Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Update to latest erlang-oauth usage; add RSA-SHA1 capability to oauth…

…_termie and oauth_mochiweb.
  • Loading branch information...
commit 9df9da8b1c5ed3f1169304fcb3b72ed7e694cd91 1 parent 6702b9e
Tim Fletcher tim authored
11 data/rsa_cert.pem
View
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBpjCCAQ+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAZMRcwFQYDVQQDDA5UZXN0
+IFByaW5jaXBhbDAeFw03MDAxMDEwODAwMDBaFw0zODEyMzEwODAwMDBaMBkxFzAV
+BgNVBAMMDlRlc3QgUHJpbmNpcGFsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQC0YjCwIfYoprq/FQO6lb3asXrxLlJFuCvtinTF5p0GxvQGu5O3gYytUvtC2JlY
+zypSRjVxwxrsuRcP3e641SdASwfrmzyvIgP08N4S0IFzEURkV1wp/IpH7kH41Etb
+mUmrXSwfNZsnQRE5SYSOhh+LcK2wyQkdgcMv11l4KoBkcwIDAQABMA0GCSqGSIb3
+DQEBBQUAA4GBAGZLPEuJ5SiJ2ryq+CmEGOXfvlTtEL2nuGtr9PewxkgnOjZpUy+d
+4TvuXJbNQc8f4AMWL/tO9w0Fk80rWKp9ea8/df4qMq5qlFWlx6yOLQxumNOmECKb
+WpkUQDIDJEoFUzKMVuJf4KO/FJ345+BNLGgbJ6WujreoM1X/gYfdnJ/J
+-----END CERTIFICATE-----
15 data/rsa_pkey.pem
View
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQC0YjCwIfYoprq/FQO6lb3asXrxLlJFuCvtinTF5p0GxvQGu5O3
+gYytUvtC2JlYzypSRjVxwxrsuRcP3e641SdASwfrmzyvIgP08N4S0IFzEURkV1wp
+/IpH7kH41EtbmUmrXSwfNZsnQRE5SYSOhh+LcK2wyQkdgcMv11l4KoBkcwIDAQAB
+AoGAWFlbZXlM2r5G6z48tE+RTKLvB1/btgAtq8vLw/5e3KnnbcDD6fZO07m4DRaP
+jRryrJdsp8qazmUdcY0O1oK4FQfpprknDjP+R1XHhbhkQ4WEwjmxPstZMUZaDWF5
+8d3otc23mCzwh3YcUWFu09KnMpzZsK59OfyjtkS44EDWpbECQQDXgN0ODboKsuEA
+VAhAtPUqspU9ivRa6yLai9kCnPb9GcztrsJZQm4NHcKVbmD2F2L4pDRx4Pmglhfl
+V7G/a6T7AkEA1kfU0+DkXc6I/jXHJ6pDLA5s7dBHzWgDsBzplSdkVQbKT3MbeYje
+ByOxzXhulOWLBQW/vxmW4HwU95KTRlj06QJASPoBYY3yb0cN/J94P/lHgJMDCNky
+UEuJ/PoYndLrrN/8zow8kh91xwlJ6HJ9cTiQMmTgwaOOxPuu0eI1df4M2wJBAJJS
+WrKUT1z/O+zbLDOZwGTFNPzvzRgmft4z4A1J6OlmyZ+XKpvDKloVtcRpCJoEZPn5
+AwaroquID4k/PfI7rIECQHeWa6+kPADv9IrK/92mujujS0MSEiynDw5NjTnHAH0v
+8TrXzs+LCWDN/gbOCKPfnWRkgwgOeC8NN3h0zUIIUtA=
+-----END RSA PRIVATE KEY-----
2  src/oauth_gcontacts.erl
View
@@ -17,7 +17,7 @@
consumer() ->
- {"weitu.googlepages.com", "x", {rsa_sha1, "data/oauth_gcontacts_pkey.pem"}}.
+ {"weitu.googlepages.com", "data/oauth_gcontacts_pkey.pem", rsa_sha1}.
get_request_token() ->
oauth_google_client:get_request_token(consumer(), "http://www.google.com/m8/feeds").
23 src/oauth_mochiweb_client.erl
View
@@ -10,16 +10,21 @@
echo() ->
- echo([{"bar", "baz"}, {"method", "foo"}]).
+ oauth_termie(echo, []).
echo(Params) ->
- echo(Params, consumer(hmac_sha1)).
-
-consumer(SigMethod) ->
- {"key", "secret", SigMethod}.
+ oauth_termie(echo, [Params]).
echo(Params, Consumer) ->
- put(oauth_termie_request_token_url, "http://0.0.0.0:8000/oauth/request_token"),
- put(oauth_termie_access_token_url, "http://0.0.0.0:8000/oauth/access_token"),
- put(oauth_termie_echo_url, "http://0.0.0.0:8000/echo"),
- oauth_termie:echo(Params, Consumer).
+ oauth_termie(echo, [Params, Consumer]).
+
+oauth_termie(F, Args) ->
+ case get(oauth_termie_request_token_url) of
+ undefined ->
+ put(oauth_termie_request_token_url, "http://0.0.0.0:8000/oauth/request_token"),
+ put(oauth_termie_access_token_url, "http://0.0.0.0:8000/oauth/access_token"),
+ put(oauth_termie_echo_url, "http://0.0.0.0:8000/echo"),
+ apply(oauth_termie, F, Args);
+ _ ->
+ apply(oauth_termie, F, Args)
+ end.
66 src/oauth_mochiweb_server.erl
View
@@ -46,10 +46,10 @@ serve_oauth_request_token(Request) ->
case Request:get(method) of
'GET' ->
serve_oauth(Request, fun(URL, Params, Consumer, Signature) ->
- case oauth_signature:value("GET", URL, Params, Consumer, "") of
- Signature ->
+ case oauth:verify(Signature, "GET", URL, Params, Consumer, "") of
+ true ->
ok(Request, <<"oauth_token=requestkey&oauth_token_secret=requestsecret">>);
- _ ->
+ false ->
bad(Request, "invalid signature value.")
end
end);
@@ -61,16 +61,16 @@ serve_oauth_access_token(Request) ->
case Request:get(method) of
'GET' ->
serve_oauth(Request, fun(URL, Params, Consumer, Signature) ->
- case get_value("oauth_token", Params) of
+ case oauth:token(Params) of
"requestkey" ->
- case oauth_signature:value("GET", URL, Params, Consumer, "requestsecret") of
- Signature ->
+ case oauth:verify(Signature, "GET", URL, Params, Consumer, "requestsecret") of
+ true ->
ok(Request, <<"oauth_token=accesskey&oauth_token_secret=accesssecret">>);
- _ ->
+ false ->
bad(Request, "invalid signature value.")
end;
_ ->
- bad(Request, "invalid oauth token")
+ bad(Request, "invalid oauth token.")
end
end);
_ ->
@@ -81,13 +81,13 @@ serve_echo(Request) ->
case Request:get(method) of
'GET' ->
serve_oauth(Request, fun(URL, Params, Consumer, Signature) ->
- case get_value("oauth_token", Params) of
+ case oauth:token(Params) of
"accesskey" ->
- case oauth_signature:value("GET", URL, Params, Consumer, "accesssecret") of
- Signature ->
+ case oauth:verify(Signature, "GET", URL, Params, Consumer, "accesssecret") of
+ true ->
EchoParams = lists:filter(fun({K, _}) -> not lists:prefix("oauth_", K) end, Params),
ok(Request, oauth_uri:params_to_string(EchoParams));
- _ ->
+ false ->
bad(Request, "invalid signature value.")
end;
_ ->
@@ -102,31 +102,28 @@ serve_oauth(Request, Fun) ->
Params = Request:parse_qs(),
case get_value("oauth_version", Params) of
"1.0" ->
- Key = get_value("oauth_consumer_key", Params),
- case fetch_consumer_secret(Key) of
- {just, ConsumerSecret} ->
- case signature_method(Params) of
- {just, SignatureMethod} ->
- Consumer = {Key, ConsumerSecret, SignatureMethod},
- Signature = proplists:get_value("oauth_signature", Params),
- URL = string:concat("http://0.0.0.0:8000", Request:get(path)),
- Fun(URL, proplists:delete("oauth_signature", Params), Consumer, Signature);
- nothing ->
- bad(Request, "invalid signature method.")
- end;
- nothing ->
- bad(Request, "invalid consumer key.")
+ ConsumerKey = get_value("oauth_consumer_key", Params),
+ SigMethod = get_value("oauth_signature_method", Params),
+ case consumer_lookup(ConsumerKey, SigMethod) of
+ none ->
+ bad(Request, "invalid consumer (key or signature method).");
+ Consumer ->
+ Signature = proplists:get_value("oauth_signature", Params),
+ URL = string:concat("http://0.0.0.0:8000", Request:get(path)),
+ Fun(URL, proplists:delete("oauth_signature", Params), Consumer, Signature)
end;
_ ->
bad(Request, "invalid oauth version.")
end.
-signature_method(Params) ->
- case proplists:get_value("oauth_signature_method", Params) of
- "PLAINTEXT" -> {just, plaintext};
- "HMAC-SHA1" -> {just, hmac_sha1};
- _ -> nothing
- end.
+consumer_lookup("key", "PLAINTEXT") ->
+ {"key", "secret", plaintext};
+consumer_lookup("key", "HMAC-SHA1") ->
+ {"key", "secret", hmac_sha1};
+consumer_lookup("key", "RSA-SHA1") ->
+ {"key", "data/rsa_cert.pem", rsa_sha1};
+consumer_lookup(_, _) ->
+ none.
ok(Request, Body) ->
Request:respond({200, [], Body}).
@@ -136,8 +133,3 @@ bad(Request, Reason) ->
method_not_allowed(Request) ->
Request:respond({405, [], <<>>}).
-
-fetch_consumer_secret("key") ->
- {just, "secret"};
-fetch_consumer_secret(_) ->
- nothing.
30 src/oauth_termie.erl
View
@@ -1,28 +1,29 @@
%%
%% This is an example client for the test server at http://term.ie/oauth/example/.
%%
-%% The echo/0 function calls the server with the default params, using the
-%% default (HMAC-SHA1) signature method. To call the server with different
-%% params, use echo/1. To call the server with a different signature method,
-%% use echo/2, together with consumer/1.
+%% Use echo/0 to call the server with the default params and the default
+%% signature method (HMAC-SHA1). Use echo/1 to specify *either* different
+%% params, *or* a different signature method. Use echo/2 if you want to
+%% specify *both* the params and the signature method.
%%
-module(oauth_termie).
-compile(export_all).
--export([echo/0, echo/1, consumer/1, echo/2]).
+-export([echo/0, echo/1, echo/2]).
echo() ->
- echo([{"bar", "baz"}, {"method", "foo"}]).
+ echo(hmac_sha1).
-echo(Params) ->
- echo(Params, consumer(hmac_sha1)).
-
-consumer(SigMethod) ->
- {"key", "secret", SigMethod}.
+echo(Params) when is_list(Params) ->
+ echo(Params, hmac_sha1);
+echo(SigMethod) when is_atom(SigMethod) ->
+ echo([{"bar", "baz"}, {"method", "foo"}], SigMethod).
+echo(Params, SigMethod) when is_atom(SigMethod) ->
+ echo(Params, {"key", consumer_secret(SigMethod), SigMethod});
echo(Params, Consumer) ->
oauth_client:get(url(oauth_termie_request_token_url), [], Consumer, "", "", fun(Response) ->
echo(Params, Consumer, oauth_http:response_params(Response))
@@ -38,6 +39,13 @@ echo(Params, Consumer, _, AParams) ->
{ok, lists:keysort(1, oauth_http:response_params(Response))}
end).
+consumer_secret(plaintext) ->
+ "secret";
+consumer_secret(hmac_sha1) ->
+ "secret";
+consumer_secret(rsa_sha1) ->
+ "data/rsa_pkey.pem".
+
default(oauth_termie_request_token_url) ->
"http://term.ie/oauth/example/request_token.php";
default(oauth_termie_access_token_url) ->
Please sign in to comment.
Something went wrong with that request. Please try again.