aboutsummaryrefslogtreecommitdiffstats
path: root/contrib/libs/poco/Net/include/Poco/Net/OAuth10Credentials.h
blob: e0d06e7f0b79b4084f40fa10f704305b09be06a2 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
// 
// OAuth10Credentials.h 
// 
// Library: Net 
// Package: OAuth 
// Module:	OAuth10Credentials 
// 
// Definition of the OAuth10Credentials class. 
// 
// Copyright (c) 2014, Applied Informatics Software Engineering GmbH. 
// and Contributors. 
// 
// SPDX-License-Identifier:	BSL-1.0 
// 
 
 
#ifndef Net_OAuth10Credentials_INCLUDED 
#define Net_OAuth10Credentials_INCLUDED 
 
 
#include "Poco/Net/Net.h" 
#include "Poco/URI.h" 
 
 
namespace Poco { 
namespace Net { 
 
 
class HTTPRequest; 
class HTMLForm; 
 
 
class Net_API OAuth10Credentials 
	/// This class implements OAuth 1.0A authentication for HTTP requests, 
	/// according to RFC 5849. 
	///  
	/// Only PLAINTEXT and HMAC-SHA1 signature methods are 
	/// supported. The RSA-SHA1 signature method is not supported. 
	/// 
	/// The OAuth10Credentials can be used to sign a client request, as 
	/// well as to verify the signature of a request on the server. 
	/// 
	/// To sign a client request, using a known consumer (client) key, consumer (client) secret, 
	/// OAuth token and token secret: 
	/// 
	///   1. Create an OAuth10Credentials object using all four credentials, either using 
	///      the four argument constructor, or by using the default constructor and setting 
	///      the credentials using the setter methods. 
	///   2. Create a URI containing the full request URI. 
	///   3. Create an appropriate HTTPRequest object. 
	///   4. Optionally, create a HTMLForm object containing additional parameters to sign. 
	///   5. Sign the request by calling authenticate(). This will add an OAuth 
	///      Authorization header to the request. 
	///   6. Send the request using a HTTPClientSession. 
	/// 
	/// To request the OAuth request token from a server, using only the consumer (client) key 
	/// and consumer (client) secret: 
	/// 
	///   1. Create an OAuth10Credentials object using the two consumer credentials, either using 
	///      the two argument constructor, or by using the default constructor and setting 
	///      the credentials using the setter methods. 
	///   2. Specify the callback URI using setCallback(). 
	///   3. Create a URI containing the full request URI to obtain the token. 
	///   4. Create an appropriate HTTPRequest object. 
	///   5. Sign the request by calling authenticate(). This will add an OAuth 
	///      Authorization header to the request. 
	///   6. Send the request using a HTTPClientSession. 
	///   7. The response will contain the request token and request token secret. 
	///      These can be extracted from the response body using a HTMLForm object. 
	/// 
	/// Requesting the access token and secret (temporary credentials) from the server  
	/// is analogous to signing a client request using consumer key, consumer secret,  
	/// request token and request token secret.  
	/// The server response will contain the access token and access token secret, 
	/// which can again be extracted from the response body using a HTMLForm object. 
	/// 
	/// To verify a request on the server: 
	/// 
	///   1. Create an OAuth10Credentials object using the constructor taking a 
	///      HTTPRequest object. This will extract the consumer key and token (if 
	///      provided). 
	///   2. Provide the consumer secret and token secret (if required) matching the 
	///      consumer key and token to the OAuth10Credentials object using the  
	///      setter methods. 
	///   3. Create an URI object containing the full request URI. 
	///   4. Call verify() to verify the signature. 
	///   5. If verification was successful, and the request was a request for 
	///      a request (temporary) token, call getCallback() to 
	///      obtain the callback URI provided by the client. 
{ 
public: 
	enum SignatureMethod 
		/// OAuth 1.0A Signature Method. 
	{ 
		SIGN_PLAINTEXT, /// OAuth 1.0A PLAINTEXT signature method 
		SIGN_HMAC_SHA1  /// OAuth 1.0A HMAC-SHA1 signature method 
	}; 
	 
	OAuth10Credentials(); 
		/// Creates an empty OAuth10Credentials object. 
 
	OAuth10Credentials(const std::string& consumerKey, const std::string& consumerSecret); 
		/// Creates an OAuth10Credentials object with the given consumer key and consumer secret. 
		/// 
		/// The token and tokenSecret will be left empty. 
 
	OAuth10Credentials(const std::string& consumerKey, const std::string& consumerSecret, const std::string& token, const std::string& tokenSecret); 
		/// Creates an OAuth10Credentials object with the given consumer key and  
		/// consumer secret, as well as token and token secret. 
 
	explicit OAuth10Credentials(const HTTPRequest& request); 
		/// Creates an OAuth10Credentials object from a HTTPRequest object. 
		/// 
		/// Extracts consumer key and token (if available) from the Authorization header. 
		/// 
		/// Throws a NotAuthenticatedException if the request does 
		/// not contain OAuth 1.0 credentials. 
 
	~OAuth10Credentials(); 
		/// Destroys the OAuth10Credentials. 
 
	void setConsumerKey(const std::string& consumerKey); 
		/// Sets the consumer key. 
		 
	const std::string& getConsumerKey() const; 
		/// Returns the consumer key. 
 
	void setConsumerSecret(const std::string& consumerSecret); 
		/// Sets the consumer secret. 
		 
	const std::string& getConsumerSecret() const; 
		/// Returns the consumer secret. 
		 
	void setToken(const std::string& token); 
		/// Sets the token. 
		 
	const std::string& getToken() const; 
		/// Returns the token. 
 
	void setTokenSecret(const std::string& tokenSecret); 
		/// Sets the token. 
		 
	const std::string& getTokenSecret() const; 
		/// Returns the token secret. 
		 
	void setRealm(const std::string& realm); 
		/// Sets the optional realm to be included in the Authorization header. 
		 
	const std::string& getRealm() const; 
		/// Returns the optional realm to be included in the Authorization header. 
		 
	void setCallback(const std::string& uri); 
		/// Sets the callback URI. 
		 
	const std::string& getCallback() const; 
		/// Returns the callback URI. 
				 
	void authenticate(HTTPRequest& request, const Poco::URI& uri, SignatureMethod method = SIGN_HMAC_SHA1); 
		/// Adds an OAuth 1.0A Authentication header to the given request, using 
		/// the given signature method. 
		 
	void authenticate(HTTPRequest& request, const Poco::URI& uri, const Poco::Net::HTMLForm& params, SignatureMethod method = SIGN_HMAC_SHA1); 
		/// Adds an OAuth 1.0A Authentication header to the given request, using 
		/// the given signature method. 
 
	bool verify(const HTTPRequest& request, const Poco::URI& uri); 
		/// Verifies the signature of the given request.  
		/// 
		/// The consumer key, consumer secret, token and token secret must have been set. 
		/// 
		/// Returns true if the signature is valid, otherwise false. 
		/// 
		/// Throws a NotAuthenticatedException if the request does not contain OAuth 
		/// credentials, or in case of an unsupported OAuth version or signature method. 
		 
	bool verify(const HTTPRequest& request, const Poco::URI& uri, const Poco::Net::HTMLForm& params); 
		/// Verifies the signature of the given request.  
		/// 
		/// The consumer key, consumer secret, token and token secret must have been set. 
		/// 
		/// Returns true if the signature is valid, otherwise false. 
		/// 
		/// Throws a NotAuthenticatedException if the request does not contain OAuth 
		/// credentials, or in case of an unsupported OAuth version or signature method. 
 
	void nonceAndTimestampForTesting(const std::string& nonce, const std::string& timestamp); 
		/// Sets the nonce and timestamp to a wellknown value. 
		/// 
		/// For use by testsuite only, to test the signature 
		/// algorithm with wellknown inputs. 
		/// 
		/// In normal operation, the nonce is a random value 
		/// computed by createNonce() and the timestamp is taken 
		/// from the system time. 
 
	static const std::string SCHEME; 
 
protected: 
	void signPlaintext(Poco::Net::HTTPRequest& request) const; 
		/// Signs the given HTTP request according to OAuth 1.0A PLAINTEXT signature method. 
 
	void signHMACSHA1(Poco::Net::HTTPRequest& request, const std::string& uri, const Poco::Net::HTMLForm& params) const; 
		/// Signs the given HTTP request according to OAuth 1.0A HMAC-SHA1 signature method. 
 
	std::string createNonce() const; 
		/// Creates a nonce, which is basically a Base64-encoded 32 character random 
		/// string, with non-alphanumeric characters removed. 
 
	std::string createSignature(const Poco::Net::HTTPRequest& request, const std::string& uri, const Poco::Net::HTMLForm& params, const std::string& nonce, const std::string& timestamp) const; 
		/// Creates a OAuth signature for the given request and its parameters, according 
		/// to <https://dev.twitter.com/docs/auth/creating-signature>. 
		 
	static std::string percentEncode(const std::string& str); 
		/// Percent-encodes the given string according to Twitter API's rules, 
		/// given in <https://dev.twitter.com/docs/auth/percent-encoding-parameters>. 
 
private: 
	OAuth10Credentials(const OAuth10Credentials&); 
	OAuth10Credentials& operator = (const OAuth10Credentials&); 
	 
	std::string _consumerKey; 
	std::string _consumerSecret; 
	std::string _token; 
	std::string _tokenSecret; 
	std::string _callback; 
	std::string _realm; 
	std::string _nonce; 
	std::string _timestamp; 
}; 
 
 
// 
// inlines 
// 
inline const std::string& OAuth10Credentials::getConsumerKey() const 
{ 
	return _consumerKey; 
} 
 
 
inline const std::string& OAuth10Credentials::getConsumerSecret() const 
{ 
	return _consumerSecret; 
} 
 
 
inline const std::string& OAuth10Credentials::getToken() const 
{ 
	return _token; 
} 
 
 
inline const std::string& OAuth10Credentials::getTokenSecret() const 
{ 
	return _tokenSecret; 
} 
 
 
inline const std::string& OAuth10Credentials::getRealm() const 
{ 
	return _realm; 
} 
 
 
inline const std::string& OAuth10Credentials::getCallback() const 
{ 
	return _callback; 
} 
 
 
} } // namespace Poco::Net 
 
 
#endif // Net_OAuth10Credentials_INCLUDED