Security News
Astral Launches pyx: A Python-Native Package Registry
Astral unveils pyx, a Python-native package registry in beta, designed to speed installs, enhance security, and integrate deeply with uv.
By Sarah Gooding - Aug 13, 2025
soauth
SOAuth
The "S" is for "Signs"
SOAuth is a Ruby library that creates HTTP headers for OAuth Authorization using previously-obtained OAuth keys/secrets. Useful if you want to make your own HTTP request objects instead of using the ones created for you using the commonly-used OAuth gem.
It should be noted that this was developed without edge cases in mind -- it was pretty much abstracted from my "by-hand" signing of OAuth requests in Prey Fetcher, so don't consider it production-quality code (though it is running in production).
Please fork away and send me a pull request if you think you can make it better or handle more use cases.
Installation
Assuming you have Gemcutter setup as a gem source, install like any other Ruby gem:
gem install soauth
If you don't already have Gemcutter setup as one of your gem sources, install SOAuth with the following command:
gem install soauth --source http://gemcutter.org/
Usage
Create an OAuth header by specifying the URI of the resource you're requesting, your consumer key/secret + access key/secret in a hash, and -- optionally -- any GET params in another hash. Check it out:
uri = 'https://twitter.com/direct_messages.json'
oauth = {
:consumer_key => "consumer_key",
:consumer_secret => "consumer_secret",
:token => "access_key",
:token_secret => "access_secret"
}
params = {
'count' => "11",
'since_id' => "5000"
}
oauth_header = SOAuth.header(uri, oauth, params)
Pretty straightforward. You can use whatever HTTP library you like, just use oauth_header as the "Authorization" HTTP header to your request (making sure the request info is the same info you passed to SOAuth). Say you were using NET::HTTP:
http_uri = URI.parse(uri)
request = Net::HTTP.new(http_uri.host, http_uri.port)
request.get(uri.request_uri, {'Authorization', oauth_header})
Why Would I Want This?
There's already a pretty nice OAuth library for Ruby out there. But I didn't want to have to use the OAuth library just to make my Authorization headers, and I wanted to be able to plug those headers into whatever HTTP library I wanted (in my case, Typhoeus). I found using the OAuth gem incredibly clunky/overkill for signing requests by hand, so I made SOAuth.
License
This program is free software; it is distributed under an MIT-style License.
Copyright (c) 2010 Matthew Riley MacPherson.
FAQs
Unknown package
We found that soauth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 07 Jan 2010
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Static vs. Runtime Reachability: Insights from Latio’s On the Record Podcast
The Latio podcast explores how static and runtime reachability help teams prioritize exploitable vulnerabilities and streamline AppSec workflows.
By Sarah Gooding - Aug 13, 2025
Security News
Opengrep Adds Apex Support and New Rule Controls in Latest Updates
The latest Opengrep releases add Apex scanning, precision rule tuning, and performance gains for open source static code analysis.
By Sarah Gooding - Aug 12, 2025