Context Navigation

source: lib/oauth.c @ be28fe7

Last change on this file since be28fe7 was be28fe7, checked in by Wilmer van der Gaast <wilmer@…>, at 2010-04-25T15:12:13Z
Code to calculate OAuth signatures. I hope that after wrapping my mind around all of this the rest is going to be easier..
Property mode set to `100644`
File size: 3.9 KB

Rev	Line
[be28fe7]	1	/***************************************************************************\
	2	* *
	3	* BitlBee - An IRC to IM gateway *
	4	* Simple OAuth client (consumer) implementation. *
	5	* *
	6	* Copyright 2010 Wilmer van der Gaast <wilmer@gaast.net> *
	7	* *
	8	* This library is free software; you can redistribute it and/or *
	9	* modify it under the terms of the GNU Lesser General Public *
	10	* License as published by the Free Software Foundation, version *
	11	* 2.1. *
	12	* *
	13	* This library is distributed in the hope that it will be useful, *
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
	16	* Lesser General Public License for more details. *
	17	* *
	18	* You should have received a copy of the GNU Lesser General Public License *
	19	* along with this library; if not, write to the Free Software Foundation, *
	20	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA *
	21	* *
	22	\***************************************************************************/
	23
	24	#include <glib.h>
	25	#include <gmodule.h>
	26	#include <stdlib.h>
	27	#include <string.h>
	28	#include "base64.h"
	29	#include "misc.h"
	30	#include "sha1.h"
	31
	32	#define CONSUMER_KEY "xsDNKJuNZYkZyMcu914uEA"
	33	#define CONSUMER_SECRET "FCxqcr0pXKzsF9ajmP57S3VQ8V6Drk4o2QYtqMcOszo"
	34	/* How can it be a secret if it's right here in the source code? No clue... */
	35
	36	#define HMAC_BLOCK_SIZE 64
	37
	38	struct oauth_state
	39	{
	40	};
	41
	42	static char oauth_sign( const char method, const char *url,
	43	const char params, const char token_secret )
	44	{
	45	sha1_state_t sha1;
	46	uint8_t hash[sha1_hash_size];
	47	uint8_t key[HMAC_BLOCK_SIZE+1];
	48	char *s;
	49	int i;
	50
	51	/* Create K. If our current key is >64 chars we have to hash it,
	52	otherwise just pad. */
	53	memset( key, 0, HMAC_BLOCK_SIZE );
	54	i = strlen( CONSUMER_SECRET ) + 1 + token_secret ? strlen( token_secret ) : 0;
	55	if( i > HMAC_BLOCK_SIZE )
	56	{
	57	sha1_init( &sha1 );
	58	sha1_append( &sha1, CONSUMER_SECRET, strlen( CONSUMER_SECRET ) );
	59	sha1_append( &sha1, "&", 1 );
	60	if( token_secret )
	61	sha1_append( &sha1, token_secret, strlen( token_secret ) );
	62	sha1_finish( &sha1, key );
	63	}
	64	else
	65	{
	66	g_snprintf( key, HMAC_BLOCK_SIZE + 1, "%s&%s",
	67	CONSUMER_SECRET, token_secret ? : "" );
	68	}
	69
	70	/* Inner part: H(K XOR 0x36, text) */
	71	sha1_init( &sha1 );
	72
	73	for( i = 0; i < HMAC_BLOCK_SIZE; i ++ )
	74	key[i] ^= 0x36;
	75	sha1_append( &sha1, key, HMAC_BLOCK_SIZE );
	76
	77	/* OAuth: text = method&url&params, all http_encoded. */
	78	sha1_append( &sha1, (const uint8_t*) method, strlen( method ) );
	79	sha1_append( &sha1, (const uint8_t*) "&", 1 );
	80
	81	s = g_new0( char, strlen( url ) * 3 + 1 );
	82	strcpy( s, url );
	83	http_encode( s );
	84	sha1_append( &sha1, (const uint8_t*) s, strlen( s ) );
	85	sha1_append( &sha1, (const uint8_t*) "&", 1 );
	86	g_free( s );
	87
	88	s = g_new0( char, strlen( params ) * 3 + 1 );
	89	strcpy( s, params );
	90	http_encode( s );
	91	sha1_append( &sha1, (const uint8_t*) s, strlen( s ) );
	92	g_free( s );
	93
	94	sha1_finish( &sha1, hash );
	95
	96	/* Final result: H(K XOR 0x5C, inner stuff) */
	97	sha1_init( &sha1 );
	98	for( i = 0; i < HMAC_BLOCK_SIZE; i ++ )
	99	key[i] ^= 0x36 ^ 0x5c;
	100	sha1_append( &sha1, key, HMAC_BLOCK_SIZE );
	101	sha1_append( &sha1, hash, sha1_hash_size );
	102	sha1_finish( &sha1, hash );
	103
	104	/* base64_encode it and we're done. */
	105	return base64_encode( hash, sha1_hash_size );
	106	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: