Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3015)

Unified Diff: chrome/common/net/gaia/oauth_request_signer.cc

Issue 8248002: Merge 103908 - Extend GaiaOAuthFetcher with support for revoking tokens. (Closed) Base URL: svn://svn.chromium.org/chrome/branches/874/src/
Patch Set: Created 9 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/common/net/gaia/oauth_request_signer.cc
===================================================================
--- chrome/common/net/gaia/oauth_request_signer.cc (revision 105055)
+++ chrome/common/net/gaia/oauth_request_signer.cc (working copy)
@@ -234,6 +234,63 @@
return false;
}
+// Adds parameters that are required by OAuth added as needed to |parameters|.
+void PrepareParameters(OAuthRequestSigner::Parameters* parameters,
+ OAuthRequestSigner::SignatureMethod signature_method,
+ OAuthRequestSigner::HttpMethod http_method,
+ const std::string& consumer_key,
+ const std::string& token_key) {
+ if (parameters->find(kOAuthNonceLabel) == parameters->end())
+ (*parameters)[kOAuthNonceLabel] = GenerateNonce();
+
+ if (parameters->find(kOAuthTimestampLabel) == parameters->end())
+ (*parameters)[kOAuthTimestampLabel] = GenerateTimestamp();
+
+ (*parameters)[kOAuthConsumerKeyLabel] = consumer_key;
+ (*parameters)[kOAuthSignatureMethodLabel] =
+ SignatureMethodName(signature_method);
+ (*parameters)[kOAuthTokenLabel] = token_key;
+ (*parameters)[kOAuthVersionLabel] = kOAuthVersion;
+}
+
+// Implements shared signing logic, generating the signature and storing it in
+// |parameters|. Returns true if the signature has been generated succesfully.
+bool SignParameters(const GURL& request_base_url,
+ OAuthRequestSigner::SignatureMethod signature_method,
+ OAuthRequestSigner::HttpMethod http_method,
+ const std::string& consumer_key,
+ const std::string& consumer_secret,
+ const std::string& token_key,
+ const std::string& token_secret,
+ OAuthRequestSigner::Parameters* parameters) {
+ DCHECK(request_base_url.is_valid());
+ PrepareParameters(parameters, signature_method, http_method,
+ consumer_key, token_key);
+ std::string base_parameters = BuildBaseStringParameters(*parameters);
+ std::string base = BuildBaseString(request_base_url, http_method,
+ base_parameters);
+ std::string key = consumer_secret + '&' + token_secret;
+ bool is_signed = false;
+ std::string signature;
+ switch (signature_method) {
+ case OAuthRequestSigner::HMAC_SHA1_SIGNATURE:
+ is_signed = SignHmacSha1(base, key, &signature);
+ break;
+ case OAuthRequestSigner::RSA_SHA1_SIGNATURE:
+ is_signed = SignRsaSha1(base, key, &signature);
+ break;
+ case OAuthRequestSigner::PLAINTEXT_SIGNATURE:
+ is_signed = SignPlaintext(base, key, &signature);
+ break;
+ default:
+ NOTREACHED();
+ }
+ if (is_signed)
+ (*parameters)[kOAuthSignatureLabel] = signature;
+ return is_signed;
+}
+
+
} // namespace
// static
@@ -325,37 +382,13 @@
std::string::size_type question = spec.find("?");
if (question != std::string::npos)
url_without_parameters = spec.substr(0,question);
- return Sign (GURL(url_without_parameters), parameters, signature_method,
- http_method, consumer_key, consumer_secret, token_key,
- token_secret, result);
+ return SignURL(GURL(url_without_parameters), parameters, signature_method,
+ http_method, consumer_key, consumer_secret, token_key,
+ token_secret, result);
}
-// Returns a copy of request_parameters, with parameters that are required by
-// OAuth added as needed.
-OAuthRequestSigner::Parameters
-PrepareParameters(const OAuthRequestSigner::Parameters& request_parameters,
- OAuthRequestSigner::SignatureMethod signature_method,
- OAuthRequestSigner::HttpMethod http_method,
- const std::string& consumer_key,
- const std::string& token_key) {
- OAuthRequestSigner::Parameters result(request_parameters);
-
- if (result.find(kOAuthNonceLabel) == result.end())
- result[kOAuthNonceLabel] = GenerateNonce();
-
- if (result.find(kOAuthTimestampLabel) == result.end())
- result[kOAuthTimestampLabel] = GenerateTimestamp();
-
- result[kOAuthConsumerKeyLabel] = consumer_key;
- result[kOAuthSignatureMethodLabel] = SignatureMethodName(signature_method);
- result[kOAuthTokenLabel] = token_key;
- result[kOAuthVersionLabel] = kOAuthVersion;
-
- return result;
-}
-
// static
-bool OAuthRequestSigner::Sign(
+bool OAuthRequestSigner::SignURL(
const GURL& request_base_url,
const Parameters& request_parameters,
SignatureMethod signature_method,
@@ -366,31 +399,10 @@
const std::string& token_secret,
std::string* signed_text_return) {
DCHECK(request_base_url.is_valid());
- Parameters parameters = PrepareParameters(request_parameters,
- signature_method,
- http_method,
- consumer_key,
- token_key);
- std::string base_parameters = BuildBaseStringParameters(parameters);
- std::string base = BuildBaseString(request_base_url,
- http_method,
- base_parameters);
- std::string key = consumer_secret + '&' + token_secret;
- bool is_signed = false;
- std::string signature;
- switch (signature_method) {
- case HMAC_SHA1_SIGNATURE:
- is_signed = SignHmacSha1(base, key, &signature);
- break;
- case RSA_SHA1_SIGNATURE:
- is_signed = SignRsaSha1(base, key, &signature);
- break;
- case PLAINTEXT_SIGNATURE:
- is_signed = SignPlaintext(base, key, &signature);
- break;
- default:
- NOTREACHED();
- }
+ Parameters parameters(request_parameters);
+ bool is_signed = SignParameters(request_base_url, signature_method,
+ http_method, consumer_key, consumer_secret,
+ token_key, token_secret, &parameters);
if (is_signed) {
std::string signed_text;
switch (http_method) {
@@ -398,8 +410,7 @@
signed_text = request_base_url.spec() + '?';
// Intentionally falling through
case POST_METHOD:
- signed_text += base_parameters + '&' + kOAuthSignatureLabel + '=' +
- Encode(signature);
+ signed_text += BuildBaseStringParameters(parameters);
break;
default:
NOTREACHED();
@@ -408,3 +419,39 @@
}
return is_signed;
}
+
+// static
+bool OAuthRequestSigner::SignAuthHeader(
+ const GURL& request_base_url,
+ const Parameters& request_parameters,
+ SignatureMethod signature_method,
+ HttpMethod http_method,
+ const std::string& consumer_key,
+ const std::string& consumer_secret,
+ const std::string& token_key,
+ const std::string& token_secret,
+ std::string* signed_text_return) {
+ DCHECK(request_base_url.is_valid());
+ Parameters parameters(request_parameters);
+ bool is_signed = SignParameters(request_base_url, signature_method,
+ http_method, consumer_key, consumer_secret,
+ token_key, token_secret, &parameters);
+ if (is_signed) {
+ std::string signed_text = "OAuth ";
+ bool first = true;
+ for (Parameters::const_iterator param = parameters.begin();
+ param != parameters.end();
+ ++param) {
+ if (first)
+ first = false;
+ else
+ signed_text += ", ";
+ signed_text +=
+ StringPrintf("%s=\"%s\"",
+ OAuthRequestSigner::Encode(param->first).c_str(),
+ OAuthRequestSigner::Encode(param->second).c_str());
+ }
+ *signed_text_return = signed_text;
+ }
+ return is_signed;
+}
« no previous file with comments | « chrome/common/net/gaia/oauth_request_signer.h ('k') | chrome/common/net/gaia/oauth_request_signer_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698