1 ! Copyright (C) 2010 Slava Pestov.
2 ! See http://factorcode.org/license.txt for BSD license.
3 USING: accessors assocs base64 calendar checksums.hmac
4 checksums.sha http http.client kernel make math math.parser
5 namespaces present random sequences sorting strings
6 urls.encoding urls.private ;
11 TUPLE: token key secret user-data ;
13 : <token> ( key secret -- token )
25 : new-token-params ( class -- params )
27 consumer-token get >>consumer-token
28 now timestamp>unix-time >integer >>timestamp
29 16 random-bytes bytes>hex-string >>nonce ; inline
31 : present-base-url ( url -- string )
35 [ path>> url-encode % ] tri
38 :: signature-base-string ( url request-method params -- string )
40 request-method % "&" %
41 url present-base-url url-encode-full % "&" %
42 params assoc>query url-encode-full %
43 url query>> [ assoc>query "&" prepend url-encode-full % ] when*
46 : hmac-key ( consumer-secret token-secret -- key )
47 [ url-encode-full ] [ "" or url-encode-full ] bi* "&" glue ;
49 : make-token-params ( params quot -- assoc )
51 "1.0" "oauth_version" ,,
52 "HMAC-SHA1" "oauth_signature_method" ,,
56 [ consumer-token>> key>> "oauth_consumer_key" ,, ]
57 [ timestamp>> "oauth_timestamp" ,, ]
58 [ nonce>> "oauth_nonce" ,, ]
63 ! Checksum all the params but only return the oauth_ params for use in the auth header.
64 ! See https://github.com/factor/factor/issues/2487
65 :: sign-params ( url request-method consumer-token request-token params -- oauth-params )
66 params sort-keys :> params
67 url request-method params signature-base-string :> sbs
68 consumer-token secret>> request-token dup [ secret>> ] when hmac-key :> key
69 sbs key sha1 hmac-bytes >base64 >string :> signature
70 params { "oauth_signature" signature } prefix
71 [ drop "oauth_" head? ] assoc-filter ;
73 : extract-user-data ( assoc -- assoc' )
76 { "oauth_token" "oauth_token_secret" } member? not
79 : parse-token ( response data -- token )
82 [ [ "oauth_token" ] dip at ]
83 [ [ "oauth_token_secret" ] dip at ]
86 [ <token> ] dip >>user-data ;
90 TUPLE: request-token-params < token-params
91 { callback-url initial: "oob" } ;
93 : <request-token-params> ( -- params )
94 request-token-params new-token-params ;
98 :: <token-request> ( url consumer-token request-token params -- request )
99 url "POST" consumer-token request-token params sign-params
103 : make-request-token-params ( params -- assoc )
104 [ callback-url>> "oauth_callback" ,, ] make-token-params ;
106 : <request-token-request> ( url params -- request )
107 [ consumer-token>> f ] [ make-request-token-params ] bi
112 : obtain-request-token ( url params -- token )
113 <request-token-request> http-request parse-token ;
115 TUPLE: access-token-params < token-params request-token verifier ;
117 : <access-token-params> ( -- params )
118 access-token-params new-token-params ;
122 : make-access-token-params ( params -- assoc )
124 [ request-token>> key>> "oauth_token" ,, ]
125 [ verifier>> "oauth_verifier" ,, ]
127 ] make-token-params ;
129 : <access-token-request> ( url params -- request )
132 [ make-access-token-params ] tri
137 : obtain-access-token ( url params -- token )
138 <access-token-request> http-request parse-token ;
142 TUPLE: oauth-request-params < token-params access-token ;
144 : <oauth-request-params> ( -- params )
145 oauth-request-params new-token-params
146 access-token get >>access-token ;
150 :: signed-oauth-request-params ( request params -- oauth-params )
153 params consumer-token>>
154 params access-token>>
157 access-token>> key>> "oauth_token" ,,
158 request post-data>> %%
162 : build-auth-string ( oauth-params -- string )
163 [ [ present url-encode-full ] bi@ "\"" "\"" surround "=" glue ] { } assoc>map
164 ", " join "OAuth realm=\"\", " prepend ;
168 : set-oauth ( request params -- request )
169 dupd signed-oauth-request-params build-auth-string
170 "Authorization" set-header ;