usso

Merge lp:~rvb/usso/cleanup into lp:usso

  1. cleanup
  2. Merge into trunk
Proposed by Raphaël Badin
Status: Merged
Approved by: Vincenzo Di Somma
Approved revision: 14
Merge reported by: Raphaël Badin
Merged at revision: not available
Proposed branch: lp:~rvb/usso/cleanup
Merge into: lp:usso
Diff against target: 70 lines (+30/-12)
2 files modified
usso.go (+28/-11)
usso_test.go (+2/-1)
To merge this branch: bzr merge lp:~rvb/usso/cleanup
Reviewer Review Type Date Requested Status
Vincenzo Di Somma (community) Approve
Jeroen T. Vermeulen (community) Approve
Review via email: mp+144093@code.launchpad.net

Commit message

Refactor Sign method to make it more readable and extract utility methods.

- refactor how the timestamp and the nonce are generated to use strconv.Itoa everywhere (instead of using "strconv.Itoa" plus "strconv.FormatInt(..., 10)")
- using 100000000 as the bound given to rand.Intn is not inclusive.

To post a comment you must log in.
Revision history for this message
Jeroen T. Vermeulen (jtv) wrote :

Nice!

review: Approve
Revision history for this message
Vincenzo Di Somma (vds) :
review: Approve
Revision history for this message
Raphaël Badin (rvb) wrote :

Vincenzo merged this in one of his branches. Marking it as merged.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'usso.go'
2--- usso.go 2013-01-17 14:08:33 +0000
3+++ usso.go 2013-01-21 12:15:25 +0000
4@@ -5,6 +5,7 @@
5
6 import (
7 "encoding/json"
8+ "fmt"
9 "io/ioutil"
10 "log"
11 "math/rand"
12@@ -66,17 +67,33 @@
13 return &ssodata, nil
14 }
15
16+func generateNonce() string {
17+ return strconv.Itoa(rand.Intn(100000000))
18+}
19+
20+func generateTimestamp() string {
21+ return strconv.Itoa(int(time.Now().Unix()))
22+}
23+
24 func (oauth *SSOData) Sign(req *http.Request) error {
25- // Sign the provided request.
26- auth := `OAuth realm="API", ` +
27- `oauth_consumer_key="` + url.QueryEscape(oauth.ConsumerKey) + `", ` +
28- `oauth_token="` + url.QueryEscape(oauth.TokenKey) + `", ` +
29- `oauth_signature_method="PLAINTEXT", ` +
30- `oauth_signature="` + url.QueryEscape(
31- oauth.ConsumerSecret+`&`+oauth.TokenSecret) + `", ` +
32- `oauth_timestamp="` + strconv.FormatInt(time.Now().Unix(), 10) + `", ` +
33- `oauth_nonce="` + strconv.Itoa(int(rand.Intn(99999999))) + `", ` +
34- `oauth_version="1.0"`
35- req.Header.Add("Authorization", auth)
36+ // Sign the provided request using the OAuth PLAINTEXT method:
37+ // http://oauth.net/core/1.0/#anchor22.
38+ signature := oauth.ConsumerSecret + `&` + oauth.TokenSecret
39+ authData := map[string]string{
40+ "realm": "API",
41+ "oauth_consumer_key": oauth.ConsumerKey,
42+ "oauth_token": oauth.TokenKey,
43+ "oauth_signature_method": "PLAINTEXT",
44+ "oauth_signature": signature,
45+ "oauth_timestamp": generateTimestamp(),
46+ "oauth_nonce": generateNonce(),
47+ "oauth_version": "1.0",
48+ }
49+ // Build OAuth header.
50+ authHeader := []string{"OAuth"}
51+ for key, value := range authData {
52+ authHeader = append(authHeader, fmt.Sprintf(` %s="%s"`, key, url.QueryEscape(value)))
53+ }
54+ req.Header.Add("Authorization", strings.Join(authHeader, ""))
55 return nil
56 }
57
58=== modified file 'usso_test.go'
59--- usso_test.go 2013-01-18 16:12:41 +0000
60+++ usso_test.go 2013-01-21 12:15:25 +0000
61@@ -97,7 +97,8 @@
62
63 c.Assert(err, IsNil)
64 authHeader := request.Header["Authorization"][0]
65- c.Assert(authHeader, Matches, `.*OAuth realm="API".*`)
66+ c.Assert(authHeader, Matches, `^OAuth.*`)
67+ c.Assert(authHeader, Matches, `.*realm="API".*`)
68 c.Assert(authHeader, Matches, `.*oauth_consumer_key="`+url.QueryEscape(ssoData.ConsumerKey)+`".*`)
69 c.Assert(authHeader, Matches, `.*oauth_token="`+url.QueryEscape(ssoData.TokenKey)+`".*`)
70 c.Assert(authHeader, Matches, `.*oauth_signature="`+url.QueryEscape(ssoData.ConsumerSecret+`&`+ssoData.TokenSecret)+`.*`)

Subscribers

People subscribed via source and target branches