faithlife-oauth - npm Package Compare versions

Comparing version 0.3.2 to 0.3.3

lib/consumer.js

@@ -12,2 +12,3 @@ /*!
 var restError = require('rest/interceptor/errorCode');
+var utils = require('./utils');
 
@@ -33,4 +34,2 @@ /**
   this.secret = options.secret || process.env.FAITHLIFE_CONSUMER_SECRET || null;
-  this.signatureMethod = 'PLAINTEXT';
-  this.version = '1.0';
 
@@ -50,7 +49,9 @@ this.request = rest.wrap(restMime).wrap(restError);
 
+  var key = [this.secret, options.oauth_token_secret].join('&');
   var params = {
     oauth_consumer_key: this.token,
-    oauth_signature: [this.secret, options.oauth_token_secret].join('%26'),
-    oauth_signature_method: 'PLAINTEXT',
-    oauth_version: '1.0'
+    oauth_signature_method: options.signatureMethod || 'PLAINTEXT',
+    oauth_version: '1.0',
+    oauth_timestamp: Math.floor(Date.now() / 1000),
+    oauth_nonce: Math.random().toString(26).slice(2)
   };
@@ -64,2 +65,15 @@
 
+  Object.keys(options.params || {}).forEach(function (key) {
+    params[key] = options.params[key];
+  });
+
+  switch (params.oauth_signature_method) {
+    case 'HMAC-SHA1':
+      params.oauth_signature = encodeURIComponent(utils.generateHmacSignature(options.url, params, key));
+      break;
+    case 'PLAINTEXT':
+      params.oauth_signature = encodeURIComponent(key);
+      break;
+  }
+
   return 'OAuth ' + Object.keys(params).map(function (key) {
@@ -145,2 +159,13 @@ return key + '="' + params[key] + '"';
     });
+
+    // This Single-Sign-On-specific route associates the received access token
+    // and secret with the user's session within this application.
+    app.post('/associate', function (request) {
+      request.session.oauth_token = request.params.accessToken;
+      request.session.oauth_token_secret = request.params.accessSecret;
+
+      return {
+        status: 204
+      };
+    });
   }
@@ -152,2 +177,18 @@
 /**
+ * Generates a Single-Sign-On request URL, which should be used as the `src`
+ * attribute in a script tag after `methodName` has been defined.
+ */
+FaithlifeOAuthConsumer.prototype.getJsonpUrl = function getJsonpUrl(methodName) {
+  var authHeader = this.generateAuthHeader({
+    signatureMethod: 'HMAC-SHA1',
+    url: this.rootUrl + '/v1/users/credentials',
+    params: {
+      jsonp: methodName
+    }
+  });
+
+  return this.rootUrl + '/v1/users/credentials?jsonp=' + methodName + '&authorizationHeader=' + encodeURIComponent(authHeader);
+};
+
+/**
  * Mounts a subapp on `app` at the specified `location`.
@@ -154,0 +195,0 @@ */

package.json

 {
   "name": "faithlife-oauth",
-  "version": "0.3.2",
+  "version": "0.3.3",
   "description": "Middleware and Consumers for authenticating with the Faithlife API via OAuth.",
@@ -5,0 +5,0 @@ "main": "lib/index.js",

No alert changes

Improved metrics

Total package byte prevSize

11723

increased by25.1%

Number of package files

9

increased by28.57%

Lines of code

299

increased by32.3%

No dependency changes