Try fast search NHibernate

24 June 2011

C# OAuth for TESTardi

These days we was looking a way to use OAuth in our application to add some service to our customers. As usual I done some investigation before start doing something by myself and I have found some frameworks, some example, some sources… as usual.

I am a TESTardo (in Spanish is TESTarudo and in English “headstrong”) and I would understand what is going on behind those hundreds lines of C# code.

To try a OAuth consumer I have to find an available server giving me the ability to try without need to register a domain, an application or things like that… for sure would be very useful if each BIG MONSTER (Google, Facebook, MSN, Twitter, Yahoo! and so on) gives us a nice mock of their service.

To start the basis I found this site http://term.ie/oauth/example/index.php that is something I would have for each BIG MONSTER. After that I can use the famous OAuthBase and start my tests (it isn’t the base class I would have but just something “little” to start).

The class from where start

public class ResponseToken
{
    public string Token { get; set; }
    public string TokenSecret { get; set; }
}
public class TermIeOAuthService: OAuthBase
{
    private const string ConsumerKey = "key";
    private const string ConsumerSecret = "secret";
    private readonly Uri requestTokenEndpoint = new Uri("http://term.ie/oauth/example/request_token.php");
    private readonly Uri accessTokenEndpoint = new Uri("http://term.ie/oauth/example/access_token.php");
    private readonly Uri makingAuthenticatedCalls = new Uri("http://term.ie/oauth/example/echo_api.php");

    public ResponseToken GetRequestToken()
    {
        return null;
    }

    public ResponseToken GetAccessToken(ResponseToken requestToken)
    {
        return null;
    }

    public dynamic MakeAuthenticatedCall(ResponseToken accessToken, object parameters)
    {
        return null;
    }
}

 

The Test

public class TermIeOAuthServiceTests
{
    [Test]
    public void WhenGetRequestTokenThenGetRequestKey()
    {
        var outhService = new TermIeOAuthService();

        var result = outhService.GetRequestToken();
        
        result.Token.Should().Be("requestkey");
        result.TokenSecret.Should().Be("requestsecret");
    }

    [Test]
    public void WhenGetAccessTokenThenGetAccessKey()
    {
        var outhService = new TermIeOAuthService();
        var requestKey = outhService.GetRequestToken();

        var result = outhService.GetAccessToken(requestKey);

        result.Token.Should().Be("accesskey");
        result.TokenSecret.Should().Be("accesssecret");
    }

    [Test]
    public void WhenMakeAuthenticatedCallThenReturnEcho()
    {
        var outhService = new TermIeOAuthService();
        var requestKey = outhService.GetRequestToken();
        var accessKey = outhService.GetAccessToken(requestKey);
        
        var result = outhService.MakeAuthenticatedCall(accessKey, new { method = "Salva", who = "StoBambinello" });
        
        string methodValue = result.method;
        string whoValue = result.who;

        methodValue.Should().Be("Salva");
        whoValue.Should().Be("StoBambinello");
    }
}

 

Getting a Request Token

public ResponseToken GetRequestToken()
{
    string norm1;
    string norm2;
    string nonce = GenerateNonce();
    string timeStamp = GenerateTimeStamp();

    string signature = GenerateSignature(requestTokenEndpoint,
                                   ConsumerKey, ConsumerSecret, string.Empty, string.Empty,
                                                                 "GET", timeStamp, nonce, SignatureTypes.PLAINTEXT,
                                   out norm1, out norm2);
    var expandoObject = new ExpandoObject();
    dynamic queryParameters = expandoObject;
    queryParameters.oauth_version = OAuthVersion;
    queryParameters.oauth_nonce=nonce;
    queryParameters.oauth_timestamp=timeStamp;
    queryParameters.oauth_consumer_key=ConsumerKey;
    queryParameters.oauth_signature_method=PlainTextSignatureType;
    queryParameters.oauth_signature=signature;

    string responseQuery = requestTokenEndpoint
        .CompleteWith(expandoObject.AsQueryString())
        .SendRequestAndGetResponse();
    var responseParameters = HttpUtility.ParseQueryString(responseQuery);

    return new ResponseToken { Token = responseParameters[OAuthTokenKey], TokenSecret = responseParameters[OAuthTokenSecretKey] };
}

 

Getting an Access Token

public ResponseToken GetAccessToken(ResponseToken requestToken)
{
    string norm1;
    string norm2;
    string nonce = GenerateNonce();
    string timeStamp = GenerateTimeStamp();

    string signature = GenerateSignature(accessTokenEndpoint,
                                                                 ConsumerKey, ConsumerSecret, requestToken.Token, requestToken.TokenSecret,
                                                                 "GET", timeStamp, nonce, SignatureTypes.PLAINTEXT,
                                                                 out norm1, out norm2);
    var expandoObject = new ExpandoObject();
    dynamic queryParameters = expandoObject;
    queryParameters.oauth_version = OAuthVersion;
    queryParameters.oauth_nonce = nonce;
    queryParameters.oauth_timestamp = timeStamp;
    queryParameters.oauth_consumer_key = ConsumerKey;
    queryParameters.oauth_token = requestToken.Token;
    queryParameters.oauth_signature_method = PlainTextSignatureType;
    queryParameters.oauth_signature = signature;

    string responseQuery = accessTokenEndpoint
        .CompleteWith(expandoObject.AsQueryString())
        .SendRequestAndGetResponse();
    var responseParameters = HttpUtility.ParseQueryString(responseQuery);

    return new ResponseToken { Token = responseParameters[OAuthTokenKey], TokenSecret = responseParameters[OAuthTokenSecretKey] };
}

 

Making Authenticated Calls

public dynamic MakeAuthenticatedCall(ResponseToken accessToken, object parameters)
{
    string norm1;
    string norm2;
    string nonce = GenerateNonce();
    string timeStamp = GenerateTimeStamp();

    string signature = GenerateSignature(makingAuthenticatedCalls,
                                                                 ConsumerKey, ConsumerSecret, accessToken.Token, accessToken.TokenSecret,
                                                                 "GET", timeStamp, nonce, SignatureTypes.PLAINTEXT,
                                                                 out norm1, out norm2);
    var expandoObject = new ExpandoObject();
    dynamic queryParameters = expandoObject;
    queryParameters.oauth_version = OAuthVersion;
    queryParameters.oauth_nonce = nonce;
    queryParameters.oauth_timestamp = timeStamp;
    queryParameters.oauth_consumer_key = ConsumerKey;
    expandoObject.Append(parameters);
    queryParameters.oauth_token = accessToken.Token;
    queryParameters.oauth_signature_method = PlainTextSignatureType;
    queryParameters.oauth_signature = signature;
    
    string responseQuery = makingAuthenticatedCalls
        .CompleteWith(expandoObject.AsQueryString())
        .SendRequestAndGetResponse();

    return HttpUtility.ParseQueryString(responseQuery).AsDynamic();
}

 

The result

OAuthBases

Si giá lo só, sono propio TESTardo!!!!

2 comments:

  1. mmmm, seems like you missed some extension methods (Append, CompleteWith, etc)...

    ReplyDelete
  2. If anyone wants to spend the weekend understanding what the OAuthBase class does, here's a resource: http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iv-signing-requests/

    ReplyDelete