public void LinkedInInteropTest() {
var endpoint = new MessageReceivingEndpoint("https://api.linkedin.com/v1/people/~:(id,first-name,last-name,headline,industry,summary)", HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.GetRequest);
var message = new AccessProtectedResourceRequest(endpoint, Protocol.V10.Version);
message.ConsumerKey = "ub78frzrn0yf";
message.AccessToken = "852863fd-05da-4d80-a93d-50f64f966de4";
((ITamperResistantOAuthMessage)message).ConsumerSecret = "ExJXsYl7Or8OfK98";
((ITamperResistantOAuthMessage)message).TokenSecret = "b197333b-470a-43b3-bcd7-49d6d2229c4c";
var signedMessage = (ITamperResistantOAuthMessage)message;
signedMessage.HttpMethod = HttpMethod.Get;
signedMessage.SignatureMethod = "HMAC-SHA1";
MessageDictionary dictionary = this.MessageDescriptions.GetAccessor(message);
dictionary["oauth_timestamp"] = "1353545248";
dictionary["oauth_nonce"] = "ugEB4bst";
var hmac = new HmacSha1SigningBindingElement();
hmac.Channel = new TestChannel(this.MessageDescriptions);
Assert.That(hmac.GetSignatureTestHook(message), Is.EqualTo("l09yeD9cr4+h1eoUF4WBoGEHrlk="));
}
/// <summary>
/// Creates a web request prepared with OAuth authorization
/// that may be further tailored by adding parameters by the caller.
/// </summary>
/// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param>
/// <param name="accessToken">The access token that permits access to the protected resource.</param>
/// <returns>The initialized WebRequest object.</returns>
protected internal AccessProtectedResourceRequest CreateAuthorizingMessage(MessageReceivingEndpoint endpoint, string accessToken) {
Contract.Requires<ArgumentNullException>(endpoint != null);
Contract.Requires<ArgumentNullException>(!String.IsNullOrEmpty(accessToken));
AccessProtectedResourceRequest message = new AccessProtectedResourceRequest(endpoint, this.ServiceProvider.Version) {
AccessToken = accessToken,
ConsumerKey = this.ConsumerKey,
};
return message;
}
public HttpWebRequest PrepareAuthorizedRequest(AccessProtectedResourceRequest message) {
Contract.Requires<ArgumentNullException>(message != null);
return this.OAuthChannel.InitializeRequest(message);
}
/// <summary>
/// Ensures that access tokens have not yet expired.
/// </summary>
/// <param name="message">The incoming message carrying the access token.</param>
private void VerifyThrowTokenNotExpired(AccessProtectedResourceRequest message) {
Requires.NotNull(message, "message");
try {
IServiceProviderAccessToken token = this.tokenManager.GetAccessToken(message.AccessToken);
if (token.ExpirationDate.HasValue && DateTime.Now >= token.ExpirationDate.Value.ToLocalTimeSafe()) {
Logger.OAuth.ErrorFormat(
"OAuth access token {0} rejected because it expired at {1}, and it is now {2}.",
token.Token,
token.ExpirationDate.Value,
DateTime.Now);
ErrorUtilities.ThrowProtocol(OAuthStrings.TokenNotFound);
}
} catch (KeyNotFoundException ex) {
throw ErrorUtilities.Wrap(ex, OAuthStrings.TokenNotFound);
}
}
/// <summary>
/// Creates a security principal that may be used.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>The <see cref="IPrincipal"/> instance that can be used for access control of resources.</returns>
public OAuthPrincipal CreatePrincipal(AccessProtectedResourceRequest request) {
Requires.NotNull(request, "request");
IServiceProviderAccessToken accessToken = this.TokenManager.GetAccessToken(request.AccessToken);
return new OAuth1Principal(accessToken);
}
/// <summary>
/// Creates a web request prepared with OAuth authorization
/// that may be further tailored by adding parameters by the caller.
/// </summary>
/// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param>
/// <param name="accessToken">The access token that permits access to the protected resource.</param>
/// <returns>The initialized WebRequest object.</returns>
protected internal AccessProtectedResourceRequest CreateAuthorizingMessage(MessageReceivingEndpoint endpoint, string accessToken)
{
if (endpoint == null) {
throw new ArgumentNullException("endpoint");
}
if (String.IsNullOrEmpty(accessToken)) {
throw new ArgumentNullException("accessToken");
}
AccessProtectedResourceRequest message = new AccessProtectedResourceRequest(endpoint) {
AccessToken = accessToken,
ConsumerKey = this.ConsumerKey,
};
return message;
}
internal AccessProtectedResourceRequest CreateResourceRequest(MessageReceivingEndpoint endpoint) {
Contract.Requires(endpoint != null);
var message = new AccessProtectedResourceRequest(endpoint, Protocol.V10.Version);
return message;
}
/// <summary>
/// Creates a web request prepared with OAuth authorization
/// that may be further tailored by adding parameters by the caller.
/// </summary>
/// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param>
/// <param name="accessToken">The access token that permits access to the protected resource.</param>
/// <returns>The initialized WebRequest object.</returns>
protected internal AccessProtectedResourceRequest CreateAuthorizingMessage(MessageReceivingEndpoint endpoint, string accessToken) {
Requires.NotNull(endpoint, "endpoint");
Requires.NotNullOrEmpty(accessToken, "accessToken");
AccessProtectedResourceRequest message = new AccessProtectedResourceRequest(endpoint, this.ServiceProvider.Version) {
AccessToken = accessToken,
ConsumerKey = this.ConsumerKey,
};
return message;
}
public HttpWebRequest PrepareAuthorizedRequest(AccessProtectedResourceRequest message) {
Requires.NotNull(message, "message");
return this.OAuthChannel.InitializeRequest(message);
}
/// <summary>
/// Creates a security principal that may be used.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>The <see cref="IPrincipal"/> instance that can be used for access control of resources.</returns>
public IPrincipal CreatePrincipal(AccessProtectedResourceRequest request) {
Requires.NotNull(request, "request");
IServiceProviderAccessToken accessToken = this.TokenManager.GetAccessToken(request.AccessToken);
return OAuthPrincipal.CreatePrincipal(accessToken.Username, accessToken.Roles);
}
internal AccessProtectedResourceRequest CreateResourceRequest(MessageReceivingEndpoint endpoint) {
Requires.NotNull(endpoint, "endpoint");
var message = new AccessProtectedResourceRequest(endpoint, Protocol.V10.Version);
return message;
}
/// <summary>
/// Creates a security principal that may be used.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>The <see cref="IPrincipal"/> instance that can be used for access control of resources.</returns>
public OAuthPrincipal CreatePrincipal(AccessProtectedResourceRequest request) {
Contract.Requires<ArgumentNullException>(request != null);
IServiceProviderAccessToken accessToken = this.TokenManager.GetAccessToken(request.AccessToken);
return new OAuthPrincipal(accessToken);
}
/// <summary>
/// Creates a web request prepared with OAuth authorization
/// that may be further tailored by adding parameters by the caller.
/// </summary>
/// <param name="endpoint">The URL and method on the Service Provider to send the request to.</param>
/// <param name="accessToken">The access token that permits access to the protected resource.</param>
/// <returns>The initialized WebRequest object.</returns>
protected internal AccessProtectedResourceRequest CreateAuthorizingMessage(MessageReceivingEndpoint endpoint, string accessToken)
{
Contract.Requires(endpoint != null);
Contract.Requires(!String.IsNullOrEmpty(accessToken));
ErrorUtilities.VerifyArgumentNotNull(endpoint, "endpoint");
ErrorUtilities.VerifyNonZeroLength(accessToken, "accessToken");
AccessProtectedResourceRequest message = new AccessProtectedResourceRequest(endpoint, this.ServiceProvider.Version) {
AccessToken = accessToken,
ConsumerKey = this.ConsumerKey,
};
return message;
}
public HttpWebRequest PrepareAuthorizedRequest(AccessProtectedResourceRequest message)
{
Contract.Requires(message != null);
ErrorUtilities.VerifyArgumentNotNull(message, "message");
return this.OAuthChannel.InitializeRequest(message);
}
/// <summary>
/// Creates a security principal that may be used.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>The <see cref="IPrincipal"/> instance that can be used for access control of resources.</returns>
public OAuthPrincipal CreatePrincipal(AccessProtectedResourceRequest request)
{
Contract.Requires(request != null);
ErrorUtilities.VerifyArgumentNotNull(request, "request");
IServiceProviderAccessToken accessToken = this.TokenManager.GetAccessToken(request.AccessToken);
return new OAuthPrincipal(accessToken);
}
