public static async Task<TwitterCredentials> XAuthentication(this IUserSession session, string xauthusername,
string xauthpassword)
{
if (string.IsNullOrWhiteSpace(session.clientID))
throw new ArgumentException("ClientID must be specified", session.clientID);
if (string.IsNullOrWhiteSpace(session.clientSecret))
throw new ArgumentException("ClientSecret must be specified", session.clientSecret);
var sinceEpoch = session.GenerateTimestamp();
var nonce = session.GenerateNoonce();
var sigBaseStringParams =
string.Format(
"oauth_consumer_key={0}&oauth_nonce={1}&oauth_signature_method=HMAC-SHA1&oauth_timestamp={2}&oauth_version=1.0",
session.clientID,
nonce,
sinceEpoch);
var sigBaseString = string.Format("POST&{0}&{1}", TwitterApi.XAuthorizeTokenUrl().UrlEncode(),
sigBaseStringParams.UrlEncode());
var signature = session.GenerateSignature(session.clientSecret, sigBaseString, null);
var dataToPost = string.Format(
"OAuth oauth_consumer_key=\"{2}\",oauth_nonce=\"{0}\",oauth_signature=\"{3}\",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=\"{1}\",oauth_version=\"1.0\"",
nonce,
sinceEpoch,
session.clientID,
signature.UrlEncode());
var contentToPost = string.Format(
"x_auth_username={0}&x_auth_password={1}&x_auth_mode=client_auth",
xauthusername.UrlEncode(),
xauthpassword.UrlEncode());
var authresponse = await PostData(TwitterApi.XAuthorizeTokenUrl(), dataToPost, contentToPost);
var _accessToken = "";
var _accessTokenSecret = "";
var _userId = "";
var _screenName = "";
foreach (var splits in authresponse.Split('&').Select(t => t.Split('=')))
{
switch (splits[0])
{
case "oauth_token": //these tokens are request tokens, first step before getting access tokens
_accessToken = splits[1];
break;
case "oauth_token_secret":
_accessTokenSecret = splits[1];
break;
case "user_id":
_userId = splits[1];
break;
case "screen_name":
_screenName = splits[1];
break;
}
}
if (_accessToken != null && _accessTokenSecret != null && _userId != null && _screenName != null)
{
return new TwitterCredentials()
{
ConsumerKey = session.clientID,
ConsumerSecret = session.clientSecret,
ScreenName = _screenName,
Token = _accessToken,
TokenSecret = _accessTokenSecret,
UserID = Int64.Parse(_userId),
Valid = true
};
}
return TwitterCredentials.Null;
}