OAuth Verifier Generation Code (C#)
Pure last edited by Pure
I saw on the GitHub a request for this added. I thought it was an interesting idea and i decided to add it.
If anyone is interested this is all you have to do. To add it just add this to your blockfunction.cs inside of Rurilib.
You will need Microsoft.IdentityModel.Tokens (Available on Nuget.) That package makes it easier to generate URL safe Base64 Encodes.
case Function.GenerateOAuthVerifier: byte number = new byte; RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); rng.GetBytes(number); string encodedStr = Base64UrlEncoder.Encode(number); outputString = encodedStr; break;
Anyone who wants to use this has my permission to do so, have fun with it.
EDIT: I forgot you will need to add this to around line 147.
/// <summary>Generates an OAuth Verfier.</summary> GenerateOAuthVerifier
EDIT2: Revised some of the code
Nice. What exactly is this for? Can you make an example of a use case?
meinname last edited by meinname
a 32 Byte Random String encoded in Base64.
Why not just Function Randomstring + Function Base64Encode ?
@ruri I think It is meant generate the nonce for OAuth
though I noticed that some implementations don't want totally random nonces but stuff like
FUNCTION CurrentUnixTime -> VAR "TIME" FUNCTION Hash MD5 "<VARWITHUSERNAME><VARWITHPASSWORD><TIME>" -> VAR "MD5NONCE" FUNCTION Base64Encode "<MD5NONCE>" -> VAR "BASENONCE" FUNCTION Substring "0" "32" "<BASENONCE>" -> VAR "NONCE"
Seen this to be used in "real world"
we love you meinname. what a cutie
Pure last edited by
@Ruri OAuth requires a Code Verifer and Code Challenge to be sent in order to get an Auth Bearer token at times. I mainly just made this to cut down on the amount of blocks per config. You can do the same with the included functions or JS or IronPython. I just wanted to cut down on blocks. Also IronPython heavily degrades performance which is what I was using before.
Ah okay. Wouldn't it be better to add a function that actually generates a full OAuth signature rather than just a part of it? Anyways thanks for the addition, I don't think I will add it to master as I was thinking to make a function that generates the full signature not just the nonce.
Pure last edited by
@Ruri the reason I don't have one that generates the full thing is because they are sometimes sent separately. EX: verifier is sent in url and challenge is sent in the post data. I originally had it generate the full signature but came across that issue
Interesting, I see