/// <summary>
/// Generates an OAuth header.
/// </summary>
/// <param name="uri">The URI of the request</param>
/// <param name="httpMethod">The http method</param>
/// <param name="parameters">The OAuth parameters</param>
/// <returns>The OAuth authorization header</returns>
public static string GenerateHeader(Uri uri, string httpMethod, OAuthParameters parameters)
{
parameters.Timestamp = OAuthBase.GenerateTimeStamp();
parameters.Nonce = OAuthBase.GenerateNonce();
string signature = OAuthBase.GenerateSignature(uri, httpMethod, parameters);
StringBuilder sb = new StringBuilder();
sb.AppendFormat("Authorization: OAuth {0}=\"{1}\",", OAuthBase.OAuthVersionKey, OAuthBase.OAuthVersion);
sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthNonceKey, OAuthBase.EncodingPerRFC3986(parameters.Nonce));
sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthTimestampKey, OAuthBase.EncodingPerRFC3986(parameters.Timestamp));
sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthConsumerKeyKey, OAuthBase.EncodingPerRFC3986(parameters.ConsumerKey));
if (parameters.BaseProperties.ContainsKey(OAuthBase.OAuthVerifierKey))
{
sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthVerifierKey, OAuthBase.EncodingPerRFC3986(parameters.BaseProperties[OAuthBase.OAuthVerifierKey]));
}
if (!String.IsNullOrEmpty(parameters.Token))
{
sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthTokenKey, OAuthBase.EncodingPerRFC3986(parameters.Token));
}
if (parameters.BaseProperties.ContainsKey(OAuthBase.OAuthCallbackKey))
{
sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthCallbackKey, OAuthBase.EncodingPerRFC3986(parameters.BaseProperties[OAuthBase.OAuthCallbackKey]));
}
sb.AppendFormat("{0}=\"{1}\",", OAuthBase.OAuthSignatureMethodKey, OAuthBase.HMACSHA1SignatureType);
sb.AppendFormat("{0}=\"{1}\"", OAuthBase.OAuthSignatureKey, OAuthBase.EncodingPerRFC3986(signature));
return sb.ToString();
}
/// <summary>
/// Generates an OAuth header.
/// </summary>
/// <param name="uri">The URI of the request</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="token">The OAuth token</param>
/// <param name="tokenSecret">The OAuth token secret</param>
/// <param name="httpMethod">The http method</param>
/// <returns>The OAuth authorization header</returns>
public static string GenerateHeader(Uri uri, String consumerKey, String consumerSecret, String token,
String tokenSecret, String httpMethod)
{
OAuthParameters parameters = new OAuthParameters()
{
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Token = token,
TokenSecret = tokenSecret,
SignatureMethod = OAuthBase.HMACSHA1SignatureType
};
return GenerateHeader(uri, httpMethod, parameters);
}
/// <summary>
/// Generates an OAuth header.
/// </summary>
/// <param name="uri">The URI of the request</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="consumerSecret">The consumer secret</param>
/// <param name="token">The OAuth token</param>
/// <param name="tokenSecret">The OAuth token secret</param>
/// <param name="httpMethod">The http method</param>
/// <returns>The OAuth authorization header</returns>
public static string GenerateHeader(Uri uri, string consumerKey, string consumerSecret, string token,
string tokenSecret, string httpMethod)
{
OAuthParameters parameters = new OAuthParameters()
{
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Token = token,
TokenSecret = tokenSecret,
SignatureMethod = OAuthBase.HMACSHA1SignatureType
};
return(GenerateHeader(uri, httpMethod, parameters));
}
/// <summary>
/// Generate the signature base that is used to produce the signature
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="timeStamp">The OAuth timestamp. Must be a valid timestamp and equal or greater than
/// timestamps used in previous requests</param>
/// <param name="nonce">The OAuth nonce. A random string uniquely generated for each request</param>
/// <param name="signatureType">The signature type.</param>
/// <returns>The signature base</returns>
public static string GenerateSignatureBase(Uri url, string consumerKey, string token, string tokenSecret,
string httpMethod, string timeStamp, string nonce, string signatureType)
{
OAuthParameters parameters = new OAuthParameters()
{
ConsumerKey = consumerKey,
Token = token,
TokenSecret = tokenSecret,
Timestamp = timeStamp,
Nonce = nonce,
SignatureMethod = signatureType
};
return(GenerateSignatureBase(url, httpMethod, parameters));
}
/// <summary>
/// Generate the signature base that is used to produce the signature
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="parameters">The OAuth parameters</param>
/// <returns>The signature base</returns>
public static string GenerateSignatureBase(Uri url, string httpMethod, OAuthParameters parameters)
{
if (string.IsNullOrEmpty(parameters.ConsumerKey))
{
throw new ArgumentNullException("consumerKey");
}
if (string.IsNullOrEmpty(httpMethod))
{
throw new ArgumentNullException("httpMethod");
}
if (string.IsNullOrEmpty(parameters.SignatureMethod))
{
throw new ArgumentNullException("signatureMethod");
}
string normalizedUrl = null;
string normalizedRequestParameters = null;
SortedDictionary <string, string> allParameters = GetQueryParameters(url.Query, parameters.BaseProperties);
if (!allParameters.ContainsKey(OAuthVersionKey))
{
allParameters.Add(OAuthVersionKey, OAuthVersion);
}
normalizedUrl = string.Format("{0}://{1}", url.Scheme, url.Host);
if (!((url.Scheme == "http" && url.Port == 80) || (url.Scheme == "https" && url.Port == 443)))
{
normalizedUrl += ":" + url.Port;
}
normalizedUrl += url.AbsolutePath;
normalizedRequestParameters = NormalizeRequestParameters(allParameters);
StringBuilder signatureBase = new StringBuilder();
signatureBase.AppendFormat(CultureInfo.InvariantCulture, "{0}&", httpMethod.ToUpper());
signatureBase.AppendFormat(CultureInfo.InvariantCulture, "{0}&", EncodingPerRFC3986(normalizedUrl));
System.Diagnostics.Trace.WriteLine("==== OAuth Signature Base parameters ====");
System.Diagnostics.Trace.WriteLine(EncodingPerRFC3986(normalizedRequestParameters));
signatureBase.AppendFormat(CultureInfo.InvariantCulture, "{0}", EncodingPerRFC3986(normalizedRequestParameters));
return(signatureBase.ToString());
}
/// <summary>
/// Generates a signature using the specified signatureMethod
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="parameters">The OAuth parameters</param>
/// <returns>A base64 string of the hash value</returns>
public static string GenerateSignature(Uri url, string httpMethod, OAuthParameters parameters)
{
switch (parameters.SignatureMethod)
{
case PlainTextSignatureType:
return(UrlEncode(string.Format("{0}&{1}", parameters.ConsumerKey, parameters.TokenSecret)));
case HMACSHA1SignatureType:
string signatureBase = GenerateSignatureBase(url, httpMethod, parameters);
HMACSHA1 hmacsha1 = new HMACSHA1();
hmacsha1.Key = Encoding.ASCII.GetBytes(GenerateOAuthSignature(parameters.ConsumerSecret, parameters.TokenSecret));
return(GenerateSignatureUsingHash(signatureBase, hmacsha1));
case RSASHA1SignatureType:
throw new NotImplementedException();
default:
throw new ArgumentException("Unknown signature type", "signatureType");
}
}
/// <summary>
/// Generate the signature base that is used to produce the signature
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="parameters">The OAuth parameters</param>
/// <returns>The signature base</returns>
public static string GenerateSignatureBase(Uri url, string httpMethod, OAuthParameters parameters)
{
if (string.IsNullOrEmpty(parameters.ConsumerKey))
{
throw new ArgumentNullException("consumerKey");
}
if (string.IsNullOrEmpty(httpMethod))
{
throw new ArgumentNullException("httpMethod");
}
if (string.IsNullOrEmpty(parameters.SignatureMethod))
{
throw new ArgumentNullException("signatureMethod");
}
string normalizedUrl = null;
string normalizedRequestParameters = null;
SortedDictionary<string, string> allParameters = GetQueryParameters(url.Query, parameters.BaseProperties);
if (!allParameters.ContainsKey(OAuthVersionKey))
{
allParameters.Add(OAuthVersionKey, OAuthVersion);
}
normalizedUrl = string.Format("{0}://{1}", url.Scheme, url.Host);
if (!((url.Scheme == "http" && url.Port == 80) || (url.Scheme == "https" && url.Port == 443)))
{
normalizedUrl += ":" + url.Port;
}
normalizedUrl += url.AbsolutePath;
normalizedRequestParameters = NormalizeRequestParameters(allParameters);
StringBuilder signatureBase = new StringBuilder();
signatureBase.AppendFormat(CultureInfo.InvariantCulture, "{0}&", httpMethod.ToUpper());
signatureBase.AppendFormat(CultureInfo.InvariantCulture, "{0}&", EncodingPerRFC3986(normalizedUrl));
Debug.WriteLine("==== OAuth Signature Base parameters ====");
Debug.WriteLine(EncodingPerRFC3986(normalizedRequestParameters));
signatureBase.AppendFormat(CultureInfo.InvariantCulture, "{0}", EncodingPerRFC3986(normalizedRequestParameters));
return signatureBase.ToString();
}
/// <summary>
/// Generate the signature base that is used to produce the signature
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="timeStamp">The OAuth timestamp. Must be a valid timestamp and equal or greater than
/// timestamps used in previous requests</param>
/// <param name="nonce">The OAuth nonce. A random string uniquely generated for each request</param>
/// <param name="signatureType">The signature type.</param>
/// <returns>The signature base</returns>
public static string GenerateSignatureBase(Uri url, string consumerKey, string token, string tokenSecret,
string httpMethod, string timeStamp, string nonce, string signatureType)
{
OAuthParameters parameters = new OAuthParameters()
{
ConsumerKey = consumerKey,
Token = token,
TokenSecret = tokenSecret,
Timestamp = timeStamp,
Nonce = nonce,
SignatureMethod = signatureType
};
return GenerateSignatureBase(url, httpMethod, parameters);
}
/// <summary>
/// Generates a signature using the specified signatureMethod
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="parameters">The OAuth parameters</param>
/// <returns>A base64 string of the hash value</returns>
public static string GenerateSignature(Uri url, string httpMethod, OAuthParameters parameters)
{
switch (parameters.SignatureMethod)
{
case PlainTextSignatureType:
return UrlEncode(string.Format("{0}&{1}", parameters.ConsumerKey, parameters.TokenSecret));
case HMACSHA1SignatureType:
string signatureBase = GenerateSignatureBase(url, httpMethod, parameters);
HMACSHA1 hmacsha1 = new HMACSHA1();
hmacsha1.Key = Encoding.ASCII.GetBytes(GenerateOAuthSignature(parameters.ConsumerSecret, parameters.TokenSecret));
return GenerateSignatureUsingHash(signatureBase, hmacsha1);
case RSASHA1SignatureType:
throw new NotImplementedException();
default:
throw new ArgumentException("Unknown signature type", "signatureType");
}
}
