{"id":28577485,"url":"https://github.com/mastercard/oauth1-signer-nodejs","last_synced_at":"2025-06-11T00:38:50.476Z","repository":{"id":34035568,"uuid":"132767011","full_name":"Mastercard/oauth1-signer-nodejs","owner":"Mastercard","description":"Zero dependency library for generating a Mastercard API compliant OAuth signature.","archived":false,"fork":false,"pushed_at":"2025-03-19T12:29:20.000Z","size":498,"stargazers_count":38,"open_issues_count":0,"forks_count":16,"subscribers_count":20,"default_branch":"main","last_synced_at":"2025-05-17T06:41:06.846Z","etag":null,"topics":["javascript","mastercard","nodejs","oauth1","oauth1a","openapi"],"latest_commit_sha":null,"homepage":"https://developer.mastercard.com/platform/documentation/security-and-authentication/using-oauth-1a-to-access-mastercard-apis/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Mastercard.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-05-09T14:14:24.000Z","updated_at":"2025-03-19T12:25:20.000Z","dependencies_parsed_at":"2024-01-19T13:27:36.973Z","dependency_job_id":"72943e81-8853-4725-bcd3-be04ba0fc415","html_url":"https://github.com/Mastercard/oauth1-signer-nodejs","commit_stats":{"total_commits":95,"total_committers":17,"mean_commits":5.588235294117647,"dds":0.5263157894736843,"last_synced_commit":"c5d16a36c80433cdeb6b4a2e25ab09a73352f959"},"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mastercard%2Foauth1-signer-nodejs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mastercard%2Foauth1-signer-nodejs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mastercard%2Foauth1-signer-nodejs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mastercard%2Foauth1-signer-nodejs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Mastercard","download_url":"https://codeload.github.com/Mastercard/oauth1-signer-nodejs/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mastercard%2Foauth1-signer-nodejs/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259177332,"owners_count":22817349,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["javascript","mastercard","nodejs","oauth1","oauth1a","openapi"],"created_at":"2025-06-11T00:37:56.021Z","updated_at":"2025-06-11T00:38:50.437Z","avatar_url":"https://github.com/Mastercard.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# oauth1-signer-nodejs\n[![](https://developer.mastercard.com/_/_/src/global/assets/svg/mcdev-logo-dark.svg)](https://developer.mastercard.com/)\n\n[![](https://github.com/Mastercard/oauth1-signer-nodejs/workflows/Build%20\u0026%20Test/badge.svg)](https://github.com/Mastercard/oauth1-signer-nodejs/actions?query=workflow%3A%22Build+%26+Test%22)\n[![](https://sonarcloud.io/api/project_badges/measure?project=Mastercard_oauth1-signer-nodejs\u0026metric=alert_status)](https://sonarcloud.io/dashboard?id=Mastercard_oauth1-signer-nodejs) \n[![](https://sonarcloud.io/api/project_badges/measure?project=Mastercard_oauth1-signer-nodejs\u0026metric=vulnerabilities)](https://sonarcloud.io/dashboard?id=Mastercard_oauth1-signer-nodejs)\n[![](https://github.com/Mastercard/oauth1-signer-nodejs/workflows/broken%20links%3F/badge.svg)](https://github.com/Mastercard/oauth1-signer-nodejs/actions?query=workflow%3A%22broken+links%3F%22)\n[![](https://img.shields.io/npm/v/mastercard-oauth1-signer.svg)](https://www.npmjs.com/package/mastercard-oauth1-signer)\n[![](https://img.shields.io/badge/license-MIT-yellow.svg)](https://github.com/Mastercard/oauth1-signer-nodejs/blob/master/LICENSE)\n\n## Table of Contents\n- [Overview](#overview)\n  * [Compatibility](#compatibility)\n  * [References](#references)\n  * [Versioning and Deprecation Policy](#versioning)\n- [Usage](#usage)\n  * [Prerequisites](#prerequisites)\n  * [Adding the Library to Your Project](#adding-the-library-to-your-project)\n  * [Loading the Signing Key](#loading-the-signing-key)  \n  * [Creating the OAuth Authorization Header](#creating-the-oauth-authorization-header)\n  * [Integrating with OpenAPI Generator API Client Libraries](#integrating-with-openapi-generator-api-client-libraries)\n  \n## Overview \u003ca name=\"overview\"\u003e\u003c/a\u003e\nZero dependency library for generating a Mastercard API compliant OAuth signature.\n\n### Compatibility \u003ca name=\"compatibility\"\u003e\u003c/a\u003e\nNode 6.12.3+\n\nThere shouldn't be any Node compatibility issues with this package, but it's a good idea to keep your Node versions up-to-date. \nIt is recommended that you use one of the LTS Node.js releases, or one of the [more general recent releases](https://github.com/nodejs/Release). \nA Node version manager such as [nvm](https://github.com/creationix/nvm) (Mac and Linux) or [nvm-windows](https://github.com/coreybutler/nvm-windows) \nis a good way to stay on top of this.\n\n### References \u003ca name=\"references\"\u003e\u003c/a\u003e\n* [OAuth 1.0a specification](https://tools.ietf.org/html/rfc5849)\n* [Body hash extension for non application/x-www-form-urlencoded payloads](https://tools.ietf.org/id/draft-eaton-oauth-bodyhash-00.html)\n\n### Versioning and Deprecation Policy \u003ca name=\"versioning\"\u003e\u003c/a\u003e\n* [Mastercard Versioning and Deprecation Policy](https://github.com/Mastercard/.github/blob/main/CLIENT_LIBRARY_DEPRECATION_POLICY.md)\n\n## Usage \u003ca name=\"usage\"\u003e\u003c/a\u003e\n### Prerequisites \u003ca name=\"prerequisites\"\u003e\u003c/a\u003e\nBefore using this library, you will need to set up a project in the [Mastercard Developers Portal](https://developer.mastercard.com). \n\nAs part of this set up, you'll receive credentials for your app:\n* A consumer key (displayed on the Mastercard Developer Portal)\n* A private request signing key (matching the public certificate displayed on the Mastercard Developer Portal)\n\n### Adding the Library to Your Project \u003ca name=\"adding-the-library-to-your-project\"\u003e\u003c/a\u003e\n\n```shell\nnpm i mastercard-oauth1-signer\n```\n\n### Loading the Signing Key \u003ca name=\"loading-the-signing-key\"\u003e\u003c/a\u003e\n\nThe following code shows how to load the private key using `node-forge`:\n\n```javascript\nconst forge = require(\"node-forge\");\nconst fs = require(\"fs\");\nconst p12Content = fs.readFileSync(\"\u003cinsert PKCS#12 key file path\u003e\", 'binary');\nconst p12Asn1 = forge.asn1.fromDer(p12Content, false);\nconst p12 = forge.pkcs12.pkcs12FromAsn1(p12Asn1, false, \"\u003cinsert key password\u003e\");\nconst keyObj = p12.getBags({\n    friendlyName: \"\u003cinsert key alias\u003e\",\n    bagType: forge.pki.oids.pkcs8ShroudedKeyBag\n}).friendlyName[0];\nconst signingKey = forge.pki.privateKeyToPem(keyObj.key);\n```\n\n### Creating the OAuth Authorization Header \u003ca name=\"creating-the-oauth-authorization-header\"\u003e\u003c/a\u003e\nThe method that does all the heavy lifting is `getAuthorizationHeader`. You can call into it directly and as long as you provide the correct parameters, it will return a string that you can add into your request's `Authorization` header.\n\n```javascript\nconst consumerKey = \"\u003cinsert consumer key\u003e\";\nconst uri = \"https://sandbox.api.mastercard.com/service\";\nconst method = \"POST\";\nconst payload = \"Hello world!\";\n\nconst oauth = require('mastercard-oauth1-signer');\nconst authHeader = oauth.getAuthorizationHeader(uri, method, payload, consumerKey, signingKey);\n```\n\n### Integrating with OpenAPI Generator API Client Libraries \u003ca name=\"integrating-with-openapi-generator-api-client-libraries\"\u003e\u003c/a\u003e\n\n[OpenAPI Generator](https://github.com/OpenAPITools/openapi-generator) generates API client libraries from [OpenAPI Specs](https://github.com/OAI/OpenAPI-Specification). \nIt provides generators and library templates for supporting multiple languages and frameworks.\n\nGenerators currently supported:\n+ [javascript](#javascript)\n\n#### javascript \u003ca name=\"javascript\"\u003e\u003c/a\u003e\n\n##### OpenAPI Generator\n\nClient libraries can be generated using the following command:\n```shell\nopenapi-generator-cli generate -i openapi-spec.yaml -g javascript -o out\n```\nSee also: \n* [OpenAPI Generator CLI Installation](https://openapi-generator.tech/docs/installation/)\n* [CONFIG OPTIONS for javascript](https://github.com/OpenAPITools/openapi-generator/blob/master/docs/generators/javascript.md)\n\n##### Overriding `applyAuthToRequest`\n\nThe Authorization header can be added before sending the requests by overriding the `applyAuthToRequest` function: \n\n```javascript\nconst service = require('../service/index.js');\nconst apiClient = require('../service/ApiClient.js');\nconst client = apiClient.instance;\nclient.basePath = \"https://sandbox.api.mastercard.com\";\nclient.applyAuthToRequest = function(request) {\n    const _end = request._end;\n    request._end = function() {\n        const authHeader = oauth.getAuthorizationHeader(request.url, request.method, request._data, consumerKey, signingKey);\n        request.req.setHeader('Authorization', authHeader);\n        _end.call(request);\n    }\n    return request;\n};\nconst serviceApi = new service.ServiceApi();\nconst opts = {}\nconst callback = function(error, data, response) {\n    // …\n};\nserviceApi.call(opts, callback);\n// …\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmastercard%2Foauth1-signer-nodejs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmastercard%2Foauth1-signer-nodejs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmastercard%2Foauth1-signer-nodejs/lists"}