AlexCuse · August 29, 2015 14:07
diff --git a/gistfile1.cs b/gistfile1.cs
 public bool IsSignatureValid(HttpRequestBase request, string oauthSecret)
 {
    var context = _contextBuilder.FromHttpRequest(request);

    //this is for when we are behind a load balancer that handles SSL duties
    //client contacts https://oursite but load balancer directs request to http://oursite on the actual server
    //this fundamentally changes the signature base of the request, forcing us to try validating both ways
    var maybeSignedWithHttpsNotHttpUrlContext = _contextBuilder.FromHttpRequest(request);
    maybeSignedWithHttpsNotHttpUrlContext.RawUri = new Uri(context.NormalizedRequestUrl.Replace("http:", "https:"));

    var signingContext = new SigningContext
    {
        ConsumerSecret = oauthSecret
    };

    return _signer.ValidateSignature(context, signingContext) ||
        _signer.ValidateSignature(maybeSignedWithHttpsNotHttpUrlContext, signingContext);
 }
	public bool IsSignatureValid(HttpRequestBase request, string oauthSecret)
	{
	var context = _contextBuilder.FromHttpRequest(request);

	//this is for when we are behind a load balancer that handles SSL duties
	//client contacts https://oursite but load balancer directs request to http://oursite on the actual server
	//this fundamentally changes the signature base of the request, forcing us to try validating both ways
	var maybeSignedWithHttpsNotHttpUrlContext = _contextBuilder.FromHttpRequest(request);
	maybeSignedWithHttpsNotHttpUrlContext.RawUri = new Uri(context.NormalizedRequestUrl.Replace("http:", "https:"));

	var signingContext = new SigningContext
	{
	ConsumerSecret = oauthSecret
	};

	return _signer.ValidateSignature(context, signingContext) \|\|
	_signer.ValidateSignature(maybeSignedWithHttpsNotHttpUrlContext, signingContext);
	}