aboutsummaryrefslogtreecommitdiffstats
path: root/util/shred/OAuth.sh
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2013-09-16 21:35:52 -0700
committerfriendica <info@friendica.com>2013-09-16 21:35:52 -0700
commit9bff739d9624d3a4ba1fb488673ec1a18bc6d395 (patch)
treed294230d4d3d41c96b1d550ab381722d0dc3eb00 /util/shred/OAuth.sh
parent4b5d91ccb5e42bbd1d379b8963d932bbc8615634 (diff)
downloadvolse-hubzilla-9bff739d9624d3a4ba1fb488673ec1a18bc6d395.tar.gz
volse-hubzilla-9bff739d9624d3a4ba1fb488673ec1a18bc6d395.tar.bz2
volse-hubzilla-9bff739d9624d3a4ba1fb488673ec1a18bc6d395.zip
several oauth fixes - shred doesn't completely work yet, but it also doesn't completely NOT work, so at least there's some improvement
Diffstat (limited to 'util/shred/OAuth.sh')
-rwxr-xr-xutil/shred/OAuth.sh214
1 files changed, 214 insertions, 0 deletions
diff --git a/util/shred/OAuth.sh b/util/shred/OAuth.sh
new file mode 100755
index 000000000..4be4ed35b
--- /dev/null
+++ b/util/shred/OAuth.sh
@@ -0,0 +1,214 @@
+#!/bin/bash
+# Copyright (c) 2010, 2012 Yu-Jie Lin
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy of
+# this software and associated documentation files (the "Software"), to deal in
+# the Software without restriction, including without limitation the rights to
+# use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+# of the Software, and to permit persons to whom the Software is furnished to do
+# so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in all
+# copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+
+BASHOAUTH_VERSION=0.1.2
+
+OAuth_debug () {
+ # Print out all parameters, each in own line
+ [[ "$OAUTH_DEBUG" == "" ]] && return
+ local t=$(date +%FT%T.%N)
+ while (( $# > 0 )); do
+ echo "[OAuth][DEBUG][$t] $1"
+ shift 1
+ done
+ }
+
+OAuth_nonce () {
+ # Return a nonce
+ md5sum <<< "$RANDOM-$(date +%s.%N)" | cut -d' ' -f 1
+ }
+
+OAuth_timestamp () {
+ # Return timestamp
+ echo "$(date +%s)"
+ }
+
+OAuth_PE () {
+ # Encode $1 using Percent-encoding as defined in
+ # http://tools.ietf.org/html/rfc5849#section-3.6
+ # Any character other than [a-zA-Z0-9-._~] is converted into format %XX
+ [ -n "$1" ] \
+ && echo -n "$1" | perl -p -e 's/([^A-Za-z0-9-._~])/sprintf("%%%02X", ord($1))/seg'
+}
+
+OAuth_PE_file () {
+ # Encode a file $1 using Percent-encoding as defined in
+ # http://tools.ietf.org/html/rfc5849#section-3.6
+ # $1 a filename, not the content of file
+ perl -p -e 's/([^A-Za-z0-9-._~])/sprintf("%%%02X", ord($1))/seg' < "$1"
+}
+
+OAuth_params_string () {
+ # Sort the paramters and join them into one-line string
+ while (( $# > 0 )); do
+ echo $1
+ shift 1
+ done | sort | tr '\n' '&' | sed 's/&$//'
+ }
+
+OAuth_base_string () {
+ # $1 method: "GET", "POST", etc
+ # $2 url
+ # $3-$N params
+ local method=$1
+ local url=$2
+ shift 2
+
+ local params_string=$(OAuth_params_string $@)
+
+ echo "$method&$(OAuth_PE "$url")&$(OAuth_PE "$params_string")"
+ }
+
+OAuth_param () {
+ # Return a percent encoded key-value pair
+ # $1 key
+ # $2 value
+ echo "$(OAuth_PE "$1")=$(OAuth_PE "$2")"
+ }
+
+OAuth_param_quote () {
+ # Return a percent encoded key-value pair, value is quoted
+ # $1 key
+ # $2 value
+ echo "$(OAuth_PE "$1")=\"$(OAuth_PE "$2")\""
+ }
+
+OAuth_param_file () {
+ # Return a percent encoded key-value pair, the value is an encoded file content
+ # $1 key
+ # $2 filename
+ echo "$(OAuth_PE "$1")=$(OAuth_PE_file "$2")"
+ }
+
+OAuth_param_raw_value () {
+ # Return a percent encoded key-value pair, only key will be encoded by this function
+ # $1 key
+ # $2 value
+ echo "$(OAuth_PE "$1")=$2"
+ }
+
+OAuth_HMAC_SHA1 () {
+ # Hash the text $1 with key $2
+ local text="$1"
+ local key="$2"
+ echo -n "$text" | openssl dgst -sha1 -binary -hmac "$key" | base64
+ }
+
+_OAuth_signature () {
+ # Return the signature, note it's necessary to pass to OAuth_PE before add to header
+ # $1 signature_method
+ # $2 base_string
+ # $3 consumer_secret
+ # $4 token_secret
+ local signature_method="OAuth_${1//-/_}"
+ local base_string=$2
+ local c_secret=$3
+ local t_secret=$4
+ $signature_method "$base_string" "$c_secret&$t_secret"
+ }
+
+OAuth_signature () {
+ # Return the signature, note it's necessary to pass to OAuth_PE before add to header
+ # $1 base_string
+ _OAuth_signature "$oauth_signature_method" "$1" "$oauth_consumer_secret" "$oauth_token_secret"
+ }
+
+_OAuth_authorization_header_params_string () {
+ while (( $# > 0 )); do
+ echo -n "$(cut -d\= -f 1 <<< "$1")=\"$(cut -d\= -f 2 <<< "$1")\""
+ shift 1
+ # Use break to prevent error code being returned
+ (( $# > 0 )) && echo -n ', ' || break
+ done
+ }
+
+_OAuth_authorization_header () {
+ # Return header string
+ # $1 header key
+ # $2 OAuth realm, can be empty string
+ # $3 OAuth consumer key
+ # $4 OAuth consumer secret
+ # $5 OAuth token
+ # $6 OAuth token secret
+ # $7 OAuth signature method
+ # $8 OAuth version
+ # $9 nonce
+ # $10 timestamp
+ # $11 method
+ # $12 url
+ # $13-$N params
+ echo -n "$1: OAuth "
+ [[ "$2" != "" ]] && echo -n "realm=\"$2\", "
+ local oauth_consumer_key="$3"
+ local oauth_consumer_secret="$4"
+ local oauth_token="$5"
+ local oauth_token_secret="$6"
+ local oauth_signature_method="$7"
+ local oauth_version="$8"
+ local oauth_nonce="$9"
+ [[ "$oauth_nonce" == "" ]] && oauth_nonce="$(OAuth_nonce)"
+ local oauth_timestamp="${10}"
+ [[ "$oauth_timestamp" == "" ]] && oauth_timestamp="$(OAuth_timestamp)"
+ local method="${11}"
+ local url="${12}"
+ shift 12
+ local params=(
+ $(OAuth_param 'oauth_consumer_key' "$oauth_consumer_key")
+ $(OAuth_param 'oauth_signature_method' "$oauth_signature_method")
+ $(OAuth_param 'oauth_version' "$oauth_version")
+ $(OAuth_param 'oauth_nonce' "$oauth_nonce")
+ $(OAuth_param 'oauth_timestamp' "$oauth_timestamp")
+ )
+ [[ "$oauth_token" != "" ]] && params[${#params[@]}]=$(OAuth_param 'oauth_token' "$oauth_token")
+ local sign_params=${params[@]}
+ while (( $# > 0 )); do
+ sign_params[${#sign_params[@]}]="$1"
+ shift 1
+ done
+ local base_string=$(OAuth_base_string "$method" "$url" ${sign_params[@]})
+ local signature=$(_OAuth_signature "$oauth_signature_method" "$base_string" "$oauth_consumer_secret" "$oauth_token_secret")
+ params[${#params[@]}]=$(OAuth_param 'oauth_signature' "$signature")
+ _OAuth_authorization_header_params_string ${params[@]}
+ }
+
+OAuth_authorization_header () {
+ # Return header string
+ # $1 header key
+ # $2 OAuth realm, can be empty string
+ # $3 OAuth nonce
+ # $4 OAuth timestamp
+ # $5 method
+ # $6 url
+ # $7-$N params
+ local header_key="$1"
+ local realm="$2"
+ local oauth_nonce="$3"
+ local oauth_timestamp="$4"
+ local method="$5"
+ local url="$6"
+ shift 6
+ local params=()
+ while (( $# > 0 )); do
+ params[${#params[@]}]="$1"
+ shift 1
+ done
+ _OAuth_authorization_header "$header_key" "$realm" "$oauth_consumer_key" "$oauth_consumer_secret" "$oauth_token" "$oauth_token_secret" "$oauth_signature_method" "$oauth_version" "$oauth_nonce" "$oauth_timestamp" "$method" "$url" ${params[@]}
+ }