---
title: "OAuth C# (very) Basic Library"
description: "<p>I know it took me a while (sorry) but I had a couple things on my plate.</p>
<p>At first I wanted to release a more complete integration of <a href="http://oauth.net">OAuth</a> within ASP.NET, but that will have to wait to the next time frame I can allocate to work on this.</p>
<p>In the meantime, there is some <a href="http://oauth.googlecode.com/svn/code/csharp/">basic C# code</a> in the <a href="http://oauth.net/code/">OAuth code repository</a> which generates the OAuth signature, which is the most complicated thing to implement in the spec (not that it’s that difficult to implement :-) It’s actually quite easy).</p>"
doc_version: "1"
last_updated: "2018-07-11"
date: 2007-10-17
tags: [.NET, ASP.NET, Authentication, CSharp, Code, csharp, delegation, OAuth]
canonical: "https://eran.sandler.co.il/2007/10/17/oauth-c-very-basic-library/"
---

## Sitemap

- [Home](https://eran.sandler.co.il/)

I know it took me a while (sorry) but I had a couple things on my plate.

At first I wanted to release a more complete integration of [OAuth][1] within ASP.NET, but that will have to wait to the next time frame I can allocate to work on this.

In the meantime, there is some [basic C# code][2] in the [OAuth code repository][3] which generates the OAuth signature, which is the most complicated thing to implement in the spec (not that it&#8217;s that difficult to implement :-) It&#8217;s actually quite easy).

To use the C# code, simply do this (based on the samples in the spec):

> using OAuth;
>
> OAuthBase oauth = new OAuthBase();
>
> Uri url = new Uri(&#8220;http://photos.example.net/photos?file=vacation.jpg&size=original&#8221;);
>
> string signature = oauth.GenerateSignature(url, &#8220;dpf43f3p2l4k3l03&#8221;, &#8220;kd94hf93k423kf44&#8221;, &#8220;nnch734d00sl2jdk&#8221;, &#8220;pfkkdhi9sl3r4s00&#8221;, &#8220;GET&#8221;, oauth.GenerateTimeStamp(), oauth.GenerateNonce(), OAuthBase.SignatureTypes.HMACSHA1);

After that you can concatenate the relevant query parameters as well as the signature value to the URL and use it.

If you have a different timestamp and/or nonce generation method, you can inherit and override these methods.

If you require a different hashing algorithm other than the default HMAC-SHA1 or the PLAINTEXT (which MUST be used with a secure communication channel such as HTTPS) you can use the &#8220;GenerateSignatureBase&#8221; method to generate the signature base string and then call &#8220;GenerateSignatureUsingHash&#8221; passing the signature base and the hash algorithm you are using.

That&#8217;s about it. I&#8217;ll update when I&#8217;ll have some more integrative code.

 [1]: http://oauth.net
 [2]: http://oauth.googlecode.com/svn/code/csharp/
 [3]: http://oauth.net/code/