Skip to content

lhokktyn/oauth-1.0a

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits

lib

lib

 
 

test

test

 
 

test_browser

test_browser

 
 

test_extension

test_extension

 
 

.travis.yml

.travis.yml

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

index.js

index.js

 
 

package.json

package.json

 
 

Repository files navigation

oauth-1.0a

Dependencies Dependency Status NPM version

OAuth 1.0a Request Authorization for Node and Browser

Send OAuth request with your favorite HTTP client (request, jQuery.ajax...)

No more headache about OAuth 1.0a's stuff or "oauth_consumer_key, oauth_nonce, oauth_signature...." parameters, just use your familiar HTTP client to send OAuth requests.

Tested on some popular OAuth 1.0a services:

  • Twitter
  • Flickr
  • Bitbucket
  • Linkedin

Quick Start

var oauth = new OAuth({
    consumer: {
        public: '<your consumer key>',
        secret: '<your consumer secret>'
    },
    signature_method: '<signature method>' //HMAC-SHA1 or PLAINTEXT ...
});

Get OAuth request data then you can use with your http client easily :)

oauth.authorize(request, token);

Or if you want to get as a header key-value data

oauth.toHeader(oauth_data);

##Installation

###Node.js $ npm install oauth-1.0a

###Browser Download oauth-1.0a.js here

<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/hmac-sha1.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/enc-base64-min.js"></script>
<script src="oauth-1.0a.js"></script>

##Examples

###Work with request (Node.js)

Depencies

var request = require('request');
var OAuth   = require('oauth-1.0a');

Init

var oauth = new OAuth({
    consumer: {
        public: 'xvz1evFS4wEEPTGEFPHBog',
        secret: 'kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw'
    },
    signature_method: 'HMAC-SHA1'
});

Your request data

var request_data = {
	url: 'https://api.twitter.com/1/statuses/update.json?include_entities=true',
    method: 'POST',
    data: {
        status: 'Hello Ladies + Gentlemen, a signed OAuth request!'
    }
};

Your token (optional for some requests)

var token = {
    public: '370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb',
    secret: 'LswwdoUaIvS8ltyTt5jkRh4J50vUPVVHtR2YPi5kE'
};

Call a request

request({
	url: request_data.url,
	method: request_data.method,
	form: oauth.authorize(request_data, token)
}, function(error, response, body) {
	//process your data here
});

Or if you want to send OAuth data in request's header

request({
	url: request_data.url,
	method: request_data.method,
	form: request_data.data,
	headers: oauth.toHeader(oauth.authorize(request_data, token))
}, function(error, response, body) {
	//process your data here
});

###Work with jQuery.ajax (Browser)

Caution: please make sure you understand what happen when use OAuth protocol at client side here

Init

var oauth = new OAuth({
    consumer: {
        public: 'xvz1evFS4wEEPTGEFPHBog',
        secret: 'kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw'
    },
    signature_method: 'HMAC-SHA1'
});

Your request data

var request_data = {
	url: 'https://api.twitter.com/1/statuses/update.json?include_entities=true',
    method: 'POST',
    data: {
        status: 'Hello Ladies + Gentlemen, a signed OAuth request!'
    }
};

Your token (optional for some requests)

var token = {
    public: '370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb',
    secret: 'LswwdoUaIvS8ltyTt5jkRh4J50vUPVVHtR2YPi5kE'
};

Call a request

$.ajax({
	url: request_data.url,
	type: request_data.method,
	data: oauth.authorize(request_data, token)
}).done(function(data) {
	//process your data here
});

Or if you want to send OAuth data in request's header

$.ajax({
	url: request_data.url,
	type: request_data.method,
	data: request_data.data,
	headers: oauth.toHeader(oauth.authorize(request_data, token))
}).done(function(data) {
	//process your data here
});

##Notes

  • Some OAuth requests without token use .authorize(request_data) instead of .authorize(request_data, {})

  • If you want an easier way to handle your OAuth request. Please visit Simple OAuth, it's a wrapper of this project, some features:

    • Request Token method
    • Get Authorize link method
    • Access Token method
    • OAuth 2.0 support
    • Simpler syntax:

Node.js:

request(oauth.requestsToken(), function(error, response, body) {
	//process your data here
});
request(oauth.accessToken({
	oauth_verifier: '<verifier>'
}), function(error, response, body) {
	//process your data here
});

jQuery:

$.ajax(oauth.requestsToken()).done(function(data) {
	//process your data here
});
$.ajax(oauth.accessToken({
	oauth_verifier: '<verifier>'
})).done(function(data) {
	//process your data here
});

##Client Side Usage Caution

OAuth is based around allowing tools and websites to talk to each other. However, JavaScript running in web browsers is hampered by security restrictions that prevent code running on one website from accessing data stored or served on another.

Before you start hacking, make sure you understand the limitations posed by cross-domain XMLHttpRequest.

On the bright side, some platforms use JavaScript as their language, but enable the programmer to access other web sites. Examples include:

  • Google/Firefox/Safari extensions
  • Google Gadgets
  • Microsoft Sidebar...

For those platforms, this library should come in handy.

##Todo

  • RSA-SHA1 signature method

##Changelog

##Depencies

Bitdeli Badge

About

OAuth 1.0a Request Authorization for Node and Browser

ddo.github.io/oauth-1.0a

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • JavaScript 100.0%