{"id":24440089,"url":"https://github.com/mastercard/oauth1-signer-csharp","last_synced_at":"2025-04-15T20:37:58.181Z","repository":{"id":34020110,"uuid":"164419691","full_name":"Mastercard/oauth1-signer-csharp","owner":"Mastercard","description":"Zero dependency library for generating a Mastercard API compliant OAuth signature.","archived":false,"fork":false,"pushed_at":"2024-09-25T14:32:21.000Z","size":242,"stargazers_count":27,"open_issues_count":0,"forks_count":11,"subscribers_count":15,"default_branch":"main","last_synced_at":"2025-03-29T01:06:12.993Z","etag":null,"topics":["csharp","mastercard","netstandard13","oauth1","oauth1a","openapi"],"latest_commit_sha":null,"homepage":"https://developer.mastercard.com/platform/documentation/security-and-authentication/using-oauth-1a-to-access-mastercard-apis/","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Mastercard.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2019-01-07T11:00:39.000Z","updated_at":"2025-02-09T11:51:47.000Z","dependencies_parsed_at":"2024-01-19T13:28:15.494Z","dependency_job_id":"befc2b4a-0c7f-4bea-8ec0-8c0a88181ce9","html_url":"https://github.com/Mastercard/oauth1-signer-csharp","commit_stats":{"total_commits":158,"total_committers":9,"mean_commits":"17.555555555555557","dds":"0.30379746835443033","last_synced_commit":"bb3a885d92ec72a12a0a9cf2b1c3c07c448fc3a1"},"previous_names":[],"tags_count":16,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mastercard%2Foauth1-signer-csharp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mastercard%2Foauth1-signer-csharp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mastercard%2Foauth1-signer-csharp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mastercard%2Foauth1-signer-csharp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Mastercard","download_url":"https://codeload.github.com/Mastercard/oauth1-signer-csharp/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249149208,"owners_count":21220673,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["csharp","mastercard","netstandard13","oauth1","oauth1a","openapi"],"created_at":"2025-01-20T20:28:17.198Z","updated_at":"2025-04-15T20:37:58.159Z","avatar_url":"https://github.com/Mastercard.png","language":"C#","funding_links":[],"categories":[],"sub_categories":[],"readme":"# oauth1-signer-csharp\n[![](https://developer.mastercard.com/_/_/src/global/assets/svg/mcdev-logo-dark.svg)](https://developer.mastercard.com/)\n\n[![](https://github.com/Mastercard/oauth1-signer-csharp/workflows/Build%20\u0026%20Test/badge.svg)](https://github.com/Mastercard/oauth1-signer-csharp/actions?query=workflow%3A%22Build+%26+Test%22)\n[![](https://sonarcloud.io/api/project_badges/measure?project=Mastercard_oauth1-signer-csharp\u0026metric=alert_status)](https://sonarcloud.io/dashboard?id=Mastercard_oauth1-signer-csharp)\n[![](https://github.com/Mastercard/oauth1-signer-csharp/workflows/broken%20links%3F/badge.svg)](https://github.com/Mastercard/oauth1-signer-csharp/actions?query=workflow%3A%22broken+links%3F%22)\n[![](https://img.shields.io/nuget/v/Mastercard.Developer.OAuth1Signer.Core.svg?label=nuget%20|%20core)](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.Core/)\n[![](https://img.shields.io/nuget/v/Mastercard.Developer.OAuth1Signer.RestSharp.svg?label=nuget%20|%20restsharp%20portable)](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.RestSharp/)\n[![](https://img.shields.io/nuget/v/Mastercard.Developer.OAuth1Signer.RestSharpV2.svg?label=nuget%20|%20restsharp)](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.RestSharpV2/)\n[![](https://img.shields.io/badge/license-MIT-yellow.svg)](https://github.com/Mastercard/oauth1-signer-csharp/blob/master/LICENSE)\n\n## Table of Contents\n- [Overview](#overview)\n  * [Compatibility](#compatibility)\n  * [References](#references)\n  * [Versioning and Deprecation Policy](#versioning)\n- [Usage](#usage)\n  * [Prerequisites](#prerequisites)\n  * [Adding the Libraries to Your Project](#adding-the-libraries-to-your-project)\n  * [Loading the Signing Key](#loading-the-signing-key) \n  * [Creating the OAuth Authorization Header](#creating-the-oauth-authorization-header)\n  * [Signing HTTP Client Request Objects](#signing-http-client-request-objects)\n  * [Integrating with OpenAPI Generator API Client Libraries](#integrating-with-openapi-generator-api-client-libraries)\n  \n## Overview \u003ca name=\"overview\"\u003e\u003c/a\u003e\n* [`OAuth1Signer.Core`](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.Core/) is a zero dependency library for generating a Mastercard API compliant OAuth signature\n* [`OAuth1Signer.RestSharpV2`](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.RestSharpV2/) is an extension dedicated to [RestSharp](https://restsharp.dev/)\n* [`OAuth1Signer.RestSharp`](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.RestSharp/) is an extension dedicated to [RestSharp Portable](https://github.com/FubarDevelopment/restsharp.portable) (project no longer maintained)\n\n### Compatibility \u003ca name=\"compatibility\"\u003e\u003c/a\u003e\n\n#### .NET \u003ca name=\"net\"\u003e\u003c/a\u003e\n* `OAuth1Signer.Core` targets .NET Standard 2.1\n* `OAuth1Signer.RestSharp` targets .NET Standard 2.1\n* `OAuth1Signer.RestSharpV2` targets .NET Standard 2.1\n\n.NET Standard versions supported by .NET implementations can be found in the following articles: [.NET Standard](https://docs.microsoft.com/en-us/dotnet/standard/net-standard), [.NET Standard versions](https://dotnet.microsoft.com/en-us/platform/dotnet-standard#versions).\n\n#### Strong Naming \u003ca name=\"strong-naming\"\u003e\u003c/a\u003e\nAssemblies are strong-named as per [Strong naming and .NET libraries](https://docs.microsoft.com/en-us/dotnet/standard/library-guidance/strong-naming).\nThe SN key is available here: [`Identity.snk`](https://github.com/Mastercard/oauth1-signer-csharp/blob/master/Identity.snk).\n\n### References \u003ca name=\"references\"\u003e\u003c/a\u003e\n* [OAuth 1.0a specification](https://tools.ietf.org/html/rfc5849)\n* [Body hash extension for non application/x-www-form-urlencoded payloads](https://tools.ietf.org/id/draft-eaton-oauth-bodyhash-00.html)\n\n### Versioning and Deprecation Policy \u003ca name=\"versioning\"\u003e\u003c/a\u003e\n* [Mastercard Versioning and Deprecation Policy](https://github.com/Mastercard/.github/blob/main/CLIENT_LIBRARY_DEPRECATION_POLICY.md)\n\n## Usage \u003ca name=\"usage\"\u003e\u003c/a\u003e\n\n### Prerequisites \u003ca name=\"prerequisites\"\u003e\u003c/a\u003e\nBefore using this library, you will need to set up a project in the [Mastercard Developers Portal](https://developer.mastercard.com). \n\nAs part of this set up, you'll receive credentials for your app:\n* A consumer key (displayed on the Mastercard Developer Portal)\n* A private request signing key (matching the public certificate displayed on the Mastercard Developer Portal)\n\n### Adding the Libraries to Your Project \u003ca name=\"adding-the-libraries-to-your-project\"\u003e\u003c/a\u003e \n#### Package Manager\n```shell\nInstall-Package Mastercard.Developer.OAuth1Signer.{Core|RestSharp|RestSharpV2}\n```\n\n#### .NET CLI\n```shell\ndotnet add package Mastercard.Developer.OAuth1Signer.{Core|RestSharp|RestSharpV2}\n```\n\n### Loading the Signing Key \u003ca name=\"loading-the-signing-key\"\u003e\u003c/a\u003e\n\nA `System.Security.Cryptography.RSA` key object can be created by calling the `AuthenticationUtils.LoadSigningKey` method:\n```cs\nvar signingKey = AuthenticationUtils.LoadSigningKey(\n                        \"\u003cinsert PKCS#12 key file path\u003e\", \n                        \"\u003cinsert key alias\u003e\", \n                        \"\u003cinsert key password\u003e\");\n```\n\n### Creating the OAuth Authorization Header \u003ca name=\"creating-the-oauth-authorization-header\"\u003e\u003c/a\u003e\nThe method that does all the heavy lifting is `OAuth.GetAuthorizationHeader`, in the [`OAuth1Signer.Core`](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.Core/) package. \nYou can call into it directly and as long as you provide the correct parameters, it will return a string that you can add into your request's `Authorization` header.\n\n```cs\nvar consumerKey = \"\u003cinsert consumer key\u003e\";\nvar uri = \"https://sandbox.api.mastercard.com/service\";\nvar method = \"POST\";\nvar payload = \"Hello world!\";\nvar encoding = Encoding.UTF8;\nvar authHeader = OAuth.GetAuthorizationHeader(uri, method, payload, encoding, consumerKey, signingKey);\n```\n\n### Signing HTTP Client Request Objects \u003ca name=\"signing-http-client-request-objects\"\u003e\u003c/a\u003e\n\nAlternatively, you can use helper classes for some of the commonly used HTTP clients.\n\nThese classes will modify the provided request object in-place and will add the correct `Authorization` header. Once instantiated with a consumer key and private key, these objects can be reused. \n\nUsage briefly described below, but you can also refer to the test project for examples. \n\n+ [System.Net.Http.HttpClient](#system-net-http-httpclient)\n+ [RestSharp](#restsharp)\n\n#### System.Net.Http.HttpClient \u003ca name=\"system-net-http-httpclient\"\u003e\u003c/a\u003e\n\nThe `NetHttpClientSigner` class is located in the [`OAuth1Signer.Core`](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.Core/) package. \n\nUsage:\n```cs\nvar baseUri = new Uri(\"https://api.mastercard.com/\");\nvar httpClient = new HttpClient(new RequestSignerHandler(consumerKey, signingKey)) { BaseAddress = baseUri };\nvar postTask = httpClient.PostAsync(new Uri(\"/service\", UriKind.Relative), new StringContent(\"{\\\"foo\\\":\\\"bår\\\"}\");\n// (…)\n\ninternal class RequestSignerHandler : HttpClientHandler\n{\n    private readonly NetHttpClientSigner signer;\n\n    public RequestSignerHandler(string consumerKey, RSA signingKey)\n    {\n        signer = new NetHttpClientSigner(consumerKey, signingKey);\n    }\n\n    protected override Task\u003cHttpResponseMessage\u003e SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)\n    {\n        signer.Sign(request);\n        return base.SendAsync(request, cancellationToken);\n    }\n}\n```\n\n#### RestSharp \u003ca name=\"restsharp\"\u003e\u003c/a\u003e\n\nA `RestSharpSigner` class is provided for both RestSharp and RestSharp Portable. It can be found in the [`OAuth1Signer.RestSharp`](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.RestSharp/) and [`OAuth1Signer.RestSharpV2`](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.RestSharpV2/) packages.\n\nUsage:\n```cs\nvar baseUri = new Uri(\"https://api.mastercard.com/\");\nvar request = new RestRequest\n{\n    Method = Method.POST,\n    Resource = \"/service\",\n    Parameters =\n    {\n        new Parameter { Type = ParameterType.RequestBody, Encoding = Encoding.UTF8, Value = \"{\\\"foo\\\":\\\"bår\\\"}\"} // \"application/json; charset=utf-8\"\n    }\n};\nvar signer = new RestSharpSigner(consumerKey, signingKey);\nsigner.Sign(baseUri, request);\n```\n\n### Integrating with OpenAPI Generator API Client Libraries \u003ca name=\"integrating-with-openapi-generator-api-client-libraries\"\u003e\u003c/a\u003e\n\n[OpenAPI Generator](https://github.com/OpenAPITools/openapi-generator) generates API client libraries from [OpenAPI Specs](https://github.com/OAI/OpenAPI-Specification). \nIt provides generators and library templates for supporting multiple languages and frameworks.\n\nThis project provides you with some authenticator classes you can use when configuring your API client. These classes will take care of adding the correct `Authorization` header before sending the request.\n\nGenerators currently supported:\n+ [csharp-netcore](#csharp-netcore-generator)\n+ [csharp (deprecated)](#csharp-generator)\n\n\n#### csharp-netcore\u003ca name=\"csharp-netcore-generator\"\u003e\u003c/a\u003e\n\n##### OpenAPI Generator\n\nClient libraries can be generated using the following command:\n```shell\nopenapi-generator-cli generate -i openapi-spec.yaml -g csharp-netcore -c config.json -o out\n```\nconfig.json:\n```json\n{ \"targetFramework\": \"netstandard2.1\" }\n```\n\nSee also:\n* [OpenAPI Generator CLI Installation](https://openapi-generator.tech/docs/installation)\n* [Config Options for csharp-netcore](https://github.com/OpenAPITools/openapi-generator/blob/master/docs/generators/csharp-netcore.md)\n\n##### Usage of the `RestSharpSigner`\n\n`RestSharpSigner` is located in the [`OAuth1Signer.RestSharpV2`](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.RestSharpV2/) package.\n\n##### Usage\n\nCreate a new file (for instance, `MastercardApiClient.cs`) extending the definition of the generated `ApiClient` class:\n\n```cs\npartial class ApiClient\n{\n    private readonly Uri _basePath;\n    private readonly RestSharpSigner _signer;\n\n    /// \u003csummary\u003e\n    /// Construct an ApiClient which will automatically sign requests\n    /// \u003c/summary\u003e\n    public ApiClient(RSA signingKey, string basePath, string consumerKey)\n    {\n        _baseUrl = basePath;\n        _basePath = new Uri(basePath);\n        _signer = new RestSharpSigner(consumerKey, signingKey);\n    }\n\n    partial void InterceptRequest(RestRequest request)\n    {\n        _signer.Sign(_basePath, request);\n    }\n}\n```\n\nConfigure your `ApiClient` instance the following way:\n```cs\nvar client = new ApiClient(SigningKey, BasePath, ConsumerKey);\nvar serviceApi = new ServiceApi() { Client = client };\n// …\n```\n\n#### csharp (deprecated)\u003ca name=\"csharp-generator\"\u003e\u003c/a\u003e\n\n##### OpenAPI Generator\n\nClient libraries can be generated using the following command:\n```shell\nopenapi-generator-cli generate -i openapi-spec.yaml -g csharp -c config.json -o out\n```\nconfig.json:\n```json\n{ \"targetFramework\": \"netstandard2.1\" }\n```\n\n⚠️ `v5.0` was used for `targetFramework` in OpenAPI Generator versions prior 5.0.0.\n\nSee also: \n* [OpenAPI Generator CLI Installation](https://openapi-generator.tech/docs/installation)\n* [Config Options for csharp](https://github.com/OpenAPITools/openapi-generator/blob/master/docs/generators/csharp.md)\n\n##### Usage of the `RestSharpOAuth1Authenticator`\n\n`RestSharpOAuth1Authenticator` is located in the [`OAuth1Signer.RestSharp`](https://www.nuget.org/packages/Mastercard.Developer.OAuth1Signer.RestSharp/) package. \n\n```cs\nvar config = Configuration.Default;\nconfig.BasePath = \"https://sandbox.api.mastercard.com\";\nconfig.ApiClient.RestClient.Authenticator = new RestSharpOAuth1Authenticator(ConsumerKey, signingKey, new Uri(config.BasePath));\nvar serviceApi = new ServiceApi(config);\n// …\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmastercard%2Foauth1-signer-csharp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmastercard%2Foauth1-signer-csharp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmastercard%2Foauth1-signer-csharp/lists"}