1

For a project I am trying to create a consumer role that does not utilise tokens.

I have managed to create the required details in the code-behind:

        string outUrl = "";
    string querystring = "";

    string consumerKey = "";
    string consumerSecret = "";
    Uri uri = new Uri("");

    oAuthBase2 oAuth = new oAuthBase2();
    string nonce = oAuth.GenerateNonce();
    string timeStamp = oAuth.GenerateTimeStamp();

    string sig = oAuth.GenerateSignature(uri, consumerKey, consumerSecret, string.Empty, string.Empty,
        "POST", timeStamp, nonce, oAuthBase2.SignatureTypes.HMACSHA1, out outUrl,
        out querystring);

Where do I go from here?

user1367729
  • 33
  • 2
  • 6
  • 1
    Why are you trying *not* to use Tokens? Tokens are the only way relate who the request is from on subsequent handshakes. – George Stocker May 01 '12 at 13:41
  • OK, I am starting to build up an understanding. Basically, I am trying to utilise a 2 legged oauth approach using devdefined oauth like this post [link](http://stackoverflow.com/questions/3032873/has-anybody-implemented-2-legged-oauth-using-dnoa) but the data needs to include a userID with the data to be signed. For the life of me cannot work out how to sign it with the extra parameter – user1367729 May 03 '12 at 10:00
  • DNOA allows you to put things in the `ExtraData[]` parameter. I don't know whether DevDefined does or not. Why are you constrained to DevDefined? – George Stocker May 03 '12 at 10:29
  • because on utilisation the user is redirected to the external source and their demands as per LTI standards. – user1367729 May 03 '12 at 12:33
  • So their site says you *must* use a specific OAuth Library? Mind. Blown. – George Stocker May 03 '12 at 14:25

2 Answers2

3

Your first stop should be the OAuth specification. It explains exactly what each step is for. If you want an OAuth example using DotNetOpenAuth (easily the most complete OAuth library for .NET), I've included one here.

The DotNetOpenAuth source code also contains examples for connecting to Facebook, Twitter, and Google.

Community
  • 1
  • 1
George Stocker
  • 57,289
  • 29
  • 176
  • 237
2

DOtNetOpenAuth is overly complicated and does not help a beginner to understand the OAuth dialog. For a small project using OAuth on the client side, let me suggest RestSharp which is simple, not the best, but at least you know what you're doing. Here is a sample of code to get you started. I hope this helps !

Lewis
  • 84
  • 9