Exemplo n.º 1
0
        protected virtual void ParseParameters(HttpContext httpContext, OAuthRequestContext requestContext)
        {
            // Try to parse the parameters
            OAuthParameters parameters = OAuthParameters.Parse(httpContext.Request, ServiceProviderContext.Settings.ParameterSources);

            /*
             * Check for missing required parameters:
             *
             * The consumer key, signature method, signature, timestamp and nonce parameters
             * are all required
             */
            parameters.RequireAllOf(
                Constants.ConsumerKeyParameter,
                Constants.SignatureMethodParameter,
                Constants.SignatureParameter,
                Constants.TimestampParameter,
                Constants.NonceParameter,
                Constants.CallbackParameter);

            /*
             * The version parameter is optional, but it if is present its value must be 1.0
             */
            if (parameters.Version != null)
            {
                parameters.RequireVersion(Constants.Version1_0);
            }

            requestContext.Parameters = parameters;
        }
Exemplo n.º 2
0
        private OAuthResponse GetResource(NameValueCollection parameters, string contentType, System.IO.Stream bodyStream)
        {
            OAuthResponse response;

            HttpWebRequest request = this.PrepareProtectedResourceRequest(parameters, contentType, bodyStream);

            // A null value for the HttpWebRequest is returned when a ResponseToken is returned
            // and no one has returned in the AuthorizationHandler continue with getting an AccessToken
            // or an RequestToken exists but the AccessToken request was refused.
            if (request == null)
            {
                response = new OAuthResponse(this.RequestToken);
            }
            else
            {
                OAuthResource   resource;
                OAuthParameters responseParameters;

                try
                {
                    resource = new OAuthResource((HttpWebResponse)request.GetResponse());

                    // Parse the parameters and re-throw any OAuthRequestException from the service provider
                    responseParameters = OAuthParameters.Parse(resource);
                    OAuthRequestException.TryRethrow(responseParameters);

                    // If nothing is thrown then we should have a valid resource.
                    response = new OAuthResponse(this.AccessToken ?? this.RequestToken, resource);
                }
                catch (WebException e)
                {
                    // Parse the parameters and re-throw any OAuthRequestException from the service provider
                    responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse);
                    OAuthRequestException.TryRethrow(responseParameters);

                    // If no OAuthRequestException, rethrow the WebException
                    #warning TODO: We have consumer the WebException's body so rethrowing it is pretty pointless; wrap the WebException in an OAuthProtocolException and store the body (create an OAuthResource before parsing parameters)
                    throw;
                }
            }

            return(response);
        }
Exemplo n.º 3
0
        protected virtual void ParseParameters(HttpApplication application, OAuthRequestContext context)
        {
            // Try to parse the parameters
            OAuthParameters parameters = OAuthParameters.Parse(application.Request);

            /*
             * Check for missing required parameters:
             *
             * The consumer key, token, signature method, signature, timestamp and nonce parameters
             * are all required
             */
            if (ServiceProviderContext.Settings.AllowConsumerRequests)
            {
                parameters.RequireAllOf(
                    Constants.ConsumerKeyParameter,
                    Constants.SignatureMethodParameter,
                    Constants.SignatureParameter,
                    Constants.TimestampParameter,
                    Constants.NonceParameter);
            }
            else
            {
                // For 3 legged TokenParameter is required
                parameters.RequireAllOf(
                    Constants.ConsumerKeyParameter,
                    Constants.TokenParameter,
                    Constants.SignatureMethodParameter,
                    Constants.SignatureParameter,
                    Constants.TimestampParameter,
                    Constants.NonceParameter);
            }

            /*
             * The version parameter is optional, but it if is present its value must be 1.0
             */
            if (parameters.Version != null)
            {
                parameters.RequireVersion(Constants.Version1_0);
            }

            context.Parameters = parameters;
        }
Exemplo n.º 4
0
        protected virtual bool DoGetAccessToken()
        {
            // Fire the OnBeforeGetAccessToken event
            PreAccessTokenRequestEventArgs preArgs = new PreAccessTokenRequestEventArgs(
                this.Service.AccessTokenUrl,
                this.Service.AccessTokenEndPoint.HttpMethod,
                this.RequestToken,
                this.RequestTokenVerifier);

            if (this.OnBeforeGetAccessToken != null)
            {
                this.OnBeforeGetAccessToken(this, preArgs);
            }

            // Create and sign the request
            OAuthParameters authParams = this.CreateOAuthParameters(null);

            authParams.Verifier = preArgs.Verifier;

            // We don't have a verifier so something has gone wrong in the process.
            if (string.IsNullOrEmpty(authParams.Verifier))
            {
                return(false);
            }

            this.SignParameters(preArgs.RequestUri, preArgs.HttpMethod, authParams, this.RequestToken);

            HttpWebRequest request = this.CreateRequest(
                preArgs.RequestUri,
                authParams,
                preArgs.HttpMethod,
                preArgs.HttpMethod == "POST" ? Constants.HttpPostUrlEncodedContentType : String.Empty,
                null);

            HttpWebResponse response           = null;
            OAuthParameters responseParameters = null;

            // Get the service provider response
            try
            {
                response = (HttpWebResponse)request.GetResponse();

                // Parse the parameters and re-throw any OAuthRequestException from the service provider
                responseParameters = OAuthParameters.Parse(response);
                OAuthRequestException.TryRethrow(responseParameters);
            }
            catch (WebException e)
            {
                // Parse the parameters and re-throw any OAuthRequestException from the service provider
                responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse);
                OAuthRequestException.TryRethrow(responseParameters);

                // If no OAuthRequestException, rethrow the WebException
                throw;
            }

            // Store the access token
            this.AccessToken = new OAuthToken(
                TokenType.Access,
                responseParameters.Token,
                responseParameters.TokenSecret,
                this.Service.Consumer);

            // Fire the OnReceiveAccessToken event
            AccessTokenReceivedEventArgs responseArgs = new AccessTokenReceivedEventArgs(
                this.RequestToken,
                this.AccessToken,
                responseParameters.AdditionalParameters);

            if (this.OnReceiveAccessToken != null)
            {
                this.OnReceiveAccessToken(this, responseArgs);
            }

            return(true);
        }
Exemplo n.º 5
0
        protected virtual void DoGetRequestToken()
        {
            // Fire the OnBeforeGetRequestToken event
            PreRequestEventArgs args = new PreRequestEventArgs(
                this.Service.RequestTokenUrl,
                this.Service.RequestTokenEndPoint.HttpMethod,
                this.CallbackUrl,
                new NameValueCollection());

            if (this.OnBeforeGetRequestToken != null)
            {
                this.OnBeforeGetRequestToken(this, args);
            }

            OAuthParameters authParams = this.CreateOAuthParameters(args.AdditionalParameters);

            authParams.Callback = args.CallbackUrl == null ? Constants.OAuthOutOfBandCallback : args.CallbackUrl.AbsoluteUri;

            this.SignParameters(args.RequestUri, args.HttpMethod, authParams, null);

            // Create and sign the request
            HttpWebRequest request = this.CreateRequest(
                args.RequestUri,
                authParams,
                args.HttpMethod,
                args.HttpMethod == "POST" ? Constants.HttpPostUrlEncodedContentType : String.Empty,
                null);

            HttpWebResponse response           = null;
            OAuthParameters responseParameters = null;

            // Get the service provider response
            try
            {
                response = (HttpWebResponse)request.GetResponse();

                // Parse the parameters and re-throw any OAuthRequestException from the service provider
                responseParameters = OAuthParameters.Parse(response);
                OAuthRequestException.TryRethrow(responseParameters);
            }
            catch (WebException e)
            {
                // Parse the parameters and re-throw any OAuthRequestException from the service provider
                responseParameters = OAuthParameters.Parse(e.Response as HttpWebResponse);
                OAuthRequestException.TryRethrow(responseParameters);

                // If no OAuthRequestException, rethrow the WebException
                throw;
            }

            // Store the request token
            this.RequestToken = new OAuthToken(
                TokenType.Request,
                responseParameters.Token,
                responseParameters.TokenSecret,
                this.Service.Consumer);

            // Fire the OnReceiveRequestToken event
            RequestTokenReceivedEventArgs responseArgs = new RequestTokenReceivedEventArgs(
                this.RequestToken,
                responseParameters.AdditionalParameters);

            if (this.OnReceiveRequestToken != null)
            {
                this.OnReceiveRequestToken(this, responseArgs);
            }
        }