usso

Merge lp:~rvb/usso/cleanup into lp:usso

  1. cleanup
  2. Merge into trunk
Proposed by Raphaël Badin
Status: Merged
Approved by: Vincenzo Di Somma
Approved revision: 14
Merge reported by: Raphaël Badin
Merged at revision: not available
Proposed branch: lp:~rvb/usso/cleanup
Merge into: lp:usso
Diff against target: 70 lines (+30/-12)
2 files modified
usso.go (+28/-11)
usso_test.go (+2/-1)
To merge this branch: bzr merge lp:~rvb/usso/cleanup
Reviewer Review Type Date Requested Status
Vincenzo Di Somma (community) Approve
Jeroen T. Vermeulen (community) Approve
Review via email: mp+144093@code.launchpad.net

Commit message

Refactor Sign method to make it more readable and extract utility methods.

- refactor how the timestamp and the nonce are generated to use strconv.Itoa everywhere (instead of using "strconv.Itoa" plus "strconv.FormatInt(..., 10)")
- using 100000000 as the bound given to rand.Intn is not inclusive.

To post a comment you must log in.
Revision history for this message
Jeroen T. Vermeulen (jtv) wrote :

Nice!

review: Approve
Revision history for this message
Vincenzo Di Somma (vds) :
review: Approve
Revision history for this message
Raphaël Badin (rvb) wrote :

Vincenzo merged this in one of his branches. Marking it as merged.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'usso.go'
--- usso.go 2013-01-17 14:08:33 +0000
+++ usso.go 2013-01-21 12:15:25 +0000
@@ -5,6 +5,7 @@
55
6import (6import (
7 "encoding/json"7 "encoding/json"
8 "fmt"
8 "io/ioutil"9 "io/ioutil"
9 "log"10 "log"
10 "math/rand"11 "math/rand"
@@ -66,17 +67,33 @@
66 return &ssodata, nil67 return &ssodata, nil
67}68}
6869
70func generateNonce() string {
71 return strconv.Itoa(rand.Intn(100000000))
72}
73
74func generateTimestamp() string {
75 return strconv.Itoa(int(time.Now().Unix()))
76}
77
69func (oauth *SSOData) Sign(req *http.Request) error {78func (oauth *SSOData) Sign(req *http.Request) error {
70 // Sign the provided request.79 // Sign the provided request using the OAuth PLAINTEXT method:
71 auth := `OAuth realm="API", ` +80 // http://oauth.net/core/1.0/#anchor22.
72 `oauth_consumer_key="` + url.QueryEscape(oauth.ConsumerKey) + `", ` +81 signature := oauth.ConsumerSecret + `&` + oauth.TokenSecret
73 `oauth_token="` + url.QueryEscape(oauth.TokenKey) + `", ` +82 authData := map[string]string{
74 `oauth_signature_method="PLAINTEXT", ` +83 "realm": "API",
75 `oauth_signature="` + url.QueryEscape(84 "oauth_consumer_key": oauth.ConsumerKey,
76 oauth.ConsumerSecret+`&`+oauth.TokenSecret) + `", ` +85 "oauth_token": oauth.TokenKey,
77 `oauth_timestamp="` + strconv.FormatInt(time.Now().Unix(), 10) + `", ` +86 "oauth_signature_method": "PLAINTEXT",
78 `oauth_nonce="` + strconv.Itoa(int(rand.Intn(99999999))) + `", ` +87 "oauth_signature": signature,
79 `oauth_version="1.0"`88 "oauth_timestamp": generateTimestamp(),
80 req.Header.Add("Authorization", auth)89 "oauth_nonce": generateNonce(),
90 "oauth_version": "1.0",
91 }
92 // Build OAuth header.
93 authHeader := []string{"OAuth"}
94 for key, value := range authData {
95 authHeader = append(authHeader, fmt.Sprintf(` %s="%s"`, key, url.QueryEscape(value)))
96 }
97 req.Header.Add("Authorization", strings.Join(authHeader, ""))
81 return nil98 return nil
82}99}
83100
=== modified file 'usso_test.go'
--- usso_test.go 2013-01-18 16:12:41 +0000
+++ usso_test.go 2013-01-21 12:15:25 +0000
@@ -97,7 +97,8 @@
9797
98 c.Assert(err, IsNil)98 c.Assert(err, IsNil)
99 authHeader := request.Header["Authorization"][0]99 authHeader := request.Header["Authorization"][0]
100 c.Assert(authHeader, Matches, `.*OAuth realm="API".*`)100 c.Assert(authHeader, Matches, `^OAuth.*`)
101 c.Assert(authHeader, Matches, `.*realm="API".*`)
101 c.Assert(authHeader, Matches, `.*oauth_consumer_key="`+url.QueryEscape(ssoData.ConsumerKey)+`".*`)102 c.Assert(authHeader, Matches, `.*oauth_consumer_key="`+url.QueryEscape(ssoData.ConsumerKey)+`".*`)
102 c.Assert(authHeader, Matches, `.*oauth_token="`+url.QueryEscape(ssoData.TokenKey)+`".*`)103 c.Assert(authHeader, Matches, `.*oauth_token="`+url.QueryEscape(ssoData.TokenKey)+`".*`)
103 c.Assert(authHeader, Matches, `.*oauth_signature="`+url.QueryEscape(ssoData.ConsumerSecret+`&`+ssoData.TokenSecret)+`.*`)104 c.Assert(authHeader, Matches, `.*oauth_signature="`+url.QueryEscape(ssoData.ConsumerSecret+`&`+ssoData.TokenSecret)+`.*`)

Subscribers

People subscribed via source and target branches