParameterKeys.Callback); // The version parameter is optional, but it if is present its value must be 1.0 if (parameters.Version != null) { parameters.RequireVersion("1.0"); } requestContext.Parameters = parameters; }
private bool DoGetAccessToken() { // Fire the OnBeforeGetAccessToken event PreAccessTokenRequestEventArgs preArgs = new PreAccessTokenRequestEventArgs(Service.AccessTokenUrl, Service.AccessTokenEndPoint.HttpMethod, RequestToken, RequestTokenVerifier); if (BeforeGetAccessToken != null) { BeforeGetAccessToken(this, preArgs); } // Create and sign the request OAuthParameters authParams = CreateOAuthParameters(null); authParams.Verifier = preArgs.Verifier; // We don't have a verifier so something has gone wrong in the process. if (string.IsNullOrEmpty(authParams.Verifier)) { return(false); } SignParameters(preArgs.RequestUri, preArgs.HttpMethod, authParams, RequestToken); HttpWebRequest request = CreateRequest(preArgs.RequestUri, authParams, preArgs.HttpMethod, preArgs.HttpMethod == "POST" ? HttpPostUrlEncodedContentType : String.Empty, null); OAuthParameters responseParameters; // Get the service provider response try { HttpWebResponse response = (HttpWebResponse)request.GetResponse(); // Parse the parameters and re-throw any OAuthRequestException from the service provider responseParameters = OAuthParameters.Parse(response); OAuthRequestException.TryRethrow(responseParameters); } catch (WebException e) { // Parse the parameters and re-throw any OAuthRequestException from the service provider responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse); OAuthRequestException.TryRethrow(responseParameters); // If no OAuthRequestException, rethrow the WebException throw; } // Store the access token AccessToken = new OAuthToken(TokenType.Access, responseParameters.Token, responseParameters.TokenSecret, Service.Consumer); // Fire the OnReceiveAccessToken event AccessTokenReceivedEventArgs responseArgs = new AccessTokenReceivedEventArgs(RequestToken, AccessToken); responseArgs.AdditionalParameters.Add(responseParameters.AdditionalParameters); if (ReceiveAccessToken != null) { ReceiveAccessToken(this, responseArgs); } return(true); }
internal static OAuthParameters DoParse(string authHeader, string wwwAuthHeader, NameValueCollection form, NameValueCollection queryString, OAuthParameterSources sources, bool validateParameters) { if (sources == OAuthParameterSources.None) throw new ArgumentException("sources must not be OAuthParameterSources.None", "sources"); bool useAuthHeader = (sources & OAuthParameterSources.AuthorizationHeader) == OAuthParameterSources.AuthorizationHeader; bool useWwwAuthHeader = (sources & OAuthParameterSources.AuthenticateHeader) == OAuthParameterSources.AuthenticateHeader; bool usePost = (sources & OAuthParameterSources.PostBody) == OAuthParameterSources.PostBody; bool useQueryString = (sources & OAuthParameterSources.QueryString) == OAuthParameterSources.QueryString; NameValueCollection authHeaderParams = useAuthHeader ? ParseAuthHeader(authHeader) : null; NameValueCollection wwwAuthHeaderParams = useWwwAuthHeader ? ParseAuthHeader(wwwAuthHeader) : null; NameValueCollection postParams = usePost ? form : null; NameValueCollection queryStringParams = useQueryString ? queryString : null; // Do validation if required if (validateParameters) { /* * Check for any duplicated OAuth parameters */ ResultInfo<string[]> result = CheckForDuplicateReservedParameters(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); if (!result) throw new ParametersRejectedException(null, result); /* * Check for non-reserved parameters prefixed with oauth_ */ result = CheckForInvalidParameterNames(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); if (!result) throw new ParametersRejectedException(null, result); } OAuthParameters parameters = new OAuthParameters(); parameters.Callback = GetParam(OAuthParameterKeys.Callback, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.ConsumerKey = GetParam(OAuthParameterKeys.ConsumerKey, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.Nonce = GetParam(OAuthParameterKeys.Nonce, authHeaderParams, postParams, wwwAuthHeaderParams, queryStringParams); parameters.Realm = authHeaderParams != null ? authHeaderParams[OAuthParameterKeys.Realm] : null; parameters.Signature = GetParam(OAuthParameterKeys.Signature, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.SignatureMethod = GetParam(OAuthParameterKeys.SignatureMethod, wwwAuthHeaderParams, authHeaderParams, postParams, queryStringParams); parameters.Timestamp = GetParam(OAuthParameterKeys.Timestamp, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.Token = GetParam(OAuthParameterKeys.Token, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.TokenSecret = GetParam(OAuthParameterKeys.TokenSecret, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.Version = GetParam(OAuthParameterKeys.Version, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.Verifier = GetParam(OAuthParameterKeys.Verifier, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.additionalParameters = GetNonOAuthParameters(wwwAuthHeaderParams, postParams, queryStringParams); return parameters; }
private HttpWebRequest CreateRequest(Uri requestUri, OAuthParameters authParameters, string httpMethod, string contentType, Stream bodyStream) { NameValueCollection requestSpecificParameters = new NameValueCollection(authParameters.AdditionalParameters); if (!Service.UseAuthorizationHeader) { ////The OAuth params need to be added either into the querystring or into the post body. requestSpecificParameters.Add(authParameters.OAuthRequestParams()); } if (HttpPostUrlEncodedContentTypeRegex.IsMatch(contentType) && bodyStream == null) { ////All the requestSpecificParameters need to be encoded into the body bytes string body = Rfc3986.EncodeAndJoin(requestSpecificParameters); bodyStream = new MemoryStream(Encoding.ASCII.GetBytes(body)); } else { ////They go into the querystring. string query = Rfc3986.EncodeAndJoin(requestSpecificParameters); if (!string.IsNullOrEmpty(query)) { UriBuilder mutableRequestUri = new UriBuilder(requestUri); if (string.IsNullOrEmpty(mutableRequestUri.Query)) mutableRequestUri.Query = query; else mutableRequestUri.Query = mutableRequestUri.Query.Substring(1) + "&" + query; requestUri = mutableRequestUri.Uri; } } HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(requestUri); request.Method = httpMethod; if (Service.UseAuthorizationHeader) request.Headers.Add(HttpRequestHeader.Authorization, authParameters.ToHeader()); if (!String.IsNullOrEmpty(contentType)) { request.ContentType = contentType; if (bodyStream != null) { if (bodyStream.CanSeek) request.ContentLength = bodyStream.Length; StreamCopier.CopyTo(bodyStream, request.GetRequestStream()); } } return request; }
private HttpWebRequest CreateRequest(Uri requestUri, OAuthParameters authParameters, string httpMethod, string contentType, Stream bodyStream) { NameValueCollection requestSpecificParameters = new NameValueCollection(authParameters.AdditionalParameters); if (!Service.UseAuthorizationHeader) { ////The OAuth params need to be added either into the querystring or into the post body. requestSpecificParameters.Add(authParameters.OAuthRequestParams()); } if (HttpPostUrlEncodedContentTypeRegex.IsMatch(contentType) && bodyStream == null) { ////All the requestSpecificParameters need to be encoded into the body bytes string body = Rfc3986.EncodeAndJoin(requestSpecificParameters); bodyStream = new MemoryStream(Encoding.ASCII.GetBytes(body)); } else { ////They go into the querystring. string query = Rfc3986.EncodeAndJoin(requestSpecificParameters); if (!string.IsNullOrEmpty(query)) { UriBuilder mutableRequestUri = new UriBuilder(requestUri); if (string.IsNullOrEmpty(mutableRequestUri.Query)) { mutableRequestUri.Query = query; } else { mutableRequestUri.Query = mutableRequestUri.Query.Substring(1) + "&" + query; } requestUri = mutableRequestUri.Uri; } } HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(requestUri); request.Method = httpMethod; if (Service.UseAuthorizationHeader) { request.Headers.Add(HttpRequestHeader.Authorization, authParameters.ToHeader()); } if (!String.IsNullOrEmpty(contentType)) { request.ContentType = contentType; if (bodyStream != null) { if (bodyStream.CanSeek) { request.ContentLength = bodyStream.Length; } StreamCopier.CopyTo(bodyStream, request.GetRequestStream()); } } return(request); }
public Uri BuildAuthorizationUrl(IToken token, NameValueCollection additionalParameters) { if (token.Type == TokenType.Request) { OAuthParameters authParameters = new OAuthParameters(); authParameters.Token = token.Token; if (additionalParameters != null) authParameters.AdditionalParameters.Add(additionalParameters); // Construct final authorization Uri (HTTP method must be GET) string query = authParameters.ToQueryString(); UriBuilder authUri = new UriBuilder(AuthorizationUrl); if (String.IsNullOrEmpty(authUri.Query)) authUri.Query = query; else authUri.Query = authUri.Query.Substring(1) + "&" + query; return authUri.Uri; } throw new ArgumentException("Invalid token type for Authorization"); }
public OAuthRequestToken(string token, string secret, IConsumer consumer, TokenStatus status, OAuthParameters parameters, IIdentity user, string[] roles) { if (string.IsNullOrEmpty(token)) { throw new ArgumentException("token must not be null or empty", "token"); } if (secret == null) { throw new ArgumentNullException("secret", "secret must not be null"); } if (consumer == null) { throw new ArgumentNullException("consumer", "consumer must not be null"); } if (roles == null) { throw new ArgumentNullException("roles", "roles must not be null"); } this.token = token; this.secret = secret; this.status = status; consumerKey = consumer.Key; this.parameters = parameters; this.user = user; this.roles = roles; }
public IRequestToken CreateRequestToken(IConsumer consumer, OAuthParameters parameters) { return new OAuthRequestToken(Guid.NewGuid().ToString(Format), Guid.NewGuid().ToString(Format), consumer, TokenStatus.Unauthorized, parameters, null, new string[] {}); }
internal static OAuthParameters DoParse(string authHeader, string wwwAuthHeader, NameValueCollection form, NameValueCollection queryString, OAuthParameterSources sources, bool validateParameters) { if (sources == OAuthParameterSources.None) { throw new ArgumentException("sources must not be OAuthParameterSources.None", "sources"); } bool useAuthHeader = (sources & OAuthParameterSources.AuthorizationHeader) == OAuthParameterSources.AuthorizationHeader; bool useWwwAuthHeader = (sources & OAuthParameterSources.AuthenticateHeader) == OAuthParameterSources.AuthenticateHeader; bool usePost = (sources & OAuthParameterSources.PostBody) == OAuthParameterSources.PostBody; bool useQueryString = (sources & OAuthParameterSources.QueryString) == OAuthParameterSources.QueryString; NameValueCollection authHeaderParams = useAuthHeader ? ParseAuthHeader(authHeader) : null; NameValueCollection wwwAuthHeaderParams = useWwwAuthHeader ? ParseAuthHeader(wwwAuthHeader) : null; NameValueCollection postParams = usePost ? form : null; NameValueCollection queryStringParams = useQueryString ? queryString : null; // Do validation if required if (validateParameters) { /* * Check for any duplicated OAuth parameters */ ResultInfo <string[]> result = CheckForDuplicateReservedParameters(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); if (!result) { throw new ParametersRejectedException(null, result); } /* * Check for non-reserved parameters prefixed with oauth_ */ result = CheckForInvalidParameterNames(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); if (!result) { throw new ParametersRejectedException(null, result); } } OAuthParameters parameters = new OAuthParameters(); parameters.Callback = GetParam(OAuthParameterKeys.Callback, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.ConsumerKey = GetParam(OAuthParameterKeys.ConsumerKey, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.Nonce = GetParam(OAuthParameterKeys.Nonce, authHeaderParams, postParams, wwwAuthHeaderParams, queryStringParams); parameters.Realm = authHeaderParams != null ? authHeaderParams[OAuthParameterKeys.Realm] : null; parameters.Signature = GetParam(OAuthParameterKeys.Signature, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.SignatureMethod = GetParam(OAuthParameterKeys.SignatureMethod, wwwAuthHeaderParams, authHeaderParams, postParams, queryStringParams); parameters.Timestamp = GetParam(OAuthParameterKeys.Timestamp, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.Token = GetParam(OAuthParameterKeys.Token, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.TokenSecret = GetParam(OAuthParameterKeys.TokenSecret, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.Version = GetParam(OAuthParameterKeys.Version, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.Verifier = GetParam(OAuthParameterKeys.Verifier, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); parameters.additionalParameters = GetNonOAuthParameters(wwwAuthHeaderParams, postParams, queryStringParams); return(parameters); }
private void SignParameters(Uri requestUri, string httpMethod, OAuthParameters authParameters, IToken token) { // Check there is a signing provider for the signature method ISignProvider signingProvider = context.GetSignProvider(Service.SignatureMethod); if (signingProvider == null) // There is no signing provider for this signature method throw new OAuthRequestException(null, OAuthProblemTypes.SignatureMethodRejected); // Double check the signing provider declares that it can handle the signature method if (!signingProvider.SignatureMethod.Equals(Service.SignatureMethod)) throw new OAuthRequestException(null, OAuthProblemTypes.SignatureMethodRejected); // Compute the signature authParameters.Sign(requestUri, httpMethod, Service.Consumer, token, signingProvider); }
public IRequestToken CreateRequestToken(IConsumer consumer, OAuthParameters parameters) { return(new OAuthRequestToken(Guid.NewGuid().ToString(Format), Guid.NewGuid().ToString(Format), consumer, TokenStatus.Unauthorized, parameters, null, new string[] {})); }
private OAuthParameters CreateOAuthParameters(NameValueCollection additionalParameters) { int timestamp = UnixTime.ToUnixTime(DateTime.Now); OAuthParameters authParameters = new OAuthParameters(); authParameters.ConsumerKey = Service.Consumer.Key; authParameters.Realm = Service.Realm; authParameters.SignatureMethod = Service.SignatureMethod; authParameters.Timestamp = timestamp.ToString(CultureInfo.InvariantCulture); authParameters.Nonce = context.NonceGenerator.GenerateNonce(timestamp); authParameters.Version = Service.OAuthVersion; if (additionalParameters != null && additionalParameters.Count > 0) authParameters.AdditionalParameters.Add(additionalParameters); return authParameters; }
public OAuthParameters Clone() { var clone = new OAuthParameters(); foreach (KeyValuePair<string, string> item in parameters) clone.parameters[item.Key] = item.Value; clone.additionalParameters = new NameValueCollection(additionalParameters); return clone; }