node-oauth-1.0a-ts
Version:
OAuth 1.0a Request Authorization for Node and Browser.
292 lines (291 loc) • 10.3 kB
TypeScript
import { SignerType } from "./signer";
/**
* OAuth 1.0a signature generator
*
* @example <caption>Setup</caption>
* let OAuth = require('node-oauth-1.0a');
* let request = require('request');
*
* let oauth = new OAuth({
* consumer: {
* public: '<consumer key>',
* secret: '<consumer secret>',
* }
* });
* let request_data = {
* url: 'https://api.twitter.com/1/statuses/update.json?include_entities=true',
* method: 'POST',
* data: {
* status: 'Hello Ladies + Gentlemen, a signed OAuth request!'
* }
* };
* let token = {
* public: '370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb',
* secret: 'LswwdoUaIvS8ltyTt5jkRh4J50vUPVVHtR2YPi5kE'
* };
*
* @example <caption>Sending in POST body with request library</caption>
* let formData = Object.assign(
* {},
* request_data.data,
* oauth.authorize(request_data, token)
* );
* request({
* url: request_data.url,
* method: request_data.method,
* form: oauth.buildQueryString(formData)
* }, function(error, response, body) {
* // Process data
* });
*
* @example <caption>Sending in Authorization header with request library</caption>
* request({
* url: request_data.url,
* method: request_data.method,
* form: oauth.buildQueryString(request_data.data),
* headers: {
* Authorization: oauth.getHeader(request_data, token)
* }
* }, function(error, response, body) {
* // Process data
* });
*
*/
export declare class OAuth {
private _opts;
private _signer;
/**
* @param {Object} opts
* @param {Object} opts.consumer Consumer token (required)
* @param {string} opts.consumer.public Consumer key (public key)
* @param {string} opts.consumer.private Consumer secret
* @param {number} [opts.nonce_length=32] Length of nonce (oauth_nonce)
* @param {string} [opts.signature_method="HMAC-SHA1"] Signing algorithm
* Supported algorithms:
* - `HMAC-SHA1`
* - `PLAINTEXT`
* - `HMAC-SHA256`
*
* Note that `HMAC-256` is non-standard.
* @param {string} [opts.version=1.0] OAuth version (oauth_version)
* @param {boolean} [opts.last_ampersand=true] Whether to append trailing
* ampersand to signing key
*/
constructor(opts?: Partial<OAuthOpts>);
/**
* Sign a string with key
* @private
* @param {string} str String to sign
* @param {string} key HMAC key
* @return {string} Signed string in base64 format
*/
_sign(str: string, key: string): any;
/**
* Retrieve a signing algorithm by algorithm name
* @private
* @param {SignerType} type Algorithm name
* @throws {Error} Algorithm is not supported
* @return {Function} Algorithm implementation
*/
_getSigner(type: SignerType): Function;
/**
* Create OAuth signing data for attaching to request body
* @param {Object} request
* @param {string} request.method HTTP Method name (eg. `GET`, `POST`, `PUT`)
* @param {string} request.url URL
* @param {Object} request.data Post data as a key, value map
*
* @param {Object} [token={}] User token
* @param {string} [token.key] Token public key
* @param {string} [token.secret] Token secret key
*
* @return {Object} OAuth signing data. You probably want to put this in your POST body
*
* @example
* let request = {
* method: 'POST',
* url: 'https://api.twitter.com/1.1/statuses/update.json',
* data: {
* status: 'Hello, world!'
* }
* };
* let token = {
* public: '<user token>',
* private: '<user token secret>'
* };
* let oauth_data = oauth.authorize(request, token);
* console.log(oauth_data);
*
* @example <caption>Example response</caption>
* {
* "oauth_consumer_key": "xvz1evFS4wEEPTGEFPHBog",
* "oauth_nonce": "kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
* "oauth_signature_method": "HMAC-SHA1",
* "oauth_timestamp": 1318622958,
* "oauth_version": "1.0",
* "oauth_token": "370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
* "oauth_signature": "tnnArxj06cWHq44gCs1OSKk/jLY="
* }
*/
authorize(request: RequestOpts, token?: Token): OAuthData;
/**
* Create OAuth Authorization header
* @param {Object} request
* @param {string} request.method HTTP Method name (eg. `GET`, `POST`, `PUT`)
* @param {string} request.url URL
* @param {Object} request.data Post data as a key, value map
*
* @param {Object} [token={}] User token
* @param {string} [token.key] Token public key
* @param {string} [token.secret] Token secret key
*
* @return {string} Authorization header value
*/
getHeader(request: RequestOpts, token: Token): string;
/**
* Format OAuth signing data for sending via HTTP Header
* @param {Object} oauth_data OAuth signing data as returned from
* {@link OAuth#authorize}
* @return {Object} Headers required to sign the request
* @deprecated This method is preserved for backward compatibility with
* oauth-1.0a. New implementors should use {@link OAuth#getHeader} instead.
*/
toHeader(oauth_data: OAuthData): {
Authorization: string;
};
/**
* Create oauth_signature from request. Usually you probably want to use
* {@link OAuth#authorize} instead.
* @param {Object} request
* @param {string} request.method HTTP Method name (eg. `GET`, `POST`, `PUT`)
* @param {string} request.url URL
* @param {Object} request.data Post data as a key, value map
*
* @param {string} token signing token
*
* @param {Object} oauth_data
* @param {string} oauth_data.oauth_consumer_key Consumer key
* @param {string} oauth_data.oauth_nonce Nonce string
* @param {string} oauth_data.oauth_signature_method Signing algorithm name
* (only for building signing string, the actual signing algorithm is set by
* class {@link OAuth#constructor} arguments)
* @param {number} oauth_data.oauth_timestamp Current time in seconds
* @param {string} oauth_data.oauth_version OAuth version (should be 1.0)
*
* @return {string} Value of oauth_signature field
*/
getSignature(request: RequestOpts, token: string | undefined, oauth_data: OAuthData): any;
/**
* Create new OAuth data
* @private
* @param {Object} [token] User token
* @param {string} token.public Token public key
* @param {string|undefined} bodyToHash the body of the rquest (after decompression) as a string
* @return {Object} OAuth data without oauth_signature
*
* @example <caption>Example response</caption>
* {
* "oauth_consumer_key": "xvz1evFS4wEEPTGEFPHBog",
* "oauth_nonce": "kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
* "oauth_signature_method": "HMAC-SHA1",
* "oauth_timestamp": 1318622958,
* "oauth_version": "1.0",
* "oauth_token": "370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
* }
*/
_getOAuthData(token: Token, bodyToHash?: string): OAuthData;
/**
* Get the body hash for the request according to
* [OAuth Request Body Hash]{@link http://web.archive.org/web/20160413130001/https://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html} // tslint:disable-line
* @param {Object} [token] User token
* @param {string} token.secret Token secret key
* @param {string} bodyToHash the body of the rquest (after decompression) as a string
* @return {string} the hash of the body, using the same algorithm as for signing the request
*/
_getBodyHash(bodyToHash: string): string;
/**
* Build authorization string to sign.
*
* An authorization string composes of HTTP method name, base URL and
* parameters (both request parameters and OAuth data)
* @private
* @param {Object} request Request object
* @param {Object} oauth_data OAuth parameters
* @return {string} Authorization string
*/
_getBaseString(request: RequestOpts, oauth_data: any): string;
/**
* Build a query string similar to {@link querystring.encode}, but
* escape things correctly per OAuth spec
*
* @param {Object} data Object to encode as query string
* @return {string} Query string object
*/
buildQueryString(data: any): string;
/**
* Build signing key.
*
* A signing key composes of consumer secret and,
* optionally, user token secret.
*
* This method will append trailing ampersand when `token_secret` is unset
* if `last_ampersand` constructor option is set.
*
* @private
* @param {string} [token_secret] User token secret
* @return {string} Signing Key
*/
_getSigningKey(token_secret?: string): string;
/**
* Create nonce.
*
* Nonce is a random string to prevent replaying of requests.
*
* Default nonce length is 32 characters, and can be specified by
* `nonce_length` constructor option.
*
* @private
* @return {string} Nonce string
*/
_getNonce(): string;
/**
* Create timestamp from current time
* @private
* @return {number} Current time in seconds
*/
_getTimeStamp(): number;
}
export default OAuth;
export interface OAuthOpts {
consumer: OAuthConsumer;
nonce_length: number;
signature_method: SignerType;
version: string;
last_ampersand: boolean;
parameter_separator: string;
}
export interface OAuthConsumer {
public: string;
secret: string;
}
export interface RequestOpts {
method: string;
url: string;
includeBodyHash?: boolean;
data?: any;
}
export interface OAuthData {
oauth_consumer_key: string;
oauth_nonce: string;
oauth_signature_method: SignerType;
oauth_timestamp: number;
oauth_version: string;
oauth_signature?: string;
oauth_token?: string;
oauth_body_hash?: string;
}
export interface Token {
key?: string;
public?: string;
secret?: string;
}