auth

package
v0.0.0-...-d727afa Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 13, 2023 License: MIT Imports: 14 Imported by: 1

Documentation

Overview

Package auth supports OAuth 1.0a request signing.

The core type in this package is Config, which carries the application and user secrets. Methods of the Config type implement signing of requests and handle queries to the API for tokens. At minimum, the APIKey and APISecret fields must be populated with the application's credentials.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthData

type AuthData struct {
	Params        Params // the annotated request parameters (as signed)
	Signature     string // the HMAC-SHA1 signature
	Authorization string // the Authorization field value
}

AuthData carries the result of authorizing a request.

type Config

type Config struct {
	APIKey            string `oauth:"oauth_consumer_key"`    // also: Consumer or App Key
	APISecret         string `oauth:"oauth_consumer_secret"` // also: Consumer or App Secret
	AccessToken       string `oauth:"oauth_token"`
	AccessTokenSecret string `oauth:"oauth_token_secret"`

	// If set, use this function to generate a nonce.
	// If unset, a non-cryptographic pseudorandom nonce will be used.
	MakeNonce func() string
}

Config carries the keys and secrets to generate OAuth 1.0 signatures.

The APIKey and APISecret fields must be populated for all requests. The rules for AccessToken and AccessTokenSecret are described in the documentation for each query type.

func (Config) Authorize

func (c Config) Authorize(req *http.Request) error

Authorize attaches an OAuth 1.0 signature to the given request.

This operation requires c.AccessToken and c.AccessTokenSecret to be set. To authorize a ticket request, use the application's credentials. To authorize a user request, use the user's credentials.

func (Config) Authorizer

func (c Config) Authorizer(token, secret string) jape.Authorizer

Authorizer returns a jape.Authorizer that uses the specified access token to sign requests.

func (Config) Sign

func (c Config) Sign(method, requestURL string, params Params) AuthData

Sign computes an authorization signature for the request parameters. The requestURL must not contain any query parameters or fragments.

If params contains parameters that affect the OAuth signature, such as "oauth_timestamp" or "oauth_nonce", their values are copied for signing and deleted from params. The contents of params are not otherwise modified. The parameters as-signed can be recovered from the Params field of the AuthData value returned.

type Params

type Params map[string]string

Params represent URL query parameters.

func (Params) Encode

func (p Params) Encode() string

Encode encodes p as a URL query string, not including the "?" prefix.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL