What is OAuth?
OAuth is an open authorization protocol based on token exchange to secure client application access to server resources.
Get method is usually exposed to every client, so anyone can see data returned by the GET type service API. OAuth authorization protocol can help you protect your sensitive data. You can implement OAuth for GET, POST, PUT etc type service API.
I have uploaded OAuth project on my Google Drive. You can download it from this link –
I have used OAuth.cs file to implement OAuth in POST and GET type service API.
For more reference you can read the following link –
There are two issues with code sample shown on the above link –
- Inconsistent Authentication – If you try to test your API for 10 times, it may fail for more than 3 times.
REASON – Whenever you send signature from client to service, if + is present in signature it would be replaced by blank character.
For eg –
If Client Signature is 6523+kjnk330+njnj
Signature recieved on the service will be 6523 kjnk330 njnj
So, on the service side you have to replace blank character with +.
2. Authentication problem due to URL – If you call service using localhost(eg – http://localhost:65020/WebClient.aspx), it would run without any problem. But, if you use IP address instead of localhost it would always fail.
REASON – WebOperationContext.Current.IncomingRequest used in service does not read the IP address of request from client. So, Authentication fails if IP address is used in request from client.
Both the issues have been resolved in the project mentioned here.