Remove brittle custom-signing logic
This commit is contained in:
parent
8bef3ae78f
commit
ffb9bfe6ae
2 changed files with 38 additions and 91 deletions
|
@ -1,22 +1,16 @@
|
||||||
import 'dart:async';
|
import 'dart:async';
|
||||||
import 'dart:collection';
|
|
||||||
import 'dart:convert';
|
|
||||||
import 'package:angel_auth/angel_auth.dart';
|
import 'package:angel_auth/angel_auth.dart';
|
||||||
import 'package:angel_framework/angel_framework.dart';
|
import 'package:angel_framework/angel_framework.dart';
|
||||||
import 'package:crypto/crypto.dart';
|
|
||||||
import 'package:http/http.dart' as http;
|
import 'package:http/http.dart' as http;
|
||||||
import 'package:meta/meta.dart';
|
import 'package:oauth/oauth.dart' as oauth;
|
||||||
import 'package:path/path.dart' as p;
|
import 'package:path/path.dart' as p;
|
||||||
import 'package:random_string/random_string.dart' as rs;
|
|
||||||
import 'package:twitter/twitter.dart';
|
import 'package:twitter/twitter.dart';
|
||||||
|
|
||||||
|
/// Authenticates users by connecting to Twitter's API.
|
||||||
class TwitterStrategy<User> extends AuthStrategy<User> {
|
class TwitterStrategy<User> extends AuthStrategy<User> {
|
||||||
/// The options defining how to connect to the third-party.
|
/// The options defining how to connect to the third-party.
|
||||||
final ExternalAuthOptions options;
|
final ExternalAuthOptions options;
|
||||||
|
|
||||||
/// The underlying [BaseClient] used to query Twitter.
|
|
||||||
final http.BaseClient httpClient;
|
|
||||||
|
|
||||||
/// A callback that uses Twitter to authenticate a [User].
|
/// A callback that uses Twitter to authenticate a [User].
|
||||||
///
|
///
|
||||||
/// As always, return `null` if authentication fails.
|
/// As always, return `null` if authentication fails.
|
||||||
|
@ -26,74 +20,21 @@ class TwitterStrategy<User> extends AuthStrategy<User> {
|
||||||
/// The root of Twitter's API. Defaults to `'https://api.twitter.com'`.
|
/// The root of Twitter's API. Defaults to `'https://api.twitter.com'`.
|
||||||
final Uri baseUrl;
|
final Uri baseUrl;
|
||||||
|
|
||||||
|
oauth.Client _client;
|
||||||
|
|
||||||
|
/// The underlying [oauth.Client] used to query Twitter.
|
||||||
|
oauth.Client get client => _client;
|
||||||
|
|
||||||
TwitterStrategy(this.options, this.verifier,
|
TwitterStrategy(this.options, this.verifier,
|
||||||
{http.BaseClient client, Uri baseUrl})
|
{http.BaseClient client, Uri baseUrl})
|
||||||
: this.baseUrl = baseUrl ?? Uri.parse('https://api.twitter.com'),
|
: this.baseUrl = baseUrl ?? Uri.parse('https://api.twitter.com') {
|
||||||
this.httpClient = client ?? http.Client() as http.BaseClient;
|
var tokens = oauth.Tokens(
|
||||||
|
consumerId: options.clientId, consumerKey: options.clientSecret);
|
||||||
String _createSignature(
|
_client = oauth.Client(tokens, client: client);
|
||||||
String method, String uriString, Map<String, String> params,
|
|
||||||
{@required String tokenSecret}) {
|
|
||||||
// Not only do we need to sort the parameters, but we need to URI-encode them as well.
|
|
||||||
var encoded = new SplayTreeMap();
|
|
||||||
for (String key in params.keys) {
|
|
||||||
encoded[Uri.encodeComponent(key)] = Uri.encodeComponent(params[key]);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
String collectedParams =
|
/// Handle a response from Twitter.
|
||||||
encoded.keys.map((key) => "$key=${encoded[key]}").join("&");
|
Future<Map<String, String>> handleUrlEncodedResponse(http.Response rs) async {
|
||||||
|
|
||||||
String baseString =
|
|
||||||
"$method&${Uri.encodeComponent(uriString)}&${Uri.encodeComponent(collectedParams)}";
|
|
||||||
|
|
||||||
String signingKey =
|
|
||||||
"${Uri.encodeComponent(options.clientSecret)}&$tokenSecret";
|
|
||||||
|
|
||||||
// After you create a base string and signing key, we need to hash this via HMAC-SHA1
|
|
||||||
var hmac = new Hmac(sha1, signingKey.codeUnits);
|
|
||||||
|
|
||||||
// The returned signature should be the resulting hash, Base64-encoded
|
|
||||||
return base64.encode(hmac.convert(baseString.codeUnits).bytes);
|
|
||||||
}
|
|
||||||
|
|
||||||
Future<http.Request> _prepRequest(String path,
|
|
||||||
{String method = "GET",
|
|
||||||
Map<String, String> data = const {},
|
|
||||||
String accessToken,
|
|
||||||
String tokenSecret = ''}) async {
|
|
||||||
var headers = new Map<String, String>.from(data);
|
|
||||||
headers["oauth_version"] = "1.0";
|
|
||||||
headers["oauth_consumer_key"] = options.clientId;
|
|
||||||
|
|
||||||
// The implementation of _randomString doesn't matter - just generate a 32-char
|
|
||||||
// alphanumeric string.
|
|
||||||
headers["oauth_nonce"] = rs.randomAlphaNumeric(32);
|
|
||||||
headers["oauth_signature_method"] = "HMAC-SHA1";
|
|
||||||
headers["oauth_timestamp"] =
|
|
||||||
(new DateTime.now().millisecondsSinceEpoch / 1000).round().toString();
|
|
||||||
|
|
||||||
if (accessToken != null) {
|
|
||||||
headers["oauth_token"] = accessToken;
|
|
||||||
}
|
|
||||||
|
|
||||||
var request = http.Request(method, baseUrl.replace(path: path));
|
|
||||||
|
|
||||||
headers['oauth_signature'] = _createSignature(
|
|
||||||
method, request.url.toString(), headers,
|
|
||||||
tokenSecret: tokenSecret);
|
|
||||||
|
|
||||||
var oauthString = headers.keys
|
|
||||||
.map((name) => '$name="${Uri.encodeComponent(headers[name])}"')
|
|
||||||
.join(", ");
|
|
||||||
|
|
||||||
return request
|
|
||||||
..headers.addAll(headers)
|
|
||||||
..headers['authorization'] = "OAuth $oauthString";
|
|
||||||
}
|
|
||||||
|
|
||||||
Future<Map<String, String>> _parseUrlEncoded(http.BaseRequest rq) async {
|
|
||||||
var response = await httpClient.send(rq);
|
|
||||||
var rs = await http.Response.fromStream(response);
|
|
||||||
var body = rs.body;
|
var body = rs.body;
|
||||||
|
|
||||||
if (rs.statusCode != 200) {
|
if (rs.statusCode != 200) {
|
||||||
|
@ -104,22 +45,25 @@ class TwitterStrategy<User> extends AuthStrategy<User> {
|
||||||
return Uri.splitQueryString(body);
|
return Uri.splitQueryString(body);
|
||||||
}
|
}
|
||||||
|
|
||||||
Future<Map<String, String>> getAccessToken(
|
/// Get an access token.
|
||||||
String token, String verifier) async {
|
Future<Map<String, String>> getAccessToken(String token, String verifier) {
|
||||||
var request = await _prepRequest("oauth/access_token",
|
return _client.post(
|
||||||
method: "POST", data: {"verifier": verifier}, accessToken: token);
|
baseUrl.replace(path: p.join(baseUrl.path, 'oauth/access_token')),
|
||||||
request.bodyFields = {'oauth_verifier': verifier};
|
body: {
|
||||||
return _parseUrlEncoded(request);
|
'oauth_token': token,
|
||||||
|
'oauth_verifier': verifier
|
||||||
|
}).then(handleUrlEncodedResponse);
|
||||||
|
// var request = await createRequest("oauth/access_token",
|
||||||
|
// method: "POST", data: {"verifier": verifier}, accessToken: token);
|
||||||
}
|
}
|
||||||
|
|
||||||
Future<Map<String, String>> getRequestToken() async {
|
/// Get a request token.
|
||||||
var request = await _prepRequest("oauth/request_token",
|
Future<Map<String, String>> getRequestToken() {
|
||||||
method: "POST",
|
return _client.post(
|
||||||
data: {"oauth_callback": options.redirectUri.toString()});
|
baseUrl.replace(path: p.join(baseUrl.path, 'oauth/request_token')),
|
||||||
|
body: {
|
||||||
// _mapifyRequest is a function that sends a request and parses its URL-encoded
|
"oauth_callback": options.redirectUri.toString()
|
||||||
// response into a Map. This detail is not important.
|
}).then(handleUrlEncodedResponse);
|
||||||
return await _parseUrlEncoded(request);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@override
|
@override
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
author: "Tobe O <thosakwe@gmail.com>"
|
author: "Tobe O <thosakwe@gmail.com>"
|
||||||
description: "angel_auth strategy for Twitter login."
|
description: "package:angel_auth strategy for Twitter login. Auto-signs requests."
|
||||||
environment:
|
environment:
|
||||||
sdk: ">=2.0.0 <3.0.0"
|
sdk: ">=2.0.0 <3.0.0"
|
||||||
homepage: "https://github.com/angel-dart/auth_twitter.git"
|
homepage: "https://github.com/angel-dart/auth_twitter.git"
|
||||||
|
@ -7,8 +7,11 @@ name: "angel_auth_twitter"
|
||||||
version: 2.0.0
|
version: 2.0.0
|
||||||
dependencies:
|
dependencies:
|
||||||
angel_auth: ^2.0.0
|
angel_auth: ^2.0.0
|
||||||
http: ^0.12.0
|
http: ">=0.11.0 <0.13.0"
|
||||||
random_string: ^0.0.2
|
# oauth:
|
||||||
|
# git:
|
||||||
|
# url: git://github.com/sh4869/oauth.dart.git
|
||||||
|
# ref: develop
|
||||||
twitter: ^1.0.0
|
twitter: ^1.0.0
|
||||||
dev_dependencies:
|
dev_dependencies:
|
||||||
logging: ^0.11.0
|
logging: ^0.11.0
|
||||||
|
|
Loading…
Reference in a new issue