/// <summary>
/// Generate the signature base that is used to produce the signature
/// </summary>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="parameters"></param>
/// <returns>The signature base</returns>
internal static string GenerateSignatureBase(string httpMethod, Uri url, NameValueCollection parameters)
{
// https://tools.ietf.org/html/rfc5849#section-3.4.1.1
var signatureBase = new StringBuilder();
signatureBase.Append(httpMethod.ToRfc3986EncodedString().ToUpperInvariant()).Append('&');
// https://tools.ietf.org/html/rfc5849#section-3.4.1.2
// Exclude the query (query parameters in parameters collection) from the URI
var normalizedUrl = $"{url.Scheme.ToLowerInvariant()}://{url.Host.ToLowerInvariant()}";
if (!((url.Scheme == "http" && url.Port == 80) || (url.Scheme == "https" && url.Port == 443)))
{
normalizedUrl += ":" + url.Port;
}
normalizedUrl += url.AbsolutePath;
signatureBase.Append(normalizedUrl.ToRfc3986EncodedString()).Append('&');
// Construct the signature string
signatureBase.Append(parameters.ToNormalizedString().ToRfc3986EncodedString());
return signatureBase.ToString();
}
/// <summary>
/// Generate the signature base that is used to produce the signature
/// </summary>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="parameters"></param>
/// <returns>The signature base</returns>
public static string GenerateSignatureBase(string httpMethod, Uri url, NameValueCollection parameters)
{
// RFC 5849 3.4.1.1
var signatureBase = new StringBuilder();
signatureBase.Append(httpMethod.ToRfc3986EncodedString().ToUpperInvariant()).Append('&');
// RFC 5849 3.4.1.2
var normalizedUrl = string.Format("{0}://{1}", url.Scheme.ToLowerInvariant(), url.Host.ToLowerInvariant());
if (!((url.Scheme == "http" && url.Port == 80) || (url.Scheme == "https" && url.Port == 443)))
{
normalizedUrl += ":" + url.Port;
}
normalizedUrl += url.AbsolutePath;
signatureBase.Append(normalizedUrl.ToRfc3986EncodedString()).Append('&');
// Per RFC 5849 3.4.1.3, do not include the OAuth signature or realm in the signature base string
var excludedNames = new List<string> {OAuthConstants.SignatureParameter, OAuthConstants.RealmParameter};
// Construct the signature string
signatureBase.Append(parameters.ToNormalizedString(excludedNames).ToRfc3986EncodedString());
return signatureBase.ToString();
}
