Created
March 19, 2011 22:27
-
-
Save mikefarmer/877865 to your computer and use it in GitHub Desktop.
A pure krl implementation of OAuth 1.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ruleset a18x46 { | |
meta { | |
name "OAuth" | |
description << | |
Module for OAuth 1.0 | |
>> | |
author "Michael Farmer" | |
logging on | |
configure using oauth_keys = {} and | |
callback_url = "" and | |
application = "" | |
provides oauth_nonce, oauth_sign_params, authorized, authorize | |
} | |
dispatch { | |
domain "waahui.com" | |
} | |
global { | |
random_char = function() { | |
chars = ['a','b','c','d','e','f','g','h','i','j','k','l','m','n','o', | |
'p','q','r','s','t','u','v','w','x','y','z','A','B','C','D','E', | |
'F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V', | |
'W','X','Y','Z','0','1','2','3','4','5','6','7','8','9']; | |
idx = math:random(62); | |
chars[idx] | |
} | |
oauth_nonce = function(l,n) { | |
new_n = n + random_char(); | |
new_l = (l + -1); | |
nonce = (new_l == 0) => new_n | oauth_nonce(new_l, new_n); | |
nonce | |
} | |
oauth_timestamp = function() { | |
(time:strftime(time:now(), '%s')) | |
} | |
// some shortcuts | |
oauth_consumer_key = function() { | |
oauth_keys.pick("$..key"); | |
} | |
oauth_consumer_secret = function() { | |
oauth_keys.pick("$..secret"); | |
} | |
// Turns a hash of params into a sorted array of 'key=val' strings | |
// Note: val is uri escaped. | |
hash_to_sorted_array = function(params, names, new_a) { | |
n = names.head(); | |
val = params.pick("$.#{n}", true); | |
safe_val = uri:escape(val.head()); | |
appended_array = new_a.append("#{n}=#{safe_val}"); | |
finished_array = (names.length() == 0) => new_a | | |
hash_to_sorted_array(params, names.tail(), appended_array); | |
finished_array.sort() | |
} | |
// Return a params hash that has all the oauth goodness: | |
// key = Consumer key | |
// secret = Consumer secret | |
// method = GET or POST | |
// path = fully qualified url up to the params (?) | |
// params = hash of params | |
// param_names = array of keys of the params hash | |
oauth_sign_params = function(method, path, params, param_names) { | |
// oauth goodies | |
oauth_params = { | |
"oauth_consumer_key" : oauth_consumer_key, | |
"oauth_nonce" : oauth_nonce(15), | |
"oauth_signature_method" : "HMAC-SHA1", | |
"oauth_timestamp" : oauth_timestamp(), | |
"oauth_version" : "1.0" | |
}; | |
new_params = params.put(oauth_params); | |
new_param_names = param_names.append([ | |
"oauth_consumer_key", | |
"oauth_nonce", | |
"oauth_signature_method", | |
"oauth_timestamp", | |
"oauth_version" | |
]); | |
// turn the params into a sorted array | |
params_a = hash_to_sorted_array(new_params, new_param_names, []); | |
// generate the signature | |
the_body = params_a.join('&'); | |
the_head = method + "&" + uri:escape(path) + "&"; | |
sig_base = the_head + uri:escape(the_body); | |
the_sig = math:hmac_sha1_base64(sig_base, oauth_consumer_secret); | |
// add the signature | |
completed_params = new_params.put({'oauth_signature' : the_sig}); | |
// provide a completed params statement: | |
signed_url = "?" + theBody + "&oauth_signature=" + (uri:escape(theSig)); | |
{"params" : completed_params, "qry" : signed_url} | |
} | |
authorized = function() { | |
access_token = ent:oauth_access_token || 0; | |
authed = (access_token == 0) => false | true; | |
authed | |
} | |
// note: this will only work for netflix for now. | |
// add request url to the config. | |
authorize = defaction() { | |
// get a request token | |
netflix_user_url = "http://api.netflix.com/oauth/request_token" | |
http:post(netflix_user_url) with params = oauth_sign_params( | |
"GET", | |
netflix_user_url, | |
{}, | |
[]).pick("$..params") and label = "request_token"; | |
"done" | |
} | |
} | |
rule request_token_response { | |
select when http post label "request_token" | |
pre { | |
oauth_token = event:param("oauth_token"); | |
oauth_token_secret = event:param("oauth_token_secret"); | |
application_name = event:param("application_name"); | |
} | |
notify("Request Token Received", oauth_token); | |
} | |
rule test_nonce { | |
select when pageview ".*" setting () | |
pre { | |
my_nonce = oauth_nonce(15); | |
} | |
notify("Test Nonce", "#{my_nonce}") with sticky = true; | |
} | |
rule test_time { | |
select when pageview ".*" setting () | |
pre { | |
cond_1 = (time:strftime(time:now(), '%s')); | |
} | |
notify("Test datetime 1300510061929","#{cond_1}") with sticky = true; | |
} | |
rule test_hash { | |
select when pageview ".*" setting () | |
pre { | |
h = { "key1" : "value1", "key2" : "value2", "key3" : "value3" }; | |
n = ["key1", "key2", "key3"]; | |
new_a = hash_to_sorted_array(h, n, []); | |
a_json = new_a.encode(); | |
} | |
notify("first", "result: #{a_json}"); | |
} | |
rule test_request_token { | |
select when pageview ".*" | |
pre { | |
authorize(); | |
} | |
notify("sent request token",""); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment