Module: OmniContacts::Authorization::OAuth1
- Includes:
- HTTPUtils
- Included in:
- Middleware::OAuth1
- Defined in:
- lib/omnicontacts/authorization/oauth1.rb
Constant Summary collapse
- OAUTH_VERSION =
"1.0"
Constants included from HTTPUtils
Instance Method Summary collapse
-
#authorization_url(auth_token) ⇒ Object
Returns the url the user has to be redirected to do in order grant permission to the client application.
-
#fetch_access_token(auth_token, auth_token_secret, auth_verifier, additional_fields_to_extract = []) ⇒ Object
Fetches the access token from the authorization server.
-
#fetch_authorization_token ⇒ Object
Obtain an authorization token from the server.
-
#oauth_signature(method, url, params, secret) ⇒ Object
Calculates a signature using HMAC-SHA1 according to the OAuth 1.0 specifications.
Methods included from HTTPUtils
encode, host_url_from_rack_env, query_string_to_map, scheme, to_query_string
Instance Method Details
#authorization_url(auth_token) ⇒ Object
Returns the url the user has to be redirected to do in order grant permission to the client application.
65 66 67 |
# File 'lib/omnicontacts/authorization/oauth1.rb', line 65 def auth_token "https://" + auth_host + auth_path + "?oauth_token=" + auth_token end |
#fetch_access_token(auth_token, auth_token_secret, auth_verifier, additional_fields_to_extract = []) ⇒ Object
Fetches the access token from the authorization server. The method expects the authorization token, the authorization token secret and the authorization verifier. The result comprises the access token, the access token secret and a list of additional fields extracted from the server’s response. The list of additional fields to extract is specified as last parameter
73 74 75 76 |
# File 'lib/omnicontacts/authorization/oauth1.rb', line 73 def fetch_access_token auth_token, auth_token_secret, auth_verifier, additional_fields_to_extract = [] access_token_resp = https_post(auth_host, access_token_path, access_token_req_params(auth_token, auth_token_secret, auth_verifier)) values_from_query_string(access_token_resp, (["oauth_token", "oauth_token_secret"] + additional_fields_to_extract)) end |
#fetch_authorization_token ⇒ Object
Obtain an authorization token from the server. The token is returned in an array along with the relative authorization token secret.
24 25 26 27 |
# File 'lib/omnicontacts/authorization/oauth1.rb', line 24 def request_token_response = https_post(auth_host, auth_token_path, request_token_req_params) values_from_query_string(request_token_response, ["oauth_token", "oauth_token_secret"]) end |
#oauth_signature(method, url, params, secret) ⇒ Object
Calculates a signature using HMAC-SHA1 according to the OAuth 1.0 specifications.
The base string is given is a RFC 3986 encoded concatenation of:
-
Uppercase HTTP method
-
An ‘&’
-
A url without any parameters
-
An ‘&’
-
All parameters to use in the request encoded themselves and sorted by key.
The signature key is given by the concatenation of:
-
RFC 3986 encoded consumer secret
-
An ‘&’
-
RFC 3986 encoded token secret
108 109 110 111 112 113 114 115 116 117 118 |
# File 'lib/omnicontacts/authorization/oauth1.rb', line 108 def oauth_signature method, url, params, secret encoded_method = encode(method.upcase) encoded_url = encode(url) # params must be in alphabetical order encoded_params = encode(to_query_string(params.sort)) base_string = encoded_method + '&' + encoded_url + '&' + encoded_params key = encode(consumer_secret) + '&' + secret hmac_sha1 = OpenSSL::HMAC.digest('sha1', key, base_string) # base64 encode results must be stripped encode(Base64.encode64(hmac_sha1).strip) end |