tag:blogger.com,1999:blog-5170244003884409637.post5819656547962130897..comments2010-02-22T11:02:44.470-08:00Comments on coder's heaven: AUTHENTICATE oAuth SIGNATURE in C#(orkut Apps)Mukesh Agarwalhttp://www.blogger.com/profile/13624500752975897338noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-5170244003884409637.post-52088717857205228272008-09-23T06:17:00.000-07:002008-09-23T06:17:00.000-07:00I'm the guy who talked to you in e-mail about ...I'm the guy who talked to you in e-mail about the problem in the code.<BR/><BR/>I follow your code but the return of the method verifydata is always false.<BR/>Do you have any idea?<BR/>Thanks for your help.<BR/><BR/>//orkut app code//<BR/><BR/>function makeSignedRequest() {<BR/> var params = {};<BR/> params[gadgets.io.RequestParameters.AUTHORIZATION] = gadgets.io.AuthorizationType.SIGNED;<BR/> var url = "http://mypage.apporkut.com.br/Default.aspx";<BR/> gadgets.io.makeRequest(url, response, params);<BR/>};<BR/><BR/>function init() {<BR/> makeSignedRequest();<BR/>}<BR/><BR/><BR/>//Asp.net C# Code//<BR/><BR/> if (!string.IsNullOrEmpty(Request["oauth_signature"]))<BR/> {<BR/><BR/> string certificateValue = @"-----BEGIN CERTIFICATE-----<BR/> MIIDHDCCAoWgAwIBAgIJAMbTCksqLiWeMA0GCSqGSIb3DQEBBQUAMGgxCzAJBgNV<BR/> BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIG<BR/> A1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlh<BR/> bjAeFw0wODAxMDgxOTE1MjdaFw0wOTAxMDcxOTE1MjdaMGgxCzAJBgNVBAYTAlVT<BR/> MQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChML<BR/> R29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVscnlhbjCBnzAN<BR/> BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAseBXZ4NDhm24nX3sJRiZJhvy9eDZX12G<BR/> j4HWAMmhAcnm2iBgYpAigwhVHtOs+ZIUIdzQHvHeNd0ydc1Jg8e+C+Mlzo38OvaG<BR/> D3qwvzJ0LNn7L80c0XVrvEALdD9zrO+0XSZpTK9PJrl2W59lZlJFUk3pV+jFR8NY<BR/> eB/fto7AVtECAwEAAaOBzTCByjAdBgNVHQ4EFgQUv7TZGZaI+FifzjpTVjtPHSvb<BR/> XqUwgZoGA1UdIwSBkjCBj4AUv7TZGZaI+FifzjpTVjtPHSvbXqWhbKRqMGgxCzAJ<BR/> BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEU<BR/> MBIGA1UEChMLR29vZ2xlIEluYy4xDjAMBgNVBAsTBU9ya3V0MQ4wDAYDVQQDEwVs<BR/> cnlhboIJAMbTCksqLiWeMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA<BR/> CETnhlEnCJVDXoEtSSwUBLP/147sqiu9a4TNqchTHJObwTwDPUMaU6XIs2OTMmFu<BR/> GeIYpkHXzTa9Q6IKlc7Bt2xkSeY3siRWCxvZekMxPvv7YTcnaVlZzHrVfAzqNsTG<BR/> P3J//C0j+8JWg6G+zuo5k7pNRKDY76GxxHPYamdLfwk=<BR/> -----END CERTIFICATE-----";<BR/><BR/> X509Certificate2 cert = new X509Certificate2(Encoding.ASCII.GetBytes(certificateValue), "", X509KeyStorageFlags.MachineKeySet);<BR/> System.Collections.Specialized.NameValueCollection queryString = Request.QueryString;<BR/> string signature = Request["oauth_signature"];<BR/> //Base64Decoder decoder = new Base64Decoder(signature.ToCharArray());<BR/> byte[] sign = Convert.FromBase64String(signature);<BR/><BR/> String urvl, urlNPAM;<BR/><BR/> RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)cert.PublicKey.Key;<BR/> OAuth.OAuthBase asd = new OAuth.OAuthBase();<BR/> string url = Request.Url.ToString();<BR/> foreach (string name in Request.Form)<BR/> url += "&" + name + "=" + Request.Form[name];<BR/> Uri reqURi = new Uri(url);<BR/> string signatureBase = asd.GenerateSignatureBase(reqURi, Request["oauth_consumer_key"], "", "",<BR/> Request.ServerVariables["REQUEST_METHOD"].ToUpper(), Request["oauth_timestamp"],<BR/> Request["oauth_nonce"], Request["oauth_signature_method"], out urvl, out urlNPAM);<BR/> bool rtn = rsa.VerifyData(<BR/> Encoding.ASCII.GetBytes(signatureBase), "SHA1", sign);<BR/> <BR/> Response.Write(rtn);<BR/> }<BR/><BR/><BR/>Thanks a lot man,<BR/><BR/>MarielAnonymoushttps://www.blogger.com/profile/07131724109021299418noreply@blogger.comtag:blogger.com,1999:blog-5170244003884409637.post-83797346290712502402008-08-07T04:57:00.000-07:002008-08-07T04:57:00.000-07:00This Solution specially meant to Authentication o...This Solution specially meant to Authentication of a request which is having data in both url(get), form (post)Mukesh Agarwalhttps://www.blogger.com/profile/13624500752975897338noreply@blogger.com