Merge pull request #6 from ribrdb/lti-cim

Add a method to sign a form for LTI launches.

auther.go

@@ -116,6 +116,16 @@ func (a *auther) setAccessTokenAuthHeader(req *http.Request, requestToken, reque
 // setRequestAuthHeader sets the OAuth1 header for making authenticated
 // requests with an AccessToken (token credential) according to RFC 5849 3.1.
 func (a *auther) setRequestAuthHeader(req *http.Request, accessToken *Token) error {
+	oauthParams, err := a.buildOauthParams(req, accessToken)
+	if err != nil {
+		return err
+	}
+
+	req.Header.Set(authorizationHeaderParam, authHeaderValue(oauthParams))
+	return nil
+}
+
+func (a *auther) buildOauthParams(req *http.Request, accessToken *Token) (map[string]string, error) {
 	oauthParams := a.commonOAuthParams()
 
 	var tokenSecret string
@@ -126,22 +136,20 @@ func (a *auther) setRequestAuthHeader(req *http.Request, accessToken *Token) err
 
 	params, err := collectParameters(req, oauthParams)
 	if err != nil {
-		return err
+		return nil, err
 	}
 
 	signatureBase := SignatureBase(req, params)
 	signature, err := a.signer().Sign(tokenSecret, signatureBase)
 	if err != nil {
-		return err
+		return nil, err
 	}
 
 	oauthParams[oauthSignatureParam] = signature
 	if bodyHash, ok := params[oauthBodyHash]; ok {
 		oauthParams[oauthBodyHash] = bodyHash
 	}
-
-	req.Header.Set(authorizationHeaderParam, authHeaderValue(oauthParams))
-	return nil
+	return oauthParams, nil
 }
 
 // commonOAuthParams returns a map of the common OAuth1 protocol parameters,

config.go

@@ -7,6 +7,7 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/url"
+	"strings"
 )
 
 const (
@@ -171,3 +172,21 @@ func (c *Config) AccessToken(requestToken, requestSecret, verifier string) (acce
 	}
 	return accessToken, accessSecret, nil
 }
+
+// SignForm adds the oauth params and signature to data.
+func (c *Config) SignForm(method, url string, data url.Values, accessToken *Token) error {
+	a := newAuther(c)
+	req, err := http.NewRequest(method, url, strings.NewReader(data.Encode()))
+	if err != nil {
+		return err
+	}
+	req.Header.Set("Content-Type", formContentType)
+	oauthParams, err := a.buildOauthParams(req, accessToken)
+	if err != nil {
+		return err
+	}
+	for key, value := range oauthParams {
+		data.Set(key, value)
+	}
+	return nil
+}

go.mod

@@ -0,0 +1,6 @@
+module github.com/derivita/oauth1
+
+require (
+	github.com/stretchr/testify v1.4.0
+	gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect
+)

go.sum

@@ -0,0 +1,15 @@
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=