Browse files

Adds RSA-SHA1 signature method

(thanks Sean)
  • Loading branch information...
1 parent 9fea0b5 commit b6ccb02125d889843eda743122f363c5af79a7de Jeffrey D. Van Alstine committed Apr 28, 2011
Showing with 5 additions and 1 deletion.
  1. +5 −1 lib/oauth.js
6 lib/oauth.js
@@ -18,7 +18,7 @@ exports.OAuth= function(requestUrl, accessUrl, consumerKey, consumerSecret, vers
this._authorize_callback= authorize_callback;
- if( signatureMethod != "PLAINTEXT" && signatureMethod != "HMAC-SHA1")
+ if( signatureMethod != "PLAINTEXT" && signatureMethod != "HMAC-SHA1" && signatureMethod != "RSA-SHA1" )
throw new Error("Un-supported signature method: " + signatureMethod )
this._signatureMethod= signatureMethod;
this._nonceSize= nonceSize || 32;
@@ -165,6 +165,10 @@ exports.OAuth.prototype._createSignature= function(signatureBase, tokenSecret) {
if( this._signatureMethod == "PLAINTEXT" ) {
hash= this._encodeData(key);
+ else if (this._signatureMethod == "RSA-SHA1") {
+ key = this._privateKey;
+ hash= crypto.createSign("RSA-SHA1").update(signatureBase).sign(key, 'base64');
+ }
else {
if( crypto.Hmac ) {
hash = crypto.createHmac("sha1", key).update(signatureBase).digest("base64");

5 comments on commit b6ccb02


Nice, thank you. Any chance of a test, if so I'll pull it straight in ?


I'll see what I can do when time permits.
For some reason the library I built over top of my hack started failing to sign its POST requests (and only its post requests) so I have to dig into that first.


Odd. Did you get to the bottom of this ?


Yes. It turned out that if you send it as a querystring instead of an object the string used for the signature doesn't get the POST params added to it like it should. If you use an object everything is fine.


Can we get this added in? Xero still has the same requirement in some places.

Please sign in to comment.