/modules/mod_oauth/deps/erlang-oauth/src/oauth.erl

http://github.com/zotonic/zotonic · Erlang · 107 lines · 88 code · 19 blank · 0 comment · 0 complexity · f3307b19b501671e7f7f1eeacb6aac58 MD5 · raw file

  1. -module(oauth).
  2. -export(
  3. [ get/5
  4. , header/1
  5. , post/5
  6. , signature/5
  7. , signature_base_string/3
  8. , signed_params/6
  9. , token/1
  10. , token_secret/1
  11. , uri/2
  12. , verify/6
  13. ]).
  14. get(URL, ExtraParams, Consumer, Token, TokenSecret) ->
  15. SignedParams = signed_params("GET", URL, ExtraParams, Consumer, Token, TokenSecret),
  16. oauth_http:get(uri(URL, SignedParams)).
  17. post(URL, ExtraParams, Consumer, Token, TokenSecret) ->
  18. SignedParams = signed_params("POST", URL, ExtraParams, Consumer, Token, TokenSecret),
  19. oauth_http:post(URL, oauth_uri:params_to_string(SignedParams)).
  20. uri(Base, []) ->
  21. Base;
  22. uri(Base, Params) ->
  23. lists:concat([Base, "?", oauth_uri:params_to_string(Params)]).
  24. header(Params) ->
  25. {"Authorization", "OAuth " ++ oauth_uri:params_to_header_string(Params)}.
  26. token(Params) ->
  27. proplists:get_value("oauth_token", Params).
  28. token_secret(Params) ->
  29. proplists:get_value("oauth_token_secret", Params).
  30. verify(Signature, HttpMethod, URL, Params, Consumer, TokenSecret) ->
  31. case signature_method(Consumer) of
  32. plaintext ->
  33. oauth_plaintext:verify(Signature, consumer_secret(Consumer), TokenSecret);
  34. hmac_sha1 ->
  35. BaseString = signature_base_string(HttpMethod, URL, Params),
  36. oauth_hmac_sha1:verify(Signature, BaseString, consumer_secret(Consumer), TokenSecret);
  37. rsa_sha1 ->
  38. BaseString = signature_base_string(HttpMethod, URL, Params),
  39. oauth_rsa_sha1:verify(Signature, BaseString, consumer_secret(Consumer))
  40. end.
  41. signed_params(HttpMethod, URL, ExtraParams, Consumer, Token, TokenSecret) ->
  42. Params = token_param(Token, params(Consumer, ExtraParams)),
  43. [{"oauth_signature", signature(HttpMethod, URL, Params, Consumer, TokenSecret)}|Params].
  44. signature(HttpMethod, URL, Params, Consumer, TokenSecret) ->
  45. case signature_method(Consumer) of
  46. plaintext ->
  47. oauth_plaintext:signature(consumer_secret(Consumer), TokenSecret);
  48. hmac_sha1 ->
  49. BaseString = signature_base_string(HttpMethod, URL, Params),
  50. oauth_hmac_sha1:signature(BaseString, consumer_secret(Consumer), TokenSecret);
  51. rsa_sha1 ->
  52. BaseString = signature_base_string(HttpMethod, URL, Params),
  53. oauth_rsa_sha1:signature(BaseString, consumer_secret(Consumer))
  54. end.
  55. signature_base_string(HttpMethod, URL, Params) ->
  56. NormalizedURL = oauth_uri:normalize(URL),
  57. NormalizedParams = oauth_uri:params_to_string(lists:sort(Params)),
  58. oauth_uri:calate("&", [HttpMethod, NormalizedURL, NormalizedParams]).
  59. token_param("", Params) ->
  60. Params;
  61. token_param(Token, Params) ->
  62. [{"oauth_token", Token}|Params].
  63. params(Consumer, Params) ->
  64. Nonce = base64:encode_to_string(crypto:rand_bytes(32)), % cf. ruby-oauth
  65. params(Consumer, oauth_unix:timestamp(), Nonce, Params).
  66. params(Consumer, Timestamp, Nonce, Params) ->
  67. [ {"oauth_version", "1.0"}
  68. , {"oauth_nonce", Nonce}
  69. , {"oauth_timestamp", integer_to_list(Timestamp)}
  70. , {"oauth_signature_method", signature_method_string(Consumer)}
  71. , {"oauth_consumer_key", consumer_key(Consumer)}
  72. | Params
  73. ].
  74. signature_method_string(Consumer) ->
  75. case signature_method(Consumer) of
  76. plaintext ->
  77. "PLAINTEXT";
  78. hmac_sha1 ->
  79. "HMAC-SHA1";
  80. rsa_sha1 ->
  81. "RSA-SHA1"
  82. end.
  83. signature_method(_Consumer={_, _, Method}) ->
  84. Method.
  85. consumer_secret(_Consumer={_, Secret, _}) ->
  86. Secret.
  87. consumer_key(_Consumer={Key, _, _}) ->
  88. Key.