SOAuth is a Ruby library that creates HTTP headers for OAuth Authorization using previously-obtained OAuth keys/secrets. Useful if you want to make your own HTTP request objects instead of using the ones created for you using the commonly-used OAuth gem.
It should be noted that this was developed without edge cases in mind -- it was pretty much abstracted from my "by-hand" signing of OAuth requests in Prey Fetcher, so don't consider it production-quality code (though it is running in production).
Please fork away and send me a pull request if you think you can make it better or handle more use cases.
Assuming you have Gemcutter setup as a gem source, install like any other Ruby gem:
gem install soauth
If you don't already have Gemcutter setup as one of your gem sources, install SOAuth with the following command:
gem install soauth --source http://gemcutter.org/
Create an OAuth header by specifying the URI of the resource you're requesting, your consumer key/secret + access key/secret in a hash, and -- optionally -- any GET params in another hash. Check it out:
uri = 'https://twitter.com/direct_messages.json'
oauth = {
:consumer_key => "consumer_key",
:consumer_secret => "consumer_secret",
:token => "access_key",
:token_secret => "access_secret"
}
params = {
'count' => "11",
'since_id' => "5000"
}
oauth_header = SOAuth.header(uri, oauth, params)
Pretty straightforward. You can use whatever HTTP library you like, just use oauth_header as the "Authorization" HTTP header to your request (making sure the request info is the same info you passed to SOAuth). Say you were using NET::HTTP:
http_uri = URI.parse(uri)
request = Net::HTTP.new(http_uri.host, http_uri.port)
request.get(uri.request_uri, {'Authorization', oauth_header})
There's already a pretty nice OAuth library for Ruby out there. But I didn't want to have to use the OAuth library just to make my Authorization headers, and I wanted to be able to plug those headers into whatever HTTP library I wanted (in my case, Typhoeus). I found using the OAuth gem incredibly clunky/overkill for signing requests by hand, so I made SOAuth.
This program is free software; it is distributed under an MIT-style License.
Copyright (c) 2010 Matthew Riley MacPherson.
FAQs
Unknown package
We found that soauth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Malicious PyPI package semantic-types steals Solana private keys via transitive dependency installs using monkey patching and blockchain exfiltration.
Security News
New CNA status enables OpenJS Foundation to assign CVEs for security vulnerabilities in projects like ESLint, Fastify, Electron, and others, while leaving disclosure responsibility with individual maintainers.
Product
Socket MCP brings real-time security checks to AI-generated code, helping developers catch risky dependencies before they enter the codebase.