Added in support for PLAINTEXT Signature methods.

lib/oauth.js

@@ -10,6 +10,9 @@ exports.OAuth= function(requestUrl, accessUrl, authorizeUrl, consumerKey, consum
   this._consumerKey= consumerKey;
   this._consumerSecret= this._encodeData( consumerSecret );
   this._version= version;
+
+  if( signatureMethod != "PLAINTEXT" && signatureMethod != "HMAC-SHA1")
+    throw new Error("Un-supported signature method: " + signatureMethod )
   this._signatureMethod= signatureMethod;
   this._nonceSize= nonceSize || 32;
 };
@@ -22,8 +25,7 @@ exports.OAuth.prototype._encodeData= function(toEncode){
  if( toEncode == null || toEncode == "" ) return ""
  else {
     var result= encodeURIComponent(toEncode);
-
-    // Fix the mismatch between OAuth's  RFC2396's and Javascript's beliefs in what is right and wrong ;)
+    // Fix the mismatch between OAuth's  RFC3986's and Javascript's beliefs in what is right and wrong ;)
     return result.replace(/\!/g, "%21")
                  .replace(/\'/g, "%27")
                  .replace(/\(/g, "%28")
@@ -94,15 +96,20 @@ exports.OAuth.prototype._createSignatureBase= function(method, url, parameters)
 exports.OAuth.prototype._createSignature= function(signatureBase, tokenSecret) {
    if( tokenSecret === undefined ) var tokenSecret= "";
    else tokenSecret= this._encodeData( tokenSecret ); 
-
+   // consumerSecret is already encoded
    var key= this._consumerSecret + "&" + tokenSecret;
 
    //TODO: whilst we support different signature methods being passed
    // we currenting only do SHA1-HMAC
-   var hash= sha1.HMACSHA1(key, signatureBase);
-   signature = this._encodeData(hash);
+   var hash= ""
+   if( this._signatureMethod == "PLAINTEXT" ) {
+     hash= this._encodeData(key);
+   }
+   else {
+     hash= sha1.HMACSHA1(key, signatureBase);
+   }
 
-   return signature;
+   return hash;
 }
 exports.OAuth.prototype.NONCE_CHARS= ['a','b','c','d','e','f','g','h','i','j','k','l','m','n',
               'o','p','q','r','s','t','u','v','w','x','y','z','A','B',
@@ -147,13 +154,13 @@ exports.OAuth.prototype._performSecureRequest= function( oauth_token, oauth_toke
    }
   }
 
-  var sig= this._getSignature( method,  url,  this._normaliseRequestParams(oauthParameters), oauth_token_secret);
+  var sig= this._getSignature( method,  url,  this._normaliseRequestParams(oauthParameters), oauth_token_secret); 
   var orderedParameters= this._sortRequestParams( oauthParameters );  
   orderedParameters[orderedParameters.length]= ["oauth_signature", sig];
   
   var query=""; 
   for( var i= 0 ; i < orderedParameters.length; i++) {
-    query+= orderedParameters[i][0]+"="+ orderedParameters[i][1] + "&";
+    query+= orderedParameters[i][0]+"="+ this._encodeData(orderedParameters[i][1]) + "&";
   }
   query= query.substring(0, query.length-1);
 
@@ -222,7 +229,7 @@ exports.OAuth.prototype.getOAuthRequestToken= function(callback) {
   // build request authorization header
   var authHeader="OAuth "; 
   for( var i= 0 ; i < orderedParameters.length; i++) {
-    authHeader+= orderedParameters[i][0]+"=\""+orderedParameters[i][1] +"\",";
+    authHeader+= orderedParameters[i][0]+"=\""+ this._encodeData(orderedParameters[i][1])+"\",";
   }
   authHeader= authHeader.substring(0, authHeader.length-1);
 
@@ -233,7 +240,7 @@ exports.OAuth.prototype.getOAuthRequestToken= function(callback) {
   headers["User-Agent"]= "Express authentication"
   headers["Content-length"]= 0
   headers["Content-Type"]= "application/x-www-form-urlencoded"
-  
+
   var oauthProvider=  http.createClient(parsedUrl.port, parsedUrl.hostname);
   var request = oauthProvider.request(method, parsedUrl.pathname, headers);
   var data="";