UNPKG

repellatquo

Version:

OAuth 1.0a Request Authorization for Node and Browser.

github.com/SheldonHintz/repellatquo

SheldonHintz/repellatquo

297 lines (251 loc) • 7.55 kB

JavaScript

if (typeof(module) !== 'undefined' && typeof(exports) !== 'undefined') { module.exports = OAuth; var CryptoJS = require("crypto-js"); } /** * Constructor * @param {Object} opts consumer key and secret */ function OAuth(opts) { if(!(this instanceof OAuth)) { return new OAuth(opts); } if(!opts) { opts = {}; } if(!opts.consumer) { throw new Error('consumer option is required'); } this.consumer = opts.consumer; this.signature_method = opts.signature_method || 'HMAC-SHA1'; this.nonce_length = opts.nonce_length || 32; this.version = opts.version || '1.0'; this.parameter_seperator = opts.parameter_seperator || ', '; if(typeof opts.last_ampersand === 'undefined') { this.last_ampersand = true; } else { this.last_ampersand = opts.last_ampersand; } switch (this.signature_method) { case 'HMAC-SHA1': this.hash = function(base_string, key) { return CryptoJS.HmacSHA1(base_string, key).toString(CryptoJS.enc.Base64); }; break; case 'PLAINTEXT': this.hash = function(base_string, key) { return key; }; break; case 'RSA-SHA1': throw new Error('oauth-1.0a does not support this signature method right now. Coming Soon...'); default: throw new Error('The OAuth 1.0a protocol defines three signature methods: HMAC-SHA1, RSA-SHA1, and PLAINTEXT only'); } } /** * OAuth request authorize * @param {Object} request data * { * method, * url, * data * } * @param {Object} public and secret token * @return {Object} OAuth Authorized data */ OAuth.prototype.authorize = function(request, token) { var oauth_data = { oauth_consumer_key: this.consumer.public, oauth_nonce: this.getNonce(), oauth_signature_method: this.signature_method, oauth_timestamp: this.getTimeStamp(), oauth_version: this.version }; if(!token) { token = {}; } if(token.public) { oauth_data.oauth_token = token.public; } if(!request.data) { request.data = {}; } oauth_data.oauth_signature = this.getSignature(request, token.secret, oauth_data); return oauth_data; }; /** * Create a OAuth Signature * @param {Object} request data * @param {Object} token_secret public and secret token * @param {Object} oauth_data OAuth data * @return {String} Signature */ OAuth.prototype.getSignature = function(request, token_secret, oauth_data) { return this.hash(this.getBaseString(request, oauth_data), this.getSigningKey(token_secret)); }; /** * Base String = Method + Base Url + ParameterString * @param {Object} request data * @param {Object} OAuth data * @return {String} Base String */ OAuth.prototype.getBaseString = function(request, oauth_data) { return request.method.toUpperCase() + '&' + this.percentEncode(this.getBaseUrl(request.url)) + '&' + this.percentEncode(this.getParameterString(request, oauth_data)); }; /** * Get data from url * -> merge with oauth data * -> percent encode key & value * -> sort * * @param {Object} request data * @param {Object} OAuth data * @return {Object} Parameter string data */ OAuth.prototype.getParameterString = function(request, oauth_data) { var base_string_data = this.sortObject(this.percentEncodeData(this.mergeObject(oauth_data, this.mergeObject(request.data, this.deParamUrl(request.url))))); var data_str = ''; //base_string_data to string for(var key in base_string_data) { data_str += key + '=' + base_string_data[key] + '&'; } //remove the last character data_str = data_str.substr(0, data_str.length - 1); return data_str; }; /** * Create a Signing Key * @param {String} token_secret Secret Token * @return {String} Signing Key */ OAuth.prototype.getSigningKey = function(token_secret) { token_secret = token_secret || ''; if(!this.last_ampersand && !token_secret) { return this.percentEncode(this.consumer.secret); } return this.percentEncode(this.consumer.secret) + '&' + this.percentEncode(token_secret); }; /** * Get base url * @param {String} url * @return {String} */ OAuth.prototype.getBaseUrl = function(url) { return url.split('?')[0]; }; /** * Get data from String * @param {String} string * @return {Object} */ OAuth.prototype.deParam = function(string) { var arr = decodeURIComponent(string).split('&'); var data = {}; for(var i = 0; i < arr.length; i++) { var item = arr[i].split('='); data[item[0]] = item[1]; } return data; }; /** * Get data from url * @param {String} url * @return {Object} */ OAuth.prototype.deParamUrl = function(url) { var tmp = url.split('?'); if (tmp.length === 1) return {}; return this.deParam(tmp[1]); }; /** * Percent Encode * @param {String} str * @return {String} percent encoded string */ OAuth.prototype.percentEncode = function(str) { return encodeURIComponent(str) .replace(/\!/g, "%21") .replace(/\*/g, "%2A") .replace(/\'/g, "%27") .replace(/\(/g, "%28") .replace(/\)/g, "%29"); }; /** * Percent Encode Object * @param {Object} data * @return {Object} percent encoded data */ OAuth.prototype.percentEncodeData = function(data) { var result = {}; for(var key in data) { result[this.percentEncode(key)] = this.percentEncode(data[key]); } return result; }; /** * Get OAuth data as Header * @param {Object} oauth_data * @return {String} Header data key - value */ OAuth.prototype.toHeader = function(oauth_data) { oauth_data = this.sortObject(oauth_data); var header_value = 'OAuth '; for(var key in oauth_data) { if (key.indexOf('oauth_') === -1) continue; header_value += this.percentEncode(key) + '="' + this.percentEncode(oauth_data[key]) + '"' + this.parameter_seperator; } return { Authorization: header_value.substr(0, header_value.length - this.parameter_seperator.length) //cut the last chars }; }; /** * Create a random word characters string with input length * @return {String} a random word characters string */ OAuth.prototype.getNonce = function() { var word_characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; var result = ''; for(var i = 0; i < this.nonce_length; i++) { result += word_characters[parseInt(Math.random() * word_characters.length, 10)]; } return result; }; /** * Get Current Unix TimeStamp * @return {Int} current unix timestamp */ OAuth.prototype.getTimeStamp = function() { return parseInt(new Date().getTime()/1000, 10); }; ////////////////////// HELPER FUNCTIONS ////////////////////// /** * Merge object * @param {Object} obj1 * @param {Object} obj2 * @return {Object} */ OAuth.prototype.mergeObject = function(obj1, obj2) { var merged_obj = obj1; for(var key in obj2) { merged_obj[key] = obj2[key]; } return merged_obj; }; /** * Sort object by key * @param {Object} data * @return {Object} sorted object */ OAuth.prototype.sortObject = function(data) { var keys = Object.keys(data); var result = {}; keys.sort(); for(var i = 0; i < keys.length; i++) { var key = keys[i]; result[key] = data[key]; } return result; };