CrossClj

0.7.0 docs

SourceDocs



RECENT
    VARS
    ->Consumer
    ->seconds
    access-token-request
    AccessToken
    AccessTokenArg
    auth-headers->str
    authorization-url
    AuthorizationParams
    base-string
    ConsumerConfig
    filter-vals
    make-consumer
    make-oauth-headers
    Map
    map->Consumer
    nonce
    nonce-chars
    normalize-access-token-arg
    oauth-decode
    oauth-encode
    OAuthAuthorization
    OAuthRequest
    parse-auth-header
    Request
    request-token-request
    RequestMethod
    RequestTokenParams
    secure-random
    sign
    sign-request
    sign-request-impl
    signature-algos
    SignatureAlgo
    SignatureMethod
    SignedOAuthAuthorization
    SignedRequest
    split-url

    « Index of all namespaces of this project

    Provides functions for generating requests, and parsing responses necessary
    for integrating with three-legged OAuth 1.0 providers like Twitter.
    
    All Token requests and Protected Resources requests MUST be signed by the
    Consumer and verified by the Service Provider. The purpose of signing requests
    is to prevent unauthorized parties from using the Consumer Key and Tokens when
    making Token requests or Protected Resources requests. The signature process
    encodes the Consumer Secret and Token Secret into a verifiable value which is
    included with the request.
    
    OAuth does not mandate a particular signature method, as each implementation
    can have its own unique requirements. The protocol defines three signature
    methods: HMAC-SHA1, RSA-SHA1, and PLAINTEXT, but Service Providers are free to
    implement and document their own methods. Recommending any particular method
    is beyond the scope of this specification.
    
    The Consumer declares a signature method in the oauth_signature_method
    parameter, generates a signature, and stores it in the oauth_signature
    parameter. The Service Provider verifies the signature as specified in each
    method. When verifying a Consumer signature, the Service Provider SHOULD check
    the request nonce to ensure it has not been used in a previous Consumer
    request.
    
    The signature process MUST NOT change the request parameter names or values,
    with the exception of the oauth_signature parameter.
    
    For more information refer to the OAuth 1.0 specification at
    http://oauth.net/core/1.0/#signing_process.
    (->Consumer access-uri authorize-uri callback-uri key secret signature-algo)
    Positional factory function for class oauth.one.Consumer.
    
    (->seconds millis)
    Inputs: [millis :- s/Int]
    Returns: s/Int
    (access-token-request consumer creds)
    Inputs: [consumer :- Consumer creds :- {(s/optional-key "oauth_token") s/Str, (s/optional-key "oauth_verifier") s/Str}]
    
    Generate a signed request that will ask the OAuth provider for an access
    token.
    
    This request must contain the token and verifier provided by the OAuth
    provider when they redirect back to your application after you send someone to
    the authorisation URL generated by authorization-url.
    (auth-headers->str m)
    Inputs: [m :- {s/Str s/Any}]
    Returns: s/Str
    
    The OAuth Protocol Parameters are sent in the Authorization header the
    following way:
    
    1. Parameter names and values are encoded per Parameter Encoding.
    2. For each parameter, the name is immediately followed by an ‘=’ character
       (ASCII code 61), a ‘”’ character (ASCII code 34), the parameter value (MAY
       be empty), and another ‘”’ character (ASCII code 34).
    3. Parameters are separated by a comma character (ASCII code 44) and OPTIONAL
       linear whitespace per [RFC2617](http://oauth.net/core/1.0/#RFC2617).
    4. The OPTIONAL realm parameter is added and interpreted per
       [RFC2617](http://oauth.net/core/1.0/#RFC2617), section 1.2.
    
    http://oauth.net/core/1.0/#auth_header
    (authorization-url consumer)(authorization-url consumer params)
    Inputs: ([consumer :- Consumer] [consumer :- Consumer params :- AuthorizationParams])
    
    Generate a provider-specific authorisation URL that you send the user's agent
    (aka. browser) to typically via an HTTP redirect.
    
    Optional params can be passed to append to the authorisation URL via a query
    string.
    
    params may contain an "oauth_callback" to override any callback URI in the
    consumer. This can be useful when you need to pass some state for CSRF
    protection to the OAuth provider.
    
    Note, if you override the "oauth_callback" via params, you need to pass
    the same callback URI to request-token-request.
    Private
    (base-string method uri params)
    Inputs: [method :- (s/either s/Keyword s/Str) uri :- s/Str params :- Map]
    Returns: s/Str
    
    http://oauth.net/core/1.0/#anchor14
    
    The Signature Base String is a consistent reproducible concatenation of the
    request elements into a single string. The string is used as an input in
    hashing or signing algorithms. The HMAC-SHA1 signature method provides both a
    standard and an example of using the Signature Base String with a signing
    algorithm to generate signatures. All the request parameters MUST be encoded
    as described in Parameter Encoding prior to constructing the Signature Base
    String.
    
    The following items MUST be concatenated in order into a single string. Each
    item is encoded and separated by an ‘&’ character (ASCII code 38), even if
    empty.
    
    1. The HTTP request method used to send the request. Value MUST be uppercase,
       for example: HEAD, GET, POST, etc.
    2. The request URL from Section 9.1.2.
    3. The normalized request parameters string from Section 9.1.1.
    Private
    (filter-vals m)
    (make-consumer config)
    Inputs: [config :- ConsumerConfig]
    Returns: Consumer
    
    Create a new consumer instance with necessary URIs, key and secret.
    (make-oauth-headers consumer)
    Inputs: [consumer :- Consumer]
    Returns: OAuthAuthorization
    Private
    Hash-map of keyword or string to any value
    
    (map->Consumer m__7585__auto__)
    Factory function for class oauth.one.Consumer, taking a map of keywords to field values.
    
    (nonce length)
    Inputs: [length :- s/Int]
    Returns: s/Str
    Private
    (normalize-access-token-arg x)
    Inputs: [x :- (s/maybe AccessTokenArg)]
    Returns: AccessToken
    (oauth-decode s)
    Inputs: [s]
    Returns: s/Str
    
    Decode an RFC 3986 encoded string.
    (oauth-encode s)
    Inputs: [s]
    Returns: s/Str
    
    Encode string according to RFC 3986.
    Valid attributes and corresponding values allowed in the unsigned OAuth
    Authorization header.
    Private
    clj-http compatible request map with required :oauth-headers that will be
    used to generate a signature.
    (parse-auth-header s)
    Inputs: [s :- s/Str]
    Returns: {s/Str s/Str}
    
    The inverse of auth-headers->str.
    Private
    A clj-http compatible request map that is also OAuth 1.0 compatible.
    
    (request-token-request consumer)(request-token-request consumer params)
    Inputs: ([consumer :- Consumer] [consumer :- Consumer params :- RequestTokenParams])
    
    Generate a clj-http compatible request map that will request a token from the
    provider associated with consumer.
    
    http://oauth.net/core/1.0/#auth_step1
    
    The Consumer obtains an unauthorized Request Token by asking the Service
    Provider to issue a Token. The Request Token’s sole purpose is to receive
    User approval and can only be used to obtain an Access Token.
    
    To obtain a Request Token, the Consumer sends an HTTP request to the Service
    Provider’s Request Token URL. The Service Provider documentation specifies
    the HTTP method for this request, and HTTP POST is RECOMMENDED.
    
    Note, if you override the "oauth_callback" via params, you need to pass
    the same callback URI to authorization-url.
    Private
    Valid HTTP request methods
    
    (sign consumer oauth-token-secret data)
    Inputs: [consumer :- Consumer oauth-token-secret :- (s/maybe s/Str) data :- s/Str]
    Returns: s/Str
    (sign-request consumer oauth-request)(sign-request consumer {:keys [oauth-headers], :as oauth-request} access-token-arg)
    Inputs: ([consumer oauth-request] [consumer :- Consumer {:keys [oauth-headers], :as oauth-request} :- OAuthRequest access-token-arg :- (s/maybe AccessTokenArg)])
    Returns: SignedRequest
    Private
    (sign-request-impl consumer oauth-request)(sign-request-impl consumer oauth-request access-token)
    Inputs: ([consumer oauth-request] [consumer :- Consumer oauth-request :- OAuthRequest access-token :- AccessToken])
    Returns: SignedRequest
    Private
    Mapping from keyword algorithm used in a consumer to the string version used
    in the OAuth Authorization header.
    Signed version of the valid attributes and corresponding values allowed in
    the OAuth Authorization header. See OAuthAuthorization.
    Private
    Signed OAuth request with an Authorization header.
    
    Private
    (split-url url)
    Inputs: [url]
    Returns: [(s/one s/Str "base-url") (s/maybe {s/Str s/Str})]