1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
-module(oauth).
-export(
[ get/5
, header/1
, post/5
, signature/5
, signature_base_string/3
, signed_params/6
, token/1
, token_secret/1
, uri/2
, verify/6
]).
get(URL, ExtraParams, Consumer, Token, TokenSecret) ->
SignedParams = signed_params("GET", URL, ExtraParams, Consumer, Token, TokenSecret),
oauth_http:get(uri(URL, SignedParams)).
post(URL, ExtraParams, Consumer, Token, TokenSecret) ->
SignedParams = signed_params("POST", URL, ExtraParams, Consumer, Token, TokenSecret),
oauth_http:post(URL, oauth_uri:params_to_string(SignedParams)).
uri(Base, []) ->
Base;
uri(Base, Params) ->
lists:concat([Base, "?", oauth_uri:params_to_string(Params)]).
header(Params) ->
{"Authorization", "OAuth " ++ oauth_uri:params_to_header_string(Params)}.
token(Params) ->
proplists:get_value("oauth_token", Params).
token_secret(Params) ->
proplists:get_value("oauth_token_secret", Params).
verify(Signature, HttpMethod, URL, Params, Consumer, TokenSecret) ->
case signature_method(Consumer) of
plaintext ->
oauth_plaintext:verify(Signature, consumer_secret(Consumer), TokenSecret);
hmac_sha1 ->
BaseString = signature_base_string(HttpMethod, URL, Params),
oauth_hmac_sha1:verify(Signature, BaseString, consumer_secret(Consumer), TokenSecret);
rsa_sha1 ->
BaseString = signature_base_string(HttpMethod, URL, Params),
oauth_rsa_sha1:verify(Signature, BaseString, consumer_secret(Consumer))
end.
signed_params(HttpMethod, URL, ExtraParams, Consumer, Token, TokenSecret) ->
Params = token_param(Token, params(Consumer, ExtraParams)),
[{"oauth_signature", signature(HttpMethod, URL, Params, Consumer, TokenSecret)}|Params].
signature(HttpMethod, URL, Params, Consumer, TokenSecret) ->
case signature_method(Consumer) of
plaintext ->
oauth_plaintext:signature(consumer_secret(Consumer), TokenSecret);
hmac_sha1 ->
BaseString = signature_base_string(HttpMethod, URL, Params),
oauth_hmac_sha1:signature(BaseString, consumer_secret(Consumer), TokenSecret);
rsa_sha1 ->
BaseString = signature_base_string(HttpMethod, URL, Params),
oauth_rsa_sha1:signature(BaseString, consumer_secret(Consumer))
end.
signature_base_string(HttpMethod, URL, Params) ->
NormalizedURL = oauth_uri:normalize(URL),
NormalizedParams = oauth_uri:params_to_string(lists:sort(Params)),
oauth_uri:calate("&", [HttpMethod, NormalizedURL, NormalizedParams]).
token_param("", Params) ->
Params;
token_param(Token, Params) ->
[{"oauth_token", Token}|Params].
params(Consumer, Params) ->
Nonce = base64:encode_to_string(crypto:rand_bytes(32)), % cf. ruby-oauth
params(Consumer, oauth_unix:timestamp(), Nonce, Params).
params(Consumer, Timestamp, Nonce, Params) ->
[ {"oauth_version", "1.0"}
, {"oauth_nonce", Nonce}
, {"oauth_timestamp", integer_to_list(Timestamp)}
, {"oauth_signature_method", signature_method_string(Consumer)}
, {"oauth_consumer_key", consumer_key(Consumer)}
| Params
].
signature_method_string(Consumer) ->
case signature_method(Consumer) of
plaintext ->
"PLAINTEXT";
hmac_sha1 ->
"HMAC-SHA1";
rsa_sha1 ->
"RSA-SHA1"
end.
signature_method(_Consumer={_, _, Method}) ->
Method.
consumer_secret(_Consumer={_, Secret, _}) ->
Secret.
consumer_key(_Consumer={Key, _, _}) ->
Key.
|