Home Explore Help
Register Sign In
yangxiukun
/
warewms-PDA
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
warewms-PDA
/
node_modules
/
request
/
lib
/
oauth.js

oauth.js 4.0 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148 
  1. 'use strict'
    2. 

  2. 

  3. var url = require('url')
    4. 

  4. var qs = require('qs')
    5. 

  5. var caseless = require('caseless')
    6. 

  6. var uuid = require('uuid/v4')
    7. 

  7. var oauth = require('oauth-sign')
    8. 

  8. var crypto = require('crypto')
    9. 

  9. var Buffer = require('safe-buffer').Buffer
    10. 

  10. 

  11. function OAuth (request) {
    12. 

  12.   this.request = request
    13. 

  13.   this.params = null
    14. 

  14. }
    15. 

  15. 

  16. OAuth.prototype.buildParams = function (_oauth, uri, method, query, form, qsLib) {
    17. 

  17.   var oa = {}
    18. 

  18.   for (var i in _oauth) {
    19. 

  19.     oa['oauth_' + i] = _oauth[i]
    20. 

  20.   }
    21. 

  21.   if (!oa.oauth_version) {
    22. 

  22.     oa.oauth_version = '1.0'
    23. 

  23.   }
    24. 

  24.   if (!oa.oauth_timestamp) {
    25. 

  25.     oa.oauth_timestamp = Math.floor(Date.now() / 1000).toString()
    26. 

  26.   }
    27. 

  27.   if (!oa.oauth_nonce) {
    28. 

  28.     oa.oauth_nonce = uuid().replace(/-/g, '')
    29. 

  29.   }
    30. 

  30.   if (!oa.oauth_signature_method) {
    31. 

  31.     oa.oauth_signature_method = 'HMAC-SHA1'
    32. 

  32.   }
    33. 

  33. 

  34.   var consumer_secret_or_private_key = oa.oauth_consumer_secret || oa.oauth_private_key // eslint-disable-line camelcase
    35. 

  35.   delete oa.oauth_consumer_secret
    36. 

  36.   delete oa.oauth_private_key
    37. 

  37. 

  38.   var token_secret = oa.oauth_token_secret // eslint-disable-line camelcase
    39. 

  39.   delete oa.oauth_token_secret
    40. 

  40. 

  41.   var realm = oa.oauth_realm
    42. 

  42.   delete oa.oauth_realm
    43. 

  43.   delete oa.oauth_transport_method
    44. 

  44. 

  45.   var baseurl = uri.protocol + '//' + uri.host + uri.pathname
    46. 

  46.   var params = qsLib.parse([].concat(query, form, qsLib.stringify(oa)).join('&'))
    47. 

  47. 

  48.   oa.oauth_signature = oauth.sign(
    49. 

  49.     oa.oauth_signature_method,
    50. 

  50.     method,
    51. 

  51.     baseurl,
    52. 

  52.     params,
    53. 

  53.     consumer_secret_or_private_key, // eslint-disable-line camelcase
    54. 

  54.     token_secret // eslint-disable-line camelcase
    55. 

  55.   )
    56. 

  56. 

  57.   if (realm) {
    58. 

  58.     oa.realm = realm
    59. 

  59.   }
    60. 

  60. 

  61.   return oa
    62. 

  62. }
    63. 

  63. 

  64. OAuth.prototype.buildBodyHash = function (_oauth, body) {
    65. 

  65.   if (['HMAC-SHA1', 'RSA-SHA1'].indexOf(_oauth.signature_method || 'HMAC-SHA1') < 0) {
    66. 

  66.     this.request.emit('error', new Error('oauth: ' + _oauth.signature_method +
    67. 

  67.       ' signature_method not supported with body_hash signing.'))
    68. 

  68.   }
    69. 

  69. 

  70.   var shasum = crypto.createHash('sha1')
    71. 

  71.   shasum.update(body || '')
    72. 

  72.   var sha1 = shasum.digest('hex')
    73. 

  73. 

  74.   return Buffer.from(sha1, 'hex').toString('base64')
    75. 

  75. }
    76. 

  76. 

  77. OAuth.prototype.concatParams = function (oa, sep, wrap) {
    78. 

  78.   wrap = wrap || ''
    79. 

  79. 

  80.   var params = Object.keys(oa).filter(function (i) {
    81. 

  81.     return i !== 'realm' && i !== 'oauth_signature'
    82. 

  82.   }).sort()
    83. 

  83. 

  84.   if (oa.realm) {
    85. 

  85.     params.splice(0, 0, 'realm')
    86. 

  86.   }
    87. 

  87.   params.push('oauth_signature')
    88. 

  88. 

  89.   return params.map(function (i) {
    90. 

  90.     return i + '=' + wrap + oauth.rfc3986(oa[i]) + wrap
    91. 

  91.   }).join(sep)
    92. 

  92. }
    93. 

  93. 

  94. OAuth.prototype.onRequest = function (_oauth) {
    95. 

  95.   var self = this
    96. 

  96.   self.params = _oauth
    97. 

  97. 

  98.   var uri = self.request.uri || {}
    99. 

  99.   var method = self.request.method || ''
    100. 

  100.   var headers = caseless(self.request.headers)
    101. 

  101.   var body = self.request.body || ''
    102. 

  102.   var qsLib = self.request.qsLib || qs
    103. 

  103. 

  104.   var form
    105. 

  105.   var query
    106. 

  106.   var contentType = headers.get('content-type') || ''
    107. 

  107.   var formContentType = 'application/x-www-form-urlencoded'
    108. 

  108.   var transport = _oauth.transport_method || 'header'
    109. 

  109. 

  110.   if (contentType.slice(0, formContentType.length) === formContentType) {
    111. 

  111.     contentType = formContentType
    112. 

  112.     form = body
    113. 

  113.   }
    114. 

  114.   if (uri.query) {
    115. 

  115.     query = uri.query
    116. 

  116.   }
    117. 

  117.   if (transport === 'body' && (method !== 'POST' || contentType !== formContentType)) {
    118. 

  118.     self.request.emit('error', new Error('oauth: transport_method of body requires POST ' +
    119. 

  119.       'and content-type ' + formContentType))
    120. 

  120.   }
    121. 

  121. 

  122.   if (!form && typeof _oauth.body_hash === 'boolean') {
    123. 

  123.     _oauth.body_hash = self.buildBodyHash(_oauth, self.request.body.toString())
    124. 

  124.   }
    125. 

  125. 

  126.   var oa = self.buildParams(_oauth, uri, method, query, form, qsLib)
    127. 

  127. 

  128.   switch (transport) {
    129. 

  129.     case 'header':
    130. 

  130.       self.request.setHeader('Authorization', 'OAuth ' + self.concatParams(oa, ',', '"'))
    131. 

  131.       break
    132. 

  132. 

  133.     case 'query':
    134. 

  134.       var href = self.request.uri.href += (query ? '&' : '?') + self.concatParams(oa, '&')
    135. 

  135.       self.request.uri = url.parse(href)
    136. 

  136.       self.request.path = self.request.uri.path
    137. 

  137.       break
    138. 

  138. 

  139.     case 'body':
    140. 

  140.       self.request.body = (form ? form + '&' : '') + self.concatParams(oa, '&')
    141. 

  141.       break
    142. 

  142. 

  143.     default:
    144. 

  144.       self.request.emit('error', new Error('oauth: transport_method invalid'))
    145. 

  145.   }
    146. 

  146. }
    147. 

  147. 

  148. exports.OAuth = OAuth
    149.