twitter unauthorized 401 c# oauth/request_token - c#

I have some code here and I am getting and error 401 unauthorized. I have checked the sign in with twitter box.
public async Task get_Oauth_token_TaskAsync()
{
//variables for action
string oauth_nonce;
string oauth_callback;
string oauth_signature_method;
string oauth_timestamp;
string oauth_consumer_key;
string oauth_signature;
string oauth_version;
string req_url;
//set values to variables
var dt = DateTime.Now;
var ticks = dt.Ticks;
var seconds = ticks / TimeSpan.TicksPerSecond;
oauth_timestamp = seconds.ToString();
oauth_callback = "http://www.localhost:55593/TwitterSync.aspx";
oauth_nonce = Convert.ToBase64String(Guid.NewGuid().ToByteArray()).Substring(0, 16).ToString(); //random string
oauth_signature_method = "HMAC-SHA1";
oauth_consumer_key = "xxxx";
oauth_version = "1.0";
req_url = "https://api.twitter.com/oauth/request_token";
oauth_signature = create_auth_Signature_Task(oauth_nonce,oauth_callback,oauth_signature_method,oauth_timestamp,oauth_consumer_key,oauth_version,req_url);
///action
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(req_url);
request.Method = "POST";
request.UserAgent = "themattharris' HTTP Client";
request.Host = "api.twitter.com";
request.Headers.Add(HttpRequestHeader.Authorization, "OAuth oauth_callback = \"" + Uri.EscapeDataString(oauth_callback) + "\"" + ",oauth_consumer_key = \"" + oauth_consumer_key + "\",oauth_nonce = " + "\"" + oauth_nonce + "\", oauth_signature = \"" + oauth_signature + "\", oauth_signature_method = \"HMAC-SHA1\", oauth_timestamp = \"" + oauth_timestamp + "\", oauth_version = \"1.0\"");
WebResponse response = await request.GetResponseAsync();
Stream str = response.GetResponseStream();
StreamReader reader = new StreamReader(str);
dynamic resp = reader.ReadToEndAsync();
}
private string create_auth_Signature_Task(string oauth_nonce, string oauth_callback,
string oauth_signature_method, string oauth_timestamp, string oauth_consumer_key, string oauth_version, string req_url)
{
string oauth_nonce_enc = Uri.EscapeDataString(oauth_nonce);
string oauth_callback_enc = Uri.EscapeDataString(oauth_callback);
string oauth_signature_method_enc = Uri.EscapeDataString(oauth_signature_method);
string oauth_timestamp_enc = Uri.EscapeDataString(oauth_timestamp);
string oauth_consumer_key_enc = Uri.EscapeDataString(oauth_consumer_key);
string oauth_version_enc = Uri.EscapeDataString(oauth_version);
string req_url_enc = Uri.EscapeDataString(req_url);
string secret = "xxxx";
string signature_base = "POST&" + req_url_enc + "&" + Uri.EscapeDataString("oauth_consumer_key=" + oauth_consumer_key_enc + "&oauth_nonce=" + oauth_nonce + "&oauth_signature_method=" + oauth_signature_method_enc + "&oauth_timestamp=" + oauth_timestamp_enc + "&oauth_version=" + oauth_version_enc);
return ShaHash(signature_base, secret);
}
private string ShaHash(string value, string key)
{
using (var hmac = new HMACSHA1(Encoding.UTF32.GetBytes(key)))
{
return ByteToString(hmac.ComputeHash(Encoding.UTF32.GetBytes(value)));
}
}
static string ByteToString(IEnumerable<byte> data)
{
return string.Concat(data.Select(b => b.ToString("x2")));
}
I did everything according to this page . Now I am just lost, any Idea why does it not work?

You are not calculating the oauth_timestamp correctly. This should be calculated as Unix time which is the number of seconds since 00:00:00 UTC on 1 Jan 1970.
int unixTimestamp = (int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;
or using .NET 4.6
long unixTimestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
Also the signing key used for creating the signature should be a concatenation of the percent encoded consumer secret and the percent encoded token secret joined by an ampersand (&). In the case of obtaining a request token the token secret is not yet known so you should just use the consumer secret followed by an ampersand (&).
var signingKey = oauth_consumer_key_enc + "&";
Finally you should return the Base64 encoded string after you have computed your hash so your function becomes:
private string ShaHash(string value, string signingKey)
{
using (var hmac = new HMACSHA1(Encoding.ASCII.GetBytes(signingKey)))
{
return Convert.ToBase64String(hmac.ComputeHash(Encoding.ASCII.GetBytes(value)));
}
}

Related

I am trying to get request token from Twitter api using c#, but getting 400 bad request error

I'm trying to get request token from Twitter oauth/request_token API for the user based further authentication. The code return 400 bad request error. I know there could be a small glitch in the request which I am not able to catch. I have tried to match everything according to the documentation but somewhere something is missing. Any leads would be highly appreciable.
public void get_Oauth_token()
{
string oauth_nonce;
string oauth_callback;
string oauth_signature_method;
string oauth_timestamp;
string oauth_consumer_key;
string oauth_signature;
string oauth_version;
string req_url;
//set values to variables
var dt = DateTime.Now;
var ticks = dt.Ticks;
var seconds = ticks / TimeSpan.TicksPerSecond;
long unixTimestamp = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
oauth_timestamp = unixTimestamp.ToString();
oauth_callback = "http://127.0.0.1:4200/home";
oauth_nonce = Convert.ToBase64String(Guid.NewGuid().ToByteArray()).Substring(0, 16).ToString(); //random string
oauth_signature_method = "HMAC-SHA1";
oauth_consumer_key = "xxxx";
oauth_version = "1.0";
req_url = "https://api.twitter.com/oauth/request_token";
oauth_signature = create_auth_Signature_Task(oauth_nonce, oauth_callback, oauth_signature_method, oauth_timestamp, oauth_consumer_key, oauth_version, req_url);
///action
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(req_url);
request.Method = "POST";
request.UserAgent = "themattharris' HTTP Client";
request.Host = "api.twitter.com";
request.Headers.Add(HttpRequestHeader.Authorization, "OAuth oauth_callback = \"" + Uri.EscapeDataString(oauth_callback) + "\"" + ",oauth_consumer_key = \"" + oauth_consumer_key + "\",oauth_nonce = " + "\"" + oauth_nonce + "\", oauth_signature = \"" + oauth_signature + "\", oauth_signature_method = \"HMAC-SHA1\", oauth_timestamp = \"" + oauth_timestamp + "\", oauth_version = \"1.0\"");
//WebResponse response = await request.GetResponseAsync();
HttpWebResponse response = request.GetResponse() as HttpWebResponse;
Stream str = response.GetResponseStream();
StreamReader reader = new StreamReader(str);
dynamic resp = reader.ReadToEndAsync();
}
private string create_auth_Signature_Task(string oauth_nonce, string oauth_callback,
string oauth_signature_method, string oauth_timestamp, string oauth_consumer_key, string oauth_version, string req_url)
{
string oauth_nonce_enc = Uri.EscapeDataString(oauth_nonce);
string oauth_callback_enc = Uri.EscapeDataString(oauth_callback);
string oauth_signature_method_enc = Uri.EscapeDataString(oauth_signature_method);
string oauth_timestamp_enc = Uri.EscapeDataString(oauth_timestamp);
string oauth_consumer_key_enc = Uri.EscapeDataString(oauth_consumer_key);
string oauth_version_enc = Uri.EscapeDataString(oauth_version);
string req_url_enc = Uri.EscapeDataString(req_url);
string secret = Uri.EscapeDataString("xxxx") + "&";
string signature_base = "POST&" + req_url_enc + "&" + Uri.EscapeDataString("oauth_consumer_key=" + oauth_consumer_key_enc + "&oauth_nonce=" + oauth_nonce + "&oauth_signature_method=" + oauth_signature_method_enc + "&oauth_timestamp=" + oauth_timestamp_enc + "&oauth_version=" + oauth_version_enc);
return ShaHash(signature_base, secret);
}
private string ShaHash(string value, string key)
{
using (var hmac = new HMACSHA1(Encoding.UTF32.GetBytes(key)))
{
return Convert.ToBase64String(hmac.ComputeHash(Encoding.ASCII.GetBytes(value)));//ByteToString(hmac.ComputeHash(Encoding.UTF32.GetBytes(value)));
}
}
instead of HttpWebRequest, you could use HttpClient which support async request.
Try to use this code block
public async void GetToken()
{
var httpClient = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "https://api.twitter.com/oauth2/token");
string oauth_consumer_key = "<consumer key>";
string oauth_consumer_secret = "<consumer secret>";
string url = "https://api.twitter.com/oauth2/token?oauth_consumer_key=" + oauth_consumer_key + "&oauth_consumer_secret=" + oauth_consumer_secret;
var customerInfo = Convert.ToBase64String(new UTF8Encoding()
.GetBytes(oauth_consumer_key + ":" + oauth_consumer_secret));
request.Headers.Add("Authorization", "Basic " + customerInfo);
request.Content = new StringContent("grant_type=client_credentials", Encoding.UTF8,
"application/x-www-form-urlencoded");
HttpResponseMessage response = await httpClient.SendAsync(request);
string json = await response.Content.ReadAsStringAsync();
var serializer = new JavaScriptSerializer();
dynamic item = serializer.Deserialize<object>(json);
}
P.S Keep in mind that instead of creating a new instance of HttpClient for each execution you should share a single instance of HttpClient for the entire lifetime of the application otherwise you may encounter this error
Unable to connect to the remote server
System.Net.Sockets.SocketException: Only one usage of each socket address (protocol/network address/port) is normally permitted.
More about this here
Just use oauth-dotnetcore https://github.com/rhargreaves/oauth-dotnetcore. It would help with creating your Oauth 1.0a authorization headers.
var oauthClient = new OAuthRequest
{
Method = "POST",
Type = OAuthRequestType.RequestToken,
SignatureMethod = OAuthSignatureMethod.HmacSha1,
ConsumerKey = consumerKey,
ConsumerSecret = consumerSecret,
RequestUrl = "https://api.twitter.com/oauth/request_token",
Version = "1.0a",
Realm = "twitter.com",
CallbackUrl = callbackUrl
};
Then you can get the authourization header like this:
string auth = oauthClient.GetAuthorizationHeader();
client.DefaultRequestHeaders.Add("Authorization", auth);
then use whatever client to make the http request.

Unauthorized Access Exception While Using Yahoo Weather API

I have done code to access yahoo weather API with oath by following all steps provided by yahoo in documentation as
1) Create Yahoo account
2) Create App
3) White list App
4) C# code to access yahoo weather API with oath
I am getting Unauthorized access exception while requesting API.
Here is the code :
public class WeatherYdn
{
public static void Main(string[] args)
{
const string appId = "YOUR-WHITELISTED-APPID";
const string consumerKey = "YOUR-CONSUMER-KEY";
const string consumerSecret = "YOUR-SECRET-KEY";
const string url = "https://weather-ydn-yql.media.yahoo.com/forecastrss";
string timestamp = StringHelper.GenerateTimeStamp();
String oauthNonce = StringHelper.GenerateNonce();
IList<string> parameters = new List<string>();
parameters.Add("oauth_consumer_key=" + consumerKey);
parameters.Add("oauth_nonce=" + oauthNonce);
parameters.Add("oauth_signature_method=HMAC-SHA1");
parameters.Add("oauth_timestamp=" + timestamp);
parameters.Add("oauth_version=1.0");
// Make sure value is encoded
parameters.Add("location=" + HttpUtility.UrlEncode("pune,in", Encoding.UTF8));
parameters.Add("format=json");
((List<string>) parameters).Sort();
StringBuilder parametersList = new StringBuilder();
for (int i = 0; i < parameters.Count; i++)
{
parametersList.Append(((i > 0) ? "&" : "") + parameters.ElementAt(i));
}
var signatureString = "GET&" +
HttpUtility.UrlEncode(url,Encoding.UTF8) + "&" +
HttpUtility.UrlEncode(parametersList.ToString(), Encoding.UTF8);
string signature = null;
try
{
string secretAccessKey = consumerSecret;
byte[] secretKey = Encoding.UTF8.GetBytes(secretAccessKey);
HMACSHA1 hmac = new HMACSHA1(secretKey);
hmac.Initialize();
byte[] bytes = Encoding.UTF8.GetBytes(signatureString);
byte[] rawHmac = hmac.ComputeHash(bytes);
signature = Convert.ToBase64String(rawHmac);
}
catch (Exception e)
{
Console.WriteLine("Unable to append signature");
}
string authorizationLine = "OAuth " +
"oauth_consumer_key=\"" + consumerKey + "\", " +
"oauth_nonce=\"" + oauthNonce + "\", " +
"oauth_timestamp=\"" + timestamp + "\", " +
"oauth_signature_method=\"HMAC-SHA1\", " +
"oauth_signature=\"" + signature + "\", " +
"oauth_version=\"1.0\"";
HttpWebRequest request = (HttpWebRequest) WebRequest.Create(url + "?location=pune,in&format=json");
request.Headers.Add("Authorization", authorizationLine);
request.Headers.Add("Yahoo-App-Id", appId);
request.ContentType = "application/json; charset=UTF-8";
request.Accept = "application/json";
HttpWebResponse response = (HttpWebResponse) request.GetResponse();
Stream receiveStream = response.GetResponseStream();
StreamReader readStream = new StreamReader(receiveStream, Encoding.UTF8);
Console.WriteLine(readStream.ReadLine());
}
}
In which line you get the error? The GetResponse() returns it?
I think that the credentials you are using (appId,consumerKey,consumerSecret) are invalid!
public string appId = "Your app-id";
public string consumerKey = "Your-consumer key";
public string consumerSecret = "Your Consumer Secret key";
// GET: api/Random
[HttpGet("{CityName}")]
public async Task<IActionResult> GetAsync([FromUri] string CityName)
{
string urlss = "https://weather-ydn-yql.media.yahoo.com/forecastrss?location=";
string url = urlss + CityName+ "&format=json&u=c";
JObject jresult;
using (var client = new HttpClient())
{
try
{
var webClient = new WebClient();
webClient.Headers.Add(AssembleOAuthHeader());
var d = webClient.DownloadString(url);
jresult = JObject.Parse(d);
var json_jsonstring = Newtonsoft.Json.JsonConvert.SerializeObject(jresult);
return Ok(json_jsonstring);
}
catch (HttpRequestException httpRequestException)
{
return BadRequest($"Error getting weather from Yahoo Weather: {httpRequestException.Message}");
}
}
}
public string AssembleOAuthHeader()
{
return "Authorization: OAuth " +
"realm=\"yahooapis.com\"," +
"oauth_consumer_key=\"" + consumerKey + "\"," +
"oauth_nonce=\"" + Guid.NewGuid() + "\"," +
"oauth_signature_method=\"PLAINTEXT\"," +
"oauth_timestamp=\"" + ((DateTime.UtcNow.Ticks - new DateTime(1970, 1, 1).Ticks) / (1000 * 10000)) +
"\"," +
"oauth_version=\"1.0\"," +
"oauth_signature=\"" + consumerSecret + "%26\"," +
"oauth_callback=\"oob\"";
}
For yahoo weather new authentication you can use this python library
yahoo-weather
I think your code is fine. The problem lies with a poorly implemented URL Decode on Yahoo's end. Java URL Encode encodes with uppercase while .net HTTPUtility.URLEncode encodes in lower case. I created an extension method for a string that will rectify the problem and URL Encode in a way that the Yahoo API can handle. After doing that all worked well (I had the exact same problem you did).
<Extension>
Public Function UppercaseURLEncode(ByVal sourceString As String) As String
Dim temp As Char() = HttpUtility.UrlEncode(sourceString).ToCharArray()
For i As Integer = 0 To temp.Length - 2
If temp(i).ToString().Equals("%", StringComparison.OrdinalIgnoreCase) Then
temp(i + 1) = Char.ToUpper(temp(i + 1))
temp(i + 2) = Char.ToUpper(temp(i + 2))
End If
Next
Return New String(temp)
End Function
//Here Is The Working Code :
public class YWSample
{
const string cURL = "https://weather-ydn-yql.media.yahoo.com/forecastrss";
const string cAppID = "Your-App-ID";
const string cConsumerKey = "Your-Consumer-Key";
const string cConsumerSecret = "Your-Consumer-Secret";
const string cOAuthVersion = "1.0";
const string cOAuthSignMethod = "HMAC-SHA1";
const string cWeatherID = "woeid=727232"; // Amsterdam, The Netherlands
const string cUnitID = "u=c"; // Metric units
const string cFormat = "xml";
//Code to get timestamp
static string _get_timestamp()
{
var lTS = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
return Convert.ToInt64(lTS.TotalSeconds).ToString();
}
//Code to get nonce
static string _get_nonce()
{
return Convert.ToBase64String(
new ASCIIEncoding().GetBytes(
DateTime.Now.Ticks.ToString()
)
);
} // end _get_nonce
static string _get_auth()
{
var lNonce = _get_nonce();
var lTimes = _get_timestamp();
var lCKey = string.Concat(cConsumerSecret, "&");
var lSign = $"format={cFormat}&" + $"oauth_consumer_key={cConsumerKey}&" + $"oauth_nonce={lNonce}&" +
$"oauth_signature_method={cOAuthSignMethod}&" + $"oauth_timestamp={lTimes}&" +
$"oauth_version={cOAuthVersion}&" + $"{cUnitID}&{cWeatherID}";
lSign = string.Concat(
"GET&", Uri.EscapeDataString(cURL), "&", Uri.EscapeDataString(lSign)
);
using (var lHasher = new HMACSHA1(Encoding.ASCII.GetBytes(lCKey)))
{
lSign = Convert.ToBase64String(
lHasher.ComputeHash(Encoding.ASCII.GetBytes(lSign))
);
} // end using
return "OAuth " +
"oauth_consumer_key=\"" + cConsumerKey + "\", " +
"oauth_nonce=\"" + lNonce + "\", " +
"oauth_timestamp=\"" + lTimes + "\", " +
"oauth_signature_method=\"" + cOAuthSignMethod + "\", " +
"oauth_signature=\"" + lSign + "\", " +
"oauth_version=\"" + cOAuthVersion + "\"";
} // end _get_auth
public static void Main(string[] args)
{
const string lURL = cURL + "?" + cWeatherID + "&" + cUnitID + "&format=" + cFormat;
var lClt = new WebClient();
lClt.Headers.Set("Content-Type", "application/" + cFormat);
lClt.Headers.Add("Yahoo-App-Id", cAppID);
lClt.Headers.Add("Authorization", _get_auth());
Console.WriteLine("Downloading Yahoo weather report . . .");
var lDataBuffer = lClt.DownloadData(lURL);
var lOut = Encoding.ASCII.GetString(lDataBuffer);
Console.WriteLine(lOut);
Console.Write("Press any key to continue . . . ");
Console.ReadKey(true);
}//end of Main
} // end YWSample

I want to get email address from twitter api using c#.I have tried it but it throws some exceptions

The following code I have written in C#. Can anyone please help me?
public string Verify_Credentials(string oauthconsumerkey, string oauthconsumersecret, string oauthtoken, string oauthtokensecret)
{
string oauthsignaturemethod = "HMAC-SHA1";
string oauthversion = "1.0";
string oauthnonce = Convert.ToBase64String(new ASCIIEncoding().GetBytes(DateTime.Now.Ticks.ToString()));
TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
string oauthtimestamp = Convert.ToInt64(ts.TotalSeconds).ToString();
SortedDictionary<string, string> basestringParameters = new SortedDictionary<string, string>();
basestringParameters.Add("oauth_version", "1.0");
basestringParameters.Add("oauth_consumer_key", oauthconsumerkey);
basestringParameters.Add("oauth_nonce", oauthnonce);
basestringParameters.Add("oauth_signature_method", "HMAC-SHA1");
basestringParameters.Add("oauth_timestamp", oauthtimestamp);
basestringParameters.Add("oauth_token", oauthtoken);
//GS - Build the signature string
StringBuilder baseString = new StringBuilder();
baseString.Append("GET" + "&");
baseString.Append(EncodeCharacters(Uri.EscapeDataString("https://api.twitter.com/1.1/account/verify_credentials.json") + "&"));
foreach (KeyValuePair<string, string> entry in basestringParameters)
{
baseString.Append(EncodeCharacters(Uri.EscapeDataString(entry.Key + "=" + entry.Value + "&")));
}
//Since the baseString is urlEncoded we have to remove the last 3 chars - %26
string finalBaseString = baseString.ToString().Substring(0, baseString.Length - 3);
//Build the signing key
string signingKey = EncodeCharacters(Uri.EscapeDataString(oauthconsumersecret)) + "&" +
EncodeCharacters(Uri.EscapeDataString(oauthtokensecret));
//Sign the request
HMACSHA1 hasher = new HMACSHA1(new ASCIIEncoding().GetBytes(signingKey));
string oauthsignature = Convert.ToBase64String(hasher.ComputeHash(new ASCIIEncoding().GetBytes(finalBaseString)));
string responseFromServer = string.Empty;
//Tell Twitter we don't do the 100 continue thing
ServicePointManager.Expect100Continue = false;
//authorization header
HttpWebRequest hwr = (HttpWebRequest)WebRequest.Create(
#"https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true");
StringBuilder authorizationHeaderParams = new StringBuilder();
authorizationHeaderParams.Append("OAuth ");
authorizationHeaderParams.Append("include_email=" + "\"" + "true" + "\",");
authorizationHeaderParams.Append("oauth_nonce=" + "\"" + Uri.EscapeDataString(oauthnonce) + "\",");
authorizationHeaderParams.Append("oauth_signature_method=" + "\"" + Uri.EscapeDataString(oauthsignaturemethod) + "\",");
authorizationHeaderParams.Append("oauth_timestamp=" + "\"" + Uri.EscapeDataString(oauthtimestamp) + "\",");
authorizationHeaderParams.Append("oauth_consumer_key=" + "\"" + Uri.EscapeDataString(oauthconsumerkey) + "\",");
if (!string.IsNullOrEmpty(oauthtoken))
authorizationHeaderParams.Append("oauth_token=" + "\"" + Uri.EscapeDataString(oauthtoken) + "\",");
authorizationHeaderParams.Append("oauth_signature=" + "\"" + Uri.EscapeDataString(oauthsignature) + "\",");
authorizationHeaderParams.Append("oauth_version=" + "\"" + Uri.EscapeDataString(oauthversion) + "\"");
hwr.Headers.Add("Authorization", authorizationHeaderParams.ToString());
hwr.Method = "GET";
hwr.ContentType = "application/x-www-form-urlencoded";
//Allow us a reasonable timeout in case Twitter's busy
hwr.Timeout = 3 * 60 * 1000;
try
{
// hwr.Proxy = new WebProxy("enter proxy details/address");
HttpWebResponse rsp = hwr.GetResponse() as HttpWebResponse;
Stream dataStream = rsp.GetResponseStream();
//Open the stream using a StreamReader for easy access.
StreamReader reader = new StreamReader(dataStream);
//Read the content.
responseFromServer = reader.ReadToEnd();
}
catch (Exception ex)
{
}
return responseFromServer;
}
private string EncodeCharacters(string data)
{
//as per OAuth Core 1.0 Characters in the unreserved character set MUST NOT be encoded
//unreserved = ALPHA, DIGIT, '-', '.', '_', '~'
if (data.Contains("!"))
data = data.Replace("!", "%21");
if (data.Contains("'"))
data = data.Replace("'", "%27");
if (data.Contains("("))
data = data.Replace("(", "%28");
if (data.Contains(")"))
data = data.Replace(")", "%29");
if (data.Contains("*"))
data = data.Replace("*", "%2A");
if (data.Contains(","))
data = data.Replace(",", "%2C");
return data;
}
Your App must be whitelisted by Twitter in order to get email from:
https://api.twitter.com/1.1/account/verify_credentials.json
So if you remove ?include_email=true part of the request url you will get a response with some fields and then you can get the screen_name of the user for example.
You can ask to be whitelisted using the form bellow (check > "I need access to special permissions"):
https://support.twitter.com/forms/platform
In my case they granted me access after some few hours...
More info: https://dev.twitter.com/rest/reference/get/account/verify_credentials

Get Yahoo Contact List in C# application

As guidance on https://developer.yahoo.com/oauth/guide/oauth-requesttoken.html, Below are what I did with OAuth to get Yahoo contact list:
Make a GET request to https://api.login.yahoo.com/oauth/v2/get_request_token
to get oauth_token and oauth_token_secret, I successfully get them.
Example url:
OAuthBase oath = new OAuthBase();
string url = "https://api.login.yahoo.com/oauth/v2/get_request_token?" +
"oauth_nonce=" + oath.GenerateNonce() +
"&oauth_timestamp=" + oath.GenerateTimeStamp() +
"&oauth_consumer_key=" + consumerKey+
"&oauth_signature_method=plaintext" +
"&oauth_signature=" + consumerSecret + "%26" + //%26 if plaintext
"&oauth_version=1.0" +
"&oauth_callback=" + "oob";
Using oauth_token of step 1. to make a GET request to https://api.login.yahoo.com/oauth/v2/request_auth?oauth_token={token}, It returned me oauth_verifier
Using paramters of step 1 and 2 to make GET request to https://api.login.yahoo.com/oauth/v2/get_token , it returned me new oauth_token , oauth_token_secret, oauth_session_handle, xoauth_yahoo_guid.
Example url:
string sig = consumerSecret + "%26" + OauthTokenSecret;
string url = "https://api.login.yahoo.com/oauth/v2/get_token?" +
"oauth_consumer_key=" + consumerKey+
"&oauth_signature_method=plaintext" +
"&oauth_signature=" + sig +
"&oauth_timestamp=" + oath.GenerateTimeStamp() +
"&oauth_version=1.0" +
"&oauth_token=" + OAuthToken +
"&oauth_nonce=" + oath.GenerateNonce() +
"&oauth_verifier=" + oauth_verifier;
The final step is to get the contact list:
I make a GET request to https://social.yahooapis.com/v1/user/{xoauth_yahoo_guid}/contacts?format=json
Example
Uri uri = new Uri(url);
string nonce = oath.GenerateNonce();
string timeStamp = oath.GenerateTimeStamp();
string normalizedUrl;
string normalizedRequestParameters;
string sig = oath.GenerateSignature(uri, clientId, clientSecret, yahooToken.OAuthToken,
yahooToken.OauthTokenSecret, "GET", timeStamp, nonce, OAuthBase.SignatureTypes.HMACSHA1,
out normalizedUrl, out normalizedRequestParameters);
Function GenerateSignature:
public string GenerateSignature(Uri url, string consumerKey, string consumerSecret, string token, string tokenSecret, string httpMethod, string timeStamp, string nonce, SignatureTypes signatureType, out string normalizedUrl, out string normalizedRequestParameters)
{
normalizedUrl = null;
normalizedRequestParameters = null;
switch (signatureType)
{
case SignatureTypes.PLAINTEXT:
return HttpUtility.UrlEncode(string.Format("{0}&{1}", consumerSecret, tokenSecret));
case SignatureTypes.HMACSHA1:
string signatureBase = GenerateSignatureBase(url, consumerKey, token, tokenSecret, httpMethod, timeStamp, nonce, HMACSHA1SignatureType, out normalizedUrl, out normalizedRequestParameters);
HMACSHA1 hmacsha1 = new HMACSHA1();
hmacsha1.Key = Encoding.ASCII.GetBytes(string.Format("{0}&{1}", UrlEncode(consumerSecret), string.IsNullOrEmpty(tokenSecret) ? "" : UrlEncode(tokenSecret)));
return GenerateSignatureUsingHash(signatureBase, hmacsha1);
case SignatureTypes.RSASHA1:
throw new NotImplementedException();
default:
throw new ArgumentException("Unknown signature type", "signatureType");
}
}
Make request:
using (var client = new WebClient())
{
string authenHeader = "OAuth " +
"realm=\"yahooapis.com\"" +
",oauth_consumer_key=\"" + consumerKey+ "\"" +
",oauth_nonce=\"" + nonce + "\"" +
",oauth_signature_method=\"HMAC-SHA1\"" +
",oauth_timestamp=\"" + timeStamp + "\"" +
",oauth_token=\"" + OAuthToken + "\"" +
",oauth_version=\"1.0\"" +
",oauth_signature=\"" + HttpUtility.UrlEncode(sig) + "\"";
client.Headers.Set("Authorization", authenHeader);
string responseString = client.DownloadString(url);
}
But Yahoo sends me (401) Unauthorized response, Could you tell me where I'm wrong ?
I realized that I am stuck at the exact same place
System.Net.WebException: The remote server returned an error: (401) Unauthorized. at ..GetEmailContacts() in ...
private ArrayList GetEmailContacts() {
OAuthBase oauth = new OAuthBase();
Uri uri = new Uri("https://social.yahooapis.com/v1/user/" + OauthYahooGuid + "/contacts?format=XML");
string nonce = oauth.GenerateNonce();
string timeStamp = oauth.GenerateTimeStamp();
string normalizedUrl;
string normalizedRequestParameters;
string sig = oauth.GenerateSignature(uri, this.sConsumerKey, this.sConsumerSecret, OauthToken, OauthTokenSecret, "GET", timeStamp, nonce, OAuthBase.SignatureTypes.HMACSHA1, out normalizedUrl, out normalizedRequestParameters);
StringBuilder sbGetContacts = new StringBuilder(uri.ToString());
try {
string returnStr = string.Empty;
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(sbGetContacts.ToString());
req.Accept = "application/xml";
req.Method = "GET";
ArrayList emails = new ArrayList();
string authHeader = "Authorization: OAuth " +
"realm=\"yahooapis.com\"" +
",oauth_consumer_key=\"" + this.sConsumerKey + "\"" +
",oauth_nonce=\"" + nonce + "\"" +
",oauth_signature_method=\"HMAC-SHA1\"" +
",oauth_timestamp=\"" + timeStamp + "\"" +
",oauth_token=\"" + OauthToken + "\"" +
",oauth_version=\"1.0\"" +
",oauth_signature=\"" + HttpUtility.UrlEncode(sig) + "\"";
req.Headers.Add(authHeader);
using (HttpWebResponse res = (HttpWebResponse)req.GetResponse()) {
:/ sighz
SO I found the issue. Ive changed the content format from XML to JSON
changed the following:
private ArrayList GetEmailContacts() {
OAuthBase oauth = new OAuthBase();
Uri uri = new Uri("https://social.yahooapis.com/v1/user/" + OauthYahooGuid + "/contacts?format=json");
string nonce = oauth.GenerateNonce();
string timeStamp = oauth.GenerateTimeStamp();
string normalizedUrl;
string normalizedRequestParameters;
string sig = oauth.GenerateSignature(uri, this.sConsumerKey, this.sConsumerSecret, OauthToken, OauthTokenSecret, "GET", timeStamp, nonce, OAuthBase.SignatureTypes.HMACSHA1, out normalizedUrl, out normalizedRequestParameters);
StringBuilder sbGetContacts = new StringBuilder(uri.ToString());
try {
string returnStr = string.Empty;
HttpWebRequest req = (HttpWebRequest)WebRequest.Create(sbGetContacts.ToString());
req.Accept = "application/json";
req.ContentType = "application/json";
req.Method = "GET";
ArrayList emails = new ArrayList();
string authHeader = "Authorization: OAuth " +
"realm=\"yahooapis.com\"" +
",oauth_consumer_key=\"" + this.sConsumerKey + "\"" +
",oauth_nonce=\"" + nonce + "\"" +
",oauth_signature_method=\"HMAC-SHA1\"" +
",oauth_timestamp=\"" + timeStamp + "\"" +
",oauth_token=\"" + OauthToken + "\"" +
",oauth_version=\"1.0\"" +
",oauth_signature=\"" + HttpUtility.UrlEncode(sig) + "\"";
req.Headers.Add(authHeader);
using (HttpWebResponse res = (HttpWebResponse)req.GetResponse()) {
When I made that change it suddenly returned the emails and no more 406 error code.
I hope that this helps someone.. no idea as to why xml stopped working.

Twitter streaming api return unauthorized when comma (,) is passed in url and parameters

I am using c# code to use api, it works fine when I don't add comma(,) but with comma it return unauthorized, Is there any issue with encoding of comma?
url
https://stream.twitter.com/1.1/statuses/filter.json?track=twitter&locations=-122.75,36.8,-121.75,37.8
header parameter
basestringParameters.Add("track", "twitter");
basestringParameters.Add("locations", "-122.75,36.8,-121.75,37.8");
my base String
GET&https%3A%2F%2Fstream.twitter.com%2F1.1%2Fstatuses%2Ffilter.json&locations%3D-122.75%2C36.8%2C-121.75%2C37.8%26oauth_consumer_key%3DxtOm0eNd8pm7hv643YqjZKhjH%26oauth_nonce%3DNjM1NjgxMzQ2Nzk5MjAwOTc0%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1432519880%26oauth_token%3D603356335-N3LRAKyYobdbNB4PeMaQkjNsiHvEEcX9DKHiC93Q%26oauth_version%3D1.0%26track%3Dtwitter
authorization header
OAuthoauth_nonce="NjM1NjgxMzQ2Nzk5MjAwOTc0",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1432519880",oauth_consumer_key="xtOm0eNd8pm7hv643YqjZKhjH",oauth_token="603356335-N3LRAKyYobdbNB4PeMaQkjNsiHvEEcX9DKHiC93Q",oauth_signature="vYeOXGxuFRMiP%2BThEtFwHVG8Jvo%3D",oauth_version="1.0"
Complete code
string oauthconsumerkey = "xxxxxx";
string oauthconsumersecret = "xxxxx";
string oauthtoken = "xxxxx";
string oauthtokensecret = "xxxxx";
public void Search()
{
string url = "https://stream.twitter.com/1.1/statuses/filter.json?track=twitter";
string oauthsignaturemethod = "HMAC-SHA1";
string oauthversion = "1.0";
string oauthnonce = Convert.ToBase64String(
new ASCIIEncoding().GetBytes(DateTime.Now.Ticks.ToString()));
TimeSpan timeSpan = DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
string oauthtimestamp = Convert.ToInt64(timeSpan.TotalSeconds).ToString();
SortedDictionary<string, string> basestringParameters = new SortedDictionary<string, string>();
basestringParameters.Add("track", "twitter");
//basestringParameters.Add("locations", "-122.75,36.8,-121.75,37.8");
basestringParameters.Add("oauth_version", oauthversion);
basestringParameters.Add("oauth_consumer_key", oauthconsumerkey);
basestringParameters.Add("oauth_nonce", oauthnonce);
basestringParameters.Add("oauth_signature_method", oauthsignaturemethod);
basestringParameters.Add("oauth_timestamp", oauthtimestamp);
basestringParameters.Add("oauth_token", oauthtoken);
//Build the signature string
StringBuilder baseString = new StringBuilder();
baseString.Append("GET" + "&");
baseString.Append(EncodeCharacters(Uri.EscapeDataString(url.Split('?')[0]) + "&"));
foreach (KeyValuePair<string, string> entry in basestringParameters)
{
baseString.Append(EncodeCharacters(Uri.EscapeDataString(entry.Key + "=" + entry.Value + "&")));
}
//Remove the trailing ambersand char last 3 chars - %26
string finalBaseString = baseString.ToString().Substring(0, baseString.Length - 3);
//Build the signing key
string signingKey = EncodeCharacters(Uri.EscapeDataString(oauthconsumersecret)) + "&" +
EncodeCharacters(Uri.EscapeDataString(oauthtokensecret));
//Sign the request
HMACSHA1 hasher = new HMACSHA1(new ASCIIEncoding().GetBytes(signingKey));
string oauthsignature = Convert.ToBase64String(
hasher.ComputeHash(new ASCIIEncoding().GetBytes(finalBaseString)));
//Tell Twitter we don't do the 100 continue thing
ServicePointManager.Expect100Continue = false;
//authorization header
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(EncodeCharacters(url));
StringBuilder authorizationHeaderParams = new StringBuilder();
authorizationHeaderParams.Append("OAuth ");
authorizationHeaderParams.Append("oauth_nonce=" + "\"" + Uri.EscapeDataString(oauthnonce) + "\",");
authorizationHeaderParams.Append("oauth_signature_method=" + "\"" + Uri.EscapeDataString(oauthsignaturemethod) + "\",");
authorizationHeaderParams.Append("oauth_timestamp=" + "\"" + Uri.EscapeDataString(oauthtimestamp) + "\",");
authorizationHeaderParams.Append("oauth_consumer_key=" + "\"" + Uri.EscapeDataString(oauthconsumerkey) + "\",");
if (!string.IsNullOrEmpty(oauthtoken))
authorizationHeaderParams.Append("oauth_token=" + "\"" + Uri.EscapeDataString(oauthtoken) + "\",");
authorizationHeaderParams.Append("oauth_signature=" + "\"" + Uri.EscapeDataString(oauthsignature) + "\",");
authorizationHeaderParams.Append("oauth_version=" + "\"" + Uri.EscapeDataString(oauthversion) + "\"");
webRequest.Headers.Add("Authorization", authorizationHeaderParams.ToString());
webRequest.Method = "GET";
webRequest.ContentType = "application/x-www-form-urlencoded";
//Allow us a reasonable timeout in case Twitter's busy
webRequest.Timeout = 3 * 60 * 1000;
try
{
//Proxy settings
//webRequest.Proxy = new WebProxy("enter proxy details/address");
HttpWebResponse webResponse = webRequest.GetResponse() as HttpWebResponse;
Stream dataStream = webResponse.GetResponseStream();
// Open the stream using a StreamReader for easy access.
StreamReader reader = new StreamReader(dataStream);
// Read the content.
string responseFromServer = "";
String s;
Console.WriteLine("output start");
while ((s = reader.ReadLine()) != null)
{
Debug.Write(s);
responseFromServer += s;
}
Console.WriteLine("output over");
ViewBag.Result += responseFromServer + "<br/>";
}
catch (Exception ex)
{
ViewBag.Result = ex.ToString();
}
}
private string EncodeCharacters(string data)
{
//as per OAuth Core 1.0 Characters in the unreserved character set MUST NOT be encoded
//unreserved = ALPHA, DIGIT, '-', '.', '_', '~'
if (data.Contains("!"))
data = data.Replace("!", "%21");
if (data.Contains("'"))
data = data.Replace("'", "%27");
if (data.Contains("("))
data = data.Replace("(", "%28");
if (data.Contains(")"))
data = data.Replace(")", "%29");
if (data.Contains("*"))
data = data.Replace("*", "%2A");
if (data.Contains(","))
data = data.Replace(",", "%2C");
return data;
}
Thanks!
Try to replace comma "," with "%2C"

Categories

Resources