Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for async hash_function #118

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Conversation

lumnn
Copy link

@lumnn lumnn commented Nov 27, 2023

This related to #108

@weberk
Copy link

weberk commented Dec 8, 2023

Given that you've recently used this OAuth library, I'd like to inquire about its functionality. It appears that the library lacks flow management, and the functions seem rather basic. I anticipated an OAuth example, similar to the Twitter OAuth flow, where the following URLs are typically utilized:

"twitter": {
    "request_url": "https://api.twitter.com/oauth/request_token",
    "authorize_url": "https://api.twitter.com/oauth/authenticate",
    "access_url": "https://api.twitter.com/oauth/access_token",
    "oauth": 1
  },

Could you elaborate on how the library handles transitioning from a request token to a user access token? Specifically, will the user directly receive the user access token on their screen, or is there a mechanism where the verified request token is sent to a callback URL, potentially located outside the user's screen?

Additionally, I'm curious if there's an option within this library to retain all tokens in the browser without transmitting them to a third-party server. Your insights on this matter would be highly valuable to me.

This is the current implementation far from beeing operational:

<!-- myapp/templates/login.html uses https://github.com/ddo/oauth-1.0a -->

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>OAuth Example</title>

    <!-- jQuery -->
    <script src="https://code.jquery.com/jquery-3.6.4.min.js"></script>

    <!-- CryptoJS sha1 -->
    <script src="https://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/hmac-sha1.js"></script>
    <!-- CryptoJS sha256 -->
    <script src="https://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/hmac-sha256.js"></script>
    <script src="https://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/enc-base64-min.js"></script>

    <!-- OAuth Library - Remote URL -->
    <script src="https://raw.githubusercontent.com/ddo/oauth-1.0a/master/oauth-1.0a.js"></script>
</head>
<body>

    <h1>OAuth Example</h1>

    <!-- Button to Trigger OAuth Sequence -->
    <button id="oauthButton">Trigger OAuth</button>

    <!-- Button to Open connectiq://local URL -->
    <button id="connectiqButton">Open connectiq://oauth</button>

    <script>
        const oauth = OAuth({
            consumer: {
                key: 'Your-Consumer-Key',
                secret: 'Your-Consumer-Secret',
            },
            signature_method: 'HMAC-SHA1',
            hash_function(base_string, key) {
                return CryptoJS.HmacSHA1(base_string, key).toString(CryptoJS.enc.Base64)
            },
        });

        const request_data = {
            url: 'https://api.twitter.com/1/statuses/update.json?include_entities=true',
            method: 'POST',
            data: { status: 'Hello Ladies + Gentlemen, a signed OAuth request!' },
        };

        const token = {
            key: 'Your-Token-Key',
            secret: 'Your-Token-Secret',
        };

        // Function to Execute OAuth Sequence
        const triggerOAuth = () => {
            $.ajax({
                url: request_data.url,
                type: request_data.method,
                data: oauth.authorize(request_data, token),
            }).done(function (data) {
                console.log('OAuth successfully completed:', data);

                // Here you can analyze the response and extract the tokens
                const accessToken = data.access_token; // Example - adjust this to your response

                console.log('Access Token:', accessToken);
            });
        };

        // Function to Open connectiq://oauth
        const openConnectIQ = () => {
            console.log('Opening connectiq://oauth?accessToken=',accessToken);
            // Here you can implement the logic for the connectiq://oauth call
        };

        // Event handler for the OAuth button
        $('#oauthButton').on('click', triggerOAuth);

        // Event handler for the ConnectIQ button
        $('#connectiqButton').on('click', openConnectIQ);
    </script>

</body>
</html>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants