Plato - request/lib/oauth.js

'use strict'

var qs = require('qs')
  , caseless = require('caseless')
  , uuid = require('node-uuid')
  , oauth = require('oauth-sign')
  , crypto = require('crypto')

function OAuth (request) {
  this.request = request
  this.params = null
}

OAuth.prototype.buildParams = function (_oauth, uri, method, query, form, qsLib) {
  var oa = {}
  for (var i in _oauth) {
    oa['oauth_' + i] = _oauth[i]
  }
  if (!oa.oauth_version) {
    oa.oauth_version = '1.0'
  }
  if (!oa.oauth_timestamp) {
    oa.oauth_timestamp = Math.floor( Date.now() / 1000 ).toString()
  }
  if (!oa.oauth_nonce) {
    oa.oauth_nonce = uuid().replace(/-/g, '')
  }
  if (!oa.oauth_signature_method) {
    oa.oauth_signature_method = 'HMAC-SHA1'
  }

var consumer_secret_or_private_key = oa.oauth_consumer_secret || oa.oauth_private_key
  delete oa.oauth_consumer_secret
  delete oa.oauth_private_key

var token_secret = oa.oauth_token_secret
  delete oa.oauth_token_secret

var realm = oa.oauth_realm
  delete oa.oauth_realm
  delete oa.oauth_transport_method

var baseurl = uri.protocol + '//' + uri.host + uri.pathname
  var params = qsLib.parse([].concat(query, form, qsLib.stringify(oa)).join('&'))

oa.oauth_signature = oauth.sign(
    oa.oauth_signature_method,
    method,
    baseurl,
    params,
    consumer_secret_or_private_key,
    token_secret)

if (realm) {
    oa.realm = realm
  }

return oa
}

OAuth.prototype.buildBodyHash = function(_oauth, body) {
  if (['HMAC-SHA1', 'RSA-SHA1'].indexOf(_oauth.signature_method || 'HMAC-SHA1') < 0) {
    this.request.emit('error', new Error('oauth: ' + _oauth.signature_method +
      ' signature_method not supported with body_hash signing.'))
  }

var shasum = crypto.createHash('sha1')
  shasum.update(body || '')
  var sha1 = shasum.digest('hex')

return new Buffer(sha1).toString('base64')
}

OAuth.prototype.concatParams = function (oa, sep, wrap) {
  wrap = wrap || ''

var params = Object.keys(oa).filter(function (i) {
    return i !== 'realm' && i !== 'oauth_signature'
  }).sort()

if (oa.realm) {
    params.splice(0, 1, 'realm')
  }
  params.push('oauth_signature')

return params.map(function (i) {
    return i + '=' + wrap + oauth.rfc3986(oa[i]) + wrap
  }).join(sep)
}

OAuth.prototype.onRequest = function (_oauth) {
  var self = this
  self.params = _oauth

var uri = self.request.uri || {}
    , method = self.request.method || ''
    , headers = caseless(self.request.headers)
    , body = self.request.body || ''
    , qsLib = self.request.qsLib || qs

var form
    , query
    , contentType = headers.get('content-type') || ''
    , formContentType = 'application/x-www-form-urlencoded'
    , transport = _oauth.transport_method || 'header'

if (contentType.slice(0, formContentType.length) === formContentType) {
    contentType = formContentType
    form = body
  }
  if (uri.query) {
    query = uri.query
  }
  if (transport === 'body' && (method !== 'POST' || contentType !== formContentType)) {
    self.request.emit('error', new Error('oauth: transport_method of body requires POST ' +
      'and content-type ' + formContentType))
  }

if (!form && typeof _oauth.body_hash === 'boolean') {
    _oauth.body_hash = self.buildBodyHash(_oauth, self.request.body.toString())
  }

var oa = self.buildParams(_oauth, uri, method, query, form, qsLib)

switch (transport) {
    case 'header':
      self.request.setHeader('Authorization', 'OAuth ' + self.concatParams(oa, ',', '"'))
      break

case 'query':
      self.request.path = (query ? '&' : '?') + self.concatParams(oa, '&')
      break

case 'body':
      self.request.body = (form ? form + '&' : '') + self.concatParams(oa, '&')
      break

default:
      self.request.emit('error', new Error('oauth: transport_method invalid'))
  }
}

exports.OAuth = OAuth

'use strict'Column: 0 "Use the function form of "use strict"."
Column: 1 "Missing semicolon."
 
var qs = require('qs')Column: 22 "Bad line breaking before ','."
  , caseless = require('caseless')Column: 3 "Comma warnings can be turned off with 'laxcomma'."
Column: 34 "Bad line breaking before ','."
  , uuid = require('node-uuid')Column: 31 "Bad line breaking before ','."
  , oauth = require('oauth-sign')Column: 33 "Bad line breaking before ','."
  , crypto = require('crypto')Column: 31 "Missing semicolon."
 
 
function OAuth (request) {
  this.request = requestColumn: 25 "Missing semicolon."
  this.params = nullColumn: 21 "Missing semicolon."
}
 
OAuth.prototype.buildParams = function (_oauth, uri, method, query, form, qsLib) {
  var oa = {}Column: 14 "Missing semicolon."
  for (var i in _oauth) {
    oa['oauth_' + i] = _oauth[i]Column: 33 "Missing semicolon."
  }
  if (!oa.oauth_version) {
    oa.oauth_version = '1.0'Column: 29 "Missing semicolon."
  }
  if (!oa.oauth_timestamp) {
    oa.oauth_timestamp = Math.floor( Date.now() / 1000 ).toString()Column: 68 "Missing semicolon."
  }
  if (!oa.oauth_nonce) {
    oa.oauth_nonce = uuid().replace(/-/g, '')Column: 46 "Missing semicolon."
  }
  if (!oa.oauth_signature_method) {
    oa.oauth_signature_method = 'HMAC-SHA1'Column: 44 "Missing semicolon."
  }
 
  var consumer_secret_or_private_key = oa.oauth_consumer_secret || oa.oauth_private_keyColumn: 88 "Missing semicolon."
  delete oa.oauth_consumer_secretColumn: 34 "Missing semicolon."
  delete oa.oauth_private_keyColumn: 30 "Missing semicolon."
 
  var token_secret = oa.oauth_token_secretColumn: 43 "Missing semicolon."
  delete oa.oauth_token_secretColumn: 31 "Missing semicolon."
 
  var realm = oa.oauth_realmColumn: 29 "Missing semicolon."
  delete oa.oauth_realmColumn: 24 "Missing semicolon."
  delete oa.oauth_transport_methodColumn: 35 "Missing semicolon."
 
  var baseurl = uri.protocol + '//' + uri.host + uri.pathnameColumn: 62 "Missing semicolon."
  var params = qsLib.parse([].concat(query, form, qsLib.stringify(oa)).join('&'))Column: 82 "Missing semicolon."
 
  oa.oauth_signature = oauth.sign(
    oa.oauth_signature_method,
    method,
    baseurl,
    params,
    consumer_secret_or_private_key,
    token_secret)Column: 18 "Missing semicolon."
 
  if (realm) {
    oa.realm = realmColumn: 21 "Missing semicolon."
  }
 
  return oaColumn: 12 "Missing semicolon."
}Column: 2 "Missing semicolon."
 
OAuth.prototype.buildBodyHash = function(_oauth, body) {
  if (['HMAC-SHA1', 'RSA-SHA1'].indexOf(_oauth.signature_method || 'HMAC-SHA1') < 0) {
    this.request.emit('error', new Error('oauth: ' + _oauth.signature_method +
      ' signature_method not supported with body_hash signing.'))Column: 66 "Missing semicolon."
  }
 
  var shasum = crypto.createHash('sha1')Column: 41 "Missing semicolon."
  shasum.update(body || '')Column: 28 "Missing semicolon."
  var sha1 = shasum.digest('hex')Column: 34 "Missing semicolon."
 
  return new Buffer(sha1).toString('base64')Column: 45 "Missing semicolon."
}Column: 2 "Missing semicolon."
 
OAuth.prototype.concatParams = function (oa, sep, wrap) {
  wrap = wrap || ''Column: 20 "Missing semicolon."
 
  var params = Object.keys(oa).filter(function (i) {
    return i !== 'realm' && i !== 'oauth_signature'Column: 52 "Missing semicolon."
  }).sort()Column: 12 "Missing semicolon."
 
  if (oa.realm) {
    params.splice(0, 1, 'realm')Column: 33 "Missing semicolon."
  }
  params.push('oauth_signature')Column: 33 "Missing semicolon."
 
  return params.map(function (i) {
    return i + '=' + wrap + oauth.rfc3986(oa[i]) + wrapColumn: 56 "Missing semicolon."
  }).join(sep)Column: 15 "Missing semicolon."
}Column: 2 "Missing semicolon."
 
OAuth.prototype.onRequest = function (_oauth) {
  var self = thisColumn: 18 "Missing semicolon."
  self.params = _oauthColumn: 23 "Missing semicolon."
 
  var uri = self.request.uri || {}Column: 34 "Bad line breaking before ','."
    , method = self.request.method || ''Column: 39 "Bad line breaking before ','."
    , headers = caseless(self.request.headers)Column: 46 "Bad line breaking before ','."
    , body = self.request.body || ''Column: 35 "Bad line breaking before ','."
Column: 35 "Too many errors. (68% scanned)."
    , qsLib = self.request.qsLib || qs
 
  var form
    , query
    , contentType = headers.get('content-type') || ''
    , formContentType = 'application/x-www-form-urlencoded'
    , transport = _oauth.transport_method || 'header'
 
  if (contentType.slice(0, formContentType.length) === formContentType) {
    contentType = formContentType
    form = body
  }
  if (uri.query) {
    query = uri.query
  }
  if (transport === 'body' && (method !== 'POST' || contentType !== formContentType)) {
    self.request.emit('error', new Error('oauth: transport_method of body requires POST ' +
      'and content-type ' + formContentType))
  }
 
  if (!form && typeof _oauth.body_hash === 'boolean') {
    _oauth.body_hash = self.buildBodyHash(_oauth, self.request.body.toString())
  }
 
  var oa = self.buildParams(_oauth, uri, method, query, form, qsLib)
 
  switch (transport) {
    case 'header':
      self.request.setHeader('Authorization', 'OAuth ' + self.concatParams(oa, ',', '"'))
      break
 
    case 'query':
      self.request.path = (query ? '&' : '?') + self.concatParams(oa, '&')
      break
 
    case 'body':
      self.request.body = (form ? form + '&' : '') + self.concatParams(oa, '&')
      break
 
    default:
      self.request.emit('error', new Error('oauth: transport_method invalid'))
  }
}
 
exports.OAuth = OAuth
  
 

request/lib/oauth.js

Maintainability

Lines of code

Difficulty

Estimated Errors

Function weight

By Complexity

By SLOC