The DevDefined.OAuth project is a library for creating both OAuth consumers and providers on the .Net Framework. It currently targets the .Net Framework 3.5 and above, and is written in C#.
The definition (from wikipedia) is:
OAuth is an open protocol that allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their username and password.
OAuth provides a standardised way to handle delegated Authentication through a series of exchanges, called an authentication flow:
The DevDefined.OAuth library currently supports building consumers (clients) and providers (servers) for both OAuth 1.0 and 1.0a.
The library is designed to be used in both web applications and thick client apps.
X509Certificate2 certificate = TestCertificates.OAuthTestCertificate();
string requestUrl = "https://www.google.com/accounts/OAuthGetRequestToken";
string userAuthorizeUrl = "https://www.google.com/accounts/accounts/OAuthAuthorizeToken";
string accessUrl = "https://www.google.com/accounts/OAuthGetAccessToken";
string callBackUrl = "http://www.mysite.com/callback";
var consumerContext = new OAuthConsumerContext
{
ConsumerKey = "weitu.googlepages.com",
SignatureMethod = SignatureMethod.RsaSha1,
Key = certificate.PrivateKey
};
var session = new OAuthSession(consumerContext, requestUrl, userAuthorizeUrl, accessUrl)
.WithQueryParameters(new { scope = "http://www.google.com/m8/feeds" });
// get a request token from the provider
IToken requestToken = session.GetRequestToken();
// generate a user authorize url for this token (which you can use in a redirect from the current site)
string authorizationLink = session.GetUserAuthorizationUrlForToken(requestToken, callBackUrl);
// exchange a request token for an access token
IToken accessToken = session.ExchangeRequestTokenForAccessToken(requestToken);
// make a request for a protected resource
string responseText = session.Request().Get().ForUrl("http://www.google.com/m8/feeds/contacts/default/base").ToString();
OAuth Resources
DevDefined OAuth Resources
- OAuth page on googlecode (where the code used to be hosted)
- Posts about OAuth / DevDefined.OAuth on the original authors blog (bittercoder)
Blogs
- Example of using DevDefined.OAuth with Powershell
- Owen's look into ASP.Net MVC and OAuth
- Example of an OAuth Channel for use with WCF services
- Xero's API Guides (feature DevDefined.OAuth examples)
Forks
- Owen @ Xero's fork of DevDefined.OAuth - with support ASP.Net MVC
- Xero's fork of DevDefined.OAuth - as used in their API examples
You can download releases from the google code site.