Skip to content
This repository has been archived by the owner. It is now read-only.
Permalink
Browse files
Add functions for generating an Authorization header.
  • Loading branch information
Tim Fletcher committed May 16, 2008
1 parent edfc243 commit e21e7abb9d04321dab12d4d2f6ee06ca8efa95f3
Show file tree
Hide file tree
Showing 3 changed files with 39 additions and 8 deletions.
@@ -54,6 +54,11 @@ Calling oauth:get or oauth:post returns an HTTP response tuple, as returned
from http:request/4. Type "make termie", or look at oauth_test:termie/0 for
a working example. Thanks Andy!

Alternatively, you can use oauth_request:header/6 to generate an HTTP
Authorization header, as described by http://oauth.net/core/1.0/#auth_header.
This isn't (currently) integrated into oauth:get and oauth:post, so you would
need to use http:request/4 directly in this case.


Who can I contact if I have another question?
---------------------------------------------
@@ -1,27 +1,34 @@
-module(oauth_request).

-export([url/5]).
-export([header/6]).

% for testing:
-export([plaintext_signature/2]).
-export([hmac_sha1_signature/3]).
-export([hmac_sha1_base_string/3]).
-export([hmac_sha1_normalize/1]).
-export([params_to_header_string/1]).

-import(fmt, [sprintf/2, percent_encode/1]).
-import(lists, [map/2]).
-import(oauth_util, [implode/2]).


url(Method, URL, ExtraParams, Consumer, []) ->
Params = oauth_params(Consumer, ExtraParams),
signed_url(Method, URL, Params, Consumer, _TokenSecret="");
url(Method, URL, ExtraParams, Consumer, Tokens) ->
Token = proplists:lookup(oauth_token, Tokens),
TokenSecret = proplists:get_value(oauth_token_secret, Tokens),
Params = [Token|oauth_params(Consumer, ExtraParams)],
{Params, TokenSecret} = oauth_params(Tokens, Consumer, ExtraParams),
signed_url(Method, URL, Params, Consumer, TokenSecret).

header(Realm, Method, URL, ExtraParams, Consumer, Tokens) ->
{Params, TokenSecret} = oauth_params(Tokens, Consumer, ExtraParams),
signed_header(Realm, Method, URL, Params, Consumer, TokenSecret).

oauth_params([], Consumer, ExtraParams) ->
{"", oauth_params(Consumer, ExtraParams)};
oauth_params(Tokens, Consumer, ExtraParams) ->
Params = [proplists:lookup(oauth_token, Tokens)|oauth_params(Consumer, ExtraParams)],
{proplists:get_value(oauth_token_secret, Tokens), Params}.

oauth_params(Consumer, ExtraParams) ->
proplists_merge([
{oauth_consumer_key, oauth_consumer:key(Consumer)},
@@ -42,8 +49,15 @@ proplists_merge(A, B) ->
lists:foldl(fun proplists_merge/2, A, B).

signed_url(Method, URL, Params, Consumer, TokenSecret) ->
Signature = signature(Method, URL, Params, Consumer, TokenSecret),
sprintf("%s?%s", [URL, params_to_string([{oauth_signature, Signature}|Params])]).
SignedParams = signed_params(Method, URL, Params, Consumer, TokenSecret),
sprintf("%s?%s", [URL, params_to_string(SignedParams)]).

signed_header(Realm, Method, URL, Params, Consumer, TokenSecret) ->
SignedParams = signed_params(Method, URL, Params, Consumer, TokenSecret),
sprintf("Authorization: OAuth realm=\"%s\", %s", [Realm, params_to_header_string(SignedParams)]).

signed_params(Method, URL, Params, Consumer, TokenSecret) ->
[{oauth_signature, signature(Method, URL, Params, Consumer, TokenSecret)}|Params].

signature(Method, URL, Params, Consumer, TokenSecret) ->
ConsumerSecret = oauth_consumer:secret(Consumer),
@@ -79,3 +93,9 @@ params_to_string(Params) ->

param_to_string({K,V}) ->
sprintf("%s=%s", [percent_encode(K), percent_encode(V)]).

params_to_header_string(Params) ->
implode($,, map(fun param_to_header_string/1, Params)).

param_to_header_string({K,V}) ->
sprintf("%s=\"%s\"", [percent_encode(K), percent_encode(V)]).
@@ -9,6 +9,7 @@ all() ->
apply(?MODULE, F, [])
end, [
params_from_string,
params_to_header_string,
plaintext_signature,
hmac_sha1_normalize,
hmac_sha1_base_string,
@@ -21,6 +22,11 @@ params_from_string() ->
should_be_equal([{oauth_token, "ab3cd9j4ks73hf7g"}, {oauth_token_secret, "xyz4992k83j47x0b"}],
oauth:params_from_string("oauth_token=ab3cd9j4ks73hf7g&oauth_token_secret=xyz4992k83j47x0b")).

params_to_header_string() ->
% cf. http://oauth.net/core/1.0/#auth_header_authorization (5.4.1)
"oauth_consumer_key=\"0685bd9184jfhq22\",oauth_token=\"ad180jjd733klru7\"" =:=
oauth_request:params_to_header_string([{oauth_consumer_key, "0685bd9184jfhq22"}, {oauth_token, "ad180jjd733klru7"}]).

plaintext_signature() ->
% cf. http://oauth.net/core/1.0/#rfc.section.9.4.1
ConsumerSecret="djr9rjt0jd78jf88",

0 comments on commit e21e7ab

Please sign in to comment.