Skip to content

Instantly share code, notes, and snippets.

@laullon

laullon/OAuthRequestSigner.m

Forked from danpalmer/OAuthRequestSigner.m
Last active September 3, 2015 23:18
Show Gist options
  • Save laullon/74285654bf681921a0ae to your computer and use it in GitHub Desktop.
Save laullon/74285654bf681921a0ae to your computer and use it in GitHub Desktop.
Download ZIP
Sign OAuth Requests
Raw
OAuthRequestSigner.m
#import "OAuthRequestSigner.h"
#import <CommonCrypto/CommonCrypto.h>
@implementation OAuthRequestSigner
+(void)signRequestForOAuthRequest:(NSMutableURLRequest *)request
withOAuthParameters:(NSDictionary *)oAuthParameters
consumerSecret:(NSString *)consumerSecret
tokenSecret:(NSString *)tokenSecret
{
NSMutableDictionary *unsortedParameters = [NSMutableDictionary dictionaryWithDictionary:oAuthParameters];
NSMutableArray *parameters = [[NSMutableArray alloc] init];
NSURLComponents *queryComponents = [NSURLComponents new];
queryComponents.query = [[request URL] query];
[queryComponents.queryItems enumerateObjectsUsingBlock:^(NSURLQueryItem *qi, NSUInteger idx, BOOL *stop) {
NSLog(@"--> %@=%@",qi.name,qi.value);
[unsortedParameters addEntriesFromDictionary:@{qi.name:qi.value}];
}];
NSURLComponents *bodyComponents = [NSURLComponents new];
bodyComponents.query = [[NSString alloc] initWithData:[request HTTPBody] encoding:NSUTF8StringEncoding];
[bodyComponents.queryItems enumerateObjectsUsingBlock:^(NSURLQueryItem *qi, NSUInteger idx, BOOL *stop) {
NSLog(@"--> %@=%@",qi.name,qi.value);
[unsortedParameters addEntriesFromDictionary:@{qi.name:qi.value}];
}];
NSArray *sortedHeaderKeys = [[unsortedParameters allKeys] sortedArrayUsingSelector:@selector(localizedCaseInsensitiveCompare:)];
[sortedHeaderKeys enumerateObjectsUsingBlock:^(id obj, NSUInteger idx, BOOL *stop) {
NSString *parameter = [unsortedParameters objectForKey:obj];
if (!parameter) {
[parameters addObject:[NSString stringWithFormat:@"%@=true", obj]];
return;
}
[parameters addObject:[NSString stringWithFormat:@"%@=%@", obj, parameter]];
}];
NSString *urlString = [[request URL] absoluteString];
if ([[request URL] query]) {
urlString = [[urlString stringByReplacingOccurrencesOfString:[[request URL] query] withString:@""] stringByReplacingOccurrencesOfString:@"?" withString:@""];
}
NSMutableString *baseString = [[NSMutableString alloc] init];
[baseString appendString:[[request HTTPMethod] uppercaseString]];
[baseString appendString:@"&"];
[baseString appendString:[GPTwitterPublisher URLEncodeStringFromString:urlString]];
[baseString appendString:@"&"];
[baseString appendString:[GPTwitterPublisher URLEncodeStringFromString:[parameters componentsJoinedByString:@"&"]]];
NSString *signingKey = [NSString stringWithFormat:@"%@&%@",
consumerSecret,
tokenSecret];
const char *key = [signingKey cStringUsingEncoding:NSASCIIStringEncoding];
const char *data = [baseString cStringUsingEncoding:NSASCIIStringEncoding];
unsigned char mac[CC_SHA1_DIGEST_LENGTH];
CCHmac(kCCHmacAlgSHA1, key, strlen(key), data, strlen(data), mac);
NSData *hmacData = [NSData dataWithBytes:mac length:sizeof(mac)];
NSString *signature = [hmacData base64EncodedStringWithOptions:0];
NSMutableDictionary *authorisationHeader = [oAuthParameters mutableCopy];
[authorisationHeader setObject:[GPTwitterPublisher URLEncodeStringFromString:signature] forKey:@"oauth_signature"];
NSMutableArray *oAuthHeaderFields = [NSMutableArray array];
[[[authorisationHeader allKeys] sortedArrayUsingSelector:@selector(localizedCaseInsensitiveCompare:)] enumerateObjectsUsingBlock:^(id key, NSUInteger idx, BOOL *stop) {
NSString *param = [NSString stringWithFormat:@"%@=\"%@\"", [GPTwitterPublisher URLEncodeStringFromString:key], authorisationHeader[key]];
[oAuthHeaderFields addObject:param];
}];
[request setValue:[NSString stringWithFormat:@"OAuth %@", [oAuthHeaderFields componentsJoinedByString:@","]] forHTTPHeaderField:@"Authorization"];
}
@end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment