protected virtual void ParseParameters(HttpContext httpContext, OAuthRequestContext requestContext)
{
// Try to parse the parameters
OAuthParameters parameters = OAuthParameters.Parse(httpContext.Request, ServiceProviderContext.Settings.ParameterSources);
/*
* Check for missing required parameters:
*
* The consumer key, signature method, signature, timestamp and nonce parameters
* are all required
*/
parameters.RequireAllOf(
Constants.ConsumerKeyParameter,
Constants.SignatureMethodParameter,
Constants.SignatureParameter,
Constants.TimestampParameter,
Constants.NonceParameter,
Constants.CallbackParameter);
/*
* The version parameter is optional, but it if is present its value must be 1.0
*/
if (parameters.Version != null)
{
parameters.RequireVersion(Constants.Version1_0);
}
requestContext.Parameters = parameters;
}
private OAuthResponse GetResource(NameValueCollection parameters, string contentType, System.IO.Stream bodyStream)
{
OAuthResponse response;
HttpWebRequest request = this.PrepareProtectedResourceRequest(parameters, contentType, bodyStream);
// A null value for the HttpWebRequest is returned when a ResponseToken is returned
// and no one has returned in the AuthorizationHandler continue with getting an AccessToken
// or an RequestToken exists but the AccessToken request was refused.
if (request == null)
{
response = new OAuthResponse(this.RequestToken);
}
else
{
OAuthResource resource;
OAuthParameters responseParameters;
try
{
resource = new OAuthResource((HttpWebResponse)request.GetResponse());
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(resource);
OAuthRequestException.TryRethrow(responseParameters);
// If nothing is thrown then we should have a valid resource.
response = new OAuthResponse(this.AccessToken ?? this.RequestToken, resource);
}
catch (WebException e)
{
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse);
OAuthRequestException.TryRethrow(responseParameters);
// If no OAuthRequestException, rethrow the WebException
#warning TODO: We have consumer the WebException's body so rethrowing it is pretty pointless; wrap the WebException in an OAuthProtocolException and store the body (create an OAuthResource before parsing parameters)
throw;
}
}
return(response);
}
protected virtual void ParseParameters(HttpApplication application, OAuthRequestContext context)
{
// Try to parse the parameters
OAuthParameters parameters = OAuthParameters.Parse(application.Request);
/*
* Check for missing required parameters:
*
* The consumer key, token, signature method, signature, timestamp and nonce parameters
* are all required
*/
if (ServiceProviderContext.Settings.AllowConsumerRequests)
{
parameters.RequireAllOf(
Constants.ConsumerKeyParameter,
Constants.SignatureMethodParameter,
Constants.SignatureParameter,
Constants.TimestampParameter,
Constants.NonceParameter);
}
else
{
// For 3 legged TokenParameter is required
parameters.RequireAllOf(
Constants.ConsumerKeyParameter,
Constants.TokenParameter,
Constants.SignatureMethodParameter,
Constants.SignatureParameter,
Constants.TimestampParameter,
Constants.NonceParameter);
}
/*
* The version parameter is optional, but it if is present its value must be 1.0
*/
if (parameters.Version != null)
{
parameters.RequireVersion(Constants.Version1_0);
}
context.Parameters = parameters;
}
protected virtual bool DoGetAccessToken()
{
// Fire the OnBeforeGetAccessToken event
PreAccessTokenRequestEventArgs preArgs = new PreAccessTokenRequestEventArgs(
this.Service.AccessTokenUrl,
this.Service.AccessTokenEndPoint.HttpMethod,
this.RequestToken,
this.RequestTokenVerifier);
if (this.OnBeforeGetAccessToken != null)
{
this.OnBeforeGetAccessToken(this, preArgs);
}
// Create and sign the request
OAuthParameters authParams = this.CreateOAuthParameters(null);
authParams.Verifier = preArgs.Verifier;
// We don't have a verifier so something has gone wrong in the process.
if (string.IsNullOrEmpty(authParams.Verifier))
{
return(false);
}
this.SignParameters(preArgs.RequestUri, preArgs.HttpMethod, authParams, this.RequestToken);
HttpWebRequest request = this.CreateRequest(
preArgs.RequestUri,
authParams,
preArgs.HttpMethod,
preArgs.HttpMethod == "POST" ? Constants.HttpPostUrlEncodedContentType : String.Empty,
null);
HttpWebResponse response = null;
OAuthParameters responseParameters = null;
// Get the service provider response
try
{
response = (HttpWebResponse)request.GetResponse();
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(response);
OAuthRequestException.TryRethrow(responseParameters);
}
catch (WebException e)
{
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse);
OAuthRequestException.TryRethrow(responseParameters);
// If no OAuthRequestException, rethrow the WebException
throw;
}
// Store the access token
this.AccessToken = new OAuthToken(
TokenType.Access,
responseParameters.Token,
responseParameters.TokenSecret,
this.Service.Consumer);
// Fire the OnReceiveAccessToken event
AccessTokenReceivedEventArgs responseArgs = new AccessTokenReceivedEventArgs(
this.RequestToken,
this.AccessToken,
responseParameters.AdditionalParameters);
if (this.OnReceiveAccessToken != null)
{
this.OnReceiveAccessToken(this, responseArgs);
}
return(true);
}
protected virtual void DoGetRequestToken()
{
// Fire the OnBeforeGetRequestToken event
PreRequestEventArgs args = new PreRequestEventArgs(
this.Service.RequestTokenUrl,
this.Service.RequestTokenEndPoint.HttpMethod,
this.CallbackUrl,
new NameValueCollection());
if (this.OnBeforeGetRequestToken != null)
{
this.OnBeforeGetRequestToken(this, args);
}
OAuthParameters authParams = this.CreateOAuthParameters(args.AdditionalParameters);
authParams.Callback = args.CallbackUrl == null ? Constants.OAuthOutOfBandCallback : args.CallbackUrl.AbsoluteUri;
this.SignParameters(args.RequestUri, args.HttpMethod, authParams, null);
// Create and sign the request
HttpWebRequest request = this.CreateRequest(
args.RequestUri,
authParams,
args.HttpMethod,
args.HttpMethod == "POST" ? Constants.HttpPostUrlEncodedContentType : String.Empty,
null);
HttpWebResponse response = null;
OAuthParameters responseParameters = null;
// Get the service provider response
try
{
response = (HttpWebResponse)request.GetResponse();
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(response);
OAuthRequestException.TryRethrow(responseParameters);
}
catch (WebException e)
{
// Parse the parameters and re-throw any OAuthRequestException from the service provider
responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse);
OAuthRequestException.TryRethrow(responseParameters);
// If no OAuthRequestException, rethrow the WebException
throw;
}
// Store the request token
this.RequestToken = new OAuthToken(
TokenType.Request,
responseParameters.Token,
responseParameters.TokenSecret,
this.Service.Consumer);
// Fire the OnReceiveRequestToken event
RequestTokenReceivedEventArgs responseArgs = new RequestTokenReceivedEventArgs(
this.RequestToken,
responseParameters.AdditionalParameters);
if (this.OnReceiveRequestToken != null)
{
this.OnReceiveRequestToken(this, responseArgs);
}
}