/// <summary>
/// Perform complete validation of the OAuth request and return a comprehensive result.
/// </summary>
/// <param name="requestMode">Desired token request mode.</param>
/// <param name="uri">URI of the resource.</param>
/// <param name="httpMethod">Request method.</param>
/// <param name="arguments">Arguments in the request.</param>
/// <param name="store">The Token Storage Provider.</param>
/// <returns>A populated CheckResult object.</returns>
static CheckResult CheckRequest(ServerRequestMode requestMode, Uri uri, string httpMethod, NameValueCollection arguments, IServerTokenStore store)
{
if (!IsSupportedVersion(arguments))
{
return new CheckResult(false, FailureTypeToString(FailureSpecificType.UnsupportedVersion), FailureGenericType.BadRequest, FailureSpecificType.UnsupportedVersion);
}
if (!HasRequiredArguments(arguments))
{
return new CheckResult(false, FailureTypeToString(FailureSpecificType.MissingParameter), FailureGenericType.BadRequest, FailureSpecificType.MissingParameter);
}
if (!HasOnlySingleArguments(arguments))
{
return new CheckResult(false, FailureTypeToString(FailureSpecificType.DuplicatedParameter), FailureGenericType.BadRequest, FailureSpecificType.DuplicatedParameter);
}
if (!IsValidTimestamp(arguments[OAuthArguments.OAuthTimestamp]))
{
return new CheckResult(false, FailureTypeToString(FailureSpecificType.InvalidTimestamp) + " - " + OAuthUtility.Timestamp().ToString(CultureInfo.InvariantCulture), FailureGenericType.BadRequest, FailureSpecificType.InvalidTimestamp);
}
if (requestMode == ServerRequestMode.AccessToken)
{
if (!IsValidNonce(arguments[OAuthArguments.OAuthConsumerKey], arguments[OAuthArguments.OAuthNonce]))
{
return new CheckResult(false, FailureTypeToString(FailureSpecificType.InvalidNonce), FailureGenericType.Unauthorized, FailureSpecificType.InvalidNonce);
}
}
ConsumerRegistration cr = store.FindConsumerRegistration(arguments[OAuthArguments.OAuthConsumerKey]);
if (cr == null)
{
return new CheckResult(false, FailureTypeToString(FailureSpecificType.InvalidConsumerKey), FailureGenericType.Unauthorized, FailureSpecificType.InvalidConsumerKey);
}
string tokenSecret = null;
ServerAccessToken accessToken = null;
switch (requestMode)
{
case ServerRequestMode.RequestToken:
ServerRequestToken rt = store.FindRequestToken(arguments[OAuthArguments.OAuthToken]);
if (rt != null) tokenSecret = rt.Secret;
break;
case ServerRequestMode.AccessToken:
accessToken = store.FindAccessToken(arguments[OAuthArguments.OAuthToken]);
if (accessToken != null) tokenSecret = accessToken.Secret;
break;
}
try
{
if (!IsValidSignature(uri, httpMethod, arguments, cr.ConsumerSecret, tokenSecret, cr.RsaCertificate))
{
string failReason = FailureTypeToString(FailureSpecificType.InvalidSignature) + " - BaseString: " + OAuthUtility.GenerateBaseString(uri, arguments, httpMethod);
return new CheckResult(false, failReason, FailureGenericType.Unauthorized, FailureSpecificType.InvalidSignature);
}
}
catch (NotSupportedException)
{
string failReason = FailureTypeToString(FailureSpecificType.UnsupportedSignatureMethod);
return new CheckResult(false, failReason, FailureGenericType.BadRequest, FailureSpecificType.UnsupportedSignatureMethod);
}
CheckResult result = new CheckResult(true, null, FailureGenericType.None, FailureSpecificType.None);
result.Consumer = cr;
result.AccessToken = accessToken;
return result;
}
