Permalink
Browse files

Better names for functions, less wishy-washy comments

  • Loading branch information...
1 parent 49742fe commit f9d1d0d967049829fe6dcbbc1d6cb87d912e3cd2 @decklin committed Jul 20, 2011
Showing with 39 additions and 42 deletions.
  1. +39 −42 curlicue
View
@@ -5,32 +5,16 @@
# Copyright © 2010 Decklin Foster <decklin@red-bean.com>
# Please see README for usage information and LICENSE for license.
-# General notes:
-#
# Because HTTP responses from the OAuth "dance" will be percent-encoded,
-# we will require that all external data supplied by the the user must
-# also be percent-encoded. Then we just treat everything as opaque,
-# encoded strings. Annoying, perhaps, but we can retain some measure of
-# sanity.
-
-# There is no url_decode (see above).
+# and we want to round-trip this data, we require that credentials files
+# are also percent-encoded. Therefore, no decoding is done here. $1 is
+# the name of another function that processes each pair (as two args).
-url_encode() {
- string="$1"
- while [ "$string" ]; do
- case "$string" in
- [A-Za-z0-9._~-]*) printf '%c' "$string";;
- *) printf '%%%X' "'$string";;
- esac
- string="${string#?}"
- done
- echo
+load_cred_file() {
+ foreach_query_pair parse_cred "$(cat "$1" 2>/dev/null)"
}
-# This doesn't actually *decode* anything. Arguably it should. $1 is the
-# name of another function that processes each pair (as two args).
-
-parse_query_string() {
+foreach_query_pair() {
local IFS='&'
for i in $2; do
$1 "${i%%=*}" "${i#*=}"
@@ -41,7 +25,7 @@ parse_query_string() {
# variable. The ones that don't start with oauth_ are extensions from
# one provider or another.
-load_creds() {
+parse_cred() {
case "$1" in
oauth_consumer_key) oauth_consumer_key="$2";;
oauth_consumer_secret) oauth_consumer_secret="$2";;
@@ -53,26 +37,30 @@ load_creds() {
esac
}
-parse_creds_from_file() {
- parse_query_string load_creds "$(cat "$1" 2>/dev/null)"
-}
-
-echo_pair() {
- echo "$1=$2"
-}
-
-# This is bad; it leaks the secret on the command line. The right
-# thing would be to use -passin, but it doesn't seem to affect -hmac.
+# This is incredibly inefficient if printf is not a builtin. I'm not
+# sure if there's a good way to do it without passing the buck.
-hmac_sha1() {
- printf '%s' "$2" | openssl dgst -sha1 -hmac "$1" -binary | openssl base64
+url_encode() {
+ string="$1"
+ while [ "$string" ]; do
+ case "$string" in
+ [A-Za-z0-9._~-]*) printf '%c' "$string";;
+ *) printf '%%%X' "'$string";;
+ esac
+ string="${string#?}"
+ done
+ echo
}
quote_vals() {
sed 's/=\(.*\)/="\1"/'
}
-join() {
+echo_pair() {
+ echo "$1=$2"
+}
+
+join_params() {
paste -s -d '&' - | sed "s/&/$1/g"
}
@@ -89,21 +77,30 @@ mk_params() {
oauth_nonce="$(url_encode "$oauth_nonce")" \
oauth_consumer_key="$oauth_consumer_key" \
${oauth_token:+oauth_token="$oauth_token"} \
- $(parse_query_string echo_pair "$extra_params") \
- $(parse_query_string echo_pair "$1")
+ $(foreach_query_pair echo_pair "$extra_params") \
+ $(foreach_query_pair echo_pair "$1")
do
echo "$i"
done | sort
}
+# This is bad; it leaks the secret on the command line. The right thing
+# would be to use -passin, but it doesn't seem to affect -hmac.
+
+hmac_sha1() {
+ printf '%s' "$2" | openssl dgst -sha1 -hmac "$1" -binary | openssl base64
+}
+
+# Here's where we start.
+
method=GET
oauth_timestamp="$(date +%s)"
oauth_nonce="$(openssl rand -base64 12)"
while getopts 'e:f:p:vu:' OPTION; do
case $OPTION in
e) eval "echo \"$OPTARG\""; exit 0;;
- f) parse_creds_from_file "$OPTARG"; loaded=1;;
+ f) load_cred_file "$OPTARG"; loaded=1;;
p) extra_params="$OPTARG";;
u) echo "$(url_encode "$OPTARG")"; exit 0;;
v) verbose=1;;
@@ -131,7 +128,7 @@ done
if [ -z "$loaded" ]; then
cropped_url="${url#*://}"
host="${cropped_url%%/*}"
- parse_creds_from_file "$HOME/.curlicue/$host"
+ load_cred_file "$HOME/.curlicue/$host"
fi
if [ -z "$oauth_consumer_key" ]; then
@@ -141,12 +138,12 @@ fi
# This is where the magic happens.
-params="$(mk_params "$url_params" | join '&')"
+params="$(mk_params "$url_params" | join_params '&')"
base_string="$method&$(url_encode "$url")&$(url_encode "$params")"
signing_key="$oauth_consumer_secret&$oauth_token_secret"
oauth_signature="$(hmac_sha1 "$signing_key" "$base_string")"
sig_params="oauth_signature=$(url_encode "$oauth_signature")"
-auth_header="$(mk_params "$sig_params" | quote_vals | join ', ')"
+auth_header="$(mk_params "$sig_params" | quote_vals | join_params ', ')"
if [ "$verbose" ]; then
echo "Base string: $base_string" 1>&2

0 comments on commit f9d1d0d

Please sign in to comment.