|
|
|
|
var crypto = require('crypto')
|
|
|
|
|
, qs = require('querystring')
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
function sha1 (key, body) {
|
|
|
|
|
return crypto.createHmac('sha1', key).update(body).digest('base64')
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function rfc3986 (str) {
|
|
|
|
|
return encodeURIComponent(str)
|
|
|
|
|
.replace(/!/g,'%21')
|
|
|
|
|
.replace(/\*/g,'%2A')
|
|
|
|
|
.replace(/\(/g,'%28')
|
|
|
|
|
.replace(/\)/g,'%29')
|
|
|
|
|
.replace(/'/g,'%27')
|
|
|
|
|
;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function hmacsign (httpMethod, base_uri, params, consumer_secret, token_secret, body) {
|
|
|
|
|
// adapted from https://dev.twitter.com/docs/auth/oauth
|
|
|
|
|
var base =
|
|
|
|
|
(httpMethod || 'GET') + "&" +
|
|
|
|
|
encodeURIComponent( base_uri ) + "&" +
|
|
|
|
|
Object.keys(params).sort().map(function (i) {
|
|
|
|
|
// big WTF here with the escape + encoding but it's what twitter wants
|
|
|
|
|
return escape(rfc3986(i)) + "%3D" + escape(rfc3986(params[i]))
|
|
|
|
|
}).join("%26")
|
|
|
|
|
var key = encodeURIComponent(consumer_secret) + '&'
|
|
|
|
|
if (token_secret) key += encodeURIComponent(token_secret)
|
|
|
|
|
return sha1(key, base)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
exports.hmacsign = hmacsign
|
|
|
|
|
exports.rfc3986 = rfc3986
|
