private void Normalize() { if (Url.IsNullOrEmpty()) { return; } Url = Url.ToLower(); if (!Url.StartsWith("http")) { Url = "http://" + Url; } if (Uri == null) { Uri = Url.ToUri(); } if (Uri == null) { return; } string domain = NormalizeHost(Uri.Host); string path = Uri.AbsolutePath; string query = Uri.Query.TrimStart('?'); if (query.Length > 0) { var coll = new Utilities.Query(null, query); query = string.Empty; foreach (string name in coll.Keys.Select(x => x.NotNull().ToLower()).OrderBy(x => x)) { query = string.Concat(query, query.Length == 0 ? '?' : '&', name, "=", NormalizeQueryValue(coll[name])); } } string file = path.EndsWith("/") ? string.Empty : path.Substring(path.LastIndexOf("/") + 1); if (file.Length > 0 && !file.Contains(".")) { path += "/"; } else if (file.StartsWith("default.") || file.StartsWith("index.")) { path = path.Substring(0, path.LastIndexOf("/") + 1); } NormalizedUrlQuery = string.Concat(domain, path, query); NormalizedUrl = string.Concat(domain, path); ID = NormalizedUrl.GetHashCode(); Host = domain; }
public static Tuple <Utilities.Query, Utilities.Query, string> GetInfo(string method, string hashAlgorithm, ref string url, string posted, string consumerKey, string consumerSecret, string token, string verifier, string tokenSecret) { method = method ?? "GET"; hashAlgorithm = hashAlgorithm ?? HMACSHA1; string timestamp = DateTime.UtcNow.GetSecondsSince1970().ToString(); string nonce = GetNonce(); var query = new Utilities.Query(url, posted); var postedquery = new Utilities.Query(string.Empty, posted); int q = url.IndexOf('?'); if (q > -1) { url = url.Substring(0, q); } //add the oauth stuffs query["oauth_consumer_key"] = consumerKey; query["oauth_nonce"] = nonce; query["oauth_signature_method"] = hashAlgorithm; query["oauth_timestamp"] = timestamp; query["oauth_version"] = "1.0"; if (token != null) { query["oauth_token"] = token; } if (verifier != null) { query["oauth_verifier"] = verifier; } //put the querystring back together in alphabetical order string querystring = GetQueryString(query, true); string sig = GetSignature(method, hashAlgorithm, consumerSecret, url, querystring, tokenSecret); return(Tuple.Create(query, postedquery, sig)); }
public static bool Validate(string method, string url, string posted, string authorizationHeader, double numSecondsValid, Func <string, string> GetConsumerSecret, bool throwOnError = false, Func <string, string, string> GetTokenSecret = null) { method = method ?? "GET"; if (numSecondsValid < 0 || numSecondsValid > MaxNonceAge.TotalSeconds) { throw new ArgumentException(string.Format("Must be more than 0 and less than {0} seconds", MaxNonceAge.TotalSeconds), "numSecondsValid"); } var query = new Utilities.Query(url, posted); if (!authorizationHeader.IsNullOrEmpty()) { var authorization = ParseAuthorizationHeader(authorizationHeader); authorization.Keys.ForEach(key => query[key] = authorization[key]); } if (query["oauth_version"] != "1.0") { if (throwOnError) { throw new System.Web.HttpException(401, "Invalid version specified"); } } if (numSecondsValid > 0) { double timestamp = query["oauth_timestamp"].ToDouble(); double diff = Math.Abs(DateTime.UtcNow.GetSecondsSince1970() - timestamp); if (diff > numSecondsValid) { if (throwOnError) { throw new System.Web.HttpException(401, "The timestamp is too old"); } return(false); } DateTime used = _NonceCache[query["oauth_nonce"]]; if (used.AddSeconds(numSecondsValid) > DateTime.UtcNow) { if (throwOnError) { throw new System.Web.HttpException(401, "The nonce is not unique"); } return(false); } _NonceCache[query["oauth_nonce"]] = DateTime.UtcNow; } string hashAlgorithm = query["oauth_signature_method"]; int q = url.IndexOf('?'); string path = q == -1 ? url : url.Substring(0, q); string secret = GetConsumerSecret(query["oauth_consumer_key"].NotEmpty(query["client_id"])); string sig; try { var querystring = GetQueryString(query, true); sig = GetSignature(method, hashAlgorithm, secret, path, querystring, GetTokenSecret != null && query.ContainsKey("oauth_token") ? GetTokenSecret(query["oauth_token"], query["oauth_verifier"]) : null); } catch (Exception) { if (throwOnError) { throw; } return(false); } var testSig = query["oauth_signature"]; if (sig != testSig) { if (throwOnError) { throw new System.Web.HttpException(401, string.Format("The signature is invalid. {0}", GetQueryString(query, false))); } return(false); } return(true); }
private static string GetQueryString(Utilities.Query query, bool encode) { return(query.ToString(encode, "oauth_signature", "realm")); }