修正版のコードがあります。こちらの記事を参照してください。
また、この記事で紹介している方法は 2011年時点の方法です。Twitterの仕様変更等でこのコードでは動作しない可能性が高いため、ご注意ください。
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Net;
using System.IO;
using System.Text;
namespace iPentec.Twitter
{
public class TwitterUtils
{
const string UPDATE_STATUS = "http://api.twitter.com/1/statuses/update.xml";
const string STATUSES_MENTIONS = "http://api.twitter.com/1/statuses/mentions.xml";
const string STATUSES_HOME_TIMELINE = "http://api.twitter.com/1/statuses/home_timeline.json";
OAuthTwitter oAuth;
public TwitterUtils()
{
oAuth = new OAuthTwitter();
}
public void UserStreamsOAuth(string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret)
{
}
public string StatusesHome_TimeLine(string Parameter, string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret,
bool useAuthorizationHeader)
{
string ret = GetDataOAuth(STATUSES_HOME_TIMELINE, Parameter,
ConsumerKey, ConsumerSecret, AccessToken, AccessTokenSecret, useAuthorizationHeader);
return ret;
}
public string StatusesMentions(string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret,
bool useAuthorizationHeader)
{
string ret = GetDataOAuth(STATUSES_MENTIONS, "",
ConsumerKey, ConsumerSecret, AccessToken, AccessTokenSecret, useAuthorizationHeader);
return ret;
}
public void UpdateStatus(string status, string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret,
bool useAuthorizationHeader)
{
string encStatus = System.Web.HttpUtility.UrlEncode(status);
encStatus = string.Format("status={0:s}", encStatus);
PostDataOAuth(UPDATE_STATUS, encStatus, ConsumerKey, ConsumerSecret, AccessToken, AccessTokenSecret, useAuthorizationHeader);
}
public string GetOAuthToken(string ConsumerKey, string ConsumerSecret)
{
//oAuthTwitter oAuth = new oAuthTwitter();
oAuth.ConsumerKey = ConsumerKey;
oAuth.ConsumerSecret = ConsumerSecret;
string authurl = oAuth.AuthorizationLinkGet();
return authurl;
}
public void GetOAuthAccessToken(string OAuthToken, string ConsumerKey, string ConsumerSecret,
out string AccessToken, out string AccessTokenSecret)
{
//oAuthTwitter oAuth = new oAuthTwitter();
oAuth.ConsumerKey = ConsumerKey;
oAuth.ConsumerSecret = ConsumerSecret;
oAuth.AccessTokenGet(OAuthToken);
AccessToken = oAuth.Token;
AccessTokenSecret = oAuth.TokenSecret;
}
public void GetOAuthAccessTokenWithPIN(string PIN, string ConsumerKey, string ConsumerSecret,
out string AccessToken, out string AccessTokenSecret)
{
//oAuthTwitter oAuth = new oAuthTwitter();
oAuth.ConsumerKey = ConsumerKey;
oAuth.ConsumerSecret = ConsumerSecret;
oAuth.AccessTokenGetWithPIN(PIN, oAuth.OAuthToken);
AccessToken = oAuth.Token;
AccessTokenSecret = oAuth.TokenSecret;
}
private string GetDataOAuth(string url, string parameter,
string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret, bool useAuthorizationHeader)
{
oAuth.ConsumerKey = ConsumerKey;
oAuth.ConsumerSecret = ConsumerSecret;
oAuth.Token = AccessToken;
oAuth.TokenSecret = AccessTokenSecret;
string xml = oAuth.oAuthWebRequest(OAuthTwitter.Method.GET, url, parameter, "", false, useAuthorizationHeader);
return xml;
}
private string PostDataOAuth(string url, string mes,
string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret, bool useAuthorizationHeader)
{
//string url = "";
string xml = "";
//oAuthTwitter oAuth = new oAuthTwitter();
oAuth.ConsumerKey = ConsumerKey;
oAuth.ConsumerSecret = ConsumerSecret;
oAuth.Token = AccessToken;
oAuth.TokenSecret = AccessTokenSecret;
// 投稿内容をURLエンコードする。
//mes = "TestMessages";
/*
string encMes = System.Web.HttpUtility.UrlEncode(mes);
encMes = string.Format("status={0:s}", encMes);
*/
xml = oAuth.oAuthWebRequest(OAuthTwitter.Method.POST, url, String.Empty, mes, false, useAuthorizationHeader);
return xml;
}
public void PostPictureToTwitpic(byte[] image, string imageName, string comment,
string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret,
string TwitpicAPIKey, string PictureContentType)
{
string twitpic_api_url = "http://api.twitpic.com/2/upload.json";
string auth_provider_url = "https://api.twitter.com/1/account/verify_credentials.json";
string auth_realm_url = "http://api.twitter.com/";
string contentEncodingStr = "iso-8859-1";
Encoding contentEncoding = Encoding.GetEncoding(contentEncodingStr);
oAuth.ConsumerKey = ConsumerKey;
oAuth.ConsumerSecret = ConsumerSecret;
oAuth.Token = AccessToken;
oAuth.TokenSecret = AccessTokenSecret;
oAuth.oAuthEchoWebRequestForTwitpic(OAuthTwitter.Method.POST, twitpic_api_url, auth_provider_url, auth_realm_url,
image, imageName, comment,
TwitpicAPIKey, contentEncoding, PictureContentType);
}
public void PostPictureToTwipplePhoto(byte[] image, string imageName,
string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret, string PictureContentType)
{
string twipple_photo_api_url = "http://p.twipple.jp/api/upload";
string auth_provider_url = "https://api.twitter.com/1/account/verify_credentials.xml";
string contentEncodingStr = "iso-8859-1";
Encoding contentEncoding = Encoding.GetEncoding(contentEncodingStr);
oAuth.ConsumerKey = ConsumerKey;
oAuth.ConsumerSecret = ConsumerSecret;
oAuth.Token = AccessToken;
oAuth.TokenSecret = AccessTokenSecret;
oAuth.oAuthEchoWebRequestForTwipplePhoto(OAuthTwitter.Method.POST, twipple_photo_api_url, auth_provider_url,
image, imageName, contentEncoding, PictureContentType);
}
public void PostPictureToTwipplePhotoV2(byte[] image, string imageName,
string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret, string PictureContentType)
{
string twipple_photo_api_url = "http://p.twipple.jp/api/upload2";
string auth_provider_url = "https://api.twitter.com/1/account/verify_credentials.xml";
string auth_realm_url = "http://api.twitter.com/";
string contentEncodingStr = "iso-8859-1";
Encoding contentEncoding = Encoding.GetEncoding(contentEncodingStr);
oAuth.ConsumerKey = ConsumerKey;
oAuth.ConsumerSecret = ConsumerSecret;
oAuth.Token = AccessToken;
oAuth.TokenSecret = AccessTokenSecret;
oAuth.oAuthEchoWebRequestForTwipplePhotoV2(OAuthTwitter.Method.POST, twipple_photo_api_url, auth_provider_url,
auth_realm_url, image, imageName, contentEncoding, PictureContentType);
}
public void PostPictureToYFrog(byte[] image, string imageName,
string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret,
string YFrogAPIKey, string PictureContentType)
{
string yfrog_api_url = "https://yfrog.com/api/xauth_upload";
string auth_provider_url = "https://api.twitter.com/1/account/verify_credentials.xml";
string auth_realm_url = "http://api.twitter.com/";
string contentEncodingStr = "iso-8859-1";
Encoding contentEncoding = Encoding.GetEncoding(contentEncodingStr);
oAuth.ConsumerKey = ConsumerKey;
oAuth.ConsumerSecret = ConsumerSecret;
oAuth.Token = AccessToken;
oAuth.TokenSecret = AccessTokenSecret;
oAuth.oAuthEchoWebRequestForYFrog(OAuthTwitter.Method.POST, yfrog_api_url, auth_provider_url, auth_realm_url,
image, imageName, YFrogAPIKey, contentEncoding, PictureContentType);
}
public void PostPictureToYFrogOld(byte[] image, string imageName,
string ConsumerKey, string ConsumerSecret, string AccessToken, string AccessTokenSecret,
string PictureContentType, string UserName, string Comment)
{
string yfrog_api_url = "http://yfrog.com/api/upload";
string auth_provider_url = "https://api.twitter.com/1/account/verify_credentials.xml";
string contentEncodingStr = "iso-8859-1";
Encoding contentEncoding = Encoding.GetEncoding(contentEncodingStr);
oAuth.ConsumerKey = ConsumerKey;
oAuth.ConsumerSecret = ConsumerSecret;
oAuth.Token = AccessToken;
oAuth.TokenSecret = AccessTokenSecret;
oAuth.oAuthEchoWebRequestForYFrogOld(OAuthTwitter.Method.POST, yfrog_api_url, auth_provider_url,
image, imageName, Comment, contentEncoding, PictureContentType, UserName);
}
}
}
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Net;
using System.IO;
using System.Collections.Specialized;
using System.Text;
namespace iPentec.Twitter
{
public class OAuthTwitter : OAuthBase
{
public enum Method { GET, POST };
public const string REQUEST_TOKEN = "http://twitter.com/oauth/request_token";
public const string AUTHORIZE = "http://twitter.com/oauth/authorize";
public const string ACCESS_TOKEN = "http://twitter.com/oauth/access_token";
public const string REALM = "http://twitter.com";
private string _consumerKey = "";
private string _consumerSecret = "";
private string _token = "";
private string _tokenSecret = "";
private string _pin = "";// JDevlin
#region Properties
public string ConsumerKey
{
get
{
if (_consumerKey.Length == 0) {
_consumerKey = "";
}
return _consumerKey;
}
set { _consumerKey = value; }
}
public string ConsumerSecret
{
get
{
if (_consumerSecret.Length == 0) {
_consumerSecret = "";
}
return _consumerSecret;
}
set { _consumerSecret = value; }
}
public string OAuthToken { get; set; }
public string Token { get { return _token; } set { _token = value; } }
public string TokenSecret { get { return _tokenSecret; } set { _tokenSecret = value; } }
public string PIN { get { return _pin; } set { _pin = value; } }// JDevlin
#endregion
/// <summary>
/// Get the link to Twitter's authorization page for this application.
/// </summary>
/// <returns>The url with a valid request token, or a null string.</returns>
public string AuthorizationLinkGet()
{
string ret = null;
string response = oAuthWebRequest(Method.GET, REQUEST_TOKEN, String.Empty, String.Empty, false, false);
if (response.Length > 0) {
//response contains token and token secret. We only need the token.
NameValueCollection qs = HttpUtility.ParseQueryString(response);
if (qs["oauth_token"] != null) {
OAuthToken = qs["oauth_token"]; // tuck this away for later
ret = AUTHORIZE + "?oauth_token=" + qs["oauth_token"];
}
}
return ret;
}
/// <summary>
/// Exchange the request token for an access token.
/// </summary>
/// <param name="authToken">The oauth_token is supplied by Twitter's authorization page following the callback.</param>
public void AccessTokenGet(string authToken)
{
this.Token = authToken;
string response = oAuthWebRequest(Method.GET, ACCESS_TOKEN, String.Empty, String.Empty, false, false);
if (response.Length > 0) {
//Store the Token and Token Secret
NameValueCollection qs = HttpUtility.ParseQueryString(response);
if (qs["oauth_token"] != null) {
this.Token = qs["oauth_token"];
}
if (qs["oauth_token_secret"] != null) {
this.TokenSecret = qs["oauth_token_secret"];
}
}
}
/// <summary>
/// Exchange the request token for an access token.
/// </summary>
/// <param name="authToken">The oauth_token is supplied by Twitter's authorization page following the callback.</param>
public void AccessTokenGetWithPIN(string PIN, string OAuthToken)
{
this.PIN = PIN;
this.Token = OAuthToken;
string response = oAuthWebRequest(Method.GET, ACCESS_TOKEN, String.Empty, String.Empty, true, false);
if (response.Length > 0) {
//Store the Token and Token Secret
NameValueCollection qs = HttpUtility.ParseQueryString(response);
if (qs["oauth_token"] != null) {
this.Token = qs["oauth_token"];
}
if (qs["oauth_token_secret"] != null) {
this.TokenSecret = qs["oauth_token_secret"];
}
}
}
/// <summary>
/// Submit a web request using oAuth.
/// </summary>
/// <param name="method">GET or POST</param>
/// <param name="url">The full url, including the querystring.</param>
/// <param name="postData">Data to post (querystring format)</param>
/// <returns>The web server response.</returns>
public string oAuthWebRequest(Method method, string url, string parameter, string postData, bool usePIN, bool useAuthorizationHeader)
{
string outUrl = "";
string querystring = "";
string ret = "";
string orgurl = url;
//Setup postData for signing.
//Add the postData to the querystring.
if (method == Method.POST) {
if (postData.Length > 0) {
//Decode the parameters and re-encode using the oAuth UrlEncode method.
NameValueCollection qs = HttpUtility.ParseQueryString(postData);
postData = "";
foreach (string key in qs.AllKeys) {
if (postData.Length > 0) {
postData += "&";
}
qs[key] = HttpUtility.UrlDecode(qs[key]);
//qs[key] = this.UrlEncode(qs[key]);
qs[key] = this.UrlEncode(qs[key], Encoding.UTF8);
postData += key + "=" + qs[key];
}
if (url.IndexOf("?") > 0) {
url += "&";
}
else {
url += "?";
}
url += postData;
}
}
if (method == Method.GET) {
url += parameter;
}
Uri uri = new Uri(url);
string nonce = this.GenerateNonce();
string timeStamp = this.GenerateTimeStamp();
string sig = "";
//Generate Signature
if (usePIN == false) {
sig = this.GenerateSignature(uri,
this.ConsumerKey, this.ConsumerSecret, this.Token, this.TokenSecret,
method.ToString(),
timeStamp,
nonce,
out outUrl,
out querystring);
}
else {
sig = this.GenerateSignatureWithPIN(uri,
this.ConsumerKey, this.ConsumerSecret, this.Token, this.TokenSecret,
method.ToString(),
timeStamp,
nonce,
this.PIN,
out outUrl,
out querystring);
}
if (useAuthorizationHeader == false) {
//querystring += "&oauth_signature=" + HttpUtility.UrlEncode(sig);
querystring += "&oauth_signature=" + HttpUtility.UrlEncode(sig);
//Convert the querystring to postData
if (method == Method.POST) {
postData = querystring;
querystring = "";
}
if (querystring.Length > 0) {
outUrl += "?";
}
ret = WebRequest(method, outUrl + querystring, postData);
}
else {
string AuthorizationHeaderStr = GenerateOAuthAuthorizationHeader(uri,
this.ConsumerKey, this.Token, this.TokenSecret,
method.ToString(),
timeStamp,
nonce,
HMACSHA1SignatureType,
HttpUtility.UrlEncode(sig));
//headerStr += string.Format("oauth_signature=\"{0:s}\"", HttpUtility.UrlEncode(sig));
///ret = WebRequestUseAuthorizationHeader(method, outUrl, postData, AuthorizationHeaderStr);
ret = WebRequestUseAuthorizationHeader(method, orgurl, postData, AuthorizationHeaderStr);
}
return ret;
}
/// <summary>
/// Web Request Wrapper
/// </summary>
/// <param name="method">Http Method</param>
/// <param name="url">Full url to the web resource</param>
/// <param name="postData">Data to post in querystring format</param>
/// <returns>The web server response.</returns>
public string WebRequest(Method method, string url, string postData)
{
HttpWebRequest webRequest = null;
StreamWriter requestWriter = null;
string responseData = "";
webRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
webRequest.Method = method.ToString();
webRequest.ServicePoint.Expect100Continue = false;
//webRequest.UserAgent = "Identify your application please.";
//webRequest.Timeout = 20000;
if (method == Method.POST) {
webRequest.ContentType = "application/x-www-form-urlencoded";
//POST the data.
requestWriter = new StreamWriter(webRequest.GetRequestStream());
try {
requestWriter.Write(postData);
}
catch {
throw;
}
finally {
requestWriter.Close();
requestWriter = null;
}
}
responseData = WebResponseGet(webRequest);
webRequest = null;
return responseData;
}
/// <summary>
/// Web Request Wrapper
/// </summary>
/// <param name="method">Http Method</param>
/// <param name="url">Full url to the web resource</param>
/// <param name="postData">Data to post in querystring format</param>
/// <returns>The web server response.</returns>
public string WebRequestUseAuthorizationHeader(Method method, string url, string postData, string Signature)
{
HttpWebRequest webRequest = null;
StreamWriter requestWriter = null;
string responseData = "";
webRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
webRequest.Method = method.ToString();
webRequest.ServicePoint.Expect100Continue = false;
//webRequest.UserAgent = "Identify your application please.";
//webRequest.Timeout = 20000;
webRequest.Headers.Add("Authorization", Signature);
if (method == Method.POST) {
webRequest.ContentType = "application/x-www-form-urlencoded";
//POST the data.
requestWriter = new StreamWriter(webRequest.GetRequestStream());
try {
requestWriter.Write(postData);
}
catch {
throw;
}
finally {
requestWriter.Close();
requestWriter = null;
}
}
responseData = WebResponseGet(webRequest);
webRequest = null;
return responseData;
}
/// <returns>The web server response.</returns>
public string oAuthEchoWebRequestForTwitpic(Method method, string url, string auth_provider_url, string auth_realm_url,
byte[] image, string imageName, string postMessage,
string TwitpicAPIKey, Encoding ContentEncoding, string FileContentType)
{
HttpWebRequest webRequest = null;
//StreamWriter requestWriter = null;
string responseData = "";
webRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
webRequest.Method = method.ToString();
webRequest.ServicePoint.Expect100Continue = false;
//webRequest.UserAgent = "Identify your application please.";
//webRequest.Timeout = 20000;
var boundary = Guid.NewGuid().ToString();
webRequest.ContentType = string.Format("multipart/form-data; boundary={0}", boundary);
string outUrl = "";
string querystring = "";
string ret = "";
//Generate Signature
Uri uri = new Uri(auth_provider_url);
string nonce = this.GenerateNonce();
string timeStamp = this.GenerateTimeStamp();
string sig = this.GenerateSignature(uri,
this.ConsumerKey, this.ConsumerSecret, this.Token, this.TokenSecret,
"GET",
timeStamp,
nonce,
out outUrl,
out querystring);
webRequest.Headers.Add("X-Auth-Service-Provider", auth_provider_url);
string oauthSignaturePattern = "OAuth realm=\"{0:s}\", oauth_consumer_key=\"{1:s}\", oauth_signature_method=\"HMAC-SHA1\","
+ " oauth_token=\"{2:s}\", oauth_timestamp=\"{3:s}\", oauth_nonce=\"{4:s}\", oauth_version=\"1.0\", oauth_signature=\"{5:s}\"";
string authorizationHeader = string.Format(
System.Globalization.CultureInfo.InvariantCulture,
oauthSignaturePattern,
auth_realm_url,
this.ConsumerKey, this.Token,
timeStamp,
nonce,
HttpUtility.UrlEncode(sig));
webRequest.Headers.Add("X-Verify-Credentials-Authorization", authorizationHeader);
//webRequest.Method = "POST";
webRequest.Method = method.ToString();
if (method == Method.POST) {
string header = string.Format("--{0}", boundary);
string footer = string.Format("--{0}--", boundary);
StringBuilder contents = new StringBuilder();
contents.AppendLine(header);
string fileHeader = string.Format("Content-Disposition: file; name=\"{0:s}\"; filename=\"{1:s}\"", "media", imageName);
//string fileData = Encoding.GetEncoding(contentEncoding).GetString(File.ReadAllBytes(@"c:\sample_image.png"));
string fileData = ContentEncoding.GetString(image);
contents.AppendLine(fileHeader);
contents.AppendLine(string.Format("Content-Type: {0:s}", FileContentType));
contents.AppendLine();
contents.AppendLine(fileData);
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "key"));
contents.AppendLine();
contents.AppendLine(TwitpicAPIKey);
contents.AppendLine(header);
contents.AppendLine(String.Format("Content-Disposition: form-data; name=\"{0:s}\"", "message"));
contents.AppendLine();
contents.AppendLine(postMessage + "/" + DateTime.Now.ToString()); // 同じ文字は拒否されるため、時刻を付加
contents.AppendLine(footer);
byte[] bytes = ContentEncoding.GetBytes(contents.ToString());
webRequest.ContentLength = bytes.Length;
//requestWriter = new StreamWriter(webRequest.GetRequestStream());
Stream requestWriter = webRequest.GetRequestStream();
try {
requestWriter.Write(bytes, 0, bytes.Length);
//requestWriter.Write(bytes, 0, bytes.Length);
}
catch {
throw;
}
finally {
requestWriter.Close();
requestWriter = null;
}
}
responseData = WebResponseGet(webRequest);
webRequest = null;
return responseData;
//HttpWebResponse twitpicResponse = (HttpWebResponse)webRequest.GetResponse();
//StreamReader reader = new StreamReader(twitpicResponse.GetResponseStream());
//return twitpicResponse.StatusCode + ": " + reader.ReadToEnd();
}
public string oAuthEchoWebRequestForYFrog(Method method, string url, string auth_provider_url, string auth_realm_url,
byte[] image, string imageName, string YFrogAPIKey, Encoding ContentEncoding, string FileContentType)
{
HttpWebRequest webRequest = null;
//StreamWriter requestWriter = null;
string responseData = "";
webRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
webRequest.Method = method.ToString();
webRequest.ServicePoint.Expect100Continue = false;
//webRequest.UserAgent = "Identify your application please.";
//webRequest.Timeout = 20000;
var boundary = Guid.NewGuid().ToString();
webRequest.ContentType = string.Format("multipart/form-data; boundary={0}", boundary);
string outUrl = "";
string querystring = "";
string ret = "";
//Generate Signature
Uri uri = new Uri(auth_provider_url);
string nonce = this.GenerateNonce();
string timeStamp = this.GenerateTimeStamp();
string sig = this.GenerateSignature(uri,
this.ConsumerKey, this.ConsumerSecret, this.Token, this.TokenSecret,
"GET",
timeStamp,
nonce,
out outUrl,
out querystring);
webRequest.Headers.Add("X-Auth-Service-Provider", auth_provider_url);
string oauthSignaturePattern = "OAuth realm=\"{0:s}\", oauth_consumer_key=\"{1:s}\", oauth_signature_method=\"HMAC-SHA1\","
+ " oauth_token=\"{2:s}\", oauth_timestamp=\"{3:s}\", oauth_nonce=\"{4:s}\", oauth_version=\"1.0\", oauth_signature=\"{5:s}\"";
string authorizationHeader = string.Format(
System.Globalization.CultureInfo.InvariantCulture,
oauthSignaturePattern,
auth_realm_url,
this.ConsumerKey, this.Token,
timeStamp,
nonce,
HttpUtility.UrlEncode(sig));
webRequest.Headers.Add("X-Verify-Credentials-Authorization", authorizationHeader);
//webRequest.Method = "POST";
webRequest.Method = method.ToString();
if (method == Method.POST) {
string header = string.Format("--{0}", boundary);
string footer = string.Format("--{0}--", boundary);
StringBuilder contents = new StringBuilder();
contents.AppendLine(header);
string fileHeader = string.Format("Content-Disposition: file; name=\"{0:s}\"; filename=\"{1:s}\"", "media", imageName);
//string fileData = Encoding.GetEncoding(contentEncoding).GetString(File.ReadAllBytes(@"c:\sample_image.png"));
string fileData = ContentEncoding.GetString(image);
contents.AppendLine(fileHeader);
contents.AppendLine(string.Format("Content-Type: {0:s}", FileContentType));
contents.AppendLine();
contents.AppendLine(fileData);
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "key"));
contents.AppendLine();
contents.AppendLine(YFrogAPIKey);
contents.AppendLine(footer);
byte[] bytes = ContentEncoding.GetBytes(contents.ToString());
webRequest.ContentLength = bytes.Length;
//requestWriter = new StreamWriter(webRequest.GetRequestStream());
Stream requestWriter = webRequest.GetRequestStream();
try {
requestWriter.Write(bytes, 0, bytes.Length);
//requestWriter.Write(bytes, 0, bytes.Length);
}
catch {
throw;
}
finally {
requestWriter.Close();
requestWriter = null;
}
}
responseData = WebResponseGet(webRequest);
webRequest = null;
return responseData;
}
public string oAuthEchoWebRequestForYFrogOld(Method method, string url, string auth_provider_url,
byte[] image, string imageName, string PostMessage, Encoding ContentEncoding, string FileContentType, string UserName)
{
HttpWebRequest webRequest = null;
//StreamWriter requestWriter = null;
string responseData = "";
webRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
webRequest.Method = method.ToString();
webRequest.ServicePoint.Expect100Continue = false;
//webRequest.UserAgent = "Identify your application please.";
//webRequest.Timeout = 20000;
var boundary = Guid.NewGuid().ToString();
webRequest.ContentType = string.Format("multipart/form-data; boundary={0}", boundary);
string outUrl = "";
string querystring = "";
string ret = "";
//Generate Signature
Uri uri = new Uri(auth_provider_url);
string nonce = this.GenerateNonce();
string timeStamp = this.GenerateTimeStamp();
string sig = this.GenerateSignature(uri,
this.ConsumerKey, this.ConsumerSecret, this.Token, this.TokenSecret,
"GET",
timeStamp,
nonce,
out outUrl,
out querystring);
if (method == Method.POST) {
string header = string.Format("--{0}", boundary);
string footer = string.Format("--{0}--", boundary);
StringBuilder contents = new StringBuilder();
contents.AppendLine(header);
string fileHeader = string.Format("Content-Disposition: file; name=\"{0:s}\"; filename=\"{1:s}\"", "media", imageName);
//string fileData = Encoding.GetEncoding(contentEncoding).GetString(File.ReadAllBytes(@"c:\sample_image.png"));
string fileData = ContentEncoding.GetString(image);
contents.AppendLine(fileHeader);
contents.AppendLine(string.Format("Content-Type: {0:s}", FileContentType));
contents.AppendLine();
contents.AppendLine(fileData);
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "username"));
contents.AppendLine();
contents.AppendLine(UserName);
string credentialPattern = "oauth_version=1.0&oauth_nonce={0:s}&oauth_timestamp={1:s}&oauth_consumer_key={2:s}&oauth_token={3:s}"
+ "&oauth_signature_method=HMAC-SHA1&oauth_signature={4:s}";
//string credential = string.Format(credentialPattern, nonce, timeStamp, this.ConsumerKey, this.Token, HttpUtility.UrlEncode(sig));
string credential = string.Format(credentialPattern, nonce, timeStamp, this.ConsumerKey, this.Token, sig);
string CredentialURL = auth_provider_url + "?" + credential;
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "verify_url"));
contents.AppendLine();
contents.AppendLine(CredentialURL);
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "auth"));
contents.AppendLine();
contents.AppendLine("oauth");
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "message"));
contents.AppendLine();
contents.AppendLine(PostMessage);
contents.AppendLine(footer);
byte[] bytes = ContentEncoding.GetBytes(contents.ToString());
webRequest.ContentLength = bytes.Length;
//requestWriter = new StreamWriter(webRequest.GetRequestStream());
Stream requestWriter = webRequest.GetRequestStream();
try {
requestWriter.Write(bytes, 0, bytes.Length);
//requestWriter.Write(bytes, 0, bytes.Length);
}
catch {
throw;
}
finally {
requestWriter.Close();
requestWriter = null;
}
}
responseData = WebResponseGet(webRequest);
webRequest = null;
return responseData;
}
public string oAuthEchoWebRequestForTwipplePhoto(Method method, string url, string auth_provider_url,
byte[] image, string imageName, Encoding ContentEncoding, string FileContentType)
{
HttpWebRequest webRequest = null;
string responseData = "";
webRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
//webRequest.KeepAlive = false;
webRequest.Method = method.ToString();
//webRequest.UserAgent = "Jakarta Commons-HttpClient/3.1";
webRequest.ServicePoint.Expect100Continue = false;
//webRequest.UserAgent = "Identify your application please.";
//webRequest.Timeout = 20000;
string boundary = Guid.NewGuid().ToString();
//string boundary = DateTime.Now.ToString("yyyyMMddHHmmss");
webRequest.ContentType = string.Format("multipart/form-data; boundary={0}", boundary);
//Generate Signature
string outUrl = "";
string querystring = "";
string ret = "";
Uri uri = new Uri(auth_provider_url);
string nonce = this.GenerateNonce();
string timeStamp = this.GenerateTimeStamp();
string sig = this.GenerateSignature(uri,
this.ConsumerKey, this.ConsumerSecret, this.Token, this.TokenSecret,
"GET",
timeStamp,
nonce,
out outUrl,
out querystring);
string credentialPattern = "oauth_version=1.0&oauth_nonce={0:s}&oauth_timestamp={1:s}&oauth_consumer_key={2:s}&oauth_token={3:s}"
+ "&oauth_signature_method=HMAC-SHA1&oauth_signature={4:s}";
//URLエンコードし %3dを%3Dに置換する場合
string UrlEncodeSig = HttpUtility.UrlEncode(sig);
UrlEncodeSig = UrlEncodeSig.Replace("%3d", "%3D");
UrlEncodeSig = UrlEncodeSig.Replace("%2b", "%2B");
string credential = string.Format(credentialPattern, nonce, timeStamp, this.ConsumerKey, this.Token, UrlEncodeSig);
//URLエンコードしない場合
//string credential = string.Format(credentialPattern, nonce, timeStamp, this.ConsumerKey, this.Token, sig);
//URLeエンコードする場合(正しく動作しない)
//string credential = string.Format(credentialPattern, nonce, timeStamp, this.ConsumerKey, this.Token, HttpUtility.UrlEncode(sig));
string CredentialURL = auth_provider_url + "?" + credential;
/*
string credentialPattern = "oauth_consumer_key={0:s}&&oauth_signature_method=HMAC-SHA1&oauth_timestamp={1:s}&oauth_nonce={2:s}&oauth_version=1.0&oauth_token={3:s}&oauth_signature={4:s}";
string credential = string.Format(credentialPattern, this.ConsumerKey, timeStamp, nonce, this.Token, sig);
string CredentialURL = auth_provider_url + "?" + credential;
*/
if (method == Method.POST) {
string header = string.Format("--{0}", boundary);
string footer = string.Format("--{0}--", boundary);
StringBuilder contents = new StringBuilder();
//string fileHeader = string.Format("Content-Disposition: file; name=\"{0:s}\"; filename=\"{1:s}\"", "media", imageName);
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "auth"));
contents.AppendLine("Content-Type: text/plain; charset=US-ASCII");
contents.AppendLine("Content-Transfer-Encoding: 8bit");
contents.AppendLine();
contents.AppendLine("oauth");
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "verify_url"));
contents.AppendLine("Content-Type: text/plain; charset=US-ASCII");
contents.AppendLine("Content-Transfer-Encoding: 8bit");
contents.AppendLine();
contents.AppendLine(CredentialURL);
/*
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "username"));
contents.AppendLine("Content-Type: text/plain; charset=US-ASCII");
contents.AppendLine("Content-Transfer-Encoding: 8bit");
contents.AppendLine();
contents.AppendLine("");
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "password"));
contents.AppendLine("Content-Type: text/plain; charset=US-ASCII");
contents.AppendLine("Content-Transfer-Encoding: 8bit");
contents.AppendLine();
contents.AppendLine("");
*/
string fileHeader = string.Format("Content-Disposition: form-data; name=\"{0:s}\"; filename=\"{1:s}\"", "media", imageName);
//string fileData = Encoding.GetEncoding(contentEncoding).GetString(File.ReadAllBytes(@"c:\sample_image.png"));
string fileData = ContentEncoding.GetString(image);
contents.AppendLine(header);
contents.AppendLine(fileHeader);
contents.AppendLine(string.Format("Content-Type: {0:s}; charset=ISO-8859-1", FileContentType));
contents.AppendLine("Content-Transfer-Encoding: binary");
contents.AppendLine();
contents.AppendLine(fileData);
contents.AppendLine(footer);
byte[] bytes = ContentEncoding.GetBytes(contents.ToString());
webRequest.ContentLength = bytes.Length;
//requestWriter = new StreamWriter(webRequest.GetRequestStream());
Stream requestWriter = webRequest.GetRequestStream();
try {
requestWriter.Write(bytes, 0, bytes.Length);
//requestWriter.Write(bytes, 0, bytes.Length);
}
catch {
throw;
}
finally {
requestWriter.Close();
requestWriter = null;
}
}
responseData = WebResponseGet(webRequest);
webRequest = null;
return responseData;
//HttpWebResponse twitpicResponse = (HttpWebResponse)webRequest.GetResponse();
//StreamReader reader = new StreamReader(twitpicResponse.GetResponseStream());
//return twitpicResponse.StatusCode + ": " + reader.ReadToEnd();
}
public string oAuthEchoWebRequestForTwipplePhotoV2(Method method, string url, string auth_provider_url, string auth_realm_url,
byte[] image, string imageName, Encoding ContentEncoding, string FileContentType)
{
HttpWebRequest webRequest = null;
//StreamWriter requestWriter = null;
string responseData = "";
webRequest = System.Net.WebRequest.Create(url) as HttpWebRequest;
webRequest.Method = method.ToString();
webRequest.ServicePoint.Expect100Continue = false;
//webRequest.UserAgent = "Identify your application please.";
//webRequest.Timeout = 20000;
var boundary = Guid.NewGuid().ToString();
webRequest.ContentType = string.Format("multipart/form-data; boundary={0}", boundary);
string outUrl = "";
string querystring = "";
string ret = "";
//Generate Signature
Uri uri = new Uri(auth_provider_url);
string nonce = this.GenerateNonce();
string timeStamp = this.GenerateTimeStamp();
string sig = this.GenerateSignature(uri,
this.ConsumerKey, this.ConsumerSecret, this.Token, this.TokenSecret,
"GET",
timeStamp,
nonce,
out outUrl,
out querystring);
webRequest.Headers.Add("X-Auth-Service-Provider", auth_provider_url);
string oauthSignaturePattern = "OAuth realm=\"{0:s}\", oauth_consumer_key=\"{1:s}\", oauth_signature_method=\"HMAC-SHA1\","
+ " oauth_token=\"{2:s}\", oauth_timestamp=\"{3:s}\", oauth_nonce=\"{4:s}\", oauth_version=\"1.0\", oauth_signature=\"{5:s}\"";
string authorizationHeader = string.Format(
System.Globalization.CultureInfo.InvariantCulture,
oauthSignaturePattern,
auth_realm_url,
this.ConsumerKey,
this.Token,
timeStamp,
nonce,
HttpUtility.UrlEncode(sig));
webRequest.Headers.Add("X-Verify-Credentials-Authorization", authorizationHeader);
//webRequest.Method = "POST";
webRequest.Method = method.ToString();
if (method == Method.POST) {
string header = string.Format("--{0}", boundary);
string footer = string.Format("--{0}--", boundary);
StringBuilder contents = new StringBuilder();
contents.AppendLine(header);
string fileHeader = string.Format("Content-Disposition: file; name=\"{0:s}\"; filename=\"{1:s}\"", "media", imageName);
//string fileData = Encoding.GetEncoding(contentEncoding).GetString(File.ReadAllBytes(@"c:\sample_image.png"));
string fileData = ContentEncoding.GetString(image);
contents.AppendLine(fileHeader);
contents.AppendLine(string.Format("Content-Type: {0:s}", FileContentType));
contents.AppendLine();
contents.AppendLine(fileData);
/*
contents.AppendLine(header);
contents.AppendLine(string.Format("Content-Disposition: form-data; name=\"{0:s}\"", "key"));
contents.AppendLine();
contents.AppendLine(YFrogAPIKey);
*/
contents.AppendLine(footer);
byte[] bytes = ContentEncoding.GetBytes(contents.ToString());
webRequest.ContentLength = bytes.Length;
//requestWriter = new StreamWriter(webRequest.GetRequestStream());
Stream requestWriter = webRequest.GetRequestStream();
try {
requestWriter.Write(bytes, 0, bytes.Length);
//requestWriter.Write(bytes, 0, bytes.Length);
}
catch {
throw;
}
finally {
requestWriter.Close();
requestWriter = null;
}
}
responseData = WebResponseGet(webRequest);
webRequest = null;
return responseData;
}
/// <summary>
/// Process the web response.
/// </summary>
/// <param name="webRequest">The request object.</param>
/// <returns>The response data.</returns>
public string WebResponseGet(HttpWebRequest webRequest)
{
StreamReader responseReader = null;
string responseData = "";
try {
responseReader = new StreamReader(webRequest.GetResponse().GetResponseStream());
responseData = responseReader.ReadToEnd();
}
catch (WebException exc) {
System.Diagnostics.Debug.WriteLine(exc.Response);
throw;
}
catch {
throw;
}
finally {
webRequest.GetResponse().GetResponseStream().Close();
responseReader.Close();
responseReader = null;
}
return responseData;
}
/// <summary>
/// OAuth Signatureのパラメータを取得
/// </summary>
/// <param name="url"></param>
/// <param name="method"></param>
/// <returns></returns>
public string GetOAthSignature(string url, Method method)
{
string outUrl = "";
Uri uri = new Uri(url);
string nonce = this.GenerateNonce();
string timeStamp = this.GenerateTimeStamp();
string querystring = "";
//Generate Signature
string sig = this.GenerateSignature(uri,
this.ConsumerKey,
this.ConsumerSecret,
this.Token,
this.TokenSecret,
method.ToString(),
timeStamp,
nonce,
out outUrl,
out querystring);
querystring += "&oauth_signature=" + HttpUtility.UrlEncode(sig);
return querystring;
}
}
}
using System;
using System.Security.Cryptography;
using System.Collections.Generic;
using System.Text;
using System.Web;
namespace iPentec.Twitter
{
public class OAuthBase
{
/// <summary>
/// Provides a predefined set of algorithms that are supported officially by the protocol
/// </summary>
public enum SignatureTypes
{
HMACSHA1,
PLAINTEXT,
RSASHA1
}
/// <summary>
/// Provides an internal structure to sort the query parameter
/// </summary>
protected class QueryParameter
{
private string name = null;
private string value = null;
public QueryParameter(string name, string value)
{
this.name = name;
this.value = value;
}
public string Name
{
get { return name; }
}
public string Value
{
get { return value; }
}
}
/// <summary>
/// Comparer class used to perform the sorting of the query parameters
/// </summary>
protected class QueryParameterComparer : IComparer<QueryParameter>
{
#region IComparer<QueryParameter> Members
public int Compare(QueryParameter x, QueryParameter y)
{
if (x.Name == y.Name) {
return string.Compare(x.Value, y.Value);
}
else {
return string.Compare(x.Name, y.Name);
}
}
#endregion
}
protected const string OAuthVersion = "1.0";
protected const string OAuthParameterPrefix = "oauth_";
//
// List of know and used oauth parameters' names
//
protected const string OAuthConsumerKeyKey = "oauth_consumer_key";
protected const string OAuthCallbackKey = "oauth_callback";
protected const string OAuthVersionKey = "oauth_version";
protected const string OAuthSignatureMethodKey = "oauth_signature_method";
protected const string OAuthSignatureKey = "oauth_signature";
protected const string OAuthTimestampKey = "oauth_timestamp";
protected const string OAuthNonceKey = "oauth_nonce";
protected const string OAuthTokenKey = "oauth_token";
protected const string OAuthTokenSecretKey = "oauth_token_secret";
protected const string OAuthVerifierKey = "oauth_verifier"; // JDevlin
protected const string HMACSHA1SignatureType = "HMAC-SHA1";
protected const string PlainTextSignatureType = "PLAINTEXT";
protected const string RSASHA1SignatureType = "RSA-SHA1";
protected Random random = new Random();
protected string unreservedChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_.~";
/// <summary>
/// Helper function to compute a hash value
/// </summary>
/// <param name="hashAlgorithm">The hashing algoirhtm used. If that algorithm needs some initialization, like HMAC and its derivatives, they should be initialized prior to passing it to this function</param>
/// <param name="data">The data to hash</param>
/// <returns>a Base64 string of the hash value</returns>
private string ComputeHash(HashAlgorithm hashAlgorithm, string data)
{
if (hashAlgorithm == null) {
throw new ArgumentNullException("hashAlgorithm");
}
if (string.IsNullOrEmpty(data)) {
throw new ArgumentNullException("data");
}
byte[] dataBuffer = System.Text.Encoding.ASCII.GetBytes(data);
byte[] hashBytes = hashAlgorithm.ComputeHash(dataBuffer);
return Convert.ToBase64String(hashBytes);
}
/// <summary>
/// Internal function to cut out all non oauth query string parameters (all parameters not begining with "oauth_")
/// </summary>
/// <param name="parameters">The query string part of the Url</param>
/// <returns>A list of QueryParameter each containing the parameter name and value</returns>
private List<QueryParameter> GetQueryParameters(string parameters)
{
if (parameters.StartsWith("?")) {
parameters = parameters.Remove(0, 1);
}
List<QueryParameter> result = new List<QueryParameter>();
if (!string.IsNullOrEmpty(parameters)) {
string[] p = parameters.Split('&');
foreach (string s in p) {
if (!string.IsNullOrEmpty(s) && !s.StartsWith(OAuthParameterPrefix)) {
if (s.IndexOf('=') > -1) {
string[] temp = s.Split('=');
result.Add(new QueryParameter(temp[0], temp[1]));
}
else {
result.Add(new QueryParameter(s, string.Empty));
}
}
}
}
return result;
}
/// <summary>
/// This is a different Url Encode implementation since the default .NET one outputs the percent encoding in lower case.
/// While this is not a problem with the percent encoding spec, it is used in upper case throughout OAuth
/// </summary>
/// <param name="value">The value to Url encode</param>
/// <returns>Returns a Url encoded string</returns>
protected string UrlEncode(string value)
{
StringBuilder result = new StringBuilder();
foreach (char symbol in value) {
if (unreservedChars.IndexOf(symbol) != -1) {
result.Append(symbol);
}
else {
result.Append('%' + String.Format("{0:X2}", (int)symbol));
}
}
return result.ToString();
}
protected string UrlEncode(string value, Encoding encode)
{
StringBuilder result = new StringBuilder();
byte[] data = encode.GetBytes(value);
int len = data.Length;
for (int i = 0; i < len; i++) {
int c = data[i];
if (c < 0x80 && unreservedChars.IndexOf((char)c) != -1) {
result.Append((char)c);
}
else {
result.Append('%' + String.Format("{0:X2}", (int)data[i]));
}
}
return result.ToString();
}
/// <summary>
/// Normalizes the request parameters according to the spec
/// </summary>
/// <param name="parameters">The list of parameters already sorted</param>
/// <returns>a string representing the normalized parameters</returns>
protected string NormalizeRequestParameters(IList<QueryParameter> parameters)
{
StringBuilder sb = new StringBuilder();
QueryParameter p = null;
for (int i = 0; i < parameters.Count; i++) {
p = parameters[i];
sb.AppendFormat("{0}={1}", p.Name, p.Value);
if (i < parameters.Count - 1) {
sb.Append("&");
}
}
return sb.ToString();
}
/// <summary>
/// Generate the signature base that is used to produce the signature
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="signatureType">The signature type. To use the default values use <see cref="OAuthBase.SignatureTypes">OAuthBase.SignatureTypes</see>.</param>
/// <returns>The signature base</returns>
public string GenerateSignatureBase(Uri url, string consumerKey, string token, string tokenSecret, string httpMethod, string timeStamp,
string nonce, string signatureType, out string normalizedUrl, out string normalizedRequestParameters)
{
if (token == null) {
token = string.Empty;
}
if (tokenSecret == null) {
tokenSecret = string.Empty;
}
if (string.IsNullOrEmpty(consumerKey)) {
throw new ArgumentNullException("consumerKey");
}
if (string.IsNullOrEmpty(httpMethod)) {
throw new ArgumentNullException("httpMethod");
}
if (string.IsNullOrEmpty(signatureType)) {
throw new ArgumentNullException("signatureType");
}
normalizedUrl = null;
normalizedRequestParameters = null;
List<QueryParameter> parameters = GetQueryParameters(url.Query);
parameters.Add(new QueryParameter(OAuthVersionKey, OAuthVersion));
parameters.Add(new QueryParameter(OAuthNonceKey, nonce));
parameters.Add(new QueryParameter(OAuthTimestampKey, timeStamp));
parameters.Add(new QueryParameter(OAuthSignatureMethodKey, signatureType));
parameters.Add(new QueryParameter(OAuthConsumerKeyKey, consumerKey));
if (!string.IsNullOrEmpty(token)) {
parameters.Add(new QueryParameter(OAuthTokenKey, token));
}
parameters.Sort(new QueryParameterComparer());
normalizedUrl = string.Format("{0}://{1}", url.Scheme, url.Host);
if (!((url.Scheme == "http" && url.Port == 80) || (url.Scheme == "https" && url.Port == 443))) {
normalizedUrl += ":" + url.Port;
}
normalizedUrl += url.AbsolutePath;
normalizedRequestParameters = NormalizeRequestParameters(parameters);
StringBuilder signatureBase = new StringBuilder();
signatureBase.AppendFormat("{0}&", httpMethod.ToUpper());
//signatureBase.AppendFormat("{0}&", UrlEncode(normalizedUrl));
//signatureBase.AppendFormat("{0}", UrlEncode(normalizedRequestParameters));
signatureBase.AppendFormat("{0}&", UrlEncode(normalizedUrl));
signatureBase.AppendFormat("{0}", UrlEncode(normalizedRequestParameters));
return signatureBase.ToString();
}
public string GenerateOAuthAuthorizationHeader(Uri url, string consumerKey, string token, string tokenSecret, string httpMethod, string timeStamp,
string nonce, string signatureType, string signature)
{
//OAuth ヘッダ用文字列の作成
string HeaderStr = "OAuth ";
HeaderStr += string.Format("{0:s}=\"{1:s}\",", OAuthConsumerKeyKey, consumerKey);
HeaderStr += string.Format("{0:s}=\"{1:s}\",", OAuthNonceKey, nonce);
HeaderStr += string.Format("{0:s}=\"{1:s}\",", OAuthSignatureMethodKey, signatureType);
HeaderStr += string.Format("{0:s}=\"{1:s}\",", OAuthTimestampKey, timeStamp);
HeaderStr += string.Format("{0:s}=\"{1:s}\",", OAuthTokenKey, token);
HeaderStr += string.Format("{0:s}=\"{1:s}\",", OAuthVersionKey, OAuthVersion);
HeaderStr += string.Format("{0:s}=\"{1:s}\"", OAuthSignatureKey, signature);
//headerStr += string.Format("oauth_signature=\"{0:s}\"", HttpUtility.UrlEncode(sig));
return HeaderStr;
}
/// <summary>
/// Generate the signature base that is used to produce the signature
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="signatureType">The signature type. To use the default values use <see cref="OAuthBase.SignatureTypes">OAuthBase.SignatureTypes</see>.</param>
/// <returns>The signature base</returns>
public string GenerateSignatureBase(Uri url, string consumerKey, string token, string tokenSecret, string httpMethod, string timeStamp,
string nonce, string PIN, string signatureType, out string normalizedUrl, out string normalizedRequestParameters)
{
if (token == null) {
token = string.Empty;
}
if (tokenSecret == null) {
tokenSecret = string.Empty;
}
if (string.IsNullOrEmpty(consumerKey)) {
throw new ArgumentNullException("consumerKey");
}
if (string.IsNullOrEmpty(httpMethod)) {
throw new ArgumentNullException("httpMethod");
}
if (string.IsNullOrEmpty(signatureType)) {
throw new ArgumentNullException("signatureType");
}
normalizedUrl = null;
normalizedRequestParameters = null;
List<QueryParameter> parameters = GetQueryParameters(url.Query);
parameters.Add(new QueryParameter(OAuthVersionKey, OAuthVersion));
parameters.Add(new QueryParameter(OAuthNonceKey, nonce));
parameters.Add(new QueryParameter(OAuthTimestampKey, timeStamp));
parameters.Add(new QueryParameter(OAuthSignatureMethodKey, signatureType));
parameters.Add(new QueryParameter(OAuthConsumerKeyKey, consumerKey));
if (!string.IsNullOrEmpty(token)) {
parameters.Add(new QueryParameter(OAuthTokenKey, token));
}
// JDevlin: support for PIN-based auth
if (!String.IsNullOrEmpty(PIN)) {
parameters.Add(new QueryParameter(OAuthVerifierKey, PIN));
}
parameters.Sort(new QueryParameterComparer());
normalizedUrl = string.Format("{0}://{1}", url.Scheme, url.Host);
if (!((url.Scheme == "http" && url.Port == 80) || (url.Scheme == "https" && url.Port == 443))) {
normalizedUrl += ":" + url.Port;
}
normalizedUrl += url.AbsolutePath;
normalizedRequestParameters = NormalizeRequestParameters(parameters);
StringBuilder signatureBase = new StringBuilder();
signatureBase.AppendFormat("{0}&", httpMethod.ToUpper());
signatureBase.AppendFormat("{0}&", UrlEncode(normalizedUrl));
signatureBase.AppendFormat("{0}", UrlEncode(normalizedRequestParameters));
return signatureBase.ToString();
}
/// <summary>
/// Generate the signature value based on the given signature base and hash algorithm
/// </summary>
/// <param name="signatureBase">The signature based as produced by the GenerateSignatureBase method or by any other means</param>
/// <param name="hash">The hash algorithm used to perform the hashing. If the hashing algorithm requires initialization or a key it should be set prior to calling this method</param>
/// <returns>A base64 string of the hash value</returns>
public string GenerateSignatureUsingHash(string signatureBase, HashAlgorithm hash)
{
return ComputeHash(hash, signatureBase);
}
/// <summary>
/// Generates a signature using the HMAC-SHA1 algorithm
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="consumerSecret">The consumer seceret</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <returns>A base64 string of the hash value</returns>
public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod,
string timeStamp, string nonce, out string normalizedUrl, out string normalizedRequestParameters)
{
return GenerateSignature(url, consumerKey, consumerSecret, token, tokenSecret, httpMethod, timeStamp, nonce, SignatureTypes.HMACSHA1,
out normalizedUrl, out normalizedRequestParameters);
}
/// <summary>
/// Generates a signature using the specified signatureType
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="consumerSecret">The consumer seceret</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="signatureType">The type of signature to use</param>
/// <returns>A base64 string of the hash value</returns>
public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod,
string timeStamp, string nonce, SignatureTypes signatureType, out string normalizedUrl, out string normalizedRequestParameters)
{
normalizedUrl = null;
normalizedRequestParameters = null;
switch (signatureType) {
case SignatureTypes.PLAINTEXT:
//return HttpUtility.UrlEncode(string.Format("{0}&{1}", consumerSecret, tokenSecret));
return HttpUtility.UrlEncode(string.Format("{0}&{1}", consumerSecret, tokenSecret), Encoding.UTF8);
case SignatureTypes.HMACSHA1:
string signatureBase = GenerateSignatureBase(url, consumerKey, token, tokenSecret, httpMethod, timeStamp, nonce, HMACSHA1SignatureType, out normalizedUrl, out normalizedRequestParameters);
HMACSHA1 hmacsha1 = new HMACSHA1();
//hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}&{1}", UrlEncode(consumerSecret), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret)));
hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}&{1}", UrlEncode(consumerSecret), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret)));
return GenerateSignatureUsingHash(signatureBase, hmacsha1);
case SignatureTypes.RSASHA1:
throw new NotImplementedException();
default:
throw new ArgumentException("Unknown signature type", "signatureType");
}
}
/// <summary>
/// Generates a signature using the HMAC-SHA1 algorithm
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="consumerSecret">The consumer seceret</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <returns>A base64 string of the hash value</returns>
public string GenerateSignatureWithPIN(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, /* JDevlin*/ string PIN, out string normalizedUrl, out string normalizedRequestParameters)
{
return GenerateSignatureWithPIN(url, consumerKey, consumerSecret, token, tokenSecret, httpMethod, timeStamp, nonce, PIN, SignatureTypes.HMACSHA1, out normalizedUrl, out normalizedRequestParameters);
}
/// <summary>
/// Generates a signature using the specified signatureType
/// </summary>
/// <param name="url">The full url that needs to be signed including its non OAuth url parameters</param>
/// <param name="consumerKey">The consumer key</param>
/// <param name="consumerSecret">The consumer seceret</param>
/// <param name="token">The token, if available. If not available pass null or an empty string</param>
/// <param name="tokenSecret">The token secret, if available. If not available pass null or an empty string</param>
/// <param name="httpMethod">The http method used. Must be a valid HTTP method verb (POST,GET,PUT, etc)</param>
/// <param name="signatureType">The type of signature to use</param>
/// <returns>A base64 string of the hash value</returns>
public string GenerateSignatureWithPIN(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp,
string nonce, string PIN /*JDevlin*/, SignatureTypes signatureType, out string normalizedUrl, out string normalizedRequestParameters)
{
normalizedUrl = null;
normalizedRequestParameters = null;
switch (signatureType) {
case SignatureTypes.PLAINTEXT:
return HttpUtility.UrlEncode(string.Format("{0}&{1}", consumerSecret, tokenSecret));
case SignatureTypes.HMACSHA1:
string signatureBase = GenerateSignatureBase(url, consumerKey, token, tokenSecret, httpMethod, timeStamp, nonce, PIN, HMACSHA1SignatureType, out normalizedUrl, out normalizedRequestParameters);
HMACSHA1 hmacsha1 = new HMACSHA1();
hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}&{1}", UrlEncode(consumerSecret), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret)));
return GenerateSignatureUsingHash(signatureBase, hmacsha1);
case SignatureTypes.RSASHA1:
throw new NotImplementedException();
default:
throw new ArgumentException("Unknown signature type", "signatureType");
}
}
/// <summary>
/// Generate the timestamp for the signature
/// </summary>
/// <returns></returns>
public virtual string GenerateTimeStamp()
{
// Default implementation of UNIX time of the current UTC time
TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0);
return Convert.ToInt64(ts.TotalSeconds).ToString();
}
/// <summary>
/// Generate a nonce
/// </summary>
/// <returns></returns>
public virtual string GenerateNonce()
{
// Just a simple implementation of a random number between 123400 and 9999999
return random.Next(123400, 9999999).ToString();
}
}
}
