| 'use strict' |
| |
| var url = require('url') |
| , qs = require('qs') |
| , caseless = require('caseless') |
| , uuid = require('uuid') |
| , oauth = require('oauth-sign') |
| , crypto = require('crypto') |
| |
| |
| function OAuth (request) { |
| this.request = request |
| this.params = null |
| } |
| |
| OAuth.prototype.buildParams = function (_oauth, uri, method, query, form, qsLib) { |
| var oa = {} |
| for (var i in _oauth) { |
| oa['oauth_' + i] = _oauth[i] |
| } |
| if (!oa.oauth_version) { |
| oa.oauth_version = '1.0' |
| } |
| if (!oa.oauth_timestamp) { |
| oa.oauth_timestamp = Math.floor( Date.now() / 1000 ).toString() |
| } |
| if (!oa.oauth_nonce) { |
| oa.oauth_nonce = uuid().replace(/-/g, '') |
| } |
| if (!oa.oauth_signature_method) { |
| oa.oauth_signature_method = 'HMAC-SHA1' |
| } |
| |
| var consumer_secret_or_private_key = oa.oauth_consumer_secret || oa.oauth_private_key |
| delete oa.oauth_consumer_secret |
| delete oa.oauth_private_key |
| |
| var token_secret = oa.oauth_token_secret |
| delete oa.oauth_token_secret |
| |
| var realm = oa.oauth_realm |
| delete oa.oauth_realm |
| delete oa.oauth_transport_method |
| |
| var baseurl = uri.protocol + '//' + uri.host + uri.pathname |
| var params = qsLib.parse([].concat(query, form, qsLib.stringify(oa)).join('&')) |
| |
| oa.oauth_signature = oauth.sign( |
| oa.oauth_signature_method, |
| method, |
| baseurl, |
| params, |
| consumer_secret_or_private_key, |
| token_secret) |
| |
| if (realm) { |
| oa.realm = realm |
| } |
| |
| return oa |
| } |
| |
| OAuth.prototype.buildBodyHash = function(_oauth, body) { |
| if (['HMAC-SHA1', 'RSA-SHA1'].indexOf(_oauth.signature_method || 'HMAC-SHA1') < 0) { |
| this.request.emit('error', new Error('oauth: ' + _oauth.signature_method + |
| ' signature_method not supported with body_hash signing.')) |
| } |
| |
| var shasum = crypto.createHash('sha1') |
| shasum.update(body || '') |
| var sha1 = shasum.digest('hex') |
| |
| return new Buffer(sha1).toString('base64') |
| } |
| |
| OAuth.prototype.concatParams = function (oa, sep, wrap) { |
| wrap = wrap || '' |
| |
| var params = Object.keys(oa).filter(function (i) { |
| return i !== 'realm' && i !== 'oauth_signature' |
| }).sort() |
| |
| if (oa.realm) { |
| params.splice(0, 0, 'realm') |
| } |
| params.push('oauth_signature') |
| |
| return params.map(function (i) { |
| return i + '=' + wrap + oauth.rfc3986(oa[i]) + wrap |
| }).join(sep) |
| } |
| |
| OAuth.prototype.onRequest = function (_oauth) { |
| var self = this |
| self.params = _oauth |
| |
| var uri = self.request.uri || {} |
| , method = self.request.method || '' |
| , headers = caseless(self.request.headers) |
| , body = self.request.body || '' |
| , qsLib = self.request.qsLib || qs |
| |
| var form |
| , query |
| , contentType = headers.get('content-type') || '' |
| , formContentType = 'application/x-www-form-urlencoded' |
| , transport = _oauth.transport_method || 'header' |
| |
| if (contentType.slice(0, formContentType.length) === formContentType) { |
| contentType = formContentType |
| form = body |
| } |
| if (uri.query) { |
| query = uri.query |
| } |
| if (transport === 'body' && (method !== 'POST' || contentType !== formContentType)) { |
| self.request.emit('error', new Error('oauth: transport_method of body requires POST ' + |
| 'and content-type ' + formContentType)) |
| } |
| |
| if (!form && typeof _oauth.body_hash === 'boolean') { |
| _oauth.body_hash = self.buildBodyHash(_oauth, self.request.body.toString()) |
| } |
| |
| var oa = self.buildParams(_oauth, uri, method, query, form, qsLib) |
| |
| switch (transport) { |
| case 'header': |
| self.request.setHeader('Authorization', 'OAuth ' + self.concatParams(oa, ',', '"')) |
| break |
| |
| case 'query': |
| var href = self.request.uri.href += (query ? '&' : '?') + self.concatParams(oa, '&') |
| self.request.uri = url.parse(href) |
| self.request.path = self.request.uri.path |
| break |
| |
| case 'body': |
| self.request.body = (form ? form + '&' : '') + self.concatParams(oa, '&') |
| break |
| |
| default: |
| self.request.emit('error', new Error('oauth: transport_method invalid')) |
| } |
| } |
| |
| exports.OAuth = OAuth |