void DenyRequestForAccess(string tokenString)
{
DevDefined.OAuth.Storage.Basic.RequestToken requestToken = RequestTokenRepository.GetToken(tokenString);
requestToken.AccessDenied = true;
RequestTokenRepository.SaveToken(requestToken);
}
public IToken CreateRequestToken(IOAuthContext context)
{
if (context == null) throw new ArgumentNullException("context");
var token = new RequestToken
{
ConsumerKey = context.ConsumerKey,
Realm = context.Realm,
Token = Guid.NewGuid().ToString(),
TokenSecret = Guid.NewGuid().ToString(),
CallbackUrl = context.CallbackUrl
};
_requestTokenRepository.SaveToken(token);
return token;
}
void ApproveRequestForAccess(string tokenString)
{
DevDefined.OAuth.Storage.Basic.RequestToken requestToken = RequestTokenRepository.GetToken(tokenString);
var accessToken = new DevDefined.OAuth.Storage.Basic.AccessToken
{
ConsumerKey = requestToken.ConsumerKey,
Realm = requestToken.Realm,
Token = Guid.NewGuid().ToString(),
TokenSecret = Guid.NewGuid().ToString(),
UserName = HttpContext.Current.User.Identity.Name,
//ExpireyDate = DateTime.Now.AddMinutes(1),
Roles = new string[] {}
};
AccessTokenRepository.SaveToken(accessToken);
requestToken.AccessToken = accessToken;
RequestTokenRepository.SaveToken(requestToken);
}
public void SaveRequestToken(RequestToken requestToken)
{
UserSettings.Default.RequestTokenJson = (requestToken == null)
? string.Empty
: JsonConvert.SerializeObject(requestToken, Formatting.None);
}
public void SaveRequestToken(RequestToken requestToken)
{
_sessionState["request_token"] = requestToken;
}
public FixedValueTokenRepository(string requestToken, string requestTokenSecret, string accessToken, string accessTokenSecret)
{
_requestToken = new RequestToken { Token = requestToken, TokenSecret = requestTokenSecret };
_accessToken = new AccessToken { Token = accessToken, TokenSecret = accessTokenSecret };
}
public void SaveRequestToken(RequestToken requestToken)
{
throw new NotImplementedException("The request token cannot be altered when using the FixedValueTokenRepository");
}
static void UseUpRequestToken(IOAuthContext requestContext, RequestToken requestToken)
{
if (requestToken.UsedUp)
{
throw new OAuthException(requestContext, OAuthProblems.TokenRejected,
"The request token has already be consumed.");
}
requestToken.UsedUp = true;
}
public RequestToken GetRequestToken(Uri callbackUri)
{
IConsumerRequest request = Request()
.ForMethod("GET")
.AlterContext(context => context.CallbackUrl = (callbackUri == null) ? "oob" : callbackUri.ToString())
.AlterContext(context => context.Token = null)
.ForUri(ConsumerContext.RequestTokenUri)
.SignWithoutToken();
var results = request.Select(collection =>
new
{
ConsumerContext.ConsumerKey,
Token = ParseResponseParameter(collection, Parameters.OAuth_Token),
TokenSecret = ParseResponseParameter(collection, Parameters.OAuth_Token_Secret),
CallackConfirmed = WasCallbackConfimed(collection)
});
if (!results.CallackConfirmed && CallbackMustBeConfirmed)
{
throw Error.CallbackWasNotConfirmed();
}
var requestToken = new RequestToken
{
ConsumerKey = results.ConsumerKey,
Token = results.Token,
TokenSecret = results.TokenSecret
};
TokenRepository.SaveRequestToken(requestToken);
return requestToken;
}
public IToken CreateRequestToken(IOAuthContext context)
{
if (context == null) throw new ArgumentNullException("context");
// for request tokens, 128 bit entropy should be enough
var rng = new RNGCryptoServiceProvider ();
var key = rng.Create256BitLowerCaseHexKey ();
var token_rnd = key.Substring(0, 32);
var token_secret = key.Substring(32, 32);
var token = new RequestToken
{
ConsumerKey = context.ConsumerKey,
Realm = context.Realm,
Token = token_rnd,
TokenSecret = token_secret,
CallbackUrl = context.CallbackUrl
};
_requestTokenRepository.SaveToken(token);
return token;
}
public Response DoRequest()
{
OAuthConsumerContext consumerContext = new OAuthConsumerContext
{
ConsumerKey = Constants.OAuth.ConsumerKey,
ConsumerSecret = Constants.OAuth.ConsumerSecret,
SignatureMethod = Constants.OAuth.SignatureMethod,
};
OAuthSession session = new OAuthSession(
consumerContext,
Constants.OAuth.RequestTokenURL,
Constants.OAuth.AuthorizeURL,
Constants.OAuth.AccessTokenURL);
string tokenCookie = null;
ctx.Request.Cookies.TryGetValue(Constants.Cookies.OAuthTokenCookie, out tokenCookie);
string secretCookie = null;
ctx.Request.Cookies.TryGetValue(Constants.Cookies.OAuthSecretCookie, out secretCookie);
if (!forceReauth && !string.IsNullOrWhiteSpace(tokenCookie) && !string.IsNullOrWhiteSpace(secretCookie))
{
AccessToken accessToken = new AccessToken();
accessToken.Token = tokenCookie;
accessToken.TokenSecret = secretCookie;
session.AccessToken = accessToken;
}
else
{
NameValueCollection queryStringParameters = Utilities.GetQueryStringParameters(ctx, new string[] { "oauth_token", "oauth_verifier" });
if (queryStringParameters.Count == 2)
{
// Re-create the request token from the callback request from Ravelry post-user-authentication.
RequestToken requestToken = new RequestToken();
requestToken.Token = queryStringParameters["oauth_token"];
try
{
// TODO: Ravelry fails to accept the token here. Debugging with them.
// Exchange the temporary request token for an access token which can be used to access user data. Uses "GET".
IToken accessToken = session.ExchangeRequestTokenForAccessToken(requestToken, queryStringParameters["oauth_verifier"]);
// Save token data to cookies.
ctx.Response.AddCookie(new NancyCookie(Constants.Cookies.OAuthTokenCookie, accessToken.Token, true, true));
ctx.Response.AddCookie(new NancyCookie(Constants.Cookies.OAuthSecretCookie, accessToken.TokenSecret, true, true));
}
catch (Exception e)
{
Utilities.SetException(ctx, e);
return null;
}
}
else
{
// Retrieve a request token from Ravelry.
session.CallbackUri = new System.Uri(Constants.OAuth.CallbackURL);
IToken requestToken = session.GetRequestToken();
// Generate a user authorization URL for the request token.
string authorizationLink = session.GetUserAuthorizationUrlForToken(
requestToken,
Constants.OAuth.CallbackURL);
// Redirect to Ravelry.
return new RedirectResponse(authorizationLink);
}
}
// Save the session to the context
Utilities.SetAuthenticatedSession(ctx, session);
return null;
}
public string GetRequestTokenSecret(IOAuthContext context)
{
RequestToken requestToken = GetRequestToken(context);
return(requestToken.TokenSecret);
}
public string GetVerificationCodeForRequestToken(IOAuthContext requestContext)
{
RequestToken requestToken = GetRequestToken(requestContext);
return(requestToken.Verifier);
}
public string GetCallbackUrlForToken(IOAuthContext requestContext)
{
RequestToken requestToken = GetRequestToken(requestContext);
return(requestToken.CallbackUrl);
}
public IToken GetAccessTokenAssociatedWithRequestToken(IOAuthContext requestContext)
{
RequestToken requestToken = GetRequestToken(requestContext);
return(requestToken.AccessToken);
}
public static IToken ToRequestToken(this DBRequestToken token)
{
var request_token = new RequestToken ();
request_token.PopulateWith (token);
return request_token;
}
