bittercoder / devdefined.oauth Goto Github PK
View Code? Open in Web Editor NEWAn OAuth Consumer and Provider implemented for .Net
Home Page: http://code.google.com/p/devdefined-tools/wiki/OAuth
An OAuth Consumer and Provider implemented for .Net
Home Page: http://code.google.com/p/devdefined-tools/wiki/OAuth
Hi and thank you for this framework!
With some tweaks the code makes it to receiving an access token. Then I see the following in the data view page of the ExampleConsumerSite:
string response = session.Request()
.Get()
.ForUrl(Settings.Default.DataUrl)
.SignWithToken()
.ReadBody();
That's fine and it works, and I can Get() my latest share. But what about posting? I can't figure out where to include the text of my post. I guess it should be in the GetRequestDescription() method, but how to get it there? Example(s)?
string response = session.Request()
.Post() //where do you set the actual text to post?
.ForUrl(Settings.Default.DataUrl)
.SignWithToken()
.ReadBody();
Thanks.
I currently have an assignment for work to create an OAuth server that authenticates our applications that our clients use. I have a working model, but I would like to hard-code the login credentials and implicitly allow the provider site access, perhaps by having both of these in the client side. So far, all of my efforts have resulted in the HttpContext.Current.ApplicationInstance returning as null. I'm using IIS and it doesn't complain when I properly use the current OAuth process. Is there anyway to skip the user authorization completely and have the login in hard-coded while still exchanging and validating token?
Issue #5 from google code:
What steps will reproduce the problem?
What is the expected output? What do you see instead?
Signature should be valid. Exception thrown that the Consumer Key is null.
What version of the product are you using? On what operating system?
Can't recall the version number, Win 2K3
Originally logged here by http://code.google.com/u/nickqad/
http://code.google.com/p/devdefined-tools/issues/detail?id=5
RFC 5849 section 3.1.
| oauth_token
| The token value used to associate the request with the resource
| owner. If the request is not associated with a resource owner
| (no token available), clients MAY omit the parameter.
I have to send some request to the Oauth 1.0 provider without Oauth _token parameter. How I can achieve this with DevDefined.OAuth ?
What is the recommended way of posting Json (HTTP POST) using DevDefined.OAuth?
I am trying both task by
var response = session.Request().Post().ForUrl(Verify Credential Url).WithBody(Json Data).SignWithoutToken().ReadBody();
Is it the correct approach?
The PlainTextSignatureImplementation does an UriUtility.UrlEncode(..) for
the signature.
But the UriEncode.UrlEncode(..) is also called when adding the information
to the header of the request.
Logged by: http://code.google.com/u/aritmeester/
Originally logged here:
http://code.google.com/p/devdefined-tools/issues/detail?id=6
Hi,
I need to use open authentication dll for one of our .Net 2.0 Modules. I guess DevDefined.OAuth is built on .Net version > 2
Is there version of DevDefined.OAuth on .Net 2.0. Any help would be highly appreciated.
Thanks!
I created a consumer with some code like below:
IConsumerRequest req = session.Request()
.Post()
.ForUrl(Settings.Default.DataUrl)
.SignWithToken();
string response = req.ReadBody();
When I debug into the code, in OAuthInterceptor.cs file, we have 1 line:
IOAuthContext context = new OAuthContextBuilder().FromUri(requestProperty.Method, request.Headers.To);
If the request is GET, it's ok then. But if the request is POST like above, the Token value and some more values are NULL in context variable. Then we can't get the Token and get 403 error.
There is no documentation that tells one how to set or generate an oauth_verifier, but creating a random verifier and validating it is crucial to security. Additionally, in the Provider example on GoogleCode, there is no OAuth10AInspector added, which is UTMOST important to include, else the whole service can be compromised (as only the OAuth10AInspector verifies that the Verifier is actually the one in the token store). Without this Inspector, a client could just invent a verifier and would get (falsely) authenticated.
I've went through the code and I can't find any place where the IToken.Verifier field is generated/set (except when it is retrived to the POST data/Headers). I thus use the following in my code to store a Verifier (in the authorize step):
var context = new OAuthContextBuilder ().FromUri (Request.HttpMethod, Request.Url);
var token = OAuthHandler.RequestTokens.GetToken (context.Token);
token.Verifier = Guid.NewGuid ().ToString ();
Please provide a better documentation regarding
a) Incldue a note that provider implementation must ALWAYS have OAuth10AInspector present
b) How to generate a oauth_verifier and storing it in the request token store
I've brought in this library as a dependency of another library and all of a sudden it's generating errors when MEF analyses the assemblies for imports (it analyses all of the assemblies in the bin folder).
The error is that it doesn't like the fact that BerDecodeException.GetObjectData has different security demands than Exception.GetObjectData. Is there any reason that this SecurityPermission is required and is it possible to remove it?
System.TypeLoadException: Inheritance security rules violated while
overriding member:
'DevDefined.OAuth.KeyInterop.BerDecodeException.GetObjectData
(System.Runtime.Serialzation.SerializationInfo,
System.Runtime.Serialization.StreamingContext)'.
Security accessibility of the overriding method must match the security
accessibility of the method being overriden.
What steps will reproduce the problem?
What is the expected output? What do you see instead?
exception that the oauth_verifier is rejected, while the different is because of the missing decoding
What version of the product are you using? On what operating system?
Please provide any additional information below.
See the attachment which is a patch to fix this issue.
Reported by: http://code.google.com/u/avkekem/
Originally logged on google code here: http://code.google.com/p/devdefined-tools/issues/detail?id=9
A patch is included here:
Compiled Release is Older Than Repository Code! This is a trap that costs developers time. Can somebody please update the compiled release on Google Code please?
I'm interested in using this library and the project I'm currently working on uses http://nuget.org/ for references. Is it possible to create a package for this?
I'm happy to take on that task if it's something that is not considered a priority (as it will make the admin of my own project easier).
Regards,
Matthew
The solution file does not open using VS2010. Error Message says it is an unrecognized version.
What steps will reproduce the problem?
What is the expected output? What do you see instead?
class DevDefined.OAuth.Framework.UriUtility
static QueryParameter ParseAuthorizationHeaderKeyValuePair(string value)
{
if (value.IndexOf('=') > -1)
{
string[] temp = value.Split('=');
return new QueryParameter(temp[0].Trim(), StripQuotes(temp[1]));
}
return new QueryParameter(value.Trim(), string.Empty);
}
If there is "=" in signature ,for example
"auth_signature="uZF3aYQFtyK0F1FFHY+w7/Be+m4=""
expect:
string[] temp ={"auth_signature","uZF3aYQFtyK0F1FFHY+w7/Be+m4="}
But I get
string[] temp ={"auth_signature",""uZF3aYQFtyK0F1FFHY+w7/Be+m4"}
What version of the product are you using? On what operating system?
Last trunk
Reported by: http://code.google.com/u/snail.luo/
Original issue logged on google code here: http://code.google.com/p/devdefined-tools/issues/detail?id=8
any plans or timeframe for OAuth2 support?
JSONP return from springpad seems to be literal string full with backslashes escape. Which is supposedly not happen in C# string.
string dataString = session.Request().Get().ForUrl(this.baseUrl + url).ToString();
Hi
The OAuth spec requires parameter names to be encoded using the %XX format and then URL encoded, but the code is not doing so (snippet from UriUtility.NormalizeRequestParameters):
IEnumerable orderedParameters = parameters
.OrderBy(x => x.Key, StringComparer.Ordinal)
.ThenBy(x => x.Value)
.Select(
x => new QueryParameter(x.Key, UrlEncode(x.Value)));
If a parameter name is "foo[bar]" the final encoding for the signature string should be "foo%255Bbar%255D" but the library currently produces "foo%5Bbar%5D".
What steps will reproduce the problem?
if (ex.Response != null)
{
using (StreamReader streamReader = new StreamReader(ex.Response.GetResponseStream()))
{
Response = streamReader.ReadToEnd();
}
if (ex.Response is HttpWebResponse)
{
StatusCode = ((HttpWebResponse)ex.Response).StatusCode;
}
}
What is the expected output? What do you see instead?
I expect the ability to read from the stream. I get an exception instead
What version of the product are you using? On what operating system?
Latest trunk
Please provide any additional information below.
This appears to be a bug from the implementation of WebExceptionHelper.cs.
The helper reads the content stream before the exception is re-thrown to
the caller. As a result, the stream has been read to the end, and I'm
unable to retrieve the data I need. I'll be modifying the exception helper
to resolve this issue.
Reported by [email protected], Mar 31, 2010
Hello,
I was thinking I could use the code below to create a new token. But I keep getting a 401 error response. My next step is to try openauth2 class objects. has anybody else had any luck?
Thanks,
Adam Kozaryn
public string GetToken()
{
string url = "http://api.devsandbox.orcid.org/oauth/token";
string result = string.Empty;
HttpWebResponse resp;
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url);
try
{
req.Headers.Add("client_id", "myclientid");
req.Headers.Add("client_secret", "mysecret");
req.Headers.Add("scope", "/read-public");
req.Headers.Add("http", "http://api.devsandbox.orcid.org/oauth/token");
using (resp = (HttpWebResponse)req.GetResponse())
{
using (Stream s = resp.GetResponseStream())
{
result += s;
}
}
}
catch (Exception ex)
{
result = "Server Response: " + ex.Message + "<br /><br />";
foreach (string s in req.Headers.AllKeys)
{
result += s + " | value = " + req.Headers[s] + " <br />";
}
return result;
}
return result;
}
Hello,
Is there any plans to migrate this project to dotnet core?
How can i help on that?
How do I change the oauth_callback url, currently it's set to "oob" and I'm getting a signature invalid error.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.