internal void EncodeCredentials()
{
string encodedConsumerKey = BuildUrlHelper.UrlEncode(Credentials.ConsumerKey);
string encodedConsumerSecret = BuildUrlHelper.UrlEncode(Credentials.ConsumerSecret);
string concatenatedCredentials = encodedConsumerKey + ":" + encodedConsumerSecret;
byte[] credBytes = Encoding.UTF8.GetBytes(concatenatedCredentials);
string base64Credentials = Convert.ToBase64String(credBytes);
BasicToken = base64Credentials;
}
/// <summary>
/// Submit a web request using oAuth.
/// </summary>
/// <param name="method">GET or POST</param>
/// <param name="request">Request details</param>
/// <param name="postData">Data to post (querystring format)</param>
/// <returns>The web server response.</returns>
public string OAuthWebRequest(HttpMethod method, Request request, IDictionary <string, string> postData, string callback)
{
//Setup postData for signing.
//Add the postData to the querystring.
var url = request.FullUrl;
if (method == HttpMethod.POST)
{
if (postData != null && postData.Count > 0)
{
foreach (var postEntry in postData)
{
if (!string.IsNullOrEmpty(postEntry.Value))
{
request.RequestParameters.Add(new QueryParameter(postEntry.Key, postEntry.Value));
}
}
}
}
string nonce = GenerateNonce();
string timeStamp = GenerateTimeStamp();
string outUrl;
string querystring;
//Generate Signature
string sig = GenerateSignature(request,
OAuthConsumerKey,
OAuthConsumerSecret,
OAuthToken,
OAuthTokenSecret,
OAuthVerifier,
callback,
method.ToString(),
timeStamp,
nonce,
OAuthSignatureTypes.Hmacsha1,
out outUrl,
out querystring);
querystring += "&oauth_signature=" + BuildUrlHelper.UrlEncode(sig);
var ret = WebRequest(method, url, querystring, postData);
return(ret);
}
private string GatherPostData(IDictionary <string, string> postData)
{
var queryParams = new StringBuilder();
if (postData != null && postData.Count > 0)
{
foreach (var entry in postData)
{
queryParams
.Append(entry.Key)
.Append('=')
.Append(BuildUrlHelper.UrlEncode(entry.Value))
.Append('&');
}
queryParams.Length--; // discard trailing &
}
return(queryParams.ToString());
}
/// <summary>
/// returns a query string for an OAuth request
/// </summary>
/// <param name="url">Twitter query</param>
/// <returns>Query string with OAuth parameters</returns>
public void GetOAuthQueryString(HttpMethod method, Request request, string callback, out string outUrl, out string queryString)
{
string nonce = GenerateNonce();
string timeStamp = GenerateTimeStamp();
//Generate Signature
string sig = GenerateSignature(request,
OAuthConsumerKey,
OAuthConsumerSecret,
OAuthToken,
OAuthTokenSecret,
OAuthVerifier,
callback,
method.ToString(),
timeStamp,
nonce,
OAuthSignatureTypes.Hmacsha1,
out outUrl,
out queryString);
queryString += "&oauth_signature=" + BuildUrlHelper.UrlEncode(sig);
}
/// <summary>
/// Generates a signature using the specified signatureType
/// </summary>
/// <param name="request">Request details</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="consumerSecret">The consumer seceret</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="callback">Redirect URL for Web apps</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="nonce">Unique value for this particular request</param>
/// <param name="signatureType">The type of signature to use</param>
/// <param name="verifier">Number if using PIN authorization</param>
/// <param name="timeStamp">Timestamp for this request</param>
/// <param name="normalizedUrl">Url returned to caller</param>
/// <param name="normalizedRequestParameters">Parameters returned to caller</param>
/// <returns>A base64 string of the hash value</returns>
public string GenerateSignature(Request request, string consumerKey, string consumerSecret, string token, string tokenSecret, string verifier, string callback, string httpMethod, string timeStamp, string nonce, OAuthSignatureTypes signatureType, out string normalizedUrl, out string normalizedRequestParameters)
{
normalizedUrl = null;
normalizedRequestParameters = null;
switch (signatureType)
{
case OAuthSignatureTypes.Plaintext:
return(BuildUrlHelper.UrlEncode(
string.Format(CultureInfo.InvariantCulture, "{0}&{1}", consumerSecret, tokenSecret)));
case OAuthSignatureTypes.Hmacsha1:
string signatureBase = GenerateSignatureBase(request, consumerKey, token, tokenSecret, verifier, callback, httpMethod, timeStamp, nonce, Hmacsha1SignatureType, out normalizedUrl, out normalizedRequestParameters);
#if NETFX_CORE
string hashKey =
string.Format(
CultureInfo.InvariantCulture, "{0}&{1}",
BuildUrlHelper.UrlEncode(consumerSecret),
BuildUrlHelper.UrlEncode(tokenSecret));
return(HashWith(signatureBase, hashKey));
#else
var hmacsha1 = new HMACSHA1
{
Key =
Encoding.UTF8.GetBytes(
string.Format(
CultureInfo.InvariantCulture, "{0}&{1}",
BuildUrlHelper.UrlEncode(consumerSecret),
BuildUrlHelper.UrlEncode(tokenSecret)))
};
return(ComputeHash(hmacsha1, signatureBase));
#endif
case OAuthSignatureTypes.Rsasha1:
throw new NotImplementedException();
default:
throw new ArgumentException("Unknown signature type", "signatureType");
}
}
/// <summary>
/// Assembles a series of key=value pairs as a URI-escaped query-string.
/// </summary>
/// <param name="parameters">The parameters to include.</param>
/// <returns>A query-string-like value such as a=b&c=d. Does not include a leading question mark (?).</returns>
public static string BuildQueryString(IEnumerable <QueryParameter> parameters)
{
if (parameters == null)
{
throw new ArgumentNullException("parameters");
}
StringBuilder builder = new StringBuilder();
foreach (var pair in parameters.Where(p => !string.IsNullOrEmpty(p.Value)))
{
builder.Append(BuildUrlHelper.UrlEncode(pair.Name));
builder.Append('=');
builder.Append(BuildUrlHelper.UrlEncode(pair.Value));
builder.Append('&');
}
if (builder.Length > 1)
{
builder.Length--; // truncate trailing &
}
return(builder.ToString());
}
/// <summary>
/// Generate the signature base that is used to produce the signature
/// </summary>
/// <param name="request">Request details</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="callback">Redirect URL for Web apps</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="nonce">Unique value for this particular request</param>
/// <param name="signatureType">The signature type. To use the default values use <see cref="OAuthBase.SignatureTypes">OAuthBase.SignatureTypes</see>.</param>
/// <param name="verifier">Number if using PIN authorization</param>
/// <param name="timeStamp">Timestamp for this request</param>
/// <param name="normalizedUrl">Url returned to caller</param>
/// <param name="normalizedRequestParameters">Parameters returned to caller</param>
/// <returns>The signature base</returns>
public string GenerateSignatureBase(Request request, string consumerKey, string token, string tokenSecret, string verifier, string callback, string httpMethod, string timeStamp, string nonce, string signatureType, out string normalizedUrl, out string normalizedRequestParameters)
{
if (token == null)
{
token = string.Empty;
}
if (tokenSecret == null)
{
tokenSecret = string.Empty;
}
if (string.IsNullOrEmpty(consumerKey))
{
throw new ArgumentNullException("You must provide a consumerKey.", "consumerKey");
}
if (string.IsNullOrEmpty(httpMethod))
{
throw new ArgumentNullException("You must provide an httpMethod.", "httpMethod");
}
if (string.IsNullOrEmpty(signatureType))
{
throw new ArgumentNullException("You must provide a signatureType.", "signatureType");
}
var parameters = CloneQueryParameters(request.RequestParameters);
parameters.Add(new QueryParameter(OAuthVersionKey, OAuthVersion));
parameters.Add(new QueryParameter(OAuthNonceKey, nonce));
parameters.Add(new QueryParameter(OAuthTimestampKey, timeStamp));
parameters.Add(new QueryParameter(OAuthSignatureMethodKey, signatureType));
parameters.Add(new QueryParameter(OAuthConsumerKeyKey, consumerKey));
if (!string.IsNullOrEmpty(callback))
{
parameters.Add(new QueryParameter(OAuthCallbackKey, callback));
}
if (!string.IsNullOrEmpty(token))
{
parameters.Add(new QueryParameter(OAuthTokenKey, token));
}
if (!string.IsNullOrEmpty(verifier))
{
parameters.Add(new QueryParameter(OAuthVerifierKey, verifier));
}
// need to UrlEncode (per section 5.1) all the parameter values now, before sorting
// see: http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/
foreach (var parm in parameters)
{
parm.Value = BuildUrlHelper.UrlEncode(parm.Value);
}
parameters.Sort(QueryParameter.defaultComparer);
var url = new Uri(request.Endpoint);
normalizedUrl = url.Scheme + "://";
#if !SILVERLIGHT
normalizedUrl += url.Authority;
#else
normalizedUrl += url.Host;
if (!((url.Scheme == "http" && url.Port == 80) ||
(url.Scheme == "https" && url.Port == 443)))
{
normalizedUrl += ":" + url.Port;
}
#endif
normalizedUrl += url.AbsolutePath;
normalizedRequestParameters = NormalizeRequestParameters(parameters);
var signatureBase = new StringBuilder();
signatureBase.AppendFormat(CultureInfo.InvariantCulture, "{0}&", httpMethod.ToUpper());
signatureBase.AppendFormat(CultureInfo.InvariantCulture, "{0}&", BuildUrlHelper.UrlEncode(normalizedUrl));
signatureBase.AppendFormat(CultureInfo.InvariantCulture, "{0}", BuildUrlHelper.UrlEncode(normalizedRequestParameters));
return(signatureBase.ToString());
}