Continue to support older OTP releases which don't have crypto:hmac/3

src/oauth.erl

@@ -128,7 +128,7 @@ hmac_sha1_signature(HttpMethod, URL, Params, Consumer, TokenSecret) ->
 
 hmac_sha1_signature(BaseString, Consumer, TokenSecret) ->
   Key = uri_join([consumer_secret(Consumer), TokenSecret]),
-  base64:encode_to_string(crypto:hmac(sha, Key, BaseString)).
+  base64:encode_to_string(hmac_sha(Key, BaseString)).
 
 hmac_sha1_verify(Signature, HttpMethod, URL, Params, Consumer, TokenSecret) ->
   verify_in_constant_time(Signature, hmac_sha1_signature(HttpMethod, URL, Params, Consumer, TokenSecret)).
@@ -136,6 +136,14 @@ hmac_sha1_verify(Signature, HttpMethod, URL, Params, Consumer, TokenSecret) ->
 hmac_sha1_verify(Signature, BaseString, Consumer, TokenSecret) ->
   verify_in_constant_time(Signature, hmac_sha1_signature(BaseString, Consumer, TokenSecret)).
 
+hmac_sha(Key, Data) ->
+  case erlang:function_exported(crypto, hmac, 3) of
+    true ->
+      crypto:hmac(sha, Key, Data);
+    false ->
+      crypto:sha_mac(Key, Data)
+  end.
+
 rsa_sha1_signature(HttpMethod, URL, Params, Consumer) ->
   BaseString = signature_base_string(HttpMethod, URL, Params),
   rsa_sha1_signature(BaseString, Consumer).