-
-
Save laullon/74285654bf681921a0ae to your computer and use it in GitHub Desktop.
Sign OAuth Requests
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#import "OAuthRequestSigner.h" | |
#import <CommonCrypto/CommonCrypto.h> | |
@implementation OAuthRequestSigner | |
+(void)signRequestForOAuthRequest:(NSMutableURLRequest *)request | |
withOAuthParameters:(NSDictionary *)oAuthParameters | |
consumerSecret:(NSString *)consumerSecret | |
tokenSecret:(NSString *)tokenSecret | |
{ | |
NSMutableDictionary *unsortedParameters = [NSMutableDictionary dictionaryWithDictionary:oAuthParameters]; | |
NSMutableArray *parameters = [[NSMutableArray alloc] init]; | |
NSURLComponents *queryComponents = [NSURLComponents new]; | |
queryComponents.query = [[request URL] query]; | |
[queryComponents.queryItems enumerateObjectsUsingBlock:^(NSURLQueryItem *qi, NSUInteger idx, BOOL *stop) { | |
NSLog(@"--> %@=%@",qi.name,qi.value); | |
[unsortedParameters addEntriesFromDictionary:@{qi.name:qi.value}]; | |
}]; | |
NSURLComponents *bodyComponents = [NSURLComponents new]; | |
bodyComponents.query = [[NSString alloc] initWithData:[request HTTPBody] encoding:NSUTF8StringEncoding]; | |
[bodyComponents.queryItems enumerateObjectsUsingBlock:^(NSURLQueryItem *qi, NSUInteger idx, BOOL *stop) { | |
NSLog(@"--> %@=%@",qi.name,qi.value); | |
[unsortedParameters addEntriesFromDictionary:@{qi.name:qi.value}]; | |
}]; | |
NSArray *sortedHeaderKeys = [[unsortedParameters allKeys] sortedArrayUsingSelector:@selector(localizedCaseInsensitiveCompare:)]; | |
[sortedHeaderKeys enumerateObjectsUsingBlock:^(id obj, NSUInteger idx, BOOL *stop) { | |
NSString *parameter = [unsortedParameters objectForKey:obj]; | |
if (!parameter) { | |
[parameters addObject:[NSString stringWithFormat:@"%@=true", obj]]; | |
return; | |
} | |
[parameters addObject:[NSString stringWithFormat:@"%@=%@", obj, parameter]]; | |
}]; | |
NSString *urlString = [[request URL] absoluteString]; | |
if ([[request URL] query]) { | |
urlString = [[urlString stringByReplacingOccurrencesOfString:[[request URL] query] withString:@""] stringByReplacingOccurrencesOfString:@"?" withString:@""]; | |
} | |
NSMutableString *baseString = [[NSMutableString alloc] init]; | |
[baseString appendString:[[request HTTPMethod] uppercaseString]]; | |
[baseString appendString:@"&"]; | |
[baseString appendString:[GPTwitterPublisher URLEncodeStringFromString:urlString]]; | |
[baseString appendString:@"&"]; | |
[baseString appendString:[GPTwitterPublisher URLEncodeStringFromString:[parameters componentsJoinedByString:@"&"]]]; | |
NSString *signingKey = [NSString stringWithFormat:@"%@&%@", | |
consumerSecret, | |
tokenSecret]; | |
const char *key = [signingKey cStringUsingEncoding:NSASCIIStringEncoding]; | |
const char *data = [baseString cStringUsingEncoding:NSASCIIStringEncoding]; | |
unsigned char mac[CC_SHA1_DIGEST_LENGTH]; | |
CCHmac(kCCHmacAlgSHA1, key, strlen(key), data, strlen(data), mac); | |
NSData *hmacData = [NSData dataWithBytes:mac length:sizeof(mac)]; | |
NSString *signature = [hmacData base64EncodedStringWithOptions:0]; | |
NSMutableDictionary *authorisationHeader = [oAuthParameters mutableCopy]; | |
[authorisationHeader setObject:[GPTwitterPublisher URLEncodeStringFromString:signature] forKey:@"oauth_signature"]; | |
NSMutableArray *oAuthHeaderFields = [NSMutableArray array]; | |
[[[authorisationHeader allKeys] sortedArrayUsingSelector:@selector(localizedCaseInsensitiveCompare:)] enumerateObjectsUsingBlock:^(id key, NSUInteger idx, BOOL *stop) { | |
NSString *param = [NSString stringWithFormat:@"%@=\"%@\"", [GPTwitterPublisher URLEncodeStringFromString:key], authorisationHeader[key]]; | |
[oAuthHeaderFields addObject:param]; | |
}]; | |
[request setValue:[NSString stringWithFormat:@"OAuth %@", [oAuthHeaderFields componentsJoinedByString:@","]] forHTTPHeaderField:@"Authorization"]; | |
} | |
@end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment