Fixed the parameter ordering, and added support for repeated arguments. Fixes issue 14
This commit is contained in:
parent
1d6eefec70
commit
caebbc2ca1
40
lib/oauth.js
40
lib/oauth.js
|
@ -95,12 +95,26 @@ exports.OAuth.prototype._buildAuthorizationHeaders= function(orderedParameters)
|
|||
return authHeader;
|
||||
}
|
||||
|
||||
// Takes a literal in, then returns a sorted array
|
||||
exports.OAuth.prototype._sortRequestParams= function(argumentsHash) {
|
||||
// Takes an object literal that represents the arguments, and returns an array
|
||||
// of argument/value pairs.
|
||||
exports.OAuth.prototype._makeArrayOfArgumentsHash= function(argumentsHash) {
|
||||
var argument_pairs= [];
|
||||
for(var key in argumentsHash ) {
|
||||
argument_pairs[argument_pairs.length]= [key, argumentsHash[key]];
|
||||
for(var key in argumentsHash ) {
|
||||
var value= argumentsHash[key];
|
||||
if( Array.isArray(value) ) {
|
||||
for(var i=0;i<value.length;i++) {
|
||||
argument_pairs[argument_pairs.length]= [key, value[i]];
|
||||
}
|
||||
}
|
||||
else {
|
||||
argument_pairs[argument_pairs.length]= [key, value];
|
||||
}
|
||||
}
|
||||
return argument_pairs;
|
||||
}
|
||||
|
||||
// Sorts the encoded key value pairs by encoded name, then encoded value
|
||||
exports.OAuth.prototype._sortRequestParams= function(argument_pairs) {
|
||||
// Sort by name, then value.
|
||||
argument_pairs.sort(function(a,b) {
|
||||
if ( a[0]== b[0] ) {
|
||||
|
@ -113,12 +127,22 @@ exports.OAuth.prototype._sortRequestParams= function(argumentsHash) {
|
|||
}
|
||||
|
||||
exports.OAuth.prototype._normaliseRequestParams= function(arguments) {
|
||||
var argument_pairs= this._sortRequestParams( arguments );
|
||||
var argument_pairs= this._makeArrayOfArgumentsHash(arguments);
|
||||
// First encode them #3.4.1.3.2 .1
|
||||
for(var i=0;i<argument_pairs.length;i++) {
|
||||
argument_pairs[i][0]= this._encodeData( argument_pairs[i][0] );
|
||||
argument_pairs[i][1]= this._encodeData( argument_pairs[i][1] );
|
||||
}
|
||||
|
||||
// Then sort them #3.4.1.3.2 .2
|
||||
argument_pairs= this._sortRequestParams( argument_pairs );
|
||||
|
||||
// Then concatenate together #3.4.1.3.2 .3 & .4
|
||||
var args= "";
|
||||
for(var i=0;i<argument_pairs.length;i++) {
|
||||
args+= this._encodeData( argument_pairs[i][0] );
|
||||
args+= argument_pairs[i][0];
|
||||
args+= "="
|
||||
args+= this._encodeData( argument_pairs[i][1] );
|
||||
args+= argument_pairs[i][1];
|
||||
if( i < argument_pairs.length-1 ) args+= "&";
|
||||
}
|
||||
return args;
|
||||
|
@ -196,7 +220,7 @@ exports.OAuth.prototype._prepareParameters= function( oauth_token, oauth_token_s
|
|||
}
|
||||
|
||||
var sig= this._getSignature( method, url, this._normaliseRequestParams(oauthParameters), oauth_token_secret);
|
||||
var orderedParameters= this._sortRequestParams( oauthParameters );
|
||||
var orderedParameters= this._sortRequestParams( this._makeArrayOfArgumentsHash(oauthParameters) );
|
||||
orderedParameters[orderedParameters.length]= ["oauth_signature", sig];
|
||||
return orderedParameters;
|
||||
}
|
||||
|
|
|
@ -24,6 +24,67 @@ vows.describe('OAuth').addBatch({
|
|||
assert.equal( oa._normalizeUrl("http://somehost.com"), "http://somehost.com/")
|
||||
}
|
||||
},
|
||||
'When making an array out of the arguments hash' : {
|
||||
topic: new OAuth(null, null, null, null, null, null, "HMAC-SHA1"),
|
||||
'flatten out arguments that are arrays' : function(oa) {
|
||||
var parameters= {"z": "a",
|
||||
"a": ["1", "2"],
|
||||
"1": "c" };
|
||||
var parameterResults= oa._makeArrayOfArgumentsHash(parameters);
|
||||
assert.equal(parameterResults.length, 4);
|
||||
assert.equal(parameterResults[0][0], "1");
|
||||
assert.equal(parameterResults[1][0], "z");
|
||||
assert.equal(parameterResults[2][0], "a");
|
||||
assert.equal(parameterResults[3][0], "a");
|
||||
}
|
||||
},
|
||||
'When ordering the request parameters' : {
|
||||
topic: new OAuth(null, null, null, null, null, null, "HMAC-SHA1"),
|
||||
'Order them by name' : function(oa) {
|
||||
var parameters= {"z": "a",
|
||||
"a": "b",
|
||||
"1": "c" };
|
||||
var parameterResults= oa._sortRequestParams(oa._makeArrayOfArgumentsHash(parameters))
|
||||
assert.equal(parameterResults[0][0], "1");
|
||||
assert.equal(parameterResults[1][0], "a");
|
||||
assert.equal(parameterResults[2][0], "z");
|
||||
},
|
||||
'If two parameter names are the same then order by the value': function(oa) {
|
||||
var parameters= {"z": "a",
|
||||
"a": ["z", "b", "b", "a", "y"],
|
||||
"1": "c" };
|
||||
var parameterResults= oa._sortRequestParams(oa._makeArrayOfArgumentsHash(parameters))
|
||||
assert.equal(parameterResults[0][0], "1");
|
||||
assert.equal(parameterResults[1][0], "a");
|
||||
assert.equal(parameterResults[1][1], "a");
|
||||
assert.equal(parameterResults[2][0], "a");
|
||||
assert.equal(parameterResults[2][1], "b");
|
||||
assert.equal(parameterResults[3][0], "a");
|
||||
assert.equal(parameterResults[3][1], "b");
|
||||
assert.equal(parameterResults[4][0], "a");
|
||||
assert.equal(parameterResults[4][1], "y");
|
||||
assert.equal(parameterResults[5][0], "a");
|
||||
assert.equal(parameterResults[5][1], "z");
|
||||
assert.equal(parameterResults[6][0], "z");
|
||||
}
|
||||
},
|
||||
'When normalising the request parameters': {
|
||||
topic: new OAuth(null, null, null, null, null, null, "HMAC-SHA1"),
|
||||
'the resulting parameters should be encoded and ordered as per http://tools.ietf.org/html/rfc5849#section-3.1 (3.4.1.3.2)' : function(oa) {
|
||||
var parameters= {"b5" : "=%3D",
|
||||
"a3": ["a", "2 q"],
|
||||
"c@": "",
|
||||
"a2": "r b",
|
||||
"oauth_consumer_key": "9djdj82h48djs9d2",
|
||||
"oauth_token":"kkk9d7dh3k39sjv7",
|
||||
"oauth_signature_method": "HMAC-SHA1",
|
||||
"oauth_timestamp": "137131201",
|
||||
"oauth_nonce": "7d8f3e4a",
|
||||
"c2" : ""};
|
||||
var normalisedParameterString= oa._normaliseRequestParams(parameters);
|
||||
assert.equal(normalisedParameterString, "a2=r%20b&a3=2%20q&a3=a&b5=%3D%253D&c%40=&c2=&oauth_consumer_key=9djdj82h48djs9d2&oauth_nonce=7d8f3e4a&oauth_signature_method=HMAC-SHA1&oauth_timestamp=137131201&oauth_token=kkk9d7dh3k39sjv7");
|
||||
}
|
||||
},
|
||||
'When signing a url': {
|
||||
topic: function() {
|
||||
var oa= new OAuth(null, null, "consumerkey", "consumersecret", "1.0", null, "HMAC-SHA1");
|
||||
|
|
Loading…
Reference in New Issue