Comments on: OAuth C# (very) Basic Library http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/ Not biting dust since 2005 Wed, 18 Jan 2012 09:38:00 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Deepakhttp://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-61485 Deepak Tue, 31 May 2011 06:26:26 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-61485 Another solution is SocialAuth.NET (http://code.google.com/p/socialauth-net/) This library takes care of all handshake with provider and expose methods like Login(), GetProfile() and GetContacts(). Infact it also provides option to use its inbuilt authentication engine using which a site with no authentication can be turned authentication enabled with Yahoo, Google, Facebook and MSN in less than 10 minutes. Another solution is SocialAuth.NET (http://code.google.com/p/socialauth-net/) This library takes care of all handshake with provider and expose methods like Login(), GetProfile() and GetContacts(). Infact it also provides option to use its inbuilt authentication engine using which a site with no authentication can be turned authentication enabled with Yahoo, Google, Facebook and MSN in less than 10 minutes.

]]> By: Matthiashttp://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-60276 Matthias Tue, 10 May 2011 08:09:40 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-60276 One little detail: the GenerateTimestamp method currently only works when a dot (.) is used with decimal numbers. When a comma (,) is used the code fails. A workaround would be to use the NumberDecimalProperty of the NumberFormatInfo class, like so:/// /// Generate the timestamp for the signature /// /// public virtual string GenerateTimeStamp() { // Default implementation of UNIX time of the current UTC time TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0); string timeStamp = ts.TotalSeconds.ToString(); timeStamp = timeStamp.Substring(0, timeStamp.IndexOf(CultureInfo.CurrentCulture.NumberFormat.NumberDecimalSeparator)); return timeStamp; } One little detail: the GenerateTimestamp method currently only works when a dot (.) is used with decimal numbers. When a comma (,) is used the code fails. A workaround would be to use the NumberDecimalProperty of the NumberFormatInfo class, like so:

///
/// Generate the timestamp for the signature
///
///
public virtual string GenerateTimeStamp() {
// Default implementation of UNIX time of the current UTC time
TimeSpan ts = DateTime.UtcNow – new DateTime(1970, 1, 1, 0, 0, 0, 0);
string timeStamp = ts.TotalSeconds.ToString();
timeStamp = timeStamp.Substring(0,
timeStamp.IndexOf(CultureInfo.CurrentCulture.NumberFormat.NumberDecimalSeparator));
return timeStamp;
}

]]> By: Bobbyhttp://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-53737 Bobby Thu, 02 Dec 2010 21:04:25 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-53737 I"m new to OAuth, I understand the idea and the steps necessary to execute the protocol. I'm having a rough time with obtaining the auth token. I can't get anything but "400 Bad Request" from the Google Analytics server. I know this isn't a lot of information but does anyone have any ideas?I really appreciate it. I”m new to OAuth, I understand the idea and the steps necessary to execute the protocol. I’m having a rough time with obtaining the auth token. I can’t get anything but “400 Bad Request” from the Google Analytics server. I know this isn’t a lot of information but does anyone have any ideas?

I really appreciate it.

]]> By: Eran Sandlerhttp://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-42798 Eran Sandler Fri, 19 Feb 2010 07:03:22 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-42798 I would suggest to use the signature code from google. I think they have that in their sdk. At first glance this seems to be a signature issue so check the parameters you pass to the signature function. I would suggest to use the signature code from google. I think they have that in their sdk. At first glance this seems to be a signature issue so check the parameters you pass to the signature function.

]]> By: venkatahttp://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-42201 venkata Wed, 03 Feb 2010 16:18:50 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-42201 hi,I am trying to develop an appilication which will contact google using OAuth.but i am getting this error messagesignature_invalid base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetRequestToken&oauth_consumer_key%3Dwww.frooly.com%26oauth_nonce%3D8841340%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1265201014%26oauth_version%3D1.0%26scope%3Dhttp%253A%252F%252Fwww.google.com%252Fcalendar%252FfeedsI have registered with google and got consumer key and secret also. and the domain is status is Active.well my code is able to get the request token from twitter but fails with google. any idea ?please help me.kind regards, hi,

I am trying to develop an appilication which will contact google using OAuth.

but i am getting this error message

signature_invalid
base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetRequestToken&oauth_consumer_key%3Dwww.frooly.com%26oauth_nonce%3D8841340%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1265201014%26oauth_version%3D1.0%26scope%3Dhttp%253A%252F%252Fwww.google.com%252Fcalendar%252Ffeeds

I have registered with google and got consumer key and secret also. and the domain is status is Active.

well my code is able to get the request token from twitter but fails with google. any idea ?

please help me.

kind regards,

]]> By: David Friedmanhttp://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-36988 David Friedman Tue, 13 Oct 2009 09:47:22 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-36988 Hello Eran!Your Oauth Base class gave me a big help! I've started only with a portion of the features of OAuth, so Your basic C# was a big help. However :), maybe my experience could help others too: - Your UrlEncode is not prepared for international characters - i returned to HttpUtiliity.UrlEncode and capitalised the %__ parts - QueryParameterComparer used Compare needs the extra (3rd) StringComparison.Ordinal parameter to Order the params in the specified ("lexicographical byte value ordering") order (all capitalised ABC first, then comes abc). thnx, {:-D Hello Eran!

Your Oauth Base class gave me a big help! I’ve started only with a portion of the features of OAuth, so Your basic C# was a big help.
However :), maybe my experience could help others too:
- Your UrlEncode is not prepared for international characters – i returned to HttpUtiliity.UrlEncode and capitalised the %__ parts
- QueryParameterComparer used Compare needs the extra (3rd) StringComparison.Ordinal parameter to Order the params in the specified (“lexicographical byte value ordering”) order (all capitalised ABC first, then comes abc).
thnx,
{:-D

]]> By: Eran Sandlerhttp://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-27035 Eran Sandler Fri, 24 Oct 2008 09:17:22 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-27035 David, have you looked at this step-by-step tutorial by Jospeh Smarr - http://josephsmarr.com/2008/10/01/using-netflixs-new-api-a-step-by-step-guide/It has all the values of each steps that you can compare and see if it all works well. David, have you looked at this step-by-step tutorial by Jospeh Smarr – http://josephsmarr.com/2008/10/01/using-netflixs-new-api-a-step-by-step-guide/

It has all the values of each steps that you can compare and see if it all works well.

]]> By: Davidhttp://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-27032 David Thu, 23 Oct 2008 18:07:26 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-27032 I'm trying it out, but the signatures it is generating are not accepted by the Netflix API...I get a bad request I was wondering if I can be of some help to debug it. I’m trying it out, but the signatures it is generating are not accepted by the Netflix API…I get a bad request
I was wondering if I can be of some help to debug it.

]]> By: memelhttp://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-26717 memel Mon, 22 Sep 2008 20:10:42 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-26717 has someone a solution that works in app opensocial, accessing a page in c #?the code below (Suggested by Mukesh) always return false.if (!string.IsNullOrEmpty(Request["oauth_signature"])) {string certificateValue = @"-----BEGIN CERTIFICATE----- MIIDHDCCAoWgAwIBAgIJAMbTCksqLiWeMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIG A1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlh bjAeFw0wODAxMDgxOTE1MjdaFw0wOTAxMDcxOTE1MjdaMGgxCzAJBgNVBAYTAlVT MQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChML R29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlhbjCBnzAN BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAseBXZ4NDhm24nX3sJRiZJhvy9eDZX12G j4HWAMmhAcnm2iBgYpAigwhVHtOs+ZIUIdzQHvHeNd0ydc1Jg8e+C+Mlzo38OvaG D3qwvzJ0LNn7L80c0XVrvEALdD9zrO+0XSZpTK9PJrl2W59lZlJFUk3pV+jFR8NY eB/fto7AVtECAwEAAaOBzTCByjAdBgNVHQ4EFgQUv7TZGZaI+FifzjpTVjtPHSvb XqUwgZoGA1UdIwSBkjCBj4AUv7TZGZaI+FifzjpTVjtPHSvbXqWhbKRqMGgxCzAJ BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEU MBIGA1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVs cnlhboIJAMbTCksqLiWeMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA CETnhlEnCJVDXoEtSSwUBLP/147sqiu9a4TNqchTHJObwTwDPUMaU6XIs2OTMmFu GeIYpkHXzTa9Q6IKlc7Bt2xkSeY3siRWCxvZekMxPvv7YTcnaVlZzHrVfAzqNsTG P3J//C0j+8JWg6G+zuo5k7pNRKDY76GxxHPYamdLfwk= -----END CERTIFICATE-----";X509Certificate2 cert = new X509Certificate2(Encoding.ASCII.GetBytes(certificateValue), "", X509KeyStorageFlags.MachineKeySet); System.Collections.Specialized.NameValueCollection queryString = Request.QueryString; string signature = Request["oauth_signature"]; //Base64Decoder decoder = new Base64Decoder(signature.ToCharArray()); byte[] sign = Convert.FromBase64String(signature);String urvl, urlNPAM;RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)cert.PublicKey.Key; OAuth.OAuthBase asd = new OAuth.OAuthBase(); string url = Request.Url.ToString(); foreach (string name in Request.Form) url += "&" + name + "=" + Request.Form[name]; Uri reqURi = new Uri(url); string signatureBase = asd.GenerateSignatureBase(reqURi, Request["oauth_consumer_key"], "", "", Request.ServerVariables["REQUEST_METHOD"].ToUpper(), Request["oauth_timestamp"], Request["oauth_nonce"], Request["oauth_signature_method"], out urvl, out urlNPAM); bool rtn = rsa.VerifyData( Encoding.ASCII.GetBytes(signatureBase), "SHA1", sign); Response.Write(rtn); } has someone a solution that works in app opensocial, accessing a page in c #?

the code below (Suggested by Mukesh) always return false.

if (!string.IsNullOrEmpty(Request["oauth_signature"]))
{

string certificateValue = @”—–BEGIN CERTIFICATE—–
MIIDHDCCAoWgAwIBAgIJAMbTCksqLiWeMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIG
A1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlh
bjAeFw0wODAxMDgxOTE1MjdaFw0wOTAxMDcxOTE1MjdaMGgxCzAJBgNVBAYTAlVT
MQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChML
R29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlhbjCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAseBXZ4NDhm24nX3sJRiZJhvy9eDZX12G
j4HWAMmhAcnm2iBgYpAigwhVHtOs+ZIUIdzQHvHeNd0ydc1Jg8e+C+Mlzo38OvaG
D3qwvzJ0LNn7L80c0XVrvEALdD9zrO+0XSZpTK9PJrl2W59lZlJFUk3pV+jFR8NY
eB/fto7AVtECAwEAAaOBzTCByjAdBgNVHQ4EFgQUv7TZGZaI+FifzjpTVjtPHSvb
XqUwgZoGA1UdIwSBkjCBj4AUv7TZGZaI+FifzjpTVjtPHSvbXqWhbKRqMGgxCzAJ
BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEU
MBIGA1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVs
cnlhboIJAMbTCksqLiWeMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA
CETnhlEnCJVDXoEtSSwUBLP/147sqiu9a4TNqchTHJObwTwDPUMaU6XIs2OTMmFu
GeIYpkHXzTa9Q6IKlc7Bt2xkSeY3siRWCxvZekMxPvv7YTcnaVlZzHrVfAzqNsTG
P3J//C0j+8JWg6G+zuo5k7pNRKDY76GxxHPYamdLfwk=
—–END CERTIFICATE—–”;

X509Certificate2 cert = new X509Certificate2(Encoding.ASCII.GetBytes(certificateValue), “”, X509KeyStorageFlags.MachineKeySet);
System.Collections.Specialized.NameValueCollection queryString = Request.QueryString;
string signature = Request["oauth_signature"];
//Base64Decoder decoder = new Base64Decoder(signature.ToCharArray());
byte[] sign = Convert.FromBase64String(signature);

String urvl, urlNPAM;

RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)cert.PublicKey.Key;
OAuth.OAuthBase asd = new OAuth.OAuthBase();
string url = Request.Url.ToString();
foreach (string name in Request.Form)
url += “&” + name + “=” + Request.Form[name];
Uri reqURi = new Uri(url);
string signatureBase = asd.GenerateSignatureBase(reqURi, Request["oauth_consumer_key"], “”, “”,
Request.ServerVariables["REQUEST_METHOD"].ToUpper(), Request["oauth_timestamp"],
Request["oauth_nonce"], Request["oauth_signature_method"], out urvl, out urlNPAM);
bool rtn = rsa.VerifyData(
Encoding.ASCII.GetBytes(signatureBase), “SHA1″, sign);

Response.Write(rtn);
}

]]> By: Mukeshhttp://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-26393 Mukesh Thu, 07 Aug 2008 11:55:53 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-26393 I have an Another Solution For error when request having both post and get datahttp://coderheaven.blogspot.com/2008/08/authenticate-oauth-signature-in-corkut.html I have an Another Solution For error when request having both post and get data

http://coderheaven.blogspot.com/2008/08/authenticate-oauth-signature-in-corkut.html

]]>