Exemplo n.º 1
0
        private void Normalize()
        {
            if (Url.IsNullOrEmpty())
            {
                return;
            }
            Url = Url.ToLower();
            if (!Url.StartsWith("http"))
            {
                Url = "http://" + Url;
            }

            if (Uri == null)
            {
                Uri = Url.ToUri();
            }
            if (Uri == null)
            {
                return;
            }

            string domain = NormalizeHost(Uri.Host);
            string path   = Uri.AbsolutePath;

            string query = Uri.Query.TrimStart('?');

            if (query.Length > 0)
            {
                var coll = new Utilities.Query(null, query);
                query = string.Empty;
                foreach (string name in coll.Keys.Select(x => x.NotNull().ToLower()).OrderBy(x => x))
                {
                    query = string.Concat(query, query.Length == 0 ? '?' : '&', name, "=", NormalizeQueryValue(coll[name]));
                }
            }

            string file = path.EndsWith("/") ? string.Empty : path.Substring(path.LastIndexOf("/") + 1);

            if (file.Length > 0 && !file.Contains("."))
            {
                path += "/";
            }
            else if (file.StartsWith("default.") || file.StartsWith("index."))
            {
                path = path.Substring(0, path.LastIndexOf("/") + 1);
            }

            NormalizedUrlQuery = string.Concat(domain, path, query);
            NormalizedUrl      = string.Concat(domain, path);
            ID   = NormalizedUrl.GetHashCode();
            Host = domain;
        }
Exemplo n.º 2
0
        public static Tuple <Utilities.Query, Utilities.Query, string> GetInfo(string method, string hashAlgorithm, ref string url, string posted, string consumerKey, string consumerSecret, string token, string verifier, string tokenSecret)
        {
            method        = method ?? "GET";
            hashAlgorithm = hashAlgorithm ?? HMACSHA1;

            string timestamp = DateTime.UtcNow.GetSecondsSince1970().ToString();
            string nonce     = GetNonce();

            var query       = new Utilities.Query(url, posted);
            var postedquery = new Utilities.Query(string.Empty, posted);

            int q = url.IndexOf('?');

            if (q > -1)
            {
                url = url.Substring(0, q);
            }

            //add the oauth stuffs
            query["oauth_consumer_key"]     = consumerKey;
            query["oauth_nonce"]            = nonce;
            query["oauth_signature_method"] = hashAlgorithm;
            query["oauth_timestamp"]        = timestamp;
            query["oauth_version"]          = "1.0";
            if (token != null)
            {
                query["oauth_token"] = token;
            }
            if (verifier != null)
            {
                query["oauth_verifier"] = verifier;
            }

            //put the querystring back together in alphabetical order
            string querystring = GetQueryString(query, true);
            string sig         = GetSignature(method, hashAlgorithm, consumerSecret, url, querystring, tokenSecret);

            return(Tuple.Create(query, postedquery, sig));
        }
Exemplo n.º 3
0
        public static bool Validate(string method, string url, string posted, string authorizationHeader, double numSecondsValid, Func <string, string> GetConsumerSecret, bool throwOnError = false, Func <string, string, string> GetTokenSecret = null)
        {
            method = method ?? "GET";

            if (numSecondsValid < 0 || numSecondsValid > MaxNonceAge.TotalSeconds)
            {
                throw new ArgumentException(string.Format("Must be more than 0 and less than {0} seconds", MaxNonceAge.TotalSeconds), "numSecondsValid");
            }

            var query = new Utilities.Query(url, posted);

            if (!authorizationHeader.IsNullOrEmpty())
            {
                var authorization = ParseAuthorizationHeader(authorizationHeader);
                authorization.Keys.ForEach(key => query[key] = authorization[key]);
            }

            if (query["oauth_version"] != "1.0")
            {
                if (throwOnError)
                {
                    throw new System.Web.HttpException(401, "Invalid version specified");
                }
            }

            if (numSecondsValid > 0)
            {
                double timestamp = query["oauth_timestamp"].ToDouble();
                double diff      = Math.Abs(DateTime.UtcNow.GetSecondsSince1970() - timestamp);

                if (diff > numSecondsValid)
                {
                    if (throwOnError)
                    {
                        throw new System.Web.HttpException(401, "The timestamp is too old");
                    }
                    return(false);
                }

                DateTime used = _NonceCache[query["oauth_nonce"]];
                if (used.AddSeconds(numSecondsValid) > DateTime.UtcNow)
                {
                    if (throwOnError)
                    {
                        throw new System.Web.HttpException(401, "The nonce is not unique");
                    }
                    return(false);
                }
                _NonceCache[query["oauth_nonce"]] = DateTime.UtcNow;
            }

            string hashAlgorithm = query["oauth_signature_method"];
            int    q             = url.IndexOf('?');
            string path          = q == -1 ? url : url.Substring(0, q);

            string secret = GetConsumerSecret(query["oauth_consumer_key"].NotEmpty(query["client_id"]));
            string sig;

            try {
                var querystring = GetQueryString(query, true);
                sig = GetSignature(method, hashAlgorithm, secret, path, querystring, GetTokenSecret != null && query.ContainsKey("oauth_token") ? GetTokenSecret(query["oauth_token"], query["oauth_verifier"]) : null);
            } catch (Exception) {
                if (throwOnError)
                {
                    throw;
                }
                return(false);
            }

            var testSig = query["oauth_signature"];

            if (sig != testSig)
            {
                if (throwOnError)
                {
                    throw new System.Web.HttpException(401, string.Format("The signature is invalid. {0}", GetQueryString(query, false)));
                }
                return(false);
            }

            return(true);
        }
Exemplo n.º 4
0
 private static string GetQueryString(Utilities.Query query, bool encode)
 {
     return(query.ToString(encode, "oauth_signature", "realm"));
 }