/// <summary> /// Validates that the version matches one of the allowed versions. /// </summary> /// /// <param name="allowedVersions">The allowed version strings, in order /// from earliest to latest</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// If the version does not match any of the allowed versions /// </exception> public void RequireVersion(params string[] allowedVersions) { if (allowedVersions == null) { throw new ArgumentNullException("allowedVersions"); } if (allowedVersions.Length < 1) { throw new ArgumentException("allowedVersions argument is mandatory", "allowedVersions"); } if (!string.IsNullOrEmpty(this.parameters[Constants.VersionParameter])) { foreach (string allowedVersion in allowedVersions) { if (allowedVersion.Equals(this.parameters[Constants.VersionParameter])) { return; } } } OAuthRequestException.ThrowVersionRejected(allowedVersions[0], allowedVersions[allowedVersions.Length - 1], null); }
public void Sign(Uri requestUri, string httpMethod, IConsumer consumer, IToken token, ISigningProvider signingProvider) { if (token != null) { this.Token = token.Token; } OAuthParameters signingParameters = this.Clone(); var signingUri = new UriBuilder(requestUri); // Normalize the request uri for signing if (!string.IsNullOrEmpty(requestUri.Query)) { // TODO: Will the parameters necessarily be Rfc3698 encoded here? If not, then Rfc3968.SplitAndDecode will throw FormatException signingParameters.AdditionalParameters.Add(Rfc3986.SplitAndDecode(requestUri.Query.Substring(1))); signingUri.Query = null; } if (signingProvider == null) { // There is no signing provider for this signature method OAuthRequestException.ThrowSignatureMethodRejected(null); } // Compute the signature this.Signature = signingProvider.ComputeSignature( SignatureBase.Create(httpMethod, signingUri.Uri, signingParameters), consumer.Secret, (token != null && token.Secret != null) ? token.Secret : null); }
/// <summary> /// Validates that no parameters are present except those specified. /// The specified parameters do not have to exist (they are optional); /// but other parameters MUST not exist. /// </summary> /// /// <param name="allowedParameters">The allowed parameters</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// If any parameters are not in the set of allowed parameters /// </exception> public void AllowOnly(params string[] allowedParameters) { List <string> invalid = new List <string>(); foreach (var parameter in this.parameters.Keys) { if (!string.IsNullOrEmpty(this.parameters[parameter])) { if (Array.IndexOf <string>(allowedParameters, parameter) < 0) { invalid.Add(parameter); } } } foreach (var parameter in this.AdditionalParameters.AllKeys) { if (!string.IsNullOrEmpty(this.AdditionalParameters[parameter])) { if (Array.IndexOf <string>(allowedParameters, parameter) < 0) { invalid.Add(parameter); } } } if (invalid.Count > 0) { OAuthRequestException.ThrowParametersRejected(invalid.ToArray(), null); } }
internal static OAuthParameters DoParse(string authHeader, string wwwAuthHeader, NameValueCollection form, NameValueCollection queryString, OAuthParameterSources sources, bool validateParameters) { if (sources == OAuthParameterSources.None) { throw new ArgumentException("sources must not be OAuthParameterSources.None", "sources"); } bool useAuthHeader = (sources & OAuthParameterSources.HttpAuthorizationHeader) == OAuthParameterSources.HttpAuthorizationHeader; bool useWwwAuthHeader = (sources & OAuthParameterSources.HttpWwwAuthenticateHeader) == OAuthParameterSources.HttpWwwAuthenticateHeader; bool usePost = (sources & OAuthParameterSources.HttpPostBody) == OAuthParameterSources.HttpPostBody; bool useQueryString = (sources & OAuthParameterSources.HttpQueryString) == OAuthParameterSources.HttpQueryString; NameValueCollection authHeaderParams = useAuthHeader ? ParseAuthHeader(authHeader) : null; NameValueCollection wwwAuthHeaderParams = useWwwAuthHeader ? ParseAuthHeader(wwwAuthHeader) : null; NameValueCollection postParams = usePost ? form : null; NameValueCollection queryStringParams = useQueryString ? queryString : null; // Do validation if required if (validateParameters) { /* * Check for any duplicated OAuth parameters */ ResultInfo <string[]> result = CheckForDuplicateReservedParameters( authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); if (!result) { OAuthRequestException.ThrowParametersRejected(result, null); } /* * Check for non-reserved parameters prefixed with oauth_ */ result = CheckForInvalidParameterNames(authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams); if (!result) { OAuthRequestException.ThrowParametersRejected(result, null); } } return(new OAuthParameters() { Callback = GetParam(Constants.CallbackParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams), ConsumerKey = GetParam(Constants.ConsumerKeyParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams), Nonce = GetParam(Constants.NonceParameter, authHeaderParams, postParams, wwwAuthHeaderParams, queryStringParams), Realm = authHeaderParams != null ? authHeaderParams[Constants.RealmParameter] : null, Signature = GetParam(Constants.SignatureParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams), SignatureMethod = GetParam(Constants.SignatureMethodParameter, wwwAuthHeaderParams, authHeaderParams, postParams, queryStringParams), Timestamp = GetParam(Constants.TimestampParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams), Token = GetParam(Constants.TokenParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams), TokenSecret = GetParam(Constants.TokenSecretParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams), Version = GetParam(Constants.VersionParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams), Verifier = GetParam(Constants.VerifierParameter, authHeaderParams, wwwAuthHeaderParams, postParams, queryStringParams), AdditionalParameters = GetNonOAuthParameters(wwwAuthHeaderParams, postParams, queryStringParams) }); }
/// <summary> /// Validates that all the specified parameters are present and non-empty. /// </summary> /// /// <param name="requiredParameters">The required parameters</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// If any of the required parameters are missing /// </exception> public void RequireAllOf(params string[] requiredParameters) { List <string> missing = new List <string>(); foreach (string requiredParameter in requiredParameters) { if (string.IsNullOrEmpty(this.parameters[requiredParameter])) { missing.Add(requiredParameter); } } if (missing.Count > 0) { OAuthRequestException.ThrowParametersAbsent(missing.ToArray(), null); } }
/// <summary> /// Send a Bad Request response with the OAuthRequestException details in the header /// and the response parameters in the body. /// </summary> /// <param name="context">HTTP context</param> /// <param name="exception">OAuth exception</param> /// <param name="responseParameters">Response parameters</param> public static void SendBadRequest(HttpContext context, OAuthRequestException exception, NameValueCollection responseParameters) { if (context == null) throw new ArgumentNullException("context"); if (exception == null) throw new ArgumentNullException("exception"); // There is a problem with the parameters; return 400 Bad Request context.Response.StatusCode = (int)HttpStatusCode.BadRequest; // Add the problem report in the WWW-Authenticate header context.Response.AddHeader( Constants.WwwAuthenticateHeaderParameter, exception.ToHeaderFormat(ServiceProviderContext.Settings.AuthenticationRealm)); // Write the response if (responseParameters != null && responseParameters.Count > 0) context.Response.Write(Rfc3986.EncodeAndJoin(responseParameters)); context.Response.End(); }
public void RemoveError(OAuthRequestException error) { this.errors.Remove(error); }
public void AddError(OAuthRequestException error) { this.errors.Add(error); }
//// TODO: ThrowAdditionalAuthorizationRequired //// TODO: ThrowPermissionUnknown //// TODO: ThrowPermissionDenied //// TODO: ThrowUserRefused /// <summary> /// Tries to parse an OAuthRequestException from some OAuth parameters. If an exception /// is indicated, the exception will be re-thrown. /// </summary> /// /// <remarks> /// <para> /// If no exception is indicated, this method will return without throwing. /// </para> /// /// <para> /// This will handle future <a href="http://wiki.oauth.net/ProblemReporting">Problem /// Reporting</a> problem types, but not future additional parameters. /// </para> /// </remarks> /// /// <example> /// This example shows how to rethrow an OAuth exception transmitted in a HTTP response. /// /// <code lang="C#" numberLines="true"> /// HttpWebResponse response = (HttpWebResponse)request.GetResponse(); /// OAuthParameters responseParameters = OAuthParameters.Parse(response); /// OAuthRequestException.TryRethrow(responseParameters); /// </code> /// </example> /// /// <param name="parameters">The OAuth parameters</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// If the OAuth parameters indicate an OAuth exception /// </exception> public static void TryRethrow(OAuthParameters parameters) { if (parameters == null || parameters.AdditionalParameters == null) return; if (!string.IsNullOrEmpty(parameters.AdditionalParameters[OAuthRequestExceptionParameters.Problem])) { OAuthRequestException ex = new OAuthRequestException() { Problem = parameters.AdditionalParameters[OAuthRequestExceptionParameters.Problem], Advice = parameters.AdditionalParameters[OAuthRequestExceptionParameters.ProblemAdvice], Source = OAuthRequestExceptionSources.Remote }; // Load additional parameter for specific types switch (parameters.AdditionalParameters[OAuthRequestExceptionParameters.Problem]) { case OAuthRequestExceptionProblemTypes.VersionRejected: if (!string.IsNullOrEmpty(parameters.AdditionalParameters[OAuthRequestExceptionParameters.AcceptableVersions])) ex.AdditionalParameter = new KeyValuePair<string, string>( OAuthRequestExceptionParameters.AcceptableVersions, parameters.AdditionalParameters[OAuthRequestExceptionParameters.AcceptableVersions]); break; case OAuthRequestExceptionProblemTypes.ParameterAbsent: if (!string.IsNullOrEmpty(parameters.AdditionalParameters[OAuthRequestExceptionParameters.ParametersAbsent])) ex.AdditionalParameter = new KeyValuePair<string, string>( OAuthRequestExceptionParameters.ParametersAbsent, parameters.AdditionalParameters[OAuthRequestExceptionParameters.ParametersAbsent]); break; case OAuthRequestExceptionProblemTypes.ParameterRejected: if (!string.IsNullOrEmpty(parameters.AdditionalParameters[OAuthRequestExceptionParameters.ParametersRejected])) ex.AdditionalParameter = new KeyValuePair<string, string>( OAuthRequestExceptionParameters.ParametersRejected, parameters.AdditionalParameters[OAuthRequestExceptionParameters.ParametersRejected]); break; case OAuthRequestExceptionProblemTypes.TimestampRefused: if (!string.IsNullOrEmpty(parameters.AdditionalParameters[OAuthRequestExceptionParameters.AcceptableTimestamps])) ex.AdditionalParameter = new KeyValuePair<string, string>( OAuthRequestExceptionParameters.AcceptableTimestamps, parameters.AdditionalParameters[OAuthRequestExceptionParameters.AcceptableTimestamps]); break; } // Throw the OAuthRequestException throw ex; } }
/// <summary> /// Throws an exception indicating the consumer does not have the required permissions /// to acccess this resource /// </summary> /// /// <remarks> /// <para> /// The <see cref="Problem">problem type</see> is /// <see cref="OAuthRequestExceptionProblemTypes.PermissionDenied">permission_denied</see>. /// </para> /// /// <para> /// The <paramref name="advice"/> parameter, if supplied, will be /// stored in the <see cref="Advice"/> property. /// </para> /// /// <para> /// The <see cref="Exception.Source"/> will be <see cref="OAuthRequestExceptionSources.Local">local</see>. /// </para> /// </remarks> /// /// <param name="advice">(Optional) Plain text advice for the user /// of the consumer</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// Always /// </exception> public static void ThrowPermissionDenied(string advice) { OAuthRequestException.ThrowSimpleReport(OAuthRequestExceptionProblemTypes.PermissionDenied, advice); }
//// TODO: ThrowAdditionalAuthorizationRequired //// TODO: ThrowPermissionUnknown //// TODO: ThrowPermissionDenied //// TODO: ThrowUserRefused /// <summary> /// Tries to parse an OAuthRequestException from some OAuth parameters. If an exception /// is indicated, the exception will be re-thrown. /// </summary> /// /// <remarks> /// <para> /// If no exception is indicated, this method will return without throwing. /// </para> /// /// <para> /// This will handle future <a href="http://wiki.oauth.net/ProblemReporting">Problem /// Reporting</a> problem types, but not future additional parameters. /// </para> /// </remarks> /// /// <example> /// This example shows how to rethrow an OAuth exception transmitted in a HTTP response. /// /// <code lang="C#" numberLines="true"> /// HttpWebResponse response = (HttpWebResponse)request.GetResponse(); /// OAuthParameters responseParameters = OAuthParameters.Parse(response); /// OAuthRequestException.TryRethrow(responseParameters); /// </code> /// </example> /// /// <param name="parameters">The OAuth parameters</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// If the OAuth parameters indicate an OAuth exception /// </exception> public static void TryRethrow(OAuthParameters parameters) { if (parameters == null || parameters.AdditionalParameters == null) { return; } if (!string.IsNullOrEmpty(parameters.AdditionalParameters[OAuthRequestExceptionParameters.Problem])) { OAuthRequestException ex = new OAuthRequestException() { Problem = parameters.AdditionalParameters[OAuthRequestExceptionParameters.Problem], Advice = parameters.AdditionalParameters[OAuthRequestExceptionParameters.ProblemAdvice], Source = OAuthRequestExceptionSources.Remote }; // Load additional parameter for specific types switch (parameters.AdditionalParameters[OAuthRequestExceptionParameters.Problem]) { case OAuthRequestExceptionProblemTypes.VersionRejected: if (!string.IsNullOrEmpty(parameters.AdditionalParameters[OAuthRequestExceptionParameters.AcceptableVersions])) { ex.AdditionalParameter = new KeyValuePair <string, string>( OAuthRequestExceptionParameters.AcceptableVersions, parameters.AdditionalParameters[OAuthRequestExceptionParameters.AcceptableVersions]); } break; case OAuthRequestExceptionProblemTypes.ParameterAbsent: if (!string.IsNullOrEmpty(parameters.AdditionalParameters[OAuthRequestExceptionParameters.ParametersAbsent])) { ex.AdditionalParameter = new KeyValuePair <string, string>( OAuthRequestExceptionParameters.ParametersAbsent, parameters.AdditionalParameters[OAuthRequestExceptionParameters.ParametersAbsent]); } break; case OAuthRequestExceptionProblemTypes.ParameterRejected: if (!string.IsNullOrEmpty(parameters.AdditionalParameters[OAuthRequestExceptionParameters.ParametersRejected])) { ex.AdditionalParameter = new KeyValuePair <string, string>( OAuthRequestExceptionParameters.ParametersRejected, parameters.AdditionalParameters[OAuthRequestExceptionParameters.ParametersRejected]); } break; case OAuthRequestExceptionProblemTypes.TimestampRefused: if (!string.IsNullOrEmpty(parameters.AdditionalParameters[OAuthRequestExceptionParameters.AcceptableTimestamps])) { ex.AdditionalParameter = new KeyValuePair <string, string>( OAuthRequestExceptionParameters.AcceptableTimestamps, parameters.AdditionalParameters[OAuthRequestExceptionParameters.AcceptableTimestamps]); } break; } // Throw the OAuthRequestException throw ex; } }
/// <summary> /// Throws an exception indicating the supplied token has been revoked. /// That is, the service provider has unilaterally decided it will never /// accept this token. /// </summary> /// /// <remarks> /// <para> /// The <see cref="Problem">problem type</see> is /// <see cref="OAuthRequestExceptionProblemTypes.TokenRevoked">token_revoked</see>. /// </para> /// /// <para> /// The <paramref name="advice"/> parameter, if supplied, will be /// stored in the <see cref="Advice"/> property. /// </para> /// /// <para> /// The <see cref="Exception.Source"/> will be <see cref="OAuthRequestExceptionSources.Local">local</see>. /// </para> /// </remarks> /// /// <param name="advice">(Optional) Plain text advice for the user /// of the consumer</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// Always /// </exception> public static void ThrowTokenRevoked(string advice) { OAuthRequestException.ThrowSimpleReport(OAuthRequestExceptionProblemTypes.TokenRevoked, advice); }
/// <summary> /// Throws an exception indicating the supplied signature is invalid. That is, /// it doesn't match the signature computed by the Service Provider. /// </summary> /// /// <remarks> /// <para> /// The <see cref="Problem">problem type</see> is /// <see cref="OAuthRequestExceptionProblemTypes.SignatureInvalid">signature_invalid</see>. /// </para> /// /// <para> /// The <paramref name="advice"/> parameter, if supplied, will be /// stored in the <see cref="Advice"/> property. /// </para> /// /// <para> /// The <see cref="Exception.Source"/> will be <see cref="OAuthRequestExceptionSources.Local">local</see>. /// </para> /// </remarks> /// /// <param name="advice">(Optional) Plain text advice for the user /// of the consumer</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// Always /// </exception> public static void ThrowSignatureInvalid(string advice) { OAuthRequestException.ThrowSimpleReport(OAuthRequestExceptionProblemTypes.SignatureInvalid, advice); }
/// <summary> /// Throws an exception indicating the consumer key is temporarily unacceptable /// to the service provider. For example, the consumer may be being being throttled. /// </summary> /// /// <remarks> /// <para> /// The <see cref="Problem">problem type</see> is /// <see cref="OAuthRequestExceptionProblemTypes.ConsumerKeyRefused">consumer_key_refused</see>. /// </para> /// /// <para> /// The <paramref name="advice"/> parameter, if supplied, will be /// stored in the <see cref="Advice"/> property. /// </para> /// /// <para> /// The <see cref="Exception.Source"/> will be <see cref="OAuthRequestExceptionSources.Local">local</see>. /// </para> /// </remarks> /// /// <param name="advice">(Optional) Plain text advice for the user /// of the consumer</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// Always /// </exception> public static void ThrowConsumerKeyRefused(string advice) { OAuthRequestException.ThrowSimpleReport(OAuthRequestExceptionProblemTypes.ConsumerKeyRefused, advice); }
/// <summary> /// Throws an exception indicating the signature method is invalid. /// </summary> /// /// <remarks> /// <para> /// The <see cref="Problem">problem type</see> is /// <see cref="OAuthRequestExceptionProblemTypes.SignatureMethodRejected">signature_method_rejected</see>. /// </para> /// /// <para> /// The <paramref name="advice"/> parameter, if supplied, will be /// stored in the <see cref="Advice"/> property. /// </para> /// /// <para> /// The <see cref="Exception.Source"/> will be <see cref="OAuthRequestExceptionSources.Local">local</see>. /// </para> /// </remarks> /// /// <param name="advice">(Optional) Plain text advice for the user /// of the consumer</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// Always /// </exception> public static void ThrowSignatureMethodRejected(string advice) { OAuthRequestException.ThrowSimpleReport(OAuthRequestExceptionProblemTypes.SignatureMethodRejected, advice); }
/// <summary> /// Throws an exception indicating the nonce was used in a previous request, /// and consequently can't be used now /// </summary> /// /// <remarks> /// <para> /// The <see cref="Problem">problem type</see> is /// <see cref="OAuthRequestExceptionProblemTypes.NonceUsed">nonce_used</see>. /// </para> /// /// <para> /// The <paramref name="advice"/> parameter, if supplied, will be /// stored in the <see cref="Advice"/> property. /// </para> /// /// <para> /// The <see cref="Exception.Source"/> will be <see cref="OAuthRequestExceptionSources.Local">local</see>. /// </para> /// </remarks> /// /// <param name="advice">(Optional) Plain text advice for the user /// of the consumer</param> /// /// <exception cref="OAuth.Net.Common.OAuthRequestException"> /// Always /// </exception> public static void ThrowNonceUsed(string advice) { OAuthRequestException.ThrowSimpleReport(OAuthRequestExceptionProblemTypes.NonceUsed, advice); }