/// <summary> /// Perform complete validation of the OAuth request and return a comprehensive result. /// </summary> /// <param name="requestMode">Desired token request mode.</param> /// <param name="uri">URI of the resource.</param> /// <param name="httpMethod">Request method.</param> /// <param name="arguments">Arguments in the request.</param> /// <param name="store">The Token Storage Provider.</param> /// <returns>A populated CheckResult object.</returns> static CheckResult CheckRequest(ServerRequestMode requestMode, Uri uri, string httpMethod, NameValueCollection arguments, IServerTokenStore store) { if (!IsSupportedVersion(arguments)) { return new CheckResult(false, FailureTypeToString(FailureSpecificType.UnsupportedVersion), FailureGenericType.BadRequest, FailureSpecificType.UnsupportedVersion); } if (!HasRequiredArguments(arguments)) { return new CheckResult(false, FailureTypeToString(FailureSpecificType.MissingParameter), FailureGenericType.BadRequest, FailureSpecificType.MissingParameter); } if (!HasOnlySingleArguments(arguments)) { return new CheckResult(false, FailureTypeToString(FailureSpecificType.DuplicatedParameter), FailureGenericType.BadRequest, FailureSpecificType.DuplicatedParameter); } if (!IsValidTimestamp(arguments[OAuthArguments.OAuthTimestamp])) { return new CheckResult(false, FailureTypeToString(FailureSpecificType.InvalidTimestamp) + " - " + OAuthUtility.Timestamp().ToString(CultureInfo.InvariantCulture), FailureGenericType.BadRequest, FailureSpecificType.InvalidTimestamp); } if (requestMode == ServerRequestMode.AccessToken) { if (!IsValidNonce(arguments[OAuthArguments.OAuthConsumerKey], arguments[OAuthArguments.OAuthNonce])) { return new CheckResult(false, FailureTypeToString(FailureSpecificType.InvalidNonce), FailureGenericType.Unauthorized, FailureSpecificType.InvalidNonce); } } ConsumerRegistration cr = store.FindConsumerRegistration(arguments[OAuthArguments.OAuthConsumerKey]); if (cr == null) { return new CheckResult(false, FailureTypeToString(FailureSpecificType.InvalidConsumerKey), FailureGenericType.Unauthorized, FailureSpecificType.InvalidConsumerKey); } string tokenSecret = null; ServerAccessToken accessToken = null; switch (requestMode) { case ServerRequestMode.RequestToken: ServerRequestToken rt = store.FindRequestToken(arguments[OAuthArguments.OAuthToken]); if (rt != null) tokenSecret = rt.Secret; break; case ServerRequestMode.AccessToken: accessToken = store.FindAccessToken(arguments[OAuthArguments.OAuthToken]); if (accessToken != null) tokenSecret = accessToken.Secret; break; } try { if (!IsValidSignature(uri, httpMethod, arguments, cr.ConsumerSecret, tokenSecret, cr.RsaCertificate)) { string failReason = FailureTypeToString(FailureSpecificType.InvalidSignature) + " - BaseString: " + OAuthUtility.GenerateBaseString(uri, arguments, httpMethod); return new CheckResult(false, failReason, FailureGenericType.Unauthorized, FailureSpecificType.InvalidSignature); } } catch (NotSupportedException) { string failReason = FailureTypeToString(FailureSpecificType.UnsupportedSignatureMethod); return new CheckResult(false, failReason, FailureGenericType.BadRequest, FailureSpecificType.UnsupportedSignatureMethod); } CheckResult result = new CheckResult(true, null, FailureGenericType.None, FailureSpecificType.None); result.Consumer = cr; result.AccessToken = accessToken; return result; }
/// <summary> /// Using the provided Request Token, retrieve the associated Access Token, /// if one has been authorized. /// </summary> /// <param name="requestTokenKey">The key of the Request Token.</param> /// <param name="store">Token storage provider.</param> /// <returns>If the Access Token is valid, returns the token. If not, returns null.</returns> public static ServerAccessToken RetrieveAccessTokenUsingRequestToken(string requestTokenKey, IServerTokenStore store) { ServerRequestToken requestToken = store.FindRequestToken(requestTokenKey); if (requestToken == null || String.IsNullOrEmpty(requestToken.AccessTokenKey)) { return null; } ServerAccessToken accessToken = store.FindAccessToken(requestToken.AccessTokenKey); store.DeleteRequestToken(requestTokenKey); return accessToken; }