Fixed HTTP POST OAuth 1.0

Author: fubar-coder

RestSharp.Portable.Core/UrlEscapeUtility.cs

@@ -25,7 +25,7 @@ internal class UrlEscapeUtility
             { UrlEscapeFlags.AllowAllUnreserved, new HashSet<byte>(UrlUtility.Unreserved) },
             { UrlEscapeFlags.AllowLikeUrlEncode, new HashSet<byte>(UrlUtility.AlphaNum.Union(Encoding.UTF8.GetBytes("-_.!*()"))) },
             { UrlEscapeFlags.AllowLikeEscapeUriString, new HashSet<byte>(UrlUtility.Unreserved.Union(Encoding.UTF8.GetBytes(":&/?+#=$,;@[]"))) },
-            { UrlEscapeFlags.AllowLikeWebRequest, new HashSet<byte>(UrlUtility.AlphaNum.Union(Encoding.UTF8.GetBytes("-_.~")).Union(Encoding.UTF8.GetBytes(":"))) },
+            { UrlEscapeFlags.AllowLikeWebRequest, new HashSet<byte>(UrlUtility.AlphaNum.Union(Encoding.UTF8.GetBytes("-_.~:"))) },
         };
 
         private static readonly Dictionary<UrlEscapeFlags, EscapeBuilderDelegate> s_escapeBuilders = new Dictionary<UrlEscapeFlags, EscapeBuilderDelegate>

RestSharp.Portable.OAuth/OAuth/OAuthTools.cs

@@ -134,7 +134,7 @@ public static string UrlEncodeRelaxed(string value)
         public static string UrlEncodeStrict(string value)
         {
             // [JD]: We need to escape the apostrophe as well or the signature will fail
-            return _escapeUtility.Escape(value, _encoding, UrlEscapeFlags.AllowAllUnreserved);
+            return _escapeUtility.Escape(value, _encoding, UrlEscapeFlags.Default);
         }
 
         /// <summary>

RestSharp.Portable.OAuth1.Tests/App.config

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+  <appSettings>
+    <add key="tumblr-consumer-id"     value="" />
+    <add key="tumblr-consumer-secret" value="" />
+    <add key="tumblr-access-token"    value="" />
+    <add key="tumblr-access-secret"   value="" />
+    <add key="tumblr-blog-hostname"   value="" />
+  </appSettings>
+  <system.net>
+    <settings>
+      <httpWebRequest useUnsafeHeaderParsing="true" />
+    </settings>
+  </system.net>
+</configuration>

RestSharp.Portable.OAuth1.Tests/AuthenticatorTests.cs

@@ -1,4 +1,5 @@
 using System;
+using System.Configuration;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
@@ -7,6 +8,7 @@
 using RestSharp.Portable.Authenticators.OAuth;
 
 using Xunit;
+using RestSharp.Portable.WebRequest;
 
 namespace RestSharp.Portable.OAuth1.Tests
 {
@@ -72,6 +74,41 @@ public async Task ProtectedResourceQuerySimpleUtf8()
             Assert.Equal("OAuth oauth_consumer_key=\"consumer-key\",oauth_nonce=\"abcdefghijklmnop\",oauth_signature=\"SIDMGnDWsGNw8XKV9WrrdAgynSE%3D\",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=\"1446981133\",oauth_token=\"access-token\",oauth_version=\"1.0\"", (string)header.Value);
         }
 
+        [Theory]
+        [InlineData(":/#&?")]
+        [InlineData("-_.~'")]
+        [InlineData("!*()")]
+        [InlineData("=,;$@{}[]")]
+        public async Task TestTumblr(string text)
+        {
+            var consumerId = ConfigurationManager.AppSettings["tumblr-consumer-id"];
+            var consumerSecret = ConfigurationManager.AppSettings["tumblr-consumer-secret"];
+            var accessToken = ConfigurationManager.AppSettings["tumblr-access-token"];
+            var accessSecret = ConfigurationManager.AppSettings["tumblr-access-secret"];
+            var hostName = ConfigurationManager.AppSettings["tumblr-blog-hostname"];
+
+            if (string.IsNullOrEmpty(consumerId)
+                || string.IsNullOrEmpty(consumerSecret)
+                || string.IsNullOrEmpty(accessToken)
+                || string.IsNullOrEmpty(accessSecret)
+                || string.IsNullOrEmpty(hostName))
+                return;
+
+            using (var client = new RestClient("https://api.tumblr.com/")
+            {
+                Authenticator = OAuth1Authenticator.ForProtectedResource(consumerId, consumerSecret, accessToken, accessSecret),
+            })
+            {
+                var request = new RestRequest("v2/blog/{hostName}/post", Method.POST);
+                request.AddUrlSegment("hostName", hostName);
+                request.AddParameter("type", "text");
+                request.AddParameter("body", text);
+
+                var response = await client.Execute(request);
+                Assert.NotNull(response);
+            }
+        }
+
         private static long ToUnixTime(DateTime dateTime)
         {
             var timeSpan = (dateTime - new DateTime(1970, 1, 1));

RestSharp.Portable.OAuth1.Tests/RestSharp.Portable.OAuth1.Tests.csproj

@@ -44,6 +44,7 @@
       <Private>True</Private>
     </Reference>
     <Reference Include="System" />
+    <Reference Include="System.Configuration" />
     <Reference Include="System.Core" />
     <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Data.DataSetExtensions" />
@@ -75,6 +76,7 @@
     <None Include="..\RestSharp.Portable.snk">
       <Link>RestSharp.Portable.snk</Link>
     </None>
+    <None Include="App.config" />
     <None Include="packages.config" />
   </ItemGroup>
   <ItemGroup>
@@ -86,6 +88,10 @@
       <Project>{3B4CABA1-B3C6-40DD-99E2-4BCE7C35382F}</Project>
       <Name>RestSharp.Portable.OAuth.NET45</Name>
     </ProjectReference>
+    <ProjectReference Include="..\RestSharp.Portable.WebRequest.NET45\RestSharp.Portable.WebRequest.NET45.csproj">
+      <Project>{d9e54193-ce87-4a25-906c-1916bd6d0f5b}</Project>
+      <Name>RestSharp.Portable.WebRequest.NET45</Name>
+    </ProjectReference>
   </ItemGroup>
   <ItemGroup>
     <Service Include="{82A7F48D-3B50-4B1E-B82E-3ADA8210C358}" />

RestSharp.Portable.Test/AuthenticationTests.cs

@@ -1,4 +1,5 @@
 using System;
+using System.Configuration;
 using System.Diagnostics;
 using System.IO;
 using System.Linq;
@@ -174,97 +175,98 @@ public async Task TestOAuth10_PlainText(Type factoryType)
 
         private async Task TestOAuth10(IHttpClientFactory httpClientFactory, ISignatureProvider signatureProvider)
         {
-            var client = new RestClient("http://oauthbin.com/v1/")
+            using (var client = new RestClient("http://oauthbin.com/v1/")
             {
                 HttpClientFactory = httpClientFactory,
-            };
-
-            var consumerKey = "key";
-            var consumerSecret = "secret";
-
-            var authenticator = OAuth1Authenticator.ForRequestToken(consumerKey, consumerSecret, "http://localhost/test");
-            authenticator.SignatureProvider = signatureProvider;
-            client.Authenticator = authenticator;
-
-            string requestToken, requestTokenSecret;
-
-            {
-                var request = new RestRequest("request-token");
-                var response = await client.Execute(request);
-                var requestTokenResponse = Encoding.UTF8.GetString(response.RawBytes);
-                Assert.DoesNotContain('\n', requestTokenResponse);
-
-                var tokenInfo = (from part in requestTokenResponse.Split('&')
-                                 let equalSignPos = part.IndexOf('=')
-                                 let partKey = part.Substring(0, equalSignPos)
-                                 let partValue = part.Substring(equalSignPos + 1)
-                                 select new
-                                 {
-                                     partKey,
-                                     partValue
-                                 }).ToDictionary(x => x.partKey, x => x.partValue);
-
-                Assert.Contains("oauth_token", tokenInfo.Keys);
-                Assert.Contains("oauth_token_secret", tokenInfo.Keys);
-
-                requestToken = tokenInfo["oauth_token"];
-                requestTokenSecret = tokenInfo["oauth_token_secret"];
-            }
-
-            authenticator = OAuth1Authenticator.ForAccessToken(consumerKey, consumerSecret, requestToken, requestTokenSecret);
-            authenticator.SignatureProvider = signatureProvider;
-            client.Authenticator = authenticator;
-
-            string accessKey, accessSecret;
-
-            {
-                var request = new RestRequest("access-token");
-                var response = await client.Execute(request);
-                var accessTokenResponse = Encoding.UTF8.GetString(response.RawBytes);
-                Assert.DoesNotContain('\n', accessTokenResponse);
-
-                var tokenInfo = (from part in accessTokenResponse.Split('&')
-                                 let equalSignPos = part.IndexOf('=')
-                                 let partKey = part.Substring(0, equalSignPos)
-                                 let partValue = part.Substring(equalSignPos + 1)
-                                 select new
-                                 {
-                                     partKey,
-                                     partValue
-                                 }).ToDictionary(x => x.partKey, x => x.partValue);
-
-                Assert.Contains("oauth_token", tokenInfo.Keys);
-                Assert.Contains("oauth_token_secret", tokenInfo.Keys);
-
-                accessKey = tokenInfo["oauth_token"];
-                accessSecret = tokenInfo["oauth_token_secret"];
-            }
-
-            authenticator = OAuth1Authenticator.ForProtectedResource(consumerKey, consumerSecret, accessKey, accessSecret);
-            authenticator.SignatureProvider = signatureProvider;
-            client.Authenticator = authenticator;
-
+            })
             {
-                var request = new RestRequest("echo", Method.POST);
-                request.AddParameter("one", "1");
-                request.AddParameter("two", "2");
-                var response = await client.Execute(request);
-                var text = Encoding.UTF8.GetString(response.RawBytes);
-                Assert.DoesNotContain('\n', text);
-
-                var data = (from part in text.Split('&')
-                            let equalSignPos = part.IndexOf('=')
-                            let partKey = part.Substring(0, equalSignPos)
-                            let partValue = part.Substring(equalSignPos + 1)
-                            select new
-                            {
-                                partKey,
-                                partValue
-                            }).ToDictionary(x => x.partKey, x => x.partValue);
-                Assert.Contains("one", data.Keys);
-                Assert.Contains("two", data.Keys);
-                Assert.Equal("1", data["one"]);
-                Assert.Equal("2", data["two"]);
+                var consumerKey = "key";
+                var consumerSecret = "secret";
+
+                var authenticator = OAuth1Authenticator.ForRequestToken(consumerKey, consumerSecret, "http://localhost/test");
+                authenticator.SignatureProvider = signatureProvider;
+                client.Authenticator = authenticator;
+
+                string requestToken, requestTokenSecret;
+
+                {
+                    var request = new RestRequest("request-token");
+                    var response = await client.Execute(request);
+                    var requestTokenResponse = Encoding.UTF8.GetString(response.RawBytes);
+                    Assert.DoesNotContain('\n', requestTokenResponse);
+
+                    var tokenInfo = (from part in requestTokenResponse.Split('&')
+                                     let equalSignPos = part.IndexOf('=')
+                                     let partKey = part.Substring(0, equalSignPos)
+                                     let partValue = part.Substring(equalSignPos + 1)
+                                     select new
+                                     {
+                                         partKey,
+                                         partValue
+                                     }).ToDictionary(x => x.partKey, x => x.partValue);
+
+                    Assert.Contains("oauth_token", tokenInfo.Keys);
+                    Assert.Contains("oauth_token_secret", tokenInfo.Keys);
+
+                    requestToken = tokenInfo["oauth_token"];
+                    requestTokenSecret = tokenInfo["oauth_token_secret"];
+                }
+
+                authenticator = OAuth1Authenticator.ForAccessToken(consumerKey, consumerSecret, requestToken, requestTokenSecret);
+                authenticator.SignatureProvider = signatureProvider;
+                client.Authenticator = authenticator;
+
+                string accessKey, accessSecret;
+
+                {
+                    var request = new RestRequest("access-token");
+                    var response = await client.Execute(request);
+                    var accessTokenResponse = Encoding.UTF8.GetString(response.RawBytes);
+                    Assert.DoesNotContain('\n', accessTokenResponse);
+
+                    var tokenInfo = (from part in accessTokenResponse.Split('&')
+                                     let equalSignPos = part.IndexOf('=')
+                                     let partKey = part.Substring(0, equalSignPos)
+                                     let partValue = part.Substring(equalSignPos + 1)
+                                     select new
+                                     {
+                                         partKey,
+                                         partValue
+                                     }).ToDictionary(x => x.partKey, x => x.partValue);
+
+                    Assert.Contains("oauth_token", tokenInfo.Keys);
+                    Assert.Contains("oauth_token_secret", tokenInfo.Keys);
+
+                    accessKey = tokenInfo["oauth_token"];
+                    accessSecret = tokenInfo["oauth_token_secret"];
+                }
+
+                authenticator = OAuth1Authenticator.ForProtectedResource(consumerKey, consumerSecret, accessKey, accessSecret);
+                authenticator.SignatureProvider = signatureProvider;
+                client.Authenticator = authenticator;
+
+                {
+                    var request = new RestRequest("echo", Method.POST);
+                    request.AddParameter("one", "1");
+                    request.AddParameter("two", "2");
+                    var response = await client.Execute(request);
+                    var text = Encoding.UTF8.GetString(response.RawBytes);
+                    Assert.DoesNotContain('\n', text);
+
+                    var data = (from part in text.Split('&')
+                                let equalSignPos = part.IndexOf('=')
+                                let partKey = part.Substring(0, equalSignPos)
+                                let partValue = part.Substring(equalSignPos + 1)
+                                select new
+                                {
+                                    partKey,
+                                    partValue
+                                }).ToDictionary(x => x.partKey, x => x.partValue);
+                    Assert.Contains("one", data.Keys);
+                    Assert.Contains("two", data.Keys);
+                    Assert.Equal("1", data["one"]);
+                    Assert.Equal("2", data["two"]);
+                }
             }
         }
     }