Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

fix for #271 Invalid OAuth1 signature for GET request

  • Loading branch information...
commit 4929b9ac3b1d95d358c27f43db371faf4fcce2f1 1 parent 0afda7d
@devatwork devatwork authored
View
28 RestSharp.IntegrationTests/oAuth1Tests.cs
@@ -261,5 +261,33 @@ public void Can_Retrieve_Member_Profile_Field_Field_Selector_From_LinkedIN()
Assert.NotNull( response.Data.FirstName );
Assert.NotNull( response.Data.LastName );
}
+
+ [Fact( Skip = "Provide your own consumer key/secret before running" )]
+ public void Can_Query_Vimeo()
+ {
+ const string consumerKey = "TODO_CONSUMER_KEY_HERE";
+ const string consumerSecret = "TODO_CONSUMER_SECRET_HERE";
+
+ // arrange
+ var client = new RestClient {
+ BaseUrl = "http://vimeo.com/api/rest/v2",
+ Authenticator = OAuth1Authenticator.ForRequestToken( consumerKey, consumerSecret )
+ };
+ var request = new RestRequest();
+ request.AddParameter( "format", "json" );
+ request.AddParameter( "method", "vimeo.videos.search" );
+ request.AddParameter( "query", "weather" );
+ request.AddParameter( "full_response", 1 );
+
+ // act
+ var response = client.Execute( request );
+
+ // assert
+ Assert.NotNull( response );
+ Assert.Equal( HttpStatusCode.OK, response.StatusCode );
+ Assert.NotNull( response.Content );
+ Assert.False( response.Content.Contains( "\"stat\":\"fail\"" ) );
+ Assert.True( response.Content.Contains( "\"stat\":\"ok\"" ) );
+ }
}
}
View
14 RestSharp/Authenticators/OAuth1Authenticator.cs
@@ -15,6 +15,7 @@
namespace RestSharp.Authenticators
{
+ /// <seealso href="http://tools.ietf.org/html/rfc5849"/>
public class OAuth1Authenticator : IAuthenticator
{
public virtual string Realm { get; set; }
@@ -156,13 +157,14 @@ private void AddOAuthData(IRestClient client, IRestRequest request, OAuthWorkflo
var parameters = new WebParameterCollection();
- // for non-GET style requests make sure params are part of oauth signature
- if (request.Method != Method.GET && request.Method != Method.DELETE)
+ // include all GET and POST parameters before generating the signature
+ // according to the RFC 5849 - The OAuth 1.0 Protocol
+ // http://tools.ietf.org/html/rfc5849#section-3.4.1
+ // if this change causes trouble we need to introduce a flag indicating the specific OAuth implementation level,
+ // or implement a seperate class for each OAuth version
+ foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost))
{
- foreach (var p in request.Parameters.Where(p => p.Type == ParameterType.GetOrPost))
- {
- parameters.Add(new WebPair(p.Name, p.Value.ToString()));
- }
+ parameters.Add(new WebPair(p.Name, p.Value.ToString()));
}
switch (Type)
Please sign in to comment.
Something went wrong with that request. Please try again.