Documentation ¶
Overview ¶
Package auth supports OAuth 1.0a request signing.
The core type in this package is Config, which carries the application and user secrets. Methods of the Config type implement signing of requests and handle queries to the API for tokens. At minimum, the APIKey and APISecret fields must be populated with the application's credentials.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthData ¶
type AuthData struct { Params Params // the annotated request parameters (as signed) Signature string // the HMAC-SHA1 signature Authorization string // the Authorization field value }
AuthData carries the result of authorizing a request.
type Config ¶
type Config struct { APIKey string `oauth:"oauth_consumer_key"` // also: Consumer or App Key APISecret string `oauth:"oauth_consumer_secret"` // also: Consumer or App Secret AccessToken string `oauth:"oauth_token"` AccessTokenSecret string `oauth:"oauth_token_secret"` // If set, use this function to generate a nonce. // If unset, a non-cryptographic pseudorandom nonce will be used. MakeNonce func() string }
Config carries the keys and secrets to generate OAuth 1.0 signatures.
The APIKey and APISecret fields must be populated for all requests. The rules for AccessToken and AccessTokenSecret are described in the documentation for each query type.
func (Config) Authorize ¶
Authorize attaches an OAuth 1.0 signature to the given request.
This operation requires c.AccessToken and c.AccessTokenSecret to be set. To authorize a ticket request, use the application's credentials. To authorize a user request, use the user's credentials.
func (Config) Authorizer ¶
func (c Config) Authorizer(token, secret string) jape.Authorizer
Authorizer returns a jape.Authorizer that uses the specified access token to sign requests.
func (Config) Sign ¶
Sign computes an authorization signature for the request parameters. The requestURL must not contain any query parameters or fragments.
If params contains parameters that affect the OAuth signature, such as "oauth_timestamp" or "oauth_nonce", their values are copied for signing and deleted from params. The contents of params are not otherwise modified. The parameters as-signed can be recovered from the Params field of the AuthData value returned.