Documentation
¶
Overview ¶
Package oauth is consumer interface for OAuth 1.0, OAuth 1.0a and RFC 5849.
Redirection-based Authorization ¶
This section outlines how to use the oauth package in redirection-based authorization (http://tools.ietf.org/html/rfc5849#section-2).
Step 1: Create a Client using credentials and URIs provided by the server. The Client can be initialized once at application startup and stored in a package-level variable.
Step 2: Request temporary credentials using the Client RequestTemporaryCredentials method. The callbackURL parameter is the URL of the callback handler in step 4. Save the returned credential secret so that it can be later found using credential token as a key. The secret can be stored in a database keyed by the token. Another option is to store the token and secret in session storage or a cookie.
Step 3: Redirect the user to URL returned from AuthorizationURL method. The AuthorizationURL method uses the temporary credentials from step 2 and other parameters as specified by the server.
Step 4: The server redirects back to the callback URL specified in step 2 with the temporary token and a verifier. Use the temporary token to find the temporary secret saved in step 2. Using the temporary token, temporary secret and verifier, request token credentials using the client RequestToken method. Save the returned credentials for later use in the application.
Signing Requests ¶
The Client type has two low-level methods for signing requests, SignForm and AuthorizationHeader.
The SignForm method adds an OAuth signature to a form. The application makes an authenticated request by encoding the modified form to the query string or request body.
The AuthorizationHeader method returns an Authorization header value with the OAuth signature. The application makes an authenticated request by adding the Authorization header to the request. The AuthorizationHeader method is the only way to correctly sign a request if the application sets the URL Opaque field when making a request.
The Get and Post methods sign and invoke a request using the supplied net/http Client. These methods are easy to use, but not as flexible as constructing a request using one of the low-level methods.
Index ¶
- type Client
- func (c *Client) AuthorizationHeader(credentials *Credentials, method string, u *url.URL, params url.Values) string
- func (c *Client) AuthorizationURL(temporaryCredentials *Credentials, additionalParams url.Values) string
- func (c *Client) Get(client *http.Client, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)
- func (c *Client) Post(client *http.Client, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)
- func (c *Client) RequestTemporaryCredentials(client *http.Client, callbackURL string, additionalParams url.Values) (*Credentials, error)
- func (c *Client) RequestToken(client *http.Client, temporaryCredentials *Credentials, verifier string) (*Credentials, url.Values, error)
- func (c *Client) SignForm(credentials *Credentials, method, urlStr string, form url.Values) error
- func (c *Client) SignParam(credentials *Credentials, method, urlStr string, params url.Values)
- type Credentials
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
Credentials Credentials
TemporaryCredentialRequestURI string // Also known as request token URL.
ResourceOwnerAuthorizationURI string // Also known as authorization URL.
TokenRequestURI string // Also known as access token URL.
}
Client represents an OAuth client.
func (*Client) AuthorizationHeader ¶
func (c *Client) AuthorizationHeader(credentials *Credentials, method string, u *url.URL, params url.Values) string
AuthorizationHeader returns the HTTP authorization header value for given method, URL and parameters.
See http://tools.ietf.org/html/rfc5849#section-3.5.1 for information about transmitting OAuth parameters in an HTTP request header.
func (*Client) AuthorizationURL ¶
func (c *Client) AuthorizationURL(temporaryCredentials *Credentials, additionalParams url.Values) string
AuthorizationURL returns the URL for resource owner authorization. See http://tools.ietf.org/html/rfc5849#section-2.2 for information about resource owner authorization.
func (*Client) Get ¶
func (c *Client) Get(client *http.Client, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)
Get issues a GET to the specified URL with form added as a query string.
func (*Client) Post ¶
func (c *Client) Post(client *http.Client, credentials *Credentials, urlStr string, form url.Values) (*http.Response, error)
Post issues a POST with the specified form.
func (*Client) RequestTemporaryCredentials ¶
func (c *Client) RequestTemporaryCredentials(client *http.Client, callbackURL string, additionalParams url.Values) (*Credentials, error)
RequestTemporaryCredentials requests temporary credentials from the server. See http://tools.ietf.org/html/rfc5849#section-2.1 for information about temporary credentials.
func (*Client) RequestToken ¶
func (c *Client) RequestToken(client *http.Client, temporaryCredentials *Credentials, verifier string) (*Credentials, url.Values, error)
RequestToken requests token credentials from the server. See http://tools.ietf.org/html/rfc5849#section-2.3 for information about token credentials.
func (*Client) SignForm ¶
SignForm adds an OAuth signature to form. The urlStr argument must not include a query string.
See http://tools.ietf.org/html/rfc5849#section-3.5.2 for information about transmitting OAuth parameters in a request body and http://tools.ietf.org/html/rfc5849#section-3.5.2 for information about transmitting OAuth parameters in a query string.
type Credentials ¶
type Credentials struct {
Token string // Also known as consumer key or access token.
Secret string // Also known as consumer secret or access token secret.
}
Credentials represents client, temporary and token credentials.
Source Files