Home Explore Help
Sign In
n4u
/
erlang-oauth
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Move signature verification code into helper modules.

Tim Fletcher 16 years ago
parent
fb4ac880c6
commit
d8be23693b
4 changed files with 21 additions and 7 deletions
Split View Show Diff Stats
  1. 4 4
      src/oauth.erl
  2. 4 1
      src/oauth_hmac_sha1.erl
  3. 4 1
      src/oauth_plaintext.erl
  4. 9 1
      src/oauth_rsa_sha1.erl

+ 4 - 4
src/oauth.erl
View File 

@@ -39,13 +39,13 @@ token_secret(Params) ->
 
 verify(Signature, HttpMethod, URL, Params, Consumer, TokenSecret) ->
 
   case signature_method(Consumer) of
 
     plaintext ->
 
-      Signature =:= signature(HttpMethod, URL, Params, Consumer, TokenSecret);
 
+      oauth_plaintext:verify(Signature, consumer_secret(Consumer), TokenSecret);
 
     hmac_sha1 ->
 
-      Signature =:= signature(HttpMethod, URL, Params, Consumer, TokenSecret);
 
+      BaseString = signature_base_string(HttpMethod, URL, Params),
 
+      oauth_hmac_sha1:verify(Signature, BaseString, consumer_secret(Consumer), TokenSecret);
 
     rsa_sha1 ->
 
       BaseString = signature_base_string(HttpMethod, URL, Params),
 
-      PublicKey = oauth_rsa_sha1:public_key(consumer_secret(Consumer)),
 
-      public_key:verify_signature(BaseString, sha, Signature, PublicKey)
 
+      oauth_rsa_sha1:verify(Signature, BaseString, consumer_secret(Consumer))
 
   end.
 
 
 signed_params(HttpMethod, URL, ExtraParams, Consumer, Token, TokenSecret) ->

+ 4 - 1
src/oauth_hmac_sha1.erl
View File 

@@ -1,8 +1,11 @@
 
 -module(oauth_hmac_sha1).
 
 
--export([signature/3]).
 
+-export([signature/3, verify/4]).
 
 
 
 signature(BaseString, CS, TS) ->
 
   Key = oauth_uri:calate("&", [CS, TS]),
 
   base64:encode_to_string(crypto:sha_mac(Key, BaseString)).
 
+
 
+verify(Signature, BaseString, CS, TS) ->
 
+  Signature =:= signature(BaseString, CS, TS).

+ 4 - 1
src/oauth_plaintext.erl
View File 

@@ -1,7 +1,10 @@
 
 -module(oauth_plaintext).
 
 
--export([signature/2]).
 
+-export([signature/2, verify/3]).
 
 
 
 signature(CS, TS) ->
 
   oauth_uri:encode(oauth_uri:calate("&", [CS, TS])).
 
+
 
+verify(Signature, CS, TS) ->
 
+  Signature =:= signature(CS, TS).

+ 9 - 1
src/oauth_rsa_sha1.erl
View File 

@@ -1,6 +1,6 @@
 
 -module(oauth_rsa_sha1).
 
 
--export([signature/2, public_key/1]).
 
+-export([signature/2, verify/3]).
 
 
 -include_lib("public_key/include/public_key.hrl").
 
 
@@ -10,6 +10,14 @@ signature(BaseString, PrivateKeyPath) ->
 
   {ok, PrivateKey} = public_key:decode_private_key(Info),
 
   base64:encode_to_string(public_key:sign(list_to_binary(BaseString), PrivateKey)).
 
 
+verify(Signature, BaseString, PublicKey) ->
 
+  public_key:verify_signature(to_binary(BaseString), sha, base64:decode(Signature), public_key(PublicKey)).
 
+
 
+to_binary(Term) when is_list(Term) ->
 
+  list_to_binary(Term);
 
+to_binary(Term) when is_binary(Term) ->
 
+  Term.
 
+
 
 public_key(Path) when is_list(Path) ->
 
   {ok, [{cert, DerCert, not_encrypted}]} = public_key:pem_to_der(Path),
 
   {ok, Cert} = pubkey_cert_records:decode_cert(DerCert, otp),