Permalink
Browse files

Merge pull request #7 from tresbailey/master

Passes travis. Merging
  • Loading branch information...
2 parents cfaa49b + 8e85985 commit 26566c54b9005153122a0cfa26decbd0a0ed3304 @unscene committed Nov 8, 2012
Showing with 42 additions and 6 deletions.
  1. +3 −2 Readme.md
  2. +6 −4 lib/oauth.js
  3. +33 −0 test/test_realm_signature.js
View
@@ -33,7 +33,8 @@ Sending requests works very similar to the latest version of node's built-in htt
path: '/1/statuses/update.json',
oauth_signature: signer,
method: 'POST',
- body: body
+ body: body,
+ realm: 'my_realm'
}
request = oauth.request(request, function(response) { ... });
@@ -117,4 +118,4 @@ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
-SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
View
@@ -116,7 +116,7 @@ exports.request = function(options, callback) {
'content-type': 'application/x-www-form-urlencoded',
'host': options.host,
'accept': '*/*',
- 'www-authenticate': 'OAuth realm=' + (options.https ? 'https' : 'http') + '://' + options.host
+ 'www-authenticate': 'OAuth realm=' + (options.realm ? options.realm : ((options.https ? 'https' : 'http') + '://' + options.host))
};
if(!options.headers) {
@@ -128,7 +128,7 @@ exports.request = function(options, callback) {
var uri = exports.fillURL(options.path, options.host, options.port, options.https);
options.headers = signRequest(options.method, uri, options.headers,
- options.body, options.oauth_signature);
+ options.body, options.oauth_signature, options.realm);
var req;
if (options.https) {
@@ -144,11 +144,12 @@ exports.request = function(options, callback) {
return http.ClientRequest.prototype.write.call(this, chunk, 'utf-8');
};
-
+
+ req.end();
return req;
};
-function signRequest(method, path, headers, body, signature) {
+function signRequest(method, path, headers, body, signature, realm) {
var auth = {
'oauth_nonce': nonce(),
'oauth_timestamp': timestamp(),
@@ -194,6 +195,7 @@ function signRequest(method, path, headers, body, signature) {
var esc = querystring.escape;
querystring.escape = _encodeURI;
+ auth.realm = realm;
auth = querystring.stringify(exports.normalize(auth), '\",', '=\"');
querystring.escape = esc;
@@ -0,0 +1,33 @@
+var vows = require('vows'),
+ assert = require('assert'),
+ oauth = require('../lib/oauth'),
+ uuid = require('node-uuid');
+
+vows.describe('RealmSignatures') .addBatch({
+ 'In a valid request token flow': {
+ topic: function() {
+ var hmac = oauth.createHmac(consumer,token);
+ var consumer = oauth.createConsumer( 'sign_key', 'sign_secret' );
+ var token = null;
+ var signed = oauth.createHmac( consumer, token );
+ var method = 'post',
+ url = 'http://api.google.com/oauth',
+ realm = 'testable_realm',
+ params = {
+ oauth_signature_method:'HMAC-SHA1',
+ oauth_version:'1.0'
+ };
+ return oauth.signRequest(method, url, {}, {}, signed, realm);
+ },
+ 'Auth header should be set to ': function(topic) {
+
+ var oauth_pattern = /OAuth oauth_consumer_key\=\"sign_key\"\,oauth_nonce\=\"[A-F0-9]{8}-[A-F0-9]{4}-[A-F0-9]{4}-[A-F0-9]{4}-[A-F0-9]{12}\"\,oauth_signature_method\=\"HMAC-SHA1\"\,oauth_timestamp\=\"[0-9]{10}\"\,oauth_version\=\"1\.0\"\,realm\=\"testable_realm\"\,oauth_signature\=/g;
+
+ var matched = oauth_pattern.exec(topic.authorization);
+ if ( assert.isArray( matched ) ) {
+ return assert.isNotEmpty( matched );
+ }
+ return false;
+ }
+ }
+}).export(module);

0 comments on commit 26566c5

Please sign in to comment.