public static OAuthEchoHandler CreateHandler(HttpMessageHandler innerHandler, Uri authServiceProvider, string consumerKey, string consumerSecret, string accessToken, string accessSecret, Uri?realm = null) { var credential = OAuthUtility.CreateAuthorization("GET", authServiceProvider, null, consumerKey, consumerSecret, accessToken, accessSecret, realm?.AbsoluteUri); return(new OAuthEchoHandler(innerHandler, authServiceProvider, credential)); }
public void GetOAuthParameter_Test() { var param = OAuthUtility.GetOAuthParameter("ConsumerKey", "Token"); Assert.Equal("ConsumerKey", param["oauth_consumer_key"]); Assert.Equal("HMAC-SHA1", param["oauth_signature_method"]); var unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0); var unixTimeNow = Math.Ceiling((DateTime.UtcNow - unixEpoch).TotalSeconds); Assert.InRange(long.Parse(param["oauth_timestamp"]), unixTimeNow - 5, unixTimeNow); Assert.NotEmpty(param["oauth_nonce"]); Assert.Equal("1.0", param["oauth_version"]); Assert.Equal("Token", param["oauth_token"]); }
public void CreateSignature_EmptyTokenSecretTest() { // GET http://example.com/hoge?aaa=foo に対する署名を生成 // リクエストトークンの発行時は tokenSecret が空の状態で署名を生成することになる var oauthSignature = OAuthUtility.CreateSignature("ConsumerSecret", null, "GET", new Uri("http://example.com/hoge"), new Dictionary <string, string> { ["aaa"] = "foo" }); var expectSignatureBase = "GET&http%3A%2F%2Fexample.com%2Fhoge&aaa%3Dfoo"; var expectSignatureKey = "ConsumerSecret&"; // 末尾の & は除去されない using var hmacsha1 = new HMACSHA1(Encoding.ASCII.GetBytes(expectSignatureKey)); var expectSignature = Convert.ToBase64String(hmacsha1.ComputeHash(Encoding.ASCII.GetBytes(expectSignatureBase))); Assert.Equal(expectSignature, oauthSignature); }
public void CreateSignature_Test() { // GET http://example.com/hoge?aaa=foo に対する署名を生成 // 実際の param は oauth_consumer_key などのパラメーターが加わった状態で渡される var oauthSignature = OAuthUtility.CreateSignature("ConsumerSecret", "TokenSecret", "GET", new Uri("http://example.com/hoge"), new Dictionary <string, string> { ["aaa"] = "foo" }); var expectSignatureBase = "GET&http%3A%2F%2Fexample.com%2Fhoge&aaa%3Dfoo"; var expectSignatureKey = "ConsumerSecret&TokenSecret"; using var hmacsha1 = new HMACSHA1(Encoding.ASCII.GetBytes(expectSignatureKey)); var expectSignature = Convert.ToBase64String(hmacsha1.ComputeHash(Encoding.ASCII.GetBytes(expectSignatureBase))); Assert.Equal(expectSignature, oauthSignature); }
public void CreateSignature_NormarizeParametersTest() { // GET http://example.com/hoge?aaa=foo&bbb=bar に対する署名を生成 // 複数のパラメータが渡される場合は name 順でソートされる var oauthSignature = OAuthUtility.CreateSignature("ConsumerSecret", "TokenSecret", "GET", new Uri("http://example.com/hoge"), new Dictionary <string, string> { ["bbb"] = "bar", ["aaa"] = "foo", }); var expectSignatureBase = "GET&http%3A%2F%2Fexample.com%2Fhoge&aaa%3Dfoo%26bbb%3Dbar"; var expectSignatureKey = "ConsumerSecret&TokenSecret"; using var hmacsha1 = new HMACSHA1(Encoding.ASCII.GetBytes(expectSignatureKey)); var expectSignature = Convert.ToBase64String(hmacsha1.ComputeHash(Encoding.ASCII.GetBytes(expectSignatureBase))); Assert.Equal(expectSignature, oauthSignature); }
protected override async Task <HttpResponseMessage> SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) { var query = await GetParameters(request.RequestUri, request.Content) .ConfigureAwait(false); var credential = OAuthUtility.CreateAuthorization(request.Method.ToString().ToUpperInvariant(), request.RequestUri, query, this.ConsumerKey, this.ConsumerSecret, this.AccessToken, this.AccessSecret); request.Headers.TryAddWithoutValidation("Authorization", credential); if (request.Content is FormUrlEncodedContent postContent) { request.Content = new StringContent(MyCommon.BuildQueryString(query), Encoding.UTF8, "application/x-www-form-urlencoded"); postContent.Dispose(); } return(await base.SendAsync(request, cancellationToken) .ConfigureAwait(false)); }
public void CreateAuthorization_Test() { var authorization = OAuthUtility.CreateAuthorization( "GET", new Uri("http://example.com/hoge"), new Dictionary <string, string> { ["aaa"] = "hoge" }, "ConsumerKey", "ConsumerSecret", "AccessToken", "AccessSecret", "Realm"); Assert.True(authorization.StartsWith("OAuth ", StringComparison.Ordinal)); var parsedParams = authorization.Substring(6).Split(',') .Where(x => !string.IsNullOrEmpty(x)) .Select(x => x.Split(new[] { '=' }, 2)) .ToDictionary(x => x[0], x => x[1].Substring(1, x[1].Length - 2)); // x[1] は前後の「"」を除去する var expectAuthzParamKeys = new[] { "realm", "oauth_consumer_key", "oauth_nonce", "oauth_signature_method", "oauth_timestamp", "oauth_token", "oauth_version", "oauth_signature" }; Assert.Equal(expectAuthzParamKeys, parsedParams.Keys, AnyOrderComparer <string> .Instance); Assert.Equal("Realm", parsedParams["realm"]); // Signature Base Strings には realm を含めない var expectSignatureBase = "GET&http%3A%2F%2Fexample.com%2Fhoge&" + "aaa%3Dhoge%26" + "oauth_consumer_key%3DConsumerKey%26" + $"oauth_nonce%3D{parsedParams["oauth_nonce"]}%26" + "oauth_signature_method%3DHMAC-SHA1%26" + $"oauth_timestamp%3D{parsedParams["oauth_timestamp"]}%26" + "oauth_token%3DAccessToken%26" + "oauth_version%3D1.0"; var expectSignatureKey = "ConsumerSecret&AccessSecret"; using (var hmacsha1 = new HMACSHA1(Encoding.ASCII.GetBytes(expectSignatureKey))) { var expectSignature = Convert.ToBase64String(hmacsha1.ComputeHash(Encoding.ASCII.GetBytes(expectSignatureBase))); Assert.Equal(expectSignature, Uri.UnescapeDataString(parsedParams["oauth_signature"])); } }