forked from request/oauth-sign
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
136 lines (116 loc) · 3.5 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
var crypto = require('crypto')
, qs = require('querystring')
;
function sha1 (key, body) {
return crypto.createHmac('sha1', key).update(body).digest('base64')
}
function rsa (key, body) {
return crypto.createSign("RSA-SHA1").update(body).sign(key, 'base64');
}
function rfc3986 (str) {
return encodeURIComponent(str)
.replace(/!/g,'%21')
.replace(/\*/g,'%2A')
.replace(/\(/g,'%28')
.replace(/\)/g,'%29')
.replace(/'/g,'%27')
;
}
// Maps object to bi-dimensional array
// Converts { foo: 'A', bar: [ 'b', 'B' ]} to
// [ ['foo', 'A'], ['bar', 'b'], ['bar', 'B'] ]
function map (obj) {
var key, val, arr = []
for (key in obj) {
val = obj[key]
if (Array.isArray(val))
for (var i = 0; i < val.length; i++)
arr.push([key, val[i]])
else if (typeof val === "object")
for (var prop in val)
arr.push([key + '[' + prop + ']', val[prop]]);
else
arr.push([key, val])
}
return arr
}
// Compare function for sort
function compare (a, b) {
return a > b ? 1 : a < b ? -1 : 0
}
function generateBase (httpMethod, base_uri, params) {
// adapted from https://dev.twitter.com/docs/auth/oauth and
// https://dev.twitter.com/docs/auth/creating-signature
// Parameter normalization
// http://tools.ietf.org/html/rfc5849#section-3.4.1.3.2
var normalized = map(params)
// 1. First, the name and value of each parameter are encoded
.map(function (p) {
return [ rfc3986(p[0]), rfc3986(p[1] || '') ]
})
// 2. The parameters are sorted by name, using ascending byte value
// ordering. If two or more parameters share the same name, they
// are sorted by their value.
.sort(function (a, b) {
return compare(a[0], b[0]) || compare(a[1], b[1])
})
// 3. The name of each parameter is concatenated to its corresponding
// value using an "=" character (ASCII code 61) as a separator, even
// if the value is empty.
.map(function (p) { return p.join('=') })
// 4. The sorted name/value pairs are concatenated together into a
// single string by using an "&" character (ASCII code 38) as
// separator.
.join('&')
var base = [
rfc3986(httpMethod ? httpMethod.toUpperCase() : 'GET'),
rfc3986(base_uri),
rfc3986(normalized)
].join('&')
return base
}
function hmacsign (httpMethod, base_uri, params, consumer_secret, token_secret) {
var base = generateBase(httpMethod, base_uri, params)
var key = [
consumer_secret || '',
token_secret || ''
].map(rfc3986).join('&')
return sha1(key, base)
}
function rsasign (httpMethod, base_uri, params, private_key, token_secret) {
var base = generateBase(httpMethod, base_uri, params)
var key = private_key || ''
return rsa(key, base)
}
function plaintext (consumer_secret, token_secret) {
var key = [
consumer_secret || '',
token_secret || ''
].map(rfc3986).join('&')
return key
}
function sign (signMethod, httpMethod, base_uri, params, consumer_secret, token_secret) {
var method
var skipArgs = 1
switch (signMethod) {
case 'RSA-SHA1':
method = rsasign
break
case 'HMAC-SHA1':
method = hmacsign
break
case 'PLAINTEXT':
method = plaintext
skipArgs = 4
break
default:
throw new Error("Signature method not supported: " + signMethod)
}
return method.apply(null, [].slice.call(arguments, skipArgs))
}
exports.hmacsign = hmacsign
exports.rsasign = rsasign
exports.plaintext = plaintext
exports.sign = sign
exports.rfc3986 = rfc3986
exports.generateBase = generateBase