This pull request combines the others

.github/workflows/test.yml

@@ -0,0 +1,39 @@
+name: Test OAuther
+
+on: push
+
+jobs:
+  test:
+    name: Elixir Tests
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: erlef/setup-elixir@v1
+        with:
+          otp-version: "24.0.2"
+          elixir-version: "1.12.1"
+      - uses: actions/cache@v2
+        with:
+          path: |
+            deps
+            _build
+          key: ${{ runner.os }}-mix-${{ hashFiles('**/mix.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-mix-
+      - name: Install dependencies
+        run: |
+          mix local.rebar --force
+          mix local.hex --force --if-missing
+          mix deps.get
+      - name: Compile
+        run: mix compile --warnings-as-errors
+        env:
+          MIX_ENV: test
+      - name: Check code formatting
+        run: mix format --check-formatted
+        env:
+          MIX_ENV: test
+      - name: Run Elixir tests
+        run: mix test
+        env:
+          MIX_ENV: test

lib/oauther.ex

@@ -13,7 +13,7 @@ defmodule OAuther do
             consumer_secret: String.t(),
             token: nil | String.t(),
             token_secret: nil | String.t(),
-            method: :hmac_sha1 | :rsa_sha1 | :plaintext
+            method: :hmac_sha1 | :hmac_sha256 | :rsa_sha1 | :rsa_sha256 | :plaintext
           }
   end
 
@@ -60,8 +60,14 @@ defmodule OAuther do
   end
 
   def signature(verb, url, params, %Credentials{method: :hmac_sha1} = creds) do
-    :sha
-    |> :crypto.hmac(compose_key(creds), base_string(verb, url, params))
+    :hmac
+    |> :crypto.mac(:sha, compose_key(creds), base_string(verb, url, params))
+    |> Base.encode64()
+  end
+
+  def signature(verb, url, params, %Credentials{method: :hmac_sha256} = creds) do
+    :hmac
+    |> :crypto.mac(:sha256, compose_key(creds), base_string(verb, url, params))
     |> Base.encode64()
   end
 
@@ -71,6 +77,12 @@ defmodule OAuther do
     |> Base.encode64()
   end
 
+  def signature(verb, url, params, %Credentials{method: :rsa_sha256} = creds) do
+    base_string(verb, url, params)
+    |> :public_key.sign(:sha256, decode_private_key(creds.consumer_secret))
+    |> Base.encode64()
+  end
+
   defp protocol_param?({key, _value}) do
     String.starts_with?(key, "oauth_")
   end
@@ -167,7 +179,9 @@ defmodule OAuther do
 
   defp signature_method(:plaintext), do: "PLAINTEXT"
   defp signature_method(:hmac_sha1), do: "HMAC-SHA1"
+  defp signature_method(:hmac_sha256), do: "HMAC-SHA256"
   defp signature_method(:rsa_sha1), do: "RSA-SHA1"
+  defp signature_method(:rsa_sha256), do: "RSA-SHA256"
 
   defp percent_encode({key, value}) do
     {percent_encode(key), percent_encode(value)}

mix.exs

@@ -12,7 +12,7 @@ defmodule OAuther.Mixfile do
   end
 
   def application() do
-    [applications: []]
+    [applications: [:crypto, :public_key]]
   end
 
   defp description() do

test/oauther_test.exs

@@ -14,6 +14,20 @@ defmodule OAutherTest do
     assert signature(params, creds, "/photos") == "tR3+Ty81lMeYAr/Fid0kMTYa/WM="
   end
 
+  test "HMAC-SHA256 signature" do
+    creds =
+      OAuther.credentials(
+        method: :hmac_sha256,
+        consumer_secret: "kd94hf93k423kf44",
+        token_secret: "pfkkdhi9sl3r4s00",
+        consumer_key: "dpf43f3p2l4k3l03",
+        token: "nnch734d00sl2jdk"
+      )
+
+    params = protocol_params(creds)
+    assert signature(params, creds, "/photos") == "WVPzl1j6ZsnkIjWr7e3OZ3jkenL57KwaLFhYsroX1hg="
+  end
+
   test "RSA-SHA1 signature" do
     creds =
       OAuther.credentials(
@@ -42,6 +56,34 @@ defmodule OAutherTest do
              "cyZ9hTJnRfkOnF5+OzxXWKKG+hRY+/esxdQAluJem1RlHkZQRsFEevOS5x+A1ZoS+aYlTU3xdHkEKIb/+xuqaavAUFVaIF/5448XsXqSTJomvpoC1c7yw5ArNZnPRLYwK3XYHaIr5FHXbiCG/ze093i2MpsusQU6Shn8lGJNMWE="
   end
 
+  test "RSA-SHA256 signature" do
+    creds =
+      OAuther.credentials(
+        method: :rsa_sha256,
+        consumer_secret: fixture_path("private_key.pem"),
+        consumer_key: "dpf43f3p2l4k3l03"
+      )
+
+    params = protocol_params(creds)
+
+    assert signature(params, creds, "/photos") ==
+             "Kv0wjj1UgDKh6VyQQGCsi30dTBWI0AdVSwTxuRYhmtYTiTgeYcSvIyojQYSuLUtvD4VxX4UzOka6a55gleHiG/EaV4Sl5yz8V5vjrVORMK1fEhEXhYMjgQPvO1wMCdofwkSQHfkYeNpDoZggqnfjS11KOXZXjVFHK/6xsNhmdoM="
+
+    private_key = File.read!(fixture_path("private_key.pem"))
+
+    creds =
+      OAuther.credentials(
+        method: :rsa_sha256,
+        consumer_secret: private_key,
+        consumer_key: "dpf43f3p2l4k3l03"
+      )
+
+    params = protocol_params(creds)
+
+    assert signature(params, creds, "/photos") ==
+             "Kv0wjj1UgDKh6VyQQGCsi30dTBWI0AdVSwTxuRYhmtYTiTgeYcSvIyojQYSuLUtvD4VxX4UzOka6a55gleHiG/EaV4Sl5yz8V5vjrVORMK1fEhEXhYMjgQPvO1wMCdofwkSQHfkYeNpDoZggqnfjS11KOXZXjVFHK/6xsNhmdoM="
+  end
+
   test "PLAINTEXT signature" do
     creds =
       OAuther.credentials(