Launch Week Day 3: Introducing Organization Notifications in Socket.Learn More →
oauth-sign
Advanced tools
oauth-sign - npm Package Compare versions
+36
-1
@@ -9,2 +9,6 @@ var crypto = require('crypto') | ||
| function rsa (key, body) { | ||
| return crypto.createSign("RSA-SHA1").update(body).sign(key, 'base64'); | ||
| } | ||
| function rfc3986 (str) { | ||
@@ -41,3 +45,3 @@ return encodeURIComponent(str) | ||
| function hmacsign (httpMethod, base_uri, params, consumer_secret, token_secret) { | ||
| function generateBase (httpMethod, base_uri, params) { | ||
| // adapted from https://dev.twitter.com/docs/auth/oauth and | ||
@@ -74,2 +78,7 @@ // https://dev.twitter.com/docs/auth/creating-signature | ||
| return base | ||
| } | ||
| function hmacsign (httpMethod, base_uri, params, consumer_secret, token_secret) { | ||
| var base = generateBase(httpMethod, base_uri, params) | ||
| var key = [ | ||
@@ -83,3 +92,29 @@ consumer_secret || '', | ||
| function rsasign (httpMethod, base_uri, params, private_key, token_secret) { | ||
| var base = generateBase(httpMethod, base_uri, params) | ||
| var key = private_key || '' | ||
| return rsa(key, base) | ||
| } | ||
| function sign (signMethod, httpMethod, base_uri, params, consumer_secret, token_secret) { | ||
| var method | ||
| switch (signMethod) { | ||
| case 'RSA-SHA1': | ||
| method = rsasign | ||
| break | ||
| case 'HMAC-SHA1': | ||
| method = hmacsign | ||
| break | ||
| default: | ||
| throw new Error("Signature method not supported: " + signMethod) | ||
| } | ||
| return method.apply(null, [].slice.call(arguments, 1)) | ||
| } | ||
| exports.hmacsign = hmacsign | ||
| exports.rsasign = rsasign | ||
| exports.sign = sign | ||
| exports.rfc3986 = rfc3986 |
+1
-1
@@ -5,3 +5,3 @@ { | ||
| "description": "OAuth 1 signing. Formerly a vendor lib in mikeal/request, now a standalone module.", | ||
| "version": "0.4.0", | ||
| "version": "0.5.0", | ||
| "repository": { | ||
@@ -8,0 +8,0 @@ "url": "https://github.com/mikeal/oauth-sign" |
New alerts
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
15421
5.89%- Lines of code
151
22.76%No dependency changes