Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/kurrik/oauth1a
OAuth 1.0a implementation in Go
https://github.com/kurrik/oauth1a
Last synced: 3 months ago
JSON representation
OAuth 1.0a implementation in Go
- Host: GitHub
- URL: https://github.com/kurrik/oauth1a
- Owner: kurrik
- License: apache-2.0
- Created: 2012-09-04T17:19:07.000Z (about 12 years ago)
- Default Branch: master
- Last Pushed: 2021-01-16T22:08:56.000Z (almost 4 years ago)
- Last Synced: 2024-06-29T04:33:08.673Z (5 months ago)
- Language: Go
- Size: 42 KB
- Stars: 24
- Watchers: 5
- Forks: 13
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Package oauth1a
## Summary
An implementation of OAuth 1.0a in Go1.
* [API reference](https://pkg.go.dev/github.com/kurrik/oauth1a)
## Installing
Run:
go get github.com/kurrik/oauth1a
Include in your source:
import "github.com/kurrik/oauth1a"
## Testing
Clone this repository, then run:
go test -short
in the `oauth1a` directory. To run an integration test, create a file named
CREDENTIALS in the library directory. There should be four lines in this file,
in the following format:
Then run:
go test
This will run an integration test against the Twitter
`/account/verify_credentials.json` endpoint.
## Using
A good approach wil be to check `oauth1a_test.go` for usage.
As a vague example, here is code to configure the library for accessing Twitter:
service := &oauth1a.Service{
RequestURL: "https://api.twitter.com/oauth/request_token",
AuthorizeURL: "https://api.twitter.com/oauth/request_token",
AccessURL: "https://api.twitter.com/oauth/request_token",
ClientConfig: &oauth1a.ClientConfig{
ConsumerKey: "",
ConsumerSecret: "",
CallbackURL: "",
},
Signer: new(oauth1a.HmacSha1Signer),
}
To obtain user credentials:
httpClient := new(http.Client)
ctx := context.Background()
userConfig := &oauth1a.UserConfig{}
userConfig.GetRequestToken(ctx, service, httpClient)
url, _ := userConfig.GetAuthorizeURL(service)
var token string
var verifier string
// Redirect the user to and parse out token and verifier from the response.
userConfig.GetAccessToken(ctx, token, verifier, service, httpClient)
Or if you have existing credentials:
token := ""
secret := ""
userConfig := NewAuthorizedConfig(token, secret)
To send an authenticated request:
httpRequest, _ := http.NewRequest("GET", "https://api.twitter.com/1/account/verify_credentials.json", nil)
service.Sign(httpRequest, userConfig)
var httpResponse *http.Response
var err error
httpResponse, err = httpClient.Do(httpRequest)
## Examples
[github.com/twittergo-examples/sign_in/main.go](https://github.com/kurrik/twittergo-examples/blob/master/sign_in/main.go) - A three legged example which uses Twitter's API.
To run, cd to the examples directory and then run:
go run main.go -key= -secret=
This will host a server on `localhost:10000` (use the `-port` flag to change the
port this runs on). Navigate to `http://localhost:10000` and then follow the
sign in flow.
Note that this example implements a rudimentary session mechanism so that the
callback can be matched to the user who initiated the sign in session. Otherwise,
it would be possible for one user to initiate a sign in session and another user
to complete it. This is a best practice but imposes a requirement for the
auth flow to be stateful. If you understand the risks in removing this check
from your application, it is possible to implement the flow in a stateless
manner.
## Version history
| Version | Changes |
|-|-|
| v0.1.0 | Initial library version. |
| v0.1.1 | Added `context` support. |
Versions are released with:
```
git tag v0.1.0
git push origin v0.1.0
```