wiki-cafe/node-oauth
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adding a method to sign urls, desperately need to re-factor :(

Browse Source
This commit is contained in:
ciaranj 2010-04-27 21:48:43 +01:00
parent 337b6c7fa6
commit 09567154fd
2 changed files with 61 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
lib/oauth.js
View File

@ -160,8 +160,8 @@ exports.OAuth.prototype._performSecureRequest= function( oauth_token, oauth_toke
} }
} }
var sig= this._getSignature( method, url, this._normaliseRequestParams(oauthParameters), oauth_token_secret); var sig= this._getSignature( method, url, this._normaliseRequestParams(oauthParameters), oauth_token_secret);
var orderedParameters= this._sortRequestParams( oauthParameters ); var orderedParameters= this._sortRequestParams( oauthParameters );
orderedParameters[orderedParameters.length]= ["oauth_signature", sig]; orderedParameters[orderedParameters.length]= ["oauth_signature", sig];
var query=""; var query="";
@ -272,6 +272,45 @@ exports.OAuth.prototype.getOAuthRequestToken= function(callback) {
request.end(); request.end();
} }
exports.OAuth.prototype.signUrl= function(url, oauth_token, oauth_token_secret, method) {
var oauthParameters= {
"oauth_timestamp": this._getTimestamp(),
"oauth_nonce": this._getNonce(this._nonceSize),
"oauth_version": this._version,
"oauth_signature_method": this._signatureMethod,
"oauth_consumer_key": this._consumerKey
};
if( oauth_token ) {
oauthParameters["oauth_token"]= oauth_token;
}
if( method === undefined ) {
var method= "GET";
}
var parsedUrl= URL.parse( url, false );
if( parsedUrl.protocol == "http:" && !parsedUrl.port ) parsedUrl.port= 80;
if( parsedUrl.protocol == "https:" && !parsedUrl.port ) parsedUrl.port= 443;
if( parsedUrl.query ) {
var extraParameters= querystring.parse(parsedUrl.query);
for(var key in extraParameters ) {
oauthParameters[key]= extraParameters[key];
}
}
var sig= this._getSignature( method, url, this._normaliseRequestParams(oauthParameters), oauth_token_secret);
var orderedParameters= this._sortRequestParams( oauthParameters );
orderedParameters[orderedParameters.length]= ["oauth_signature", sig];
var query="";
for( var i= 0 ; i < orderedParameters.length; i++) {
query+= orderedParameters[i][0]+"="+ this._encodeData(orderedParameters[i][1]) + "&";
}
query= query.substring(0, query.length-1);
return parsedUrl.protocol + "//"+ parsedUrl.host + parsedUrl.pathname + "?" + query;
};

23
spec/spec.oauth.js
View File

@ -26,10 +26,27 @@ describe 'node-oauth'
oa._normalizeUrl("http://somehost.com").should_be "http://somehost.com/" oa._normalizeUrl("http://somehost.com").should_be "http://somehost.com/"
end end
end end
describe 'host headers for non default ports should contain the port' describe 'Url signing'
before_each it 'should provide a valid signature when no token present'
oa= new OAuth(null, null, "consumerkey", "consumersecret", "1.0", "HMAC-SHA1");
oa.stub('_getTimestamp').and_return("1272399856")
oa.stub('_getNonce').and_return("ybHPeOEkAUJ3k2wJT9Xb43MjtSgTvKqp")
oa.signUrl("http://somehost.com:3323/foo/poop?bar=foo").should_be ("http://somehost.com:3323/foo/poop?bar=foo&oauth_consumer_key=consumerkey&oauth_nonce=ybHPeOEkAUJ3k2wJT9Xb43MjtSgTvKqp&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1272399856&oauth_version=1.0&oauth_signature=7ytO8vPSLut2GzHjU9pn1SV9xjc%3D")
end end
it 'should provide a valid signature when a token is present'
oa= new OAuth(null, null, "consumerkey", "consumersecret", "1.0", "HMAC-SHA1");
oa.stub('_getTimestamp').and_return("1272399856")
oa.stub('_getNonce').and_return("ybHPeOEkAUJ3k2wJT9Xb43MjtSgTvKqp")
oa.signUrl("http://somehost.com:3323/foo/poop?bar=foo", "token").should_be ("http://somehost.com:3323/foo/poop?bar=foo&oauth_consumer_key=consumerkey&oauth_nonce=ybHPeOEkAUJ3k2wJT9Xb43MjtSgTvKqp&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1272399856&oauth_token=token&oauth_version=1.0&oauth_signature=9LwCuCWw5sURtpMroIolU3YwsdI%3D")
end
it 'should provide a valid signature when a token and a token secret is present'
oa= new OAuth(null, null, "consumerkey", "consumersecret", "1.0", "HMAC-SHA1");
oa.stub('_getTimestamp').and_return("1272399856")
oa.stub('_getNonce').and_return("ybHPeOEkAUJ3k2wJT9Xb43MjtSgTvKqp")
oa.signUrl("http://somehost.com:3323/foo/poop?bar=foo", "token", "tokensecret").should_be ("http://somehost.com:3323/foo/poop?bar=foo&oauth_consumer_key=consumerkey&oauth_nonce=ybHPeOEkAUJ3k2wJT9Xb43MjtSgTvKqp&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1272399856&oauth_token=token&oauth_version=1.0&oauth_signature=zeOR0Wsm6EG6XSg0Vw%2FsbpoSib8%3D")
end
end
describe 'host headers for non default ports should contain the port'
describe 'when getProtectedResource is called' describe 'when getProtectedResource is called'
it 'should set the correct Host header when provided with an unusual port' it 'should set the correct Host header when provided with an unusual port'
oa2= new OAuth(null, null, null, null, null, "HMAC-SHA1"); oa2= new OAuth(null, null, null, null, null, "HMAC-SHA1");