I'm using the a (slight variation) of the InMemoryToken Manager provided by the ApplicationBuilding Block example to authenticate against MySpace using DotNetOpenAuth.
As it seems to me, the tokens returned from MySpace after authentication are not properly urldecoded when ProcessUserAuthorization is being called.
To get the passing through of the tokens to work I'm currently using the following ugly hack to get the TokenManager to find the matching secret. (The hack is not necessary for Twitter authentication)
public string GetTokenSecret(string token)
{
// hack necessary for myspace :(
token = HttpUtility.UrlDecode(token);
string tokenSecret = tokensAndSecrets[token];
....
}
This is my MySpaceConsumer class
public static class MySpaceConsumer
{
public static readonly ServiceProviderDescription ServiceDescription = new ServiceProviderDescription
{
RequestTokenEndpoint = new MessageReceivingEndpoint("http://api.myspace.com/request_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint("http://api.myspace.com/authorize", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint("http://api.myspace.com/access_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
};
/// <summary>
/// The description of Twitter's OAuth protocol URIs for use with their "Sign in with Twitter" feature.
/// </summary>
public static readonly ServiceProviderDescription SignInWithTwitterServiceDescription = new ServiceProviderDescription
{
RequestTokenEndpoint = new MessageReceivingEndpoint("http://api.myspace.com/request_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
UserAuthorizationEndpoint = new MessageReceivingEndpoint("http://api.myspace.com/authorize", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
AccessTokenEndpoint = new MessageReceivingEndpoint("http://api.myspace.com/access_token", HttpDeliveryMethods.GetRequest | HttpDeliveryMethods.AuthorizationHeaderRequest),
TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() },
};
static MySpaceConsumer()
{
// Twitter can't handle the Expect 100 Continue HTTP header.
//ServicePointManager.FindServicePoint(GetFavoritesEndpoint.Location).Expect100Continue = false;
}
public static bool IsMySpaceConsumerConfigured
{
get
{
return !string.IsNullOrEmpty(Busker.MVC.Properties.Settings.Default.TwitterConsumerKey) &&
!string.IsNullOrEmpty(Busker.MVC.Properties.Settings.Default.TwitterConsumerSecret);
}
}
private static BuskerTokenManager ShortTermUserSessionTokenManager
{
get
{
var store = HttpContext.Current.Session;
var tokenManager = (BuskerTokenManager)store["MySpaceShortTermUserSessionTokenManager"];
if (tokenManager == null)
{
string consumerKey = Busker.MVC.Properties.Settings.Default.TwitterConsumerKey;
string consumerSecret = Busker.MVC.Properties.Settings.Default.TwitterConsumerSecret;
if (IsMySpaceConsumerConfigured)
{
tokenManager = new BuskerTokenManager(consumerKey, consumerSecret);
store["MySpaceShortTermUserSessionTokenManager"] = tokenManager;
}
else
{
throw new InvalidOperationException("No Twitter OAuth consumer key and secret could be found in web.config AppSettings.");
}
}
return tokenManager;
}
}
private static readonly MessageReceivingEndpoint GetMyProfile = new MessageReceivingEndpoint("http://api.myspace.com/1.0/people/@me/@self?format=xml", HttpDeliveryMethods.GetRequest);
public static XDocument GetProfile(ConsumerBase myspace, string accessToken)
{
IncomingWebResponse response = myspace.PrepareAuthorizedRequestAndSend(GetMyProfile, accessToken);
return XDocument.Load(XmlReader.Create(response.GetResponseReader()));
}
}
