Permalink
Browse files

Added `realm` to all calls if specified (not just echo)

* As per http://tools.ietf.org/html/rfc5849#section-3.5.1
* Some APIs require `realm` to be added to each call
  • Loading branch information...
1 parent a846c28 commit d36c3a86ca36d87c10d86204c7a183c75b2d849b @mhart committed Aug 31, 2012
Showing with 15 additions and 2 deletions.
  1. +3 −2 lib/oauth.js
  2. +12 −0 tests/oauth.js
View
@@ -6,7 +6,7 @@ var crypto= require('crypto'),
querystring= require('querystring'),
OAuthUtils= require('./_utils');
-exports.OAuth= function(requestUrl, accessUrl, consumerKey, consumerSecret, version, authorize_callback, signatureMethod, nonceSize, customHeaders) {
+exports.OAuth= function(requestUrl, accessUrl, consumerKey, consumerSecret, version, authorize_callback, signatureMethod, nonceSize, customHeaders, realm) {
this._isEcho = false;
this._requestUrl= requestUrl;
@@ -28,6 +28,7 @@ exports.OAuth= function(requestUrl, accessUrl, consumerKey, consumerSecret, vers
this._headers= customHeaders || {"Accept" : "*/*",
"Connection" : "close",
"User-Agent" : "Node authentication"}
+ this._realm= realm;
this._clientOptions= this._defaultClientOptions= {"requestTokenHttpMethod": "POST",
"accessTokenHttpMethod": "POST"};
this._oauthParameterSeperator = ",";
@@ -112,7 +113,7 @@ exports.OAuth.prototype._isParameterNameAnOAuthParameter= function(parameter) {
// build the OAuth request authorization header
exports.OAuth.prototype._buildAuthorizationHeaders= function(orderedParameters) {
var authHeader="OAuth ";
- if( this._isEcho ) {
+ if( this._realm ) {
authHeader += 'realm="' + this._realm + '",';
}
View
@@ -267,6 +267,18 @@ vows.describe('OAuth').addBatch({
Array.prototype.toString = _toString;
}
},
+ 'When building the OAuth Authorization header with a realm': {
+ topic: new OAuth(null, null, null, null, null, null, "HMAC-SHA1", null, null, 'http://foobar.com/'),
+ 'The realm should be prepended correctly' : function(oa) {
+ var parameters= [
+ ["oauth_timestamp", "1234567"],
+ ["oauth_nonce", "ABCDEF"],
+ ["oauth_version", "1.0"],
+ ["oauth_signature_method", "HMAC-SHA1"],
+ ["oauth_consumer_key", "asdasdnm2321b3"]];
+ assert.equal(oa._buildAuthorizationHeaders(parameters), 'OAuth realm="http://foobar.com/",oauth_timestamp="1234567",oauth_nonce="ABCDEF",oauth_version="1.0",oauth_signature_method="HMAC-SHA1",oauth_consumer_key="asdasdnm2321b3"');
+ }
+ },
'When performing the Secure Request' : {
topic: new OAuth("http://foo.com/RequestToken",
"http://foo.com/AccessToken",

0 comments on commit d36c3a8

Please sign in to comment.