public static OAuthEchoHandler CreateHandler(HttpMessageHandler innerHandler, Uri authServiceProvider, string consumerKey, string consumerSecret, string accessToken, string accessSecret, Uri?realm = null) { var credential = OAuthUtility.CreateAuthorization("GET", authServiceProvider, null, consumerKey, consumerSecret, accessToken, accessSecret, realm?.AbsoluteUri); return(new OAuthEchoHandler(innerHandler, authServiceProvider, credential)); }
protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var query = await GetParameters(request.RequestUri, request.Content) .ConfigureAwait(false); var credential = OAuthUtility.CreateAuthorization(request.Method.ToString().ToUpperInvariant(), request.RequestUri, query, this.ConsumerKey, this.ConsumerSecret, this.AccessToken, this.AccessSecret); request.Headers.TryAddWithoutValidation("Authorization", credential); if (request.Content is FormUrlEncodedContent postContent) { request.Content = new StringContent(MyCommon.BuildQueryString(query), Encoding.UTF8, "application/x-www-form-urlencoded"); postContent.Dispose(); } return(await base.SendAsync(request, cancellationToken) .ConfigureAwait(false)); }
public void CreateAuthorization_Test() { var authorization = OAuthUtility.CreateAuthorization( "GET", new Uri("http://example.com/hoge"), new Dictionary <string, string> { ["aaa"] = "hoge" }, "ConsumerKey", "ConsumerSecret", "AccessToken", "AccessSecret", "Realm"); Assert.True(authorization.StartsWith("OAuth ", StringComparison.Ordinal)); var parsedParams = authorization.Substring(6).Split(',') .Where(x => !string.IsNullOrEmpty(x)) .Select(x => x.Split(new[] { '=' }, 2)) .ToDictionary(x => x[0], x => x[1].Substring(1, x[1].Length - 2)); // x[1] は前後の「"」を除去する var expectAuthzParamKeys = new[] { "realm", "oauth_consumer_key", "oauth_nonce", "oauth_signature_method", "oauth_timestamp", "oauth_token", "oauth_version", "oauth_signature" }; Assert.Equal(expectAuthzParamKeys, parsedParams.Keys, AnyOrderComparer <string> .Instance); Assert.Equal("Realm", parsedParams["realm"]); // Signature Base Strings には realm を含めない var expectSignatureBase = "GET&http%3A%2F%2Fexample.com%2Fhoge&" + "aaa%3Dhoge%26" + "oauth_consumer_key%3DConsumerKey%26" + $"oauth_nonce%3D{parsedParams["oauth_nonce"]}%26" + "oauth_signature_method%3DHMAC-SHA1%26" + $"oauth_timestamp%3D{parsedParams["oauth_timestamp"]}%26" + "oauth_token%3DAccessToken%26" + "oauth_version%3D1.0"; var expectSignatureKey = "ConsumerSecret&AccessSecret"; using (var hmacsha1 = new HMACSHA1(Encoding.ASCII.GetBytes(expectSignatureKey))) { var expectSignature = Convert.ToBase64String(hmacsha1.ComputeHash(Encoding.ASCII.GetBytes(expectSignatureBase))); Assert.Equal(expectSignature, Uri.UnescapeDataString(parsedParams["oauth_signature"])); } }