Skip to content

Instantly share code, notes, and snippets.

@smaeda-ks
Created April 17, 2019 23:12
Show Gist options
  • Save smaeda-ks/5ec7a4577fcf0e197922688c9bab24e0 to your computer and use it in GitHub Desktop.
Save smaeda-ks/5ec7a4577fcf0e197922688c9bab24e0 to your computer and use it in GitHub Desktop.
Runscope OAuth signature generator (Pre-request Scripts)
/*
This snippet uses variables.get() for oauth token/secret which means
you need to store those in the Shared Environment as a raw text.
OR you may also want to consider using get_secret() instead.
*/
const oauth_consumer_key = variables.get("oauth_consumer_key");
const oauth_consumer_secret = variables.get("oauth_consumer_secret");
const oauth_token = variables.get("oauth_token");
const oauth_secret = variables.get("oauth_secret");
const oauth_signing_key = oauth_consumer_secret + '&' + oauth_secret;
// create random oauth_nonce string
const random_source = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
var oauth_nonce = '';
for (var i = 0; i < 32; i++) {
oauth_nonce += random_source.charAt(Math.floor(Math.random() * random_source.length));
}
const oauth_parameter_string_object = {};
oauth_parameter_string_object.oauth_consumer_key = oauth_consumer_key;
oauth_parameter_string_object.oauth_token = oauth_token;
oauth_parameter_string_object.oauth_nonce = encodeURIComponent(encode_base64(oauth_nonce));
oauth_parameter_string_object.oauth_signature_method = 'HMAC-SHA1';
oauth_parameter_string_object.oauth_version = '1.0';
oauth_parameter_string_object.oauth_timestamp = moment().unix();
// for Authorization request header (copy object)
const oauth_authorization_header_object = {};
for (var key in oauth_parameter_string_object) {
oauth_authorization_header_object[key] = oauth_parameter_string_object[key];
}
// parse request.params
for (var i = 0; i < request.params.length; i++) {
oauth_parameter_string_object[encodeURIComponent(request.params[i].name)] = encodeURIComponent(request.params[i].value);
}
// sort object by key
const oauth_parameter_string_object_ordered = {};
Object.keys(oauth_parameter_string_object).sort().forEach(function(key) {
oauth_parameter_string_object_ordered[key] = oauth_parameter_string_object[key];
});
// convert object into array
const oauth_parameter_string_array = [];
for (var key in oauth_parameter_string_object_ordered) {
oauth_parameter_string_array.push(key + "=" + oauth_parameter_string_object_ordered[key]);
}
// generate parameter string
const oauth_parameter_string = oauth_parameter_string_array.join('&');
// generate base string
const host = request.scheme + '://' + request.host;
const oauth_base_string = request.method + '&' + encodeURIComponent(host + request.path) + '&' + encodeURIComponent(oauth_parameter_string);
// generate signature
const oauth_signature = CryptoJS.enc.Base64.stringify(CryptoJS.HmacSHA1(oauth_base_string, oauth_signing_key));
oauth_authorization_header_object.oauth_signature = encodeURIComponent(oauth_signature);
// convert object into array (for Authorization header string)
const oauth_authorization_header_array = [];
for (var key in oauth_authorization_header_object) {
oauth_authorization_header_array.push(key + '=' + '"' + oauth_authorization_header_object[key] + '"');
}
const oauth_authorization_header = oauth_authorization_header_array.join(', ');
// generate Authorization header
request.headers.Authorization = 'OAuth ' + oauth_authorization_header;
/*
Escape URI parameters using encodeURIComponent
Runscope does encode URI parameters in a similar fashion to encodeURI by default.
*/
if(request.params.length !== 0) {
// parse request.params
const request_parameter_array = [];
for (var i = 0; i < request.params.length; i++) {
request_parameter_array[i] = request.params[i].name + '=' + encodeURIComponent(request.params[i].value);
}
const request_parameter_string = request_parameter_array.join('&');
request.url = host + request.path + '?' + request_parameter_string;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment