1 ! Copyright (C) 2010 Slava Pestov.
2 ! See https://factorcode.org/license.txt for BSD license.
3 USING: accessors assocs base64 calendar checksums.hmac
4 checksums.sha http http.client kernel make math math.parser
5 namespaces present random sequences sorting strings
6 urls.encoding urls.private ;
11 TUPLE: token key secret user-data ;
13 : <token> ( key secret -- token )
25 : new-token-params ( class -- params )
27 consumer-token get >>consumer-token
28 now timestamp>unix-time >integer >>timestamp
29 16 random-bytes bytes>hex-string >>nonce ; inline
31 : present-base-url ( url -- string )
35 [ path>> url-encode % ] tri
38 :: signature-base-string ( url request-method params -- string )
40 request-method % "&" %
41 url present-base-url url-encode-full % "&" %
42 params assoc>query url-encode-full %
43 url query>> [ assoc>query "&" prepend url-encode-full % ] when*
46 : hmac-key ( consumer-secret token-secret -- key )
47 [ url-encode-full ] [ "" or url-encode-full ] bi* "&" glue ;
49 : make-token-params ( params quot -- assoc )
51 "1.0" "oauth_version" ,,
52 "HMAC-SHA1" "oauth_signature_method" ,,
56 [ consumer-token>> key>> "oauth_consumer_key" ,, ]
57 [ timestamp>> "oauth_timestamp" ,, ]
58 [ nonce>> "oauth_nonce" ,, ]
63 ! Checksum all the params but only return the oauth_ params for
64 ! use in the auth header.
65 ! See https://github.com/factor/factor/issues/2487
66 :: sign-params ( url request-method consumer-token request-token params -- oauth-params )
67 params sort-keys :> params
68 url request-method params signature-base-string :> sbs
69 consumer-token secret>> request-token dup [ secret>> ] when
71 sbs key sha1 hmac-bytes >base64 >string :> signature
72 params { "oauth_signature" signature } prefix
73 [ "oauth_" head? ] filter-keys ;
75 : extract-user-data ( assoc -- assoc' )
77 { "oauth_token" "oauth_token_secret" } member? not
80 : parse-token ( response data -- token )
83 [ [ "oauth_token" ] dip at ]
84 [ [ "oauth_token_secret" ] dip at ]
87 [ <token> ] dip >>user-data ;
91 TUPLE: request-token-params < token-params
92 { callback-url initial: "oob" } ;
94 : <request-token-params> ( -- params )
95 request-token-params new-token-params ;
99 :: <token-request> ( url consumer-token request-token params -- request )
100 url "POST" consumer-token request-token params sign-params
104 : make-request-token-params ( params -- assoc )
105 [ callback-url>> "oauth_callback" ,, ] make-token-params ;
107 : <request-token-request> ( url params -- request )
108 [ consumer-token>> f ] [ make-request-token-params ] bi
113 : obtain-request-token ( url params -- token )
114 <request-token-request> http-request parse-token ;
116 TUPLE: access-token-params < token-params request-token verifier ;
118 : <access-token-params> ( -- params )
119 access-token-params new-token-params ;
123 : make-access-token-params ( params -- assoc )
125 [ request-token>> key>> "oauth_token" ,, ]
126 [ verifier>> "oauth_verifier" ,, ]
128 ] make-token-params ;
130 : <access-token-request> ( url params -- request )
133 [ make-access-token-params ] tri
138 : obtain-access-token ( url params -- token )
139 <access-token-request> http-request parse-token ;
143 TUPLE: oauth-request-params < token-params access-token ;
145 : <oauth-request-params> ( -- params )
146 oauth-request-params new-token-params
147 access-token get >>access-token ;
151 :: signed-oauth-request-params ( request params -- oauth-params )
154 params consumer-token>>
155 params access-token>>
158 access-token>> key>> "oauth_token" ,,
159 request post-data>> %%
163 : build-auth-string ( oauth-params -- string )
164 [ [ present url-encode-full ] bi@ "\"" "\"" surround "=" glue ] { } assoc>map
165 ", " join "OAuth realm=\"\", " prepend ;
169 : set-oauth ( request params -- request )
170 dupd signed-oauth-request-params build-auth-string
171 "Authorization" set-header ;