oauth-1.0a
oauth-1.0a copied to clipboard
ddo
Add support for async hash_function
Given that you've recently used this OAuth library, I'd like to inquire about its functionality. It appears that the library lacks flow management, and the functions seem rather basic. I anticipated an OAuth example, similar to the Twitter OAuth flow, where the following URLs are typically utilized:
"twitter": {
"request_url": "https://api.twitter.com/oauth/request_token",
"authorize_url": "https://api.twitter.com/oauth/authenticate",
"access_url": "https://api.twitter.com/oauth/access_token",
"oauth": 1
},
Could you elaborate on how the library handles transitioning from a request token to a user access token? Specifically, will the user directly receive the user access token on their screen, or is there a mechanism where the verified request token is sent to a callback URL, potentially located outside the user's screen?
Additionally, I'm curious if there's an option within this library to retain all tokens in the browser without transmitting them to a third-party server. Your insights on this matter would be highly valuable to me.
This is the current implementation far from beeing operational:
<!-- myapp/templates/login.html uses https://github.com/ddo/oauth-1.0a -->
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>OAuth Example</title>
<!-- jQuery -->
<script src="https://code.jquery.com/jquery-3.6.4.min.js"></script>
<!-- CryptoJS sha1 -->
<script src="https://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/hmac-sha1.js"></script>
<!-- CryptoJS sha256 -->
<script src="https://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/hmac-sha256.js"></script>
<script src="https://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/enc-base64-min.js"></script>
<!-- OAuth Library - Remote URL -->
<script src="https://raw.githubusercontent.com/ddo/oauth-1.0a/master/oauth-1.0a.js"></script>
</head>
<body>
<h1>OAuth Example</h1>
<!-- Button to Trigger OAuth Sequence -->
<button id="oauthButton">Trigger OAuth</button>
<!-- Button to Open connectiq://local URL -->
<button id="connectiqButton">Open connectiq://oauth</button>
<script>
const oauth = OAuth({
consumer: {
key: 'Your-Consumer-Key',
secret: 'Your-Consumer-Secret',
},
signature_method: 'HMAC-SHA1',
hash_function(base_string, key) {
return CryptoJS.HmacSHA1(base_string, key).toString(CryptoJS.enc.Base64)
},
});
const request_data = {
url: 'https://api.twitter.com/1/statuses/update.json?include_entities=true',
method: 'POST',
data: { status: 'Hello Ladies + Gentlemen, a signed OAuth request!' },
};
const token = {
key: 'Your-Token-Key',
secret: 'Your-Token-Secret',
};
// Function to Execute OAuth Sequence
const triggerOAuth = () => {
$.ajax({
url: request_data.url,
type: request_data.method,
data: oauth.authorize(request_data, token),
}).done(function (data) {
console.log('OAuth successfully completed:', data);
// Here you can analyze the response and extract the tokens
const accessToken = data.access_token; // Example - adjust this to your response
console.log('Access Token:', accessToken);
});
};
// Function to Open connectiq://oauth
const openConnectIQ = () => {
console.log('Opening connectiq://oauth?accessToken=',accessToken);
// Here you can implement the logic for the connectiq://oauth call
};
// Event handler for the OAuth button
$('#oauthButton').on('click', triggerOAuth);
// Event handler for the ConnectIQ button
$('#connectiqButton').on('click', openConnectIQ);
</script>
</body>
</html>
