1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
extern crate base64;
extern crate rand;
extern crate ring;
extern crate time;
extern crate url;
use std::borrow::Cow;
use std::collections::HashMap;
use rand::Rng;
use url::percent_encoding;
use ring::{digest, hmac};
#[derive(Clone, Debug)]
pub struct Token<'a> {
pub key: Cow<'a, str>,
pub secret: Cow<'a, str>,
}
impl<'a> Token<'a> {
pub fn new<K, S>(key: K, secret: S) -> Self
where
K: Into<Cow<'a, str>>,
S: Into<Cow<'a, str>>,
{
Token {
key: key.into(),
secret: secret.into(),
}
}
}
pub fn authorize<'b>(
method: &str,
uri: &str,
consumer: &Token,
token: Option<&Token>,
params: Option<HashMap<&'static str, Cow<'b, str>>>,
) -> String {
let mut params = params.unwrap_or_else(HashMap::new);
let timestamp = time::now_utc().to_timespec().sec.to_string();
let nonce: String = rand::thread_rng().gen_ascii_chars().take(32).collect();
params.insert("oauth_consumer_key", consumer.key.clone().into());
params.insert("oauth_nonce", nonce.into());
params.insert("oauth_signature_method", "HMAC-SHA1".into());
params.insert("oauth_timestamp", timestamp.into());
params.insert("oauth_version", "1.0".into());
if let Some(tk) = token {
params.insert("oauth_token", tk.key.as_ref().into());
}
let signature = gen_signature(
method,
uri,
&to_query(¶ms),
&consumer.secret,
token.map(|t| t.secret.as_ref()),
);
params.insert("oauth_signature", signature.into());
let mut pairs = params
.iter()
.filter(|&(k, _)| k.starts_with("oauth_"))
.map(|(k, v)| format!("{}=\"{}\"", k, encode(v)))
.collect::<Vec<_>>();
pairs.sort();
format!("OAuth {}", pairs.join(", "))
}
#[derive(Copy, Clone)]
struct StrictEncodeSet;
impl percent_encoding::EncodeSet for StrictEncodeSet {
#[inline]
fn contains(&self, byte: u8) -> bool {
!((byte >= 0x61 && byte <= 0x7a) ||
(byte >= 0x41 && byte <= 0x5a) ||
(byte >= 0x30 && byte <= 0x39) ||
(byte == 0x2d) ||
(byte == 0x2e) ||
(byte == 0x5f) ||
(byte == 0x7e))
}
}
fn encode(s: &str) -> String {
percent_encoding::percent_encode(s.as_bytes(), StrictEncodeSet).collect()
}
fn to_query<'a>(params: &HashMap<&'static str, Cow<'a, str>>) -> String {
let mut pairs: Vec<_> = params
.iter()
.map(|(k, v)| format!("{}={}", encode(k), encode(v)))
.collect();
pairs.sort();
pairs.join("&")
}
fn gen_signature(
method: &str,
uri: &str,
query: &str,
consumer_secret: &str,
token_secret: Option<&str>,
) -> String {
let base = format!("{}&{}&{}", encode(method), encode(uri), encode(query));
let key = format!(
"{}&{}",
encode(consumer_secret),
encode(token_secret.unwrap_or(""))
);
let s_key = hmac::SigningKey::new(&digest::SHA1, key.as_ref());
let signature = hmac::sign(&s_key, base.as_bytes());
base64::encode(signature.as_ref())
}