Home Explore Help
Sign In
n4u
/
erlang-oauth
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki

mirror https://github.com/tim/erlang-oauth

Tree: ac4a94f225
Branches Tags
erlang-oauth
ZIP TAR.GZ
Marc Worrell ac4a94f225 Cleanup changelog 3 years ago
.github be7cee3e78 Reorganize files, add rebar3 build, GH actions. 3 years ago
src 67c8685bd5 Add rebar.config, dialyzer fixes 3 years ago
test be7cee3e78 Reorganize files, add rebar3 build, GH actions. 3 years ago
CHANGELOG.md ac4a94f225 Cleanup changelog 3 years ago
LICENSE.txt edafebda55 Move license file to LICENSE.txt 4 years ago
Makefile be7cee3e78 Reorganize files, add rebar3 build, GH actions. 3 years ago
README.md be7cee3e78 Reorganize files, add rebar3 build, GH actions. 3 years ago
THANKS.txt bdd3a80026 Bump version to 2.0.0 4 years ago
rebar.config 67c8685bd5 Add rebar.config, dialyzer fixes 3 years ago
rebar.lock 67c8685bd5 Add rebar.config, dialyzer fixes 3 years ago

README.md

erlang-oauth

An Erlang implementation of The OAuth 1.0 Protocol.

Functions for generating signatures (client side), verifying signatures (server side), and some convenience functions for making OAuth HTTP requests (client side).

Usage

Erlang-ouath is on Hex, you can use the package by:

{deps, [
    {oauth, "2.1.0"}
]}.

Erlang/OTP compatibility

Erlang/OTP 21 or greater.

Quick start (client usage)

$ erl -make
Recompile: src/oauth
$ erl -pa ebin -s crypto -s inets
...
1> Consumer = {"key", "secret", hmac_sha1}.
...
2> RequestTokenURL = "http://term.ie/oauth/example/request_token.php".
...
3> {ok, RequestTokenResponse} = oauth:get(RequestTokenURL, [], Consumer).
...
4> RequestTokenParams = oauth:params_decode(RequestTokenResponse).
...
5> RequestToken = oauth:token(RequestTokenParams).
...
6> RequestTokenSecret = oauth:token_secret(RequestTokenParams).
...
7> AccessTokenURL = "http://term.ie/oauth/example/access_token.php".
...
8> {ok, AccessTokenResponse} = oauth:get(AccessTokenURL, [], Consumer, RequestToken, RequestTokenSecret).
...
9> AccessTokenParams = oauth:params_decode(AccessTokenResponse).
...
10> AccessToken = oauth:token(AccessTokenParams).
...
11> AccessTokenSecret = oauth:token_secret(AccessTokenParams).
...
12> URL = "http://term.ie/oauth/example/echo_api.php".
...
13> {ok, Response} = oauth:get(URL, [{"hello", "world"}], Consumer, AccessToken, AccessTokenSecret).
...
14> oauth:params_decode(Response).
...

OAuth consumer representation

Consumers are represented using tuples:

{Key::string(), Secret::string(), plaintext}

{Key::string(), Secret::string(), hmac_sha1}

{Key::string(), RSAPrivateKeyPath::string(), rsa_sha1}  % client side

{Key::string(), RSACertificatePath::string(), rsa_sha1}  % server side

Other notes

This implementation should be compatible with the signature algorithms presented in RFC5849 - The OAuth 1.0 Protocol, and OAuth Core 1.0 Revision A. It is not intended to cover OAuth 2.0.

This is not a "plug and play" server implementation. In order to implement OAuth correctly as a provider you have more work to do: token storage, nonce and timestamp verification etc.

This is not a "bells and whistles" HTTP client. If you need fine grained control over your HTTP requests or you prefer to use something other than inets/httpc then you will need to assemble the requests yourself. Use oauth:sign/6 to generate a list of signed OAuth parameters, and then either oauth:uri_params_encode/1 or oauth:header_params_encode/1 to encode the signed parameters.

The percent encoding/decoding implementations are based on ibrowse

License

This project is licensed under the terms of the MIT license.