/// <summary> /// Processing for TokenAuthorization} using SignatureCredential /// </summary> /// <param name="certCredential"></param> /// <param name="toknAuthorization"></param> /// <returns></returns> protected override Dictionary<string, string> ProcessTokenAuthorization( CertificateCredential certCredential, TokenAuthorization toknAuthorization) { Dictionary<string, string> headers = new Dictionary<string, string>(); try { OAuthGenerator signGenerator = new OAuthGenerator(certCredential.UserName, certCredential.Password); signGenerator.setHTTPMethod(OAuthGenerator.HTTPMethod.POST); signGenerator.setToken(toknAuthorization.AccessToken); signGenerator.setTokenSecret(toknAuthorization.TokenSecret); string tokenTimeStamp = Timestamp; signGenerator.setTokenTimestamp(tokenTimeStamp); log.Debug("token = " + toknAuthorization.AccessToken + " tokenSecret=" + toknAuthorization.TokenSecret + " uri=" + endpointURL); signGenerator.setRequestURI(endpointURL); //Compute Signature string sign = signGenerator.ComputeSignature(); log.Debug("Permissions signature: " + sign); string authorization = "token=" + toknAuthorization.AccessToken + ",signature=" + sign + ",timestamp=" + tokenTimeStamp; log.Debug("Authorization string: " + authorization); headers.Add(BaseConstants.PAYPAL_AUTHORIZATION_MERCHANT, authorization); } catch (OAuthException ae) { throw ae; } return headers; }
/// <summary> /// Set necessary authentication parameters /// </summary> /// <param name="httpRequest"></param> /// <param name="requestUri"></param> /// <returns></returns> public HttpWebRequest SetAuthenticationParams(HttpWebRequest httpRequest, string requestUri) { //TODO: get uri from httpRequest instead of passing in // Load and validate credentials apiCredentials = credMgr.GetCredentials(ApiUsername); credMgr.ValidateCredentials(apiCredentials); if (this.Token != null && this.TokenSecret != null) { OAuthGenerator sigGenerator = new OAuthGenerator(apiCredentials.APIUsername, apiCredentials.APIPassword); //TODO: Add queryparams if a GET request sigGenerator.setHTTPMethod(httpRequest.Method); sigGenerator.setToken(this.Token); sigGenerator.setTokenSecret(this.TokenSecret); string tokenTimeStamp = GenerateTimeStamp(); sigGenerator.setTokenTimestamp(tokenTimeStamp); log.Debug("token = " + Token + " tokenSecret=" + TokenSecret + " uri=" + requestUri); sigGenerator.setRequestURI(requestUri); //Compute Signature string sig = sigGenerator.ComputeSignature(); log.Debug("Permissions signature: " + sig); string authorization = "token=" + Token + ",signature=" + sig + ",timestamp=" + tokenTimeStamp; log.Debug("Authorization string: " + authorization); httpRequest.Headers.Add(BaseConstants.XPAYPALSECURITYOAUTHSIGN, authorization); } else { // Adding Credential and payload request/resposne information to the HttpWebRequest obejct's header httpRequest.Headers.Add(BaseConstants.XPAYPALSECURITYUSERID, apiCredentials.APIUsername); httpRequest.Headers.Add(BaseConstants.XPAYPALSECURITYPASSWORD, apiCredentials.APIPassword); // Add the certificate to HttpWebRequest object if Profile is certificate enabled if ((apiCredentials is SignatureCredential)) { httpRequest.Headers.Add(BaseConstants.XPAYPALSECURITYSIGNATURE, ((SignatureCredential)apiCredentials).APISignature); } else { // Load the certificate into an X509Certificate2 object. if (((CertificateCredential)apiCredentials).PrivateKeyPassword.Trim() == string.Empty) { x509 = new X509Certificate2(((CertificateCredential)apiCredentials).CertificateFile); } else { x509 = new X509Certificate2(((CertificateCredential)apiCredentials).CertificateFile, ((CertificateCredential)apiCredentials).PrivateKeyPassword); } httpRequest.ClientCertificates.Add(x509); } } httpRequest.Headers.Add(BaseConstants.XPAYPALAPPLICATIONID, apiCredentials.ApplicationID); return httpRequest; }