source: trip-planner-front/node_modules/request/lib/oauth.js

Last change on this file was 6a3a178, checked in by Ema <ema_spirova@…>, 3 years ago

initial commit

  • Property mode set to 100644
File size: 4.0 KB
Line 
1'use strict'
2
3var url = require('url')
4var qs = require('qs')
5var caseless = require('caseless')
6var uuid = require('uuid/v4')
7var oauth = require('oauth-sign')
8var crypto = require('crypto')
9var Buffer = require('safe-buffer').Buffer
10
11function OAuth (request) {
12 this.request = request
13 this.params = null
14}
15
16OAuth.prototype.buildParams = function (_oauth, uri, method, query, form, qsLib) {
17 var oa = {}
18 for (var i in _oauth) {
19 oa['oauth_' + i] = _oauth[i]
20 }
21 if (!oa.oauth_version) {
22 oa.oauth_version = '1.0'
23 }
24 if (!oa.oauth_timestamp) {
25 oa.oauth_timestamp = Math.floor(Date.now() / 1000).toString()
26 }
27 if (!oa.oauth_nonce) {
28 oa.oauth_nonce = uuid().replace(/-/g, '')
29 }
30 if (!oa.oauth_signature_method) {
31 oa.oauth_signature_method = 'HMAC-SHA1'
32 }
33
34 var consumer_secret_or_private_key = oa.oauth_consumer_secret || oa.oauth_private_key // eslint-disable-line camelcase
35 delete oa.oauth_consumer_secret
36 delete oa.oauth_private_key
37
38 var token_secret = oa.oauth_token_secret // eslint-disable-line camelcase
39 delete oa.oauth_token_secret
40
41 var realm = oa.oauth_realm
42 delete oa.oauth_realm
43 delete oa.oauth_transport_method
44
45 var baseurl = uri.protocol + '//' + uri.host + uri.pathname
46 var params = qsLib.parse([].concat(query, form, qsLib.stringify(oa)).join('&'))
47
48 oa.oauth_signature = oauth.sign(
49 oa.oauth_signature_method,
50 method,
51 baseurl,
52 params,
53 consumer_secret_or_private_key, // eslint-disable-line camelcase
54 token_secret // eslint-disable-line camelcase
55 )
56
57 if (realm) {
58 oa.realm = realm
59 }
60
61 return oa
62}
63
64OAuth.prototype.buildBodyHash = function (_oauth, body) {
65 if (['HMAC-SHA1', 'RSA-SHA1'].indexOf(_oauth.signature_method || 'HMAC-SHA1') < 0) {
66 this.request.emit('error', new Error('oauth: ' + _oauth.signature_method +
67 ' signature_method not supported with body_hash signing.'))
68 }
69
70 var shasum = crypto.createHash('sha1')
71 shasum.update(body || '')
72 var sha1 = shasum.digest('hex')
73
74 return Buffer.from(sha1, 'hex').toString('base64')
75}
76
77OAuth.prototype.concatParams = function (oa, sep, wrap) {
78 wrap = wrap || ''
79
80 var params = Object.keys(oa).filter(function (i) {
81 return i !== 'realm' && i !== 'oauth_signature'
82 }).sort()
83
84 if (oa.realm) {
85 params.splice(0, 0, 'realm')
86 }
87 params.push('oauth_signature')
88
89 return params.map(function (i) {
90 return i + '=' + wrap + oauth.rfc3986(oa[i]) + wrap
91 }).join(sep)
92}
93
94OAuth.prototype.onRequest = function (_oauth) {
95 var self = this
96 self.params = _oauth
97
98 var uri = self.request.uri || {}
99 var method = self.request.method || ''
100 var headers = caseless(self.request.headers)
101 var body = self.request.body || ''
102 var qsLib = self.request.qsLib || qs
103
104 var form
105 var query
106 var contentType = headers.get('content-type') || ''
107 var formContentType = 'application/x-www-form-urlencoded'
108 var transport = _oauth.transport_method || 'header'
109
110 if (contentType.slice(0, formContentType.length) === formContentType) {
111 contentType = formContentType
112 form = body
113 }
114 if (uri.query) {
115 query = uri.query
116 }
117 if (transport === 'body' && (method !== 'POST' || contentType !== formContentType)) {
118 self.request.emit('error', new Error('oauth: transport_method of body requires POST ' +
119 'and content-type ' + formContentType))
120 }
121
122 if (!form && typeof _oauth.body_hash === 'boolean') {
123 _oauth.body_hash = self.buildBodyHash(_oauth, self.request.body.toString())
124 }
125
126 var oa = self.buildParams(_oauth, uri, method, query, form, qsLib)
127
128 switch (transport) {
129 case 'header':
130 self.request.setHeader('Authorization', 'OAuth ' + self.concatParams(oa, ',', '"'))
131 break
132
133 case 'query':
134 var href = self.request.uri.href += (query ? '&' : '?') + self.concatParams(oa, '&')
135 self.request.uri = url.parse(href)
136 self.request.path = self.request.uri.path
137 break
138
139 case 'body':
140 self.request.body = (form ? form + '&' : '') + self.concatParams(oa, '&')
141 break
142
143 default:
144 self.request.emit('error', new Error('oauth: transport_method invalid'))
145 }
146}
147
148exports.OAuth = OAuth
Note: See TracBrowser for help on using the repository browser.