Unable to use PLAINTEXT signature with a DotNetOpenAuth ServiceProvider
OAuth Authentication is done in three steps:
The Consumer obtains an unauthorized Request Token.
The User authorizes the Request Token.
- The Consumer exchanges the Request Token for an Access Token.
So here's what that would look like:
public class InMemoryTokenManager : IConsumerTokenManager, IOpenIdOAuthTokenManager{private Dictionary<string, string> tokensAndSecrets = new Dictionary<string, string>();public InMemoryTokenManager(string consumerKey, string consumerSecret){ if (String.IsNullOrEmpty(consumerKey)) { throw new ArgumentNullException("consumerKey"); } this.ConsumerKey = consumerKey; this.ConsumerSecret = consumerSecret;}public string ConsumerKey { get; private set; }public string ConsumerSecret { get; private set; }#region ITokenManager Memberspublic string GetConsumerSecret(string consumerKey){ if (consumerKey == this.ConsumerKey) { return this.ConsumerSecret; } else { throw new ArgumentException("Unrecognized consumer key.", "consumerKey"); }}public string GetTokenSecret(string token){ return this.tokensAndSecrets[token];}public void StoreNewRequestToken(UnauthorizedTokenRequest request, ITokenSecretContainingMessage response){ this.tokensAndSecrets[response.Token] = response.TokenSecret;}public void ExpireRequestTokenAndStoreNewAccessToken(string consumerKey, string requestToken, string accessToken, string accessTokenSecret){ this.tokensAndSecrets.Remove(requestToken); this.tokensAndSecrets[accessToken] = accessTokenSecret;}/// <summary>/// Classifies a token as a request token or an access token./// </summary>/// <param name="token">The token to classify.</param>/// <returns>Request or Access token, or invalid if the token is not recognized.</returns>public TokenType GetTokenType(string token){ throw new NotImplementedException();}#endregion#region IOpenIdOAuthTokenManager Memberspublic void StoreOpenIdAuthorizedRequestToken(string consumerKey, AuthorizationApprovedResponse authorization){ this.tokensAndSecrets[authorization.RequestToken] = string.Empty;}#endregion}
Following block of code may help you to generate plain text signature
public static string GetSignature(OAuthSignatureMethod signatureMethod, AuthSignatureTreatment signatureTreatment, string signatureBase, string consumerSecret, string tokenSecret){ if (tokenSecret.IsNullOrBlank()) { tokenSecret = String.Empty; } consumerSecret = UrlEncodeRelaxed(consumerSecret); tokenSecret = UrlEncodeRelaxed(tokenSecret); string signature; switch (signatureMethod) { case OAuthSignatureMethod.HmacSha1: { var crypto = new HMACSHA1(); var key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret); crypto.Key = _encoding.GetBytes(key); signature = signatureBase.HashWith(crypto); break; } case OAuthSignatureMethod.PlainText: { signature = "{0}&{1}".FormatWith(consumerSecret, tokenSecret); break; } default: throw new NotImplementedException("Only HMAC-SHA1 is currently supported."); } var result = signatureTreatment == OAuthSignatureTreatment.Escaped ? UrlEncodeRelaxed(signature) : signature; return result; }