Comments on: OAuth C# (very) Basic Library http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/ Not biting dust since 2005 Tue, 09 Mar 2010 12:08:07 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Eran Sandler http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-42798 Eran Sandler Fri, 19 Feb 2010 07:03:22 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-42798 I would suggest to use the signature code from google. I think they have that in their sdk. At first glance this seems to be a signature issue so check the parameters you pass to the signature function. I would suggest to use the signature code from google. I think they have that in their sdk. At first glance this seems to be a signature issue so check the parameters you pass to the signature function.

]]> By: venkata http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-42201 venkata Wed, 03 Feb 2010 16:18:50 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-42201 hi, I am trying to develop an appilication which will contact google using OAuth. but i am getting this error message signature_invalid base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetRequestToken&oauth_consumer_key%3Dwww.frooly.com%26oauth_nonce%3D8841340%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1265201014%26oauth_version%3D1.0%26scope%3Dhttp%253A%252F%252Fwww.google.com%252Fcalendar%252Ffeeds I have registered with google and got consumer key and secret also. and the domain is status is Active. well my code is able to get the request token from twitter but fails with google. any idea ? please help me. kind regards, hi,

I am trying to develop an appilication which will contact google using OAuth.

but i am getting this error message

signature_invalid
base_string:GET&https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthGetRequestToken&oauth_consumer_key%3Dwww.frooly.com%26oauth_nonce%3D8841340%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1265201014%26oauth_version%3D1.0%26scope%3Dhttp%253A%252F%252Fwww.google.com%252Fcalendar%252Ffeeds

I have registered with google and got consumer key and secret also. and the domain is status is Active.

well my code is able to get the request token from twitter but fails with google. any idea ?

please help me.

kind regards,

]]> By: David Friedman http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-36988 David Friedman Tue, 13 Oct 2009 09:47:22 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-36988 Hello Eran! Your Oauth Base class gave me a big help! I've started only with a portion of the features of OAuth, so Your basic C# was a big help. However :), maybe my experience could help others too: - Your UrlEncode is not prepared for international characters - i returned to HttpUtiliity.UrlEncode and capitalised the %__ parts - QueryParameterComparer used Compare needs the extra (3rd) StringComparison.Ordinal parameter to Order the params in the specified ("lexicographical byte value ordering") order (all capitalised ABC first, then comes abc). thnx, {:-D Hello Eran!

Your Oauth Base class gave me a big help! I’ve started only with a portion of the features of OAuth, so Your basic C# was a big help.
However :) , maybe my experience could help others too:
- Your UrlEncode is not prepared for international characters – i returned to HttpUtiliity.UrlEncode and capitalised the %__ parts
- QueryParameterComparer used Compare needs the extra (3rd) StringComparison.Ordinal parameter to Order the params in the specified (“lexicographical byte value ordering”) order (all capitalised ABC first, then comes abc).
thnx,
{:-D

]]> By: Eran Sandler http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-27035 Eran Sandler Fri, 24 Oct 2008 09:17:22 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-27035 David, have you looked at this step-by-step tutorial by Jospeh Smarr - http://josephsmarr.com/2008/10/01/using-netflixs-new-api-a-step-by-step-guide/ It has all the values of each steps that you can compare and see if it all works well. David, have you looked at this step-by-step tutorial by Jospeh Smarr – http://josephsmarr.com/2008/10/01/using-netflixs-new-api-a-step-by-step-guide/

It has all the values of each steps that you can compare and see if it all works well.

]]> By: David http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-27032 David Thu, 23 Oct 2008 18:07:26 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-27032 I'm trying it out, but the signatures it is generating are not accepted by the Netflix API...I get a bad request I was wondering if I can be of some help to debug it. I’m trying it out, but the signatures it is generating are not accepted by the Netflix API…I get a bad request
I was wondering if I can be of some help to debug it.

]]> By: memel http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-26717 memel Mon, 22 Sep 2008 20:10:42 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-26717 has someone a solution that works in app opensocial, accessing a page in c #? the code below (Suggested by Mukesh) always return false. if (!string.IsNullOrEmpty(Request["oauth_signature"])) { string certificateValue = @"-----BEGIN CERTIFICATE----- MIIDHDCCAoWgAwIBAgIJAMbTCksqLiWeMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIG A1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlh bjAeFw0wODAxMDgxOTE1MjdaFw0wOTAxMDcxOTE1MjdaMGgxCzAJBgNVBAYTAlVT MQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChML R29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlhbjCBnzAN BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAseBXZ4NDhm24nX3sJRiZJhvy9eDZX12G j4HWAMmhAcnm2iBgYpAigwhVHtOs+ZIUIdzQHvHeNd0ydc1Jg8e+C+Mlzo38OvaG D3qwvzJ0LNn7L80c0XVrvEALdD9zrO+0XSZpTK9PJrl2W59lZlJFUk3pV+jFR8NY eB/fto7AVtECAwEAAaOBzTCByjAdBgNVHQ4EFgQUv7TZGZaI+FifzjpTVjtPHSvb XqUwgZoGA1UdIwSBkjCBj4AUv7TZGZaI+FifzjpTVjtPHSvbXqWhbKRqMGgxCzAJ BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEU MBIGA1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVs cnlhboIJAMbTCksqLiWeMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA CETnhlEnCJVDXoEtSSwUBLP/147sqiu9a4TNqchTHJObwTwDPUMaU6XIs2OTMmFu GeIYpkHXzTa9Q6IKlc7Bt2xkSeY3siRWCxvZekMxPvv7YTcnaVlZzHrVfAzqNsTG P3J//C0j+8JWg6G+zuo5k7pNRKDY76GxxHPYamdLfwk= -----END CERTIFICATE-----"; X509Certificate2 cert = new X509Certificate2(Encoding.ASCII.GetBytes(certificateValue), "", X509KeyStorageFlags.MachineKeySet); System.Collections.Specialized.NameValueCollection queryString = Request.QueryString; string signature = Request["oauth_signature"]; //Base64Decoder decoder = new Base64Decoder(signature.ToCharArray()); byte[] sign = Convert.FromBase64String(signature); String urvl, urlNPAM; RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)cert.PublicKey.Key; OAuth.OAuthBase asd = new OAuth.OAuthBase(); string url = Request.Url.ToString(); foreach (string name in Request.Form) url += "&" + name + "=" + Request.Form[name]; Uri reqURi = new Uri(url); string signatureBase = asd.GenerateSignatureBase(reqURi, Request["oauth_consumer_key"], "", "", Request.ServerVariables["REQUEST_METHOD"].ToUpper(), Request["oauth_timestamp"], Request["oauth_nonce"], Request["oauth_signature_method"], out urvl, out urlNPAM); bool rtn = rsa.VerifyData( Encoding.ASCII.GetBytes(signatureBase), "SHA1", sign); Response.Write(rtn); } has someone a solution that works in app opensocial, accessing a page in c #?

the code below (Suggested by Mukesh) always return false.

if (!string.IsNullOrEmpty(Request["oauth_signature"]))
{

string certificateValue = @”—–BEGIN CERTIFICATE—–
MIIDHDCCAoWgAwIBAgIJAMbTCksqLiWeMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIG
A1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlh
bjAeFw0wODAxMDgxOTE1MjdaFw0wOTAxMDcxOTE1MjdaMGgxCzAJBgNVBAYTAlVT
MQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChML
R29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlhbjCBnzAN
BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAseBXZ4NDhm24nX3sJRiZJhvy9eDZX12G
j4HWAMmhAcnm2iBgYpAigwhVHtOs+ZIUIdzQHvHeNd0ydc1Jg8e+C+Mlzo38OvaG
D3qwvzJ0LNn7L80c0XVrvEALdD9zrO+0XSZpTK9PJrl2W59lZlJFUk3pV+jFR8NY
eB/fto7AVtECAwEAAaOBzTCByjAdBgNVHQ4EFgQUv7TZGZaI+FifzjpTVjtPHSvb
XqUwgZoGA1UdIwSBkjCBj4AUv7TZGZaI+FifzjpTVjtPHSvbXqWhbKRqMGgxCzAJ
BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEU
MBIGA1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVs
cnlhboIJAMbTCksqLiWeMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA
CETnhlEnCJVDXoEtSSwUBLP/147sqiu9a4TNqchTHJObwTwDPUMaU6XIs2OTMmFu
GeIYpkHXzTa9Q6IKlc7Bt2xkSeY3siRWCxvZekMxPvv7YTcnaVlZzHrVfAzqNsTG
P3J//C0j+8JWg6G+zuo5k7pNRKDY76GxxHPYamdLfwk=
—–END CERTIFICATE—–”;

X509Certificate2 cert = new X509Certificate2(Encoding.ASCII.GetBytes(certificateValue), “”, X509KeyStorageFlags.MachineKeySet);
System.Collections.Specialized.NameValueCollection queryString = Request.QueryString;
string signature = Request["oauth_signature"];
//Base64Decoder decoder = new Base64Decoder(signature.ToCharArray());
byte[] sign = Convert.FromBase64String(signature);

String urvl, urlNPAM;

RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)cert.PublicKey.Key;
OAuth.OAuthBase asd = new OAuth.OAuthBase();
string url = Request.Url.ToString();
foreach (string name in Request.Form)
url += “&” + name + “=” + Request.Form[name];
Uri reqURi = new Uri(url);
string signatureBase = asd.GenerateSignatureBase(reqURi, Request["oauth_consumer_key"], “”, “”,
Request.ServerVariables["REQUEST_METHOD"].ToUpper(), Request["oauth_timestamp"],
Request["oauth_nonce"], Request["oauth_signature_method"], out urvl, out urlNPAM);
bool rtn = rsa.VerifyData(
Encoding.ASCII.GetBytes(signatureBase), “SHA1″, sign);

Response.Write(rtn);
}

]]> By: Mukesh http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-26393 Mukesh Thu, 07 Aug 2008 11:55:53 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-26393 I have an Another Solution For error when request having both post and get data http://coderheaven.blogspot.com/2008/08/authenticate-oauth-signature-in-corkut.html I have an Another Solution For error when request having both post and get data

http://coderheaven.blogspot.com/2008/08/authenticate-oauth-signature-in-corkut.html

]]> By: Eran Sandler http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-23665 Eran Sandler Mon, 19 May 2008 13:35:19 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-23665 Hi Steve, I've checked in a version that simply casts the double returned from ts.TotalSeconds into an int64 (just in case) so that the "ToString" method will not return a decimal number (only an integer) which is what you need. The latest version is checked in so you can get it from the usual place. Hi Steve,

I’ve checked in a version that simply casts the double returned from ts.TotalSeconds into an int64 (just in case) so that the “ToString” method will not return a decimal number (only an integer) which is what you need.

The latest version is checked in so you can get it from the usual place.

]]> By: Eran Sandler http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-21329 Eran Sandler Tue, 22 Apr 2008 19:16:18 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-21329 Hi Steve, thanks for the fix. Perhaps I was too precise with that time :-) I think there is a better way of fixing it instead of substringing the timestamp string, but I'll look into that and release a fix. Hi Steve, thanks for the fix.
Perhaps I was too precise with that time :-)

I think there is a better way of fixing it instead of substringing the timestamp string, but I’ll look into that and release a fix.

]]> By: Steve http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/comment-page-1/#comment-21051 Steve Sun, 20 Apr 2008 02:19:31 +0000 http://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/#comment-21051 maybe its just me, but using this c# library, the timestamp it generates is incorrect. it comes out with . ex (1208643626.611) - if i cut off the .611, then it works. Otherwise I get invalid signature when doing oauth requests (tested here: http://term.ie/oauth/example/) and with the pownce oauth... I changed GetTimeStamp to public virtual string GenerateTimeStamp() { // Default implementation of UNIX time of the current UTC time TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0); string timeStamp = ts.TotalSeconds.ToString(); timeStamp = timeStamp.Substring(0, timeStamp.IndexOf(".")); return timeStamp; } maybe its just me, but using this c# library, the timestamp it generates is incorrect. it comes out with . ex (1208643626.611) – if i cut off the .611, then it works. Otherwise I get invalid signature when doing oauth requests (tested here: http://term.ie/oauth/example/) and with the pownce oauth…

I changed GetTimeStamp to

public virtual string GenerateTimeStamp() {
// Default implementation of UNIX time of the current UTC time
TimeSpan ts = DateTime.UtcNow – new DateTime(1970, 1, 1, 0, 0, 0, 0);
string timeStamp = ts.TotalSeconds.ToString();
timeStamp = timeStamp.Substring(0, timeStamp.IndexOf(“.”));
return timeStamp;
}

]]>