Skip to content

Commit

Permalink
Merge pull request restsharp#750 from amccarter/master
Browse files Browse the repository at this point in the history 
Added HMAC-SHA256 as a signature method to OAUTH1
  • Loading branch information
@hallem
hallem committed Apr 26, 2016
2 parents ddbdde5 + d120f6e commit 7971b03
Show file tree
Hide file tree
Showing 5 changed files with 48 additions and 11 deletions.
24 changes: 23 additions & 1 deletion RestSharp.Tests/OAuthTests.cs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
using System.Globalization;
using System;
using System.Globalization;
using System.Threading;
using NUnit.Framework;
using RestSharp.Authenticators.OAuth;
Expand Down Expand Up @@ -42,5 +43,26 @@ public void PercentEncode_Encodes_Correctly(string value, string expected)

Assert.AreEqual(expected, actual);
}

[Test]
[TestCase("The quick brown fox jumps over the lazy dog", "rVL90tHhGt0eQ0TCITY74nVL22P%2FltlWS7WvJXpECPs%3D")]
[TestCase("The quick\tbrown\nfox\rjumps\r\nover\t\tthe\n\nlazy\r\n\r\ndog", "C%2B2RY0Hna6VrfK1crCkU%2FV1e0ECoxoDh41iOOdmEMx8%3D")]
[TestCase("", "%2BnkCwZfv%2FQVmBbNZsPKbBT3kAg3JtVn3f3YMBtV83L8%3D")]
[TestCase(" !\"#$%&'()*+,", "xcTgWGBVZaw%2Bilg6kjWAGt%2FhCcsVBMMe1CcDEnxnh8Y%3D")]
public void HmacSha256_Hashes_Correctly(string value, string expected)
{
string consumerSecret = "12345678";
string actual = OAuthTools.GetSignature(OAuthSignatureMethod.HmacSha256, value, consumerSecret);

Assert.AreEqual(expected, actual);
}

[Test]
[ExpectedException(typeof(ArgumentNullException))]
public void HmacSha256_Does_Not_Accept_Nulls()
{
string consumerSecret = "12345678";
string actual = OAuthTools.GetSignature(OAuthSignatureMethod.HmacSha256, null, consumerSecret);
}
}
}
5 changes: 4 additions & 1 deletion RestSharp/Authenticators/OAuth/Extensions/OAuthExtensions.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ public static string ToRequestValue(this OAuthSignatureMethod signatureMethod)
{
string value = signatureMethod.ToString()
.ToUpper();
int shaIndex = value.IndexOf("SHA1");
int shaIndex = value.IndexOf("SHA");

return shaIndex > -1
? value.Insert(shaIndex, "-")
Expand All @@ -30,6 +30,9 @@ public static OAuthSignatureMethod FromRequestValue(this string signatureMethod)
case "HMAC-SHA1":
return OAuthSignatureMethod.HmacSha1;

case "HMAC-SHA256":
return OAuthSignatureMethod.HmacSha256;

case "RSA-SHA1":
return OAuthSignatureMethod.RsaSha1;

Expand Down
1 change: 1 addition & 0 deletions RestSharp/Authenticators/OAuth/OAuthSignatureMethod.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ namespace RestSharp.Authenticators.OAuth
public enum OAuthSignatureMethod
{
HmacSha1,
HmacSha256,
PlainText,
RsaSha1
}
Expand Down
13 changes: 12 additions & 1 deletion RestSharp/Authenticators/OAuth/OAuthTools.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -351,6 +351,17 @@ public static string GetSignature(OAuthSignatureMethod signatureMethod, OAuthSig
break;
}

case OAuthSignatureMethod.HmacSha256:
{
HMACSHA256 crypto = new HMACSHA256();
string key = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);

crypto.Key = encoding.GetBytes(key);
signature = signatureBase.HashWith(crypto);

break;
}

case OAuthSignatureMethod.PlainText:
{
signature = "{0}&{1}".FormatWith(consumerSecret, tokenSecret);
Expand All @@ -359,7 +370,7 @@ public static string GetSignature(OAuthSignatureMethod signatureMethod, OAuthSig
}

default:
throw new NotImplementedException("Only HMAC-SHA1 is currently supported.");
throw new NotImplementedException("Only HMAC-SHA1 and HMAC-SHA256 are currently supported.");
}

string result = signatureTreatment == OAuthSignatureTreatment.Escaped
Expand Down
16 changes: 8 additions & 8 deletions RestSharp/Authenticators/OAuth1Authenticator.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,12 +72,12 @@ public class OAuth1Authenticator : IAuthenticator

internal virtual string ClientPassword { get; set; }

public static OAuth1Authenticator ForRequestToken(string consumerKey, string consumerSecret)
public static OAuth1Authenticator ForRequestToken(string consumerKey, string consumerSecret, OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1)
{
OAuth1Authenticator authenticator = new OAuth1Authenticator
{
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = OAuthSignatureMethod.HmacSha1,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Expand All @@ -97,12 +97,12 @@ public static OAuth1Authenticator ForRequestToken(string consumerKey, string con
}

public static OAuth1Authenticator ForAccessToken(string consumerKey, string consumerSecret, string token,
string tokenSecret)
string tokenSecret, OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1)
{
OAuth1Authenticator authenticator = new OAuth1Authenticator
{
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = OAuthSignatureMethod.HmacSha1,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Expand Down Expand Up @@ -146,12 +146,12 @@ public static OAuth1Authenticator ForAccessTokenRefresh(string consumerKey, stri
}

public static OAuth1Authenticator ForClientAuthentication(string consumerKey, string consumerSecret,
string username, string password)
string username, string password, OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1)
{
OAuth1Authenticator authenticator = new OAuth1Authenticator
{
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = OAuthSignatureMethod.HmacSha1,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Expand All @@ -164,13 +164,13 @@ public static OAuth1Authenticator ForClientAuthentication(string consumerKey, st
}

public static OAuth1Authenticator ForProtectedResource(string consumerKey, string consumerSecret,
string accessToken, string accessTokenSecret)
string accessToken, string accessTokenSecret, OAuthSignatureMethod signatureMethod = OAuthSignatureMethod.HmacSha1)
{
OAuth1Authenticator authenticator = new OAuth1Authenticator
{
Type = OAuthType.ProtectedResource,
ParameterHandling = OAuthParameterHandling.HttpAuthorizationHeader,
SignatureMethod = OAuthSignatureMethod.HmacSha1,
SignatureMethod = signatureMethod,
SignatureTreatment = OAuthSignatureTreatment.Escaped,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
Expand Down

0 comments on commit 7971b03

Please sign in to comment.