This repo is for distribution on bower. The source for this module is in the
main angular-hu-oauth1 repo.
Please file issues and pull requests against that repo.
Factory that creates an interceptor to sign oauth1 requests. Once you have arrived here, you must know that storing secrets in the client, even for signing requests, is not safe. The secret you will use in this module can be seen by anybody.
Get it from bower or directly download it.
bower install --save angular-hu-oauth1Add the oauth1 and the signature generation dependency in the HTML
<script type="text/javascript" src="bower_components/oauth-signature-js/dist/oauth-signature.js"></script>
<script type="text/javascript" src="bower_components/angular-hu-oauth1/oauth1.js"></script>Add the httpu.oauth1 dependency to your App Module
angular.module('MyApp', ['httpu.oauth1']);The huOAuth1InterceptorFactory dependency is now available
angular.module('MyApp')
.config(function($httpProvider) {
$httpProvider.interceptors.push('oauthInterceptor');
})
//Create your specific backend oauth implementation to be added to your request interceptors
.factory('oauthInterceptor', function(huOAuth1InterceptorFactory) {
//all parameters are optional.
//Refer to source code for default implementations and more instantiation options are below
return huOAuth1InterceptorFactory({
getTimestamp: myTimestampGetter //oauth must be signed with your server time.
});
})
.run(function($http) {
$http.get('http://myapi.com/things', {
params: {
id: 5
},
oauth1: {
consumerKey: 'myConsumerKey',
consumerSecret: 'myConsumerSecret'
}
});
//GET http://myapi.com/things?id=5&oauth_consumer_key=myConsumerKey&oauth_nonce=W5x7uncL3ni&oauth_timestamp=123434334&oauth_signature=9frD%2Bwl4j6zsXtztwWHIRqFKmu8%3D&oauth_signature_method=HMAC-SHA1&oauth_version=1.0
});Options to pass to huOAuth1InterceptorFactory at instantiation time
Function to retrieve the server timestamp. Must return Number or a promise resolving to a Number that represents the current server time in seconds
function myTimestampGetter() {
return $http.get('http://myserver.com/time')
.then(function(response) {
return response.data;
});
}
return huOAuth1InterceptorFactory({
getTimestamp: myTimestampGetter //oauth must be signed with your server time.
});Function to convert the request params property to a set of {key, value} strings. This set must be the same that angular is using to generate your URL, so refer to httpu.urlbuilder module to make a DRY implementation.
function mySerializer(params, addKeyValue) {
//`params` is the request params property: {id: 5} in the above example
//`addKeyValue` is the {Function} to call with every {key, value} set
angular.forEach(params, function(value, key) {
if (angular.isDate(value)) {
//our Backend understand dates as ISOStrings
addKeyValue(key, value.toISOString());
} else {
addKeyValue(key, String(value));
}
});
}
return huOAuth1InterceptorFactory({
serializer: mySerializer //oauth must be signed with your server time.
});Function to create errors that may happen inside the interceptor. Use this method when you have some kind of error recovery executing in your interceptors chain. Creating errors on interceptors is dangerous, cause another interceptor with requestError/responseError can have other error management strategies.
This interceptor creates an error when you don't specify a consumerKey or consumerSecret in the request oauth1 property. It also catches the possible errors in your getTimestamp and signature generation implementation.
The current request will be rejected with the object this function returns
function myCreateError(config, error) {
//`config` is the request config property
//`error` is the original error that caused this interceptor to fail
config.error = err;
return config;
}
return huOAuth1InterceptorFactory({
createError: myCreateError
});- You have one or severals backends that need oauth1 signed request, with different configurations.
The MIT License (MIT)
Copyright (c) 2015 Telefónica I+D - http://www.tid.es