/** * Validates the passed request by reconstructing the original URL and * parameters and generating a signature following the OAuth HMAC-SHA1 * specification and using the passed secret key. * * @param request Servlet request containing required information for * reconstructing the signature such as the request's URL * components and parameters * @param consumerSecret Secret key shared between application owner and * container. Used by containers when issuing signed makeRequests * and by client applications to verify the source of these * requests and the authenticity of its parameters. * @return {@code true} if the signature generated in this function matches * the signature in the passed request, {@code false} otherwise * @throws IOException * @throws URISyntaxException */ public static bool verifyHmacSignature( HttpWebRequest request, String consumerSecret) { String method = request.Method; String requestUrl = getRequestUrl(request); List <OAuth.Parameter> requestParameters = getRequestParameters(request); OAuthMessage message = new OAuthMessage(method, requestUrl, requestParameters); OAuthConsumer consumer = new OAuthConsumer(null, null, consumerSecret, null); OAuthAccessor accessor = new OAuthAccessor(consumer); try { message.validateMessage(accessor, new SimpleOAuthValidator()); } catch (OAuthException e) { return(false); } return(true); }