Refactored OAuthEcho object into oauth.js to remove lots of redundancy
This commit is contained in:
parent
333f2a3154
commit
ed01a23da1
|
@ -8,7 +8,7 @@ Also provides rudimentary OAuth2 support, tested against facebook connect and gi
|
|||
at connect-auth (http://github.com/ciaranj/connect-auth)
|
||||
|
||||
If you're running a node.js version more recent than 0.4 then you will need to use a version of node.js greater than or equal to 0.9.0.
|
||||
If you're running a node.js version in the 0.2x stable branc, then you will need to use version 0.8.4.
|
||||
If you're running a node.js version in the 0.2x stable branch, then you will need to use version 0.8.4.
|
||||
|
||||
Please be aware that when moving from 0.8.x to 0.9.0 there are no major API changes your, I've bumped the semi-major version element
|
||||
so that I can release fixes to the 0.8.x stream if problems come out.
|
||||
|
|
2
index.js
2
index.js
|
@ -1,3 +1,3 @@
|
|||
exports.OAuth = require("./lib/oauth").OAuth;
|
||||
exports.OAuthEcho = require("./lib/oauthecho").OAuthEcho;
|
||||
exports.OAuthEcho = require("./lib/oauth").OAuthEcho;
|
||||
exports.OAuth2 = require("./lib/oauth2").OAuth2;
|
86
lib/oauth.js
86
lib/oauth.js
|
@ -6,6 +6,8 @@ var crypto= require('crypto'),
|
|||
querystring= require('querystring');
|
||||
|
||||
exports.OAuth= function(requestUrl, accessUrl, consumerKey, consumerSecret, version, authorize_callback, signatureMethod, nonceSize, customHeaders) {
|
||||
this._echo = false;
|
||||
|
||||
this._requestUrl= requestUrl;
|
||||
this._accessUrl= accessUrl;
|
||||
this._consumerKey= consumerKey;
|
||||
|
@ -27,6 +29,26 @@ exports.OAuth= function(requestUrl, accessUrl, consumerKey, consumerSecret, vers
|
|||
"User-Agent" : "Node authentication"}
|
||||
};
|
||||
|
||||
exports.OAuthEcho= function(realm, verify_credentials, consumerKey, consumerSecret, version, signatureMethod, nonceSize, customHeaders) {
|
||||
this._echo = true;
|
||||
|
||||
this._realm= realm;
|
||||
this._verifyCredentials = verify_credentials;
|
||||
this._consumerKey= consumerKey;
|
||||
this._consumerSecret= this._encodeData( consumerSecret );
|
||||
this._version= version;
|
||||
|
||||
if( signatureMethod != "PLAINTEXT" && signatureMethod != "HMAC-SHA1")
|
||||
throw new Error("Un-supported signature method: " + signatureMethod );
|
||||
this._signatureMethod= signatureMethod;
|
||||
this._nonceSize= nonceSize || 32;
|
||||
this._headers= customHeaders || {"Accept" : "*/*",
|
||||
"Connection" : "close",
|
||||
"User-Agent" : "Node authentication"};
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype = exports.OAuth.prototype;
|
||||
|
||||
exports.OAuth.prototype._getTimestamp= function() {
|
||||
return Math.floor( (new Date()).getTime() / 1000 );
|
||||
}
|
||||
|
@ -85,13 +107,18 @@ exports.OAuth.prototype._isParameterNameAnOAuthParameter= function(parameter) {
|
|||
// build the OAuth request authorization header
|
||||
exports.OAuth.prototype._buildAuthorizationHeaders= function(orderedParameters) {
|
||||
var authHeader="OAuth ";
|
||||
if (this._echo) {
|
||||
authHeader += 'realm="' + this._realm + '",';
|
||||
}
|
||||
|
||||
for( var i= 0 ; i < orderedParameters.length; i++) {
|
||||
// Whilst the all the parameters should be included within the signature, only the oauth_ arguments
|
||||
// should appear within the authorization header.
|
||||
if( this._isParameterNameAnOAuthParameter(orderedParameters[i][0]) ) {
|
||||
authHeader+= this._encodeData(orderedParameters[i][0])+"=\""+ this._encodeData(orderedParameters[i][1])+"\",";
|
||||
authHeader+= "" + this._encodeData(orderedParameters[i][0])+"=\""+ this._encodeData(orderedParameters[i][1])+"\",";
|
||||
}
|
||||
}
|
||||
|
||||
authHeader= authHeader.substring(0, authHeader.length-1);
|
||||
return authHeader;
|
||||
}
|
||||
|
@ -223,30 +250,37 @@ exports.OAuth.prototype._prepareParameters= function( oauth_token, oauth_token_s
|
|||
if( oauth_token ) {
|
||||
oauthParameters["oauth_token"]= oauth_token;
|
||||
}
|
||||
if( extra_params ) {
|
||||
for( var key in extra_params ) {
|
||||
oauthParameters[key]= extra_params[key];
|
||||
}
|
||||
}
|
||||
var parsedUrl= URL.parse( url, false );
|
||||
|
||||
if( parsedUrl.query ) {
|
||||
var key2;
|
||||
var extraParameters= querystring.parse(parsedUrl.query);
|
||||
for(var key in extraParameters ) {
|
||||
var value= extraParameters[key];
|
||||
if( typeof value == "object" ){
|
||||
// TODO: This probably should be recursive
|
||||
for(key2 in value){
|
||||
oauthParameters[key + "[" + key2 + "]"] = value[key2];
|
||||
}
|
||||
} else {
|
||||
oauthParameters[key]= value;
|
||||
}
|
||||
|
||||
var sig;
|
||||
if (!this._echo) {
|
||||
if( extra_params ) {
|
||||
for( var key in extra_params ) {
|
||||
oauthParameters[key]= extra_params[key];
|
||||
}
|
||||
}
|
||||
var parsedUrl= URL.parse( url, false );
|
||||
|
||||
if( parsedUrl.query ) {
|
||||
var key2;
|
||||
var extraParameters= querystring.parse(parsedUrl.query);
|
||||
for(var key in extraParameters ) {
|
||||
var value= extraParameters[key];
|
||||
if( typeof value == "object" ){
|
||||
// TODO: This probably should be recursive
|
||||
for(key2 in value){
|
||||
oauthParameters[key + "[" + key2 + "]"] = value[key2];
|
||||
}
|
||||
} else {
|
||||
oauthParameters[key]= value;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
sig = this._getSignature( method, url, this._normaliseRequestParams(oauthParameters), oauth_token_secret);
|
||||
} else {
|
||||
sig = this._getSignature( "GET", this._verifyCredentials, this._normaliseRequestParams(oauthParameters), oauth_token_secret);
|
||||
}
|
||||
|
||||
var sig= this._getSignature( method, url, this._normaliseRequestParams(oauthParameters), oauth_token_secret);
|
||||
var orderedParameters= this._sortRequestParams( this._makeArrayOfArgumentsHash(oauthParameters) );
|
||||
orderedParameters[orderedParameters.length]= ["oauth_signature", sig];
|
||||
return orderedParameters;
|
||||
|
@ -263,7 +297,13 @@ exports.OAuth.prototype._performSecureRequest= function( oauth_token, oauth_toke
|
|||
if( parsedUrl.protocol == "https:" && !parsedUrl.port ) parsedUrl.port= 443;
|
||||
|
||||
var headers= {};
|
||||
headers["Authorization"]= this._buildAuthorizationHeaders(orderedParameters);
|
||||
var authorization = this._buildAuthorizationHeaders(orderedParameters);
|
||||
if (this._echo) {
|
||||
headers["X-Verify-Credentials-Authorization"]= authorization;
|
||||
} else {
|
||||
headers["Authorization"]= authorization;
|
||||
}
|
||||
|
||||
headers["Host"] = parsedUrl.host
|
||||
|
||||
for( var key in this._headers ) {
|
||||
|
|
322
lib/oauthecho.js
322
lib/oauthecho.js
|
@ -1,322 +0,0 @@
|
|||
var crypto= require('crypto'),
|
||||
sha1= require('./sha1'),
|
||||
http= require('http'),
|
||||
https= require('https'),
|
||||
URL= require('url'),
|
||||
querystring= require('querystring');
|
||||
|
||||
exports.OAuthEcho= function(realm, verify_credentials, consumerKey, consumerSecret, version, signatureMethod, nonceSize, customHeaders) {
|
||||
this._realm= realm;
|
||||
this._verifyCredentials = verify_credentials;
|
||||
this._consumerKey= consumerKey;
|
||||
this._consumerSecret= this._encodeData( consumerSecret );
|
||||
this._version= version;
|
||||
|
||||
if( signatureMethod != "PLAINTEXT" && signatureMethod != "HMAC-SHA1")
|
||||
throw new Error("Un-supported signature method: " + signatureMethod );
|
||||
this._signatureMethod= signatureMethod;
|
||||
this._nonceSize= nonceSize || 32;
|
||||
this._headers= customHeaders || {"Accept" : "*/*",
|
||||
"Connection" : "close",
|
||||
"User-Agent" : "Node authentication"};
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype.post = function(url, oauth_token, oauth_secret, post_body, post_content_type, callback) {
|
||||
|
||||
var extra_params= null;
|
||||
if( typeof post_content_type == "function" ) {
|
||||
callback= post_content_type;
|
||||
post_content_type= null;
|
||||
}
|
||||
if( typeof post_body != "string" ) {
|
||||
post_content_type= "application/x-www-form-urlencoded"
|
||||
extra_params= post_body;
|
||||
post_body= null;
|
||||
}
|
||||
return this._performSecureRequest( oauth_token, oauth_secret, "POST", url, extra_params, post_body, post_content_type, callback );
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype._encodeData= function(toEncode){
|
||||
if( toEncode == null || toEncode == "" ) return ""
|
||||
else {
|
||||
var result= encodeURIComponent(toEncode);
|
||||
// Fix the mismatch between OAuth's RFC3986's and Javascript's beliefs in what is right and wrong ;)
|
||||
return result.replace(/\!/g, "%21")
|
||||
.replace(/\'/g, "%27")
|
||||
.replace(/\(/g, "%28")
|
||||
.replace(/\)/g, "%29")
|
||||
.replace(/\*/g, "%2A");
|
||||
}
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype._getSignature= function(method, url, parameters, tokenSecret) {
|
||||
var signatureBase= this._createSignatureBase(method, url, parameters);
|
||||
return this._createSignature( signatureBase, tokenSecret );
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype._normalizeUrl= function(url) {
|
||||
var parsedUrl= URL.parse(url, true)
|
||||
var port ="";
|
||||
if( parsedUrl.port ) {
|
||||
if( (parsedUrl.protocol == "http:" && parsedUrl.port != "80" ) ||
|
||||
(parsedUrl.protocol == "https:" && parsedUrl.port != "443") ) {
|
||||
port= ":" + parsedUrl.port;
|
||||
}
|
||||
}
|
||||
|
||||
if( !parsedUrl.pathname || parsedUrl.pathname == "" ) parsedUrl.pathname ="/";
|
||||
|
||||
return parsedUrl.protocol + "//" + parsedUrl.hostname + port + parsedUrl.pathname;
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype._getTimestamp= function() {
|
||||
return Math.floor( (new Date()).getTime() / 1000 );
|
||||
}
|
||||
|
||||
// Is the parameter considered an OAuth parameter
|
||||
exports.OAuthEcho.prototype._isParameterNameAnOAuthParameter= function(parameter) {
|
||||
var m = parameter.match('^oauth_');
|
||||
if( m && ( m[0] === "oauth_" ) ) {
|
||||
return true;
|
||||
}
|
||||
else {
|
||||
return false;
|
||||
}
|
||||
};
|
||||
|
||||
exports.OAuthEcho.prototype._performSecureRequest= function( oauth_token, oauth_token_secret, method, url, extra_params, post_body, post_content_type, callback ) {
|
||||
|
||||
// Here we use verify_credentials instead of url
|
||||
var orderedParameters= this._prepareParameters(url, oauth_token, oauth_token_secret, method, extra_params);
|
||||
|
||||
if( !post_content_type ) {
|
||||
post_content_type= "application/x-www-form-urlencoded";
|
||||
}
|
||||
var parsedUrl= URL.parse( url, false );
|
||||
if( parsedUrl.protocol == "http:" && !parsedUrl.port ) parsedUrl.port= 80;
|
||||
if( parsedUrl.protocol == "https:" && !parsedUrl.port ) parsedUrl.port= 443;
|
||||
|
||||
var headers= {};
|
||||
|
||||
// OAuth Echo header
|
||||
headers["X-Verify-Credentials-Authorization"]= this._buildAuthorizationHeaders(orderedParameters);
|
||||
headers["Host"] = parsedUrl.host
|
||||
|
||||
for( var key in this._headers ) {
|
||||
if (this._headers.hasOwnProperty(key)) {
|
||||
headers[key]= this._headers[key];
|
||||
}
|
||||
}
|
||||
|
||||
// Filter out any passed extra_params that are really to do with OAuth
|
||||
for(var key in extra_params) {
|
||||
if( this._isParameterNameAnOAuthParameter( key ) ) {
|
||||
delete extra_params[key];
|
||||
}
|
||||
}
|
||||
|
||||
if( (method == "POST" || method == "PUT") && ( post_body == null && extra_params != null) ) {
|
||||
post_body= querystring.stringify(extra_params);
|
||||
}
|
||||
|
||||
headers["Content-length"]= post_body ? post_body.length : 0; //Probably going to fail if not posting ascii
|
||||
headers["Content-Type"]= post_content_type;
|
||||
|
||||
var path;
|
||||
if( !parsedUrl.pathname || parsedUrl.pathname == "" ) parsedUrl.pathname ="/";
|
||||
if( parsedUrl.query ) path= parsedUrl.pathname + "?"+ parsedUrl.query ;
|
||||
else path= parsedUrl.pathname;
|
||||
|
||||
var request;
|
||||
if( parsedUrl.protocol == "https:" ) {
|
||||
request= this._createClient(parsedUrl.port, parsedUrl.hostname, method, path, headers, true);
|
||||
}
|
||||
else {
|
||||
request= this._createClient(parsedUrl.port, parsedUrl.hostname, method, path, headers);
|
||||
}
|
||||
|
||||
if( callback ) {
|
||||
var data="";
|
||||
var self= this;
|
||||
request.on('response', function (response) {
|
||||
response.setEncoding('utf8');
|
||||
response.on('data', function (chunk) {
|
||||
data+=chunk;
|
||||
});
|
||||
response.on('end', function () {
|
||||
if( response.statusCode != 200 ) {
|
||||
// Follow 302 redirects with Location HTTP header
|
||||
if(response.statusCode == 302 && response.headers && response.headers.location) {
|
||||
self._performSecureRequest( oauth_token, oauth_token_secret, method, response.headers.location, extra_params, post_body, post_content_type, callback);
|
||||
}
|
||||
else {
|
||||
callback({ statusCode: response.statusCode, data: data }, data, response);
|
||||
}
|
||||
} else {
|
||||
callback(null, data, response);
|
||||
}
|
||||
});
|
||||
});
|
||||
|
||||
request.on("error", callback);
|
||||
|
||||
if( (method == "POST" || method =="PUT") && post_body != null && post_body != "" ) {
|
||||
request.write(post_body);
|
||||
}
|
||||
request.end();
|
||||
}
|
||||
else {
|
||||
if( (method == "POST" || method =="PUT") && post_body != null && post_body != "" ) {
|
||||
request.write(post_body);
|
||||
}
|
||||
return request;
|
||||
}
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype._createClient= function( port, hostname, method, path, headers, sslEnabled ) {
|
||||
var options = {
|
||||
host: hostname,
|
||||
port: port,
|
||||
path: path,
|
||||
method: method,
|
||||
headers: headers
|
||||
};
|
||||
var httpModel;
|
||||
if( sslEnabled ) {
|
||||
httpModel= https;
|
||||
} else {
|
||||
httpModel= http;
|
||||
}
|
||||
return httpModel.request(options);
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype._prepareParameters= function( url, oauth_token, oauth_token_secret, method, extra_params ) {
|
||||
var oauthParameters= {
|
||||
"oauth_timestamp": this._getTimestamp(),
|
||||
"oauth_nonce": this._getNonce(this._nonceSize),
|
||||
"oauth_version": this._version,
|
||||
"oauth_signature_method": this._signatureMethod,
|
||||
"oauth_consumer_key": this._consumerKey,
|
||||
"oauth_token": oauth_token
|
||||
};
|
||||
|
||||
var sig= this._getSignature( "GET", this._verifyCredentials, this._normaliseRequestParams(oauthParameters), oauth_token_secret);
|
||||
var orderedParameters= this._sortRequestParams( this._makeArrayOfArgumentsHash(oauthParameters) );
|
||||
orderedParameters[orderedParameters.length]= ["oauth_signature", sig];
|
||||
|
||||
return orderedParameters;
|
||||
}
|
||||
|
||||
// build the OAuth request authorization header
|
||||
exports.OAuthEcho.prototype._buildAuthorizationHeaders= function(orderedParameters) {
|
||||
var authHeader='OAuth realm="' + this._realm + '"';
|
||||
for( var i= 0 ; i < orderedParameters.length; i++) {
|
||||
// Whilst the all the parameters should be included within the signature, only the oauth_ arguments
|
||||
// should appear within the authorization header.
|
||||
if( this._isParameterNameAnOAuthParameter(orderedParameters[i][0]) ) {
|
||||
authHeader+= ", " + this._encodeData(orderedParameters[i][0])+"=\""+ this._encodeData(orderedParameters[i][1])+"\"";
|
||||
}
|
||||
}
|
||||
authHeader= authHeader.substring(0, authHeader.length-1);
|
||||
return authHeader;
|
||||
}
|
||||
|
||||
// Takes an object literal that represents the arguments, and returns an array
|
||||
// of argument/value pairs.
|
||||
exports.OAuthEcho.prototype._makeArrayOfArgumentsHash= function(argumentsHash) {
|
||||
var argument_pairs= [];
|
||||
for(var key in argumentsHash ) {
|
||||
var value= argumentsHash[key];
|
||||
if( Array.isArray(value) ) {
|
||||
for(var i=0;i<value.length;i++) {
|
||||
argument_pairs[argument_pairs.length]= [key, value[i]];
|
||||
}
|
||||
}
|
||||
else {
|
||||
argument_pairs[argument_pairs.length]= [key, value];
|
||||
}
|
||||
}
|
||||
return argument_pairs;
|
||||
}
|
||||
|
||||
// Sorts the encoded key value pairs by encoded name, then encoded value
|
||||
exports.OAuthEcho.prototype._sortRequestParams= function(argument_pairs) {
|
||||
// Sort by name, then value.
|
||||
argument_pairs.sort(function(a,b) {
|
||||
if ( a[0]== b[0] ) {
|
||||
return a[1] < b[1] ? -1 : 1;
|
||||
}
|
||||
else return a[0] < b[0] ? -1 : 1;
|
||||
});
|
||||
|
||||
return argument_pairs;
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype._normaliseRequestParams= function(arguments) {
|
||||
var argument_pairs= this._makeArrayOfArgumentsHash(arguments);
|
||||
// First encode them #3.4.1.3.2 .1
|
||||
for(var i=0;i<argument_pairs.length;i++) {
|
||||
argument_pairs[i][0]= this._encodeData( argument_pairs[i][0] );
|
||||
argument_pairs[i][1]= this._encodeData( argument_pairs[i][1] );
|
||||
}
|
||||
|
||||
// Then sort them #3.4.1.3.2 .2
|
||||
argument_pairs= this._sortRequestParams( argument_pairs );
|
||||
|
||||
// Then concatenate together #3.4.1.3.2 .3 & .4
|
||||
var args= "";
|
||||
for(var i=0;i<argument_pairs.length;i++) {
|
||||
args+= argument_pairs[i][0];
|
||||
args+= "="
|
||||
args+= argument_pairs[i][1];
|
||||
if( i < argument_pairs.length-1 ) args+= "&";
|
||||
}
|
||||
return args;
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype._createSignatureBase= function(method, url, parameters) {
|
||||
url= this._encodeData( this._normalizeUrl(url) );
|
||||
parameters= this._encodeData( parameters );
|
||||
return method.toUpperCase() + "&" + url + "&" + parameters;
|
||||
}
|
||||
|
||||
exports.OAuthEcho.prototype._createSignature= function(signatureBase, tokenSecret) {
|
||||
if( tokenSecret === undefined ) var tokenSecret= "";
|
||||
else tokenSecret= this._encodeData( tokenSecret );
|
||||
// consumerSecret is already encoded
|
||||
var key= this._consumerSecret + "&" + tokenSecret;
|
||||
|
||||
var hash= ""
|
||||
if( this._signatureMethod == "PLAINTEXT" ) {
|
||||
hash= this._encodeData(key);
|
||||
}
|
||||
else {
|
||||
if( crypto.Hmac ) {
|
||||
hash = crypto.createHmac("sha1", key).update(signatureBase).digest("base64");
|
||||
}
|
||||
else {
|
||||
hash= sha1.HMACSHA1(key, signatureBase);
|
||||
}
|
||||
}
|
||||
return hash;
|
||||
}
|
||||
exports.OAuthEcho.prototype.NONCE_CHARS= ['a','b','c','d','e','f','g','h','i','j','k','l','m','n',
|
||||
'o','p','q','r','s','t','u','v','w','x','y','z','A','B',
|
||||
'C','D','E','F','G','H','I','J','K','L','M','N','O','P',
|
||||
'Q','R','S','T','U','V','W','X','Y','Z','0','1','2','3',
|
||||
'4','5','6','7','8','9'];
|
||||
|
||||
exports.OAuthEcho.prototype._getNonce= function(nonceSize) {
|
||||
var result = [];
|
||||
var chars= this.NONCE_CHARS;
|
||||
var char_pos;
|
||||
var nonce_chars_length= chars.length;
|
||||
|
||||
for (var i = 0; i < nonceSize; i++) {
|
||||
char_pos= Math.floor(Math.random() * nonce_chars_length);
|
||||
result[i]= chars[char_pos];
|
||||
}
|
||||
return result.join('');
|
||||
}
|
Loading…
Reference in New Issue