Home Explore Help
Sign In
n4u
/
erlang-oauth
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 98bfd9f150
Branches Tags
erlang-oauth
/
README.txt

README.txt 2.2 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879 
  1. ============
    2. 

  2. erlang-oauth
    3. 

  3. ============
    4. 

  4. 

  5. 

  6. What is this?
    7. 

  7. -------------
    8. 

  8. 

  9. An Erlang wrapper around the OAuth protocol.
    10. 

  10. 

  11. 

  12. What is OAuth?
    13. 

  13. --------------
    14. 

  14. 

  15. An "open protocol to allow secure API authentication in a simple and standard
    16. 

  16. method from desktop and web applications". See http://oauth.net/ for more info.
    17. 

  17. 

  18. 

  19. What do I need?
    20. 

  20. ---------------
    21. 

  21. 

  22. Erlang, and erlang-fmt (http://tfletcher.com/dev/erlang-fmt).
    23. 

  23. 

  24. The Makefile assumes that erlang-fmt is contained in the parent directory of
    25. 

  25. this one, so you might want to edit the Makefile if you have it elsewhere.
    26. 

  26. 

  27. Erlang R12B-5 is required for RSA-SHA1 signing.
    28. 

  28. 

  29. 

  30. How do I use it?
    31. 

  31. ----------------
    32. 

  32. 

  33. First, create a consumer:
    34. 

  34. 

  35.   Consumer = oauth_consumer:new("key", "secret", SignatureMethod).
    36. 

  36. 

  37. 

  38. SignatureMethod can either be "PLAINTEXT", "HMAC-SHA1", or {"RSA-SHA1", PK},
    39. 

  39. where PK is either a path pointing to a private key PEM file, or a tuple as
    40. 

  40. returned by public_key:decode_private_key/1.
    41. 

  41. 

  42. Requests can be made with oauth:get and oauth:post, e.g.,
    43. 

  43. 

  44.   Response = oauth:get(URL, Consumer).
    45. 

  45. 

  46. 

  47. URL must not contain a query string. Instead, pass the query parameters in
    48. 

  48. as an additional [proplist] argument, e.g.,
    49. 

  49. 

  50.   Response = oauth:get(URL, Consumer, [{foo, "bar"}]).
    51. 

  51. 

  52. 

  53. Calling oauth:get or oauth:post returns an HTTP response tuple, as would
    54. 

  54. be returned from http:request/4. If you are requesting tokens you can use
    55. 

  55. oauth_token_pair:new/1 to extract the oauth_token and oauth_token_secret
    56. 

  56. parameters from the response, e.g.,
    57. 

  57. 

  58.   TokenPair={Token, TokenSecret} = oauth_token_pair:new(Response).
    59. 

  59. 

  60. 

  61. TokenPair can then be passed back into oauth:get and oauth:post to
    62. 

  62. request additional tokens, or a protected resource. Alternatively, you
    63. 

  63. can use oauth_request:to_header/2,4 to generate an HTTP Authorization
    64. 

  64. header, as described by http://oauth.net/core/1.0/#auth_header. This
    65. 

  65. isn't (currently) integrated into oauth:get and oauth:post, so you
    66. 

  66. would need to use http:request/4 directly in this case.
    67. 

  67. 

  68. 

  69. Are there any examples anywhere?
    70. 

  70. --------------------------------
    71. 

  71. 

  72. Yes. See test/oauth_termie.erl and test/oauth_google.erl. They can be
    73. 

  73. run with "make termie_hmac", "make termie_rsa", and "make google".
    74. 

  74. 

  75. 

  76. Who can I contact if I have another question?
    77. 

  77. ---------------------------------------------
    78. 

  78. 

  79. Tim Fletcher (http://tfletcher.com/).
    80.