OAuth 1.0 consumer implementation. See http://www.oauth.net and RFC 5849
There are typically three parties involved in an OAuth exchange:
(1) The "Service Provider" (e.g. Google, Twitter, NetFlix) who operates the
service where the data resides.
(2) The "End User" who owns that data, and wants to grant access to a third-party.
(3) That third-party who wants access to the data (after first being authorized by
the user). This third-party is referred to as the "Consumer" in OAuth
terminology.
This library is designed to help implement the third-party consumer by handling the low-level authentication tasks, and allowing for authenticated requests to the service provider on behalf of the user.
Caveats:
Overview of how to use this library:
(1) First create a new Consumer instance with the NewConsumer function
(2) Get a RequestToken, and "authorization url" from GetRequestTokenAndUrl()
(3) Save the RequestToken, you will need it again in step 6.
(4) Redirect the user to the "authorization url" from step 2, where they will
authorize your access to the service provider.
(5) Wait. You will be called back on the CallbackUrl that you provide, and you
will recieve a "verification code".
(6) Call AuthorizeToken() with the RequestToken from step 2 and the
"verification code" from step 5.
(7) You will get back an AccessToken. Save this for as long as you need access
to the user's data, and treat it like a password; it is a secret.
(8) You can now throw away the RequestToken from step 2, it is no longer
necessary.
(9) Call "MakeHttpClient" using the AccessToken from step 7 to get an
HTTP client which can access protected resources.
const ( OAUTH_VERSION = "1.0" SIGNATURE_METHOD_HMAC = "HMAC-" SIGNATURE_METHOD_RSA = "RSA-" BODY_HASH_PARAM = "oauth_body_hash" CALLBACK_PARAM = "oauth_callback" CONSUMER_KEY_PARAM = "oauth_consumer_key" NONCE_PARAM = "oauth_nonce" SESSION_HANDLE_PARAM = "oauth_session_handle" SIGNATURE_METHOD_PARAM = "oauth_signature_method" SIGNATURE_PARAM = "oauth_signature" TIMESTAMP_PARAM = "oauth_timestamp" TOKEN_PARAM = "oauth_token" TOKEN_SECRET_PARAM = "oauth_token_secret" VERIFIER_PARAM = "oauth_verifier" VERSION_PARAM = "oauth_version" )
This section is empty.
Consumers are stateless, you can call the various methods (GetRequestTokenAndUrl, AuthorizeToken, and Get) on various different instances of Consumers *as long as they were set up in the same way.* It is up to you, as the caller to persist the necessary state (RequestTokens and AccessTokens).
Creates a new Consumer instance, with a HMAC-SHA1 signer
consumerKey and consumerSecret: values you should obtain from the ServiceProvider when you register your application.
serviceProvider: see the documentation for ServiceProvider for how to create this.
Creates a new Consumer instance, with a HMAC signer
consumerKey and consumerSecret: values you should obtain from the ServiceProvider when you register your application.
hashFunc: the crypto.Hash to use for signatures
serviceProvider: see the documentation for ServiceProvider for how to create this.
httpClient: Provides a custom implementation of the httpClient used under the hood to make the request. This is especially useful if you want to use Google App Engine. Can be nil for default.
Creates a new Consumer instance, with a HMAC-SHA1 signer
consumerKey and consumerSecret: values you should obtain from the ServiceProvider when you register your application.
serviceProvider: see the documentation for ServiceProvider for how to create this.
httpClient: Provides a custom implementation of the httpClient used under the hood to make the request. This is especially useful if you want to use Google App Engine.
Creates a new Consumer instance, with a RSA signer
consumerKey: value you should obtain from the ServiceProvider when you register your application.
privateKey: the private key to use for signatures
hashFunc: the crypto.Hash to use for signatures
serviceProvider: see the documentation for ServiceProvider for how to create this.
httpClient: Provides a custom implementation of the httpClient used under the hood to make the request. This is especially useful if you want to use Google App Engine. Can be nil for default.
Creates a new Consumer instance, with a RSA-SHA1 signer
consumerKey: value you should obtain from the ServiceProvider when you register your application.
privateKey: the private key to use for signatures
serviceProvider: see the documentation for ServiceProvider for how to create this.
After the user has authorized you to the service provider, use this method to turn your temporary RequestToken into a permanent AccessToken. You must pass in two values:
rtoken: The RequestToken returned from GetRequestTokenAndUrl()
verificationCode: The string which passed back from the server, either as the oauth_verifier query param appended to callbackUrl *OR* a string manually entered by the user if callbackUrl is "oob"
It will return:
atoken: A permanent AccessToken which can be used to access the user's data (until it is revoked by the user or the service provider).
err: Set only if there was an error, nil otherwise.
** DEPRECATED ** Please call "Delete" on the http client returned by MakeHttpClient instead
** DEPRECATED ** Please call Get on the http client returned by MakeHttpClient instead!
Executes an HTTP Get, authorized via the AccessToken.
url: The base url, without any query params, which is being accessed
userParams: Any key=value params to be included in the query string
token: The AccessToken returned by AuthorizeToken()
This method returns:
resp: The HTTP Response resulting from making this request.
err: Set only if there was an error, nil otherwise.
Kicks off the OAuth authorization process.
This function returns:
rtoken: A temporary RequestToken, used during the authorization process. You must save this since it will be necessary later in the process when calling AuthorizeToken().
url: A URL that you should redirect the user to in order that they may authorize you to the service provider.
err: Set only if there was an error, nil otherwise.
** DEPRECATED ** Please call "Post" on the http client returned by MakeHttpClient instead
** DEPRECATED ** Please call "Post" on the http client returned by MakeHttpClient instead
** DEPRECATED ** Please call "Do" on the http client returned by MakeHttpClient instead (and set the "Content-Type" header explicitly in the http.Request)
** DEPRECATED ** Please call "Do" on the http client returned by MakeHttpClient instead (and setup the multipart data explicitly in the http.Request)
func (*Consumer) PostWithBody ¶** DEPRECATED ** Please call "Post" on the http client returned by MakeHttpClient instead
** DEPRECATED ** Please call "Do" on the http client returned by MakeHttpClient instead (and set the "Content-Type" header explicitly in the http.Request)
** DEPRECATED ** Please call "Put" on the http client returned by MakeHttpClient instead
Use the service provider to refresh the AccessToken for a given session. Note that this is only supported for service providers that manage an authorization session (e.g. Yahoo).
Most providers do not return the SESSION_HANDLE_PARAM needed to refresh the token.
See http://oauth.googlecode.com/svn/spec/ext/session/1.0/drafts/1/spec.html for more information.
It will return:
atoken: An AccessToken which can be used to access the user's data (until it is revoked by the user or the service provider).
err: Set if accessToken does not contain the SESSION_HANDLE_PARAM needed to refresh the token, or if an error occurred when making the request.
const ( LOC_BODY DataLocation = iota + 1 LOC_URL LOC_MULTIPART LOC_JSON LOC_XML )
type HMACSigner struct {
}
type HTTPExecuteError struct {
RequestHeaders string
ResponseBodyBytes []byte
Status string
StatusCode int
}
HTTPExecuteError signals that a call to httpExecute failed.
Error provides a printable string description of an HTTPExecuteError.
type OrderedParams struct {
}
Provider provides methods for a 2-legged Oauth1 provider
NewProvider takes a function to get the consumer secret from a datastore. Returns a Provider
IsAuthorized takes an *http.Request and returns a pointer to a string containing the consumer key, or nil if not authorized
type RSASigner struct {
}
TODO(mrjones) Do we definitely want separate "Request" and "Access" token classes? They're identical structurally, but used for different purposes.
type RoundTripper struct {
}
Information about how to contact the service provider (see #1 above). You usually find all of these URLs by reading the documentation for the service that you're trying to connect to. Some common examples are:
(1) Google, standard APIs:
http://code.google.com/apis/accounts/docs/OAuth_ref.html
- RequestTokenUrl: https://www.google.com/accounts/OAuthGetRequestToken
- AuthorizeTokenUrl: https://www.google.com/accounts/OAuthAuthorizeToken
- AccessTokenUrl: https://www.google.com/accounts/OAuthGetAccessToken
Note: Some Google APIs (for example, Google Latitude) use different values for
one or more of those URLs.
(2) Twitter API:
http://dev.twitter.com/pages/auth
- RequestTokenUrl: http://api.twitter.com/oauth/request_token
- AuthorizeTokenUrl: https://api.twitter.com/oauth/authorize
- AccessTokenUrl: https://api.twitter.com/oauth/access_token
(3) NetFlix API:
http://developer.netflix.com/docs/Security
- RequestTokenUrl: http://api.netflix.com/oauth/request_token
- AuthroizeTokenUrl: https://api-user.netflix.com/oauth/login
- AccessTokenUrl: http://api.netflix.com/oauth/access_token
Set HttpMethod if the service provider requires a different HTTP method to be used for OAuth token requests
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4