Merge pull request #37 from timhall/oauth1-updates

Oauth1 updates

Author: timhall

.gitignore

@@ -1,6 +1,10 @@
 # node_modules should be installed with npm install
 specs/node_modules
 
+# Ignore generated site files
+_site
+_cache
+
 # Ignore temporary Excel files
 */~$*
 

authenticators/GoogleAuthenticator.cls

@@ -60,7 +60,7 @@ Private pToken As String
 
 Public ClientId As String
 Public ClientSecret As String
-Public ApiKey As String
+Public APIKey As String
 Public Scopes As Dictionary
 Public LoginByDefault As Boolean
 
@@ -91,7 +91,7 @@ Public Property Get LoginUrl() As String
     If Not Me.Scopes Is Nothing Then
         Dim Scope As Variant
         Dim UrlParts As Dictionary
-        For Each Scope In Me.Scopes.keys()
+        For Each Scope In Me.Scopes.Keys()
             If Me.Scopes(Scope) Then
                 Set UrlParts = RestHelpers.UrlParts(CStr(Scope))
                 If UrlParts("Protocol") = "" Then
@@ -116,7 +116,7 @@ End Property
 Public Property Get Token() As String
     On Error GoTo CleanUp
 
-    If pToken = "" And Me.ApiKey = "" Then
+    If pToken = "" And Me.APIKey = "" Then
         Dim Client As New RestClient
         Dim Response As RestResponse
 
@@ -168,7 +168,7 @@ End Sub
 ' Login to Google
 ' --------------------------------------------- '
 
-Public Sub Login(Optional ApiKey As String = "")
+Public Sub Login(Optional APIKey As String = "")
     On Error GoTo CleanUp
 
     Dim IE As Object
@@ -177,9 +177,9 @@ Public Sub Login(Optional ApiKey As String = "")
     Dim Code As String
 
     Completed = True
-    If ApiKey <> "" Then
-        Me.ApiKey = ApiKey
-    ElseIf Me.ApiKey = "" Then
+    If APIKey <> "" Then
+        Me.APIKey = APIKey
+    ElseIf Me.APIKey = "" Then
         Completed = False
         Set IE = CreateObject("InternetExplorer.Application")
         With IE
@@ -232,7 +232,7 @@ End Sub
 ' --------------------------------------------- '
 
 Public Sub Logout()
-    Me.ApiKey = ""
+    Me.APIKey = ""
     Me.AuthorizationCode = ""
     Me.Token = ""
 End Sub
@@ -303,8 +303,8 @@ End Sub
 ' --------------------------------------------- '
 
 Private Sub IAuthenticator_BeforeExecute(ByVal Client As RestClient, ByRef Request As RestRequest)
-    If Me.ApiKey <> "" Then
-        Request.AddQuerystringParam "key", Me.ApiKey
+    If Me.APIKey <> "" Then
+        Request.AddQuerystringParam "key", Me.APIKey
     Else
         Request.AddHeader "Authorization", "Bearer " & Me.Token
     End If
@@ -376,7 +376,7 @@ Private Function OAuthIsDenied(IE As Object) As Boolean
 
         Dim Element As Object
         For Each Element In Document.Body.all
-            If Element.nodeName = "P" And Element.Id = "access_denied" Then
+            If Element.nodeName = "P" And Element.ID = "access_denied" Then
                 OAuthIsDenied = True
                 Exit Function
             End If
@@ -420,9 +420,9 @@ Private Function OAuthExtractError(IE As Object) As String
 
     Set Document = IE.Document
     For Each Element In Document.Body.all
-        If Element.Id = "errorCode" Then
+        If Element.ID = "errorCode" Then
             OAuthExtractError = Element.innerHTML
-        ElseIf Element.Id = "errorDescription" Then
+        ElseIf Element.ID = "errorDescription" Then
             OAuthExtractError = OAuthExtractError & ", " & Element.innerHTML
             Exit Function
         End If

authenticators/OAuth1Authenticator.cls

@@ -68,6 +68,8 @@ Public ConsumerSecret As String
 Public Token As String
 Public TokenSecret As String
 Public Realm As String
+Public Nonce As String
+Public Timestamp As String
 
 ' ============================================= '
 ' Public Methods
@@ -106,7 +108,7 @@ End Sub
 
 Private Sub IAuthenticator_BeforeExecute(ByVal Client As RestClient, ByRef Request As RestRequest)
     ' Add authorization header to request
-    Request.AddHeader "Authorization", CreateHeader(Request)
+    Request.AddHeader "Authorization", CreateHeader(Client, Request)
 End Sub
 
 ''
@@ -136,18 +138,28 @@ Private Sub IAuthenticator_HttpOpen(ByRef Http As Object, ByVal Client As RestCl
     Call Http.Open(Request.MethodName(), Request.FullUrl(BaseUrl), UseAsync)
 End Sub
 
-Private Function CreateHeader(Request As RestRequest) As String
+Public Function CreateHeader(Client As RestClient, Request As RestRequest) As String
     Dim Header As String
-    Dim nonce As String
-    Dim timestamp As String
+    Dim Nonce As String
+    Dim Timestamp As String
     Dim base As String
     Dim signingKey As String
     Dim signature As String
 
+    ' Load or create nonce and timestamp
+    If Me.Nonce <> "" Then
+        Nonce = Me.Nonce
+    Else
+        Nonce = RestHelpers.CreateNonce()
+    End If
+    If Me.Timestamp <> "" Then
+        Timestamp = Me.Timestamp
+    Else
+        Timestamp = CreateTimestamp
+    End If
+    
     ' Create needed parts of authorization header
-    nonce = CreateNonce()
-    timestamp = CreateTimestamp()
-    base = CreateBaseString(nonce, timestamp, Request)
+    base = CreateBaseString(Nonce, Timestamp, Client, Request)
     signingKey = CreateSigningKey()
     signature = CreateSignature(base, signingKey)
 
@@ -160,46 +172,85 @@ Private Function CreateHeader(Request As RestRequest) As String
 
     ' Construct header parts
     ' [OAuth Core 1.0 Revision A](http://oauth.net/core/1.0a/)
-    Header = Header & "oauth_consumer_key=" & Chr(34) & Me.ConsumerKey & Chr(34)
-    Header = Header & ", oauth_nonce=" & Chr(34) & nonce & Chr(34)
-    Header = Header & ", oauth_signature=" & Chr(34) & URLEncode(signature) & Chr(34)
-    Header = Header & ", oauth_signature_method=" & Chr(34) & SignatureMethod & Chr(34)
-    Header = Header & ", oauth_timestamp=" & Chr(34) & timestamp & Chr(34)
-    Header = Header & ", oauth_token=" & Chr(34) & Me.Token & Chr(34)
-    Header = Header & ", oauth_version=" & Chr(34) & "1.0" & Chr(34)
+    Header = Header & "oauth_consumer_key=" & Chr(34) & Me.ConsumerKey & Chr(34) & ", "
+    Header = Header & "oauth_nonce=" & Chr(34) & Nonce & Chr(34) & ", "
+    Header = Header & "oauth_signature=" & Chr(34) & UrlEncode(signature) & Chr(34) & ", "
+    Header = Header & "oauth_signature_method=" & Chr(34) & SignatureMethod & Chr(34) & ", "
+    Header = Header & "oauth_timestamp=" & Chr(34) & Timestamp & Chr(34) & ", "
+    Header = Header & "oauth_token=" & Chr(34) & Me.Token & Chr(34) & ", "
+    Header = Header & "oauth_version=" & Chr(34) & "1.0" & Chr(34)
     CreateHeader = Header
 End Function
 
-Private Function CreateBaseString(nonce As String, timestamp As String, Request As RestRequest) As String
+Public Function CreateBaseString(Nonce As String, Timestamp As String, Client As RestClient, Request As RestRequest) As String
     Dim base As String
-    Dim paramKey As Variant
 
-    base = "oauth_consumer_key" & "=" & Me.ConsumerKey
-    base = base & "&" & "oauth_nonce" & "=" & nonce
+    ' Check for parameters and add to base if present
+    Dim Parameters As String
+    Parameters = RequestParameters(Client, Request)
+    If Parameters <> "" Then
+        base = Parameters & "&"
+    End If
+    
+    base = base & "oauth_consumer_key" & "=" & Me.ConsumerKey
+    base = base & "&" & "oauth_nonce" & "=" & Nonce
     base = base & "&" & "oauth_signature_method" & "=" & SignatureMethod
-    base = base & "&" & "oauth_timestamp" & "=" & timestamp
+    base = base & "&" & "oauth_timestamp" & "=" & Timestamp
     base = base & "&" & "oauth_token" & "=" & Me.Token
     base = base & "&" & "oauth_version=1.0"
-    If Not IsMissing(Request.Parameters) And Not Request.Parameters Is Nothing Then
-        If Request.Parameters.count > 0 Then
-            For Each paramKey In Request.Parameters.keys
-                base = base & "&" & paramKey & "=" & URLEncode(Request.Parameters(paramKey))
-            Next paramKey
-        End If
+    
+    CreateBaseString = Request.MethodName() & "&" & RestHelpers.UrlEncode(RequestUrl(Client, Request)) & "&" & RestHelpers.UrlEncode(base)
+End Function
+
+Public Function RequestUrl(Client As RestClient, Request As RestRequest) As String
+' From OAuth 1.0 Docs
+' http://oauth.net/core/1.0/#anchor14
+'
+' The Signature Base String includes the request absolute URL, tying the signature to a specific endpoint.
+' The URL used in the Signature Base String MUST include the scheme, authority, and path, and MUST exclude the query and fragment as defined by [RFC3986] section 3.
+'
+' If the absolute request URL is not available to the Service Provider (it is always available to the Consumer),
+' it can be constructed by combining the scheme being used, the HTTP Host header, and the relative HTTP request URL.
+' If the Host header is not available, the Service Provider SHOULD use the host name communicated to the Consumer in the documentation or other means.
+'
+' The Service Provider SHOULD document the form of URL used in the Signature Base String to avoid ambiguity due to URL normalization.
+' Unless specified, URL scheme and authority MUST be lowercase and include the port number; http default port 80 and https default port 443 MUST be excluded.
+
+    Dim Parts As Dictionary
+    Set Parts = RestHelpers.UrlParts(Request.FullUrl(Client.BaseUrl))
+    
+    ' Url scheme and authority MUST be lowercase
+    RequestUrl = LCase(Parts("Protocol") & "//" & Parts("Hostname"))
+    
+    ' Include port (80 and 443 MUST be excluded)
+    If Parts("Port") <> 80 And Parts("Port") <> 443 Then
+        RequestUrl = RequestUrl & ":" & Parts("Port")
     End If
 
-    CreateBaseString = Request.MethodName() & "&" & URLEncode(Request.FormattedResource()) & "&" & URLEncode(base)
+    ' Include path
+    RequestUrl = RequestUrl + Parts("Uri")
+    
+    ' MUST exclude query and fragment
+End Function
+
+Public Function RequestParameters(Client As RestClient, Request As RestRequest) As String
+' TODO Sort parameters by key then value
+    
+    Dim Parts As Dictionary
+    Set Parts = RestHelpers.UrlParts(Request.FullUrl(Client.BaseUrl))
+    
+    RequestParameters = RestHelpers.UrlDecode(Replace(Parts("Querystring"), "?", ""))
 End Function
 
-Private Function CreateSigningKey() As String
+Public Function CreateSigningKey() As String
     CreateSigningKey = Me.ConsumerSecret & "&" & Me.TokenSecret
 End Function
 
-Private Function CreateSignature(base As String, signingKey As String) As String
-    CreateSignature = Base64_HMACSHA1(base, signingKey)
+Public Function CreateSignature(base As String, signingKey As String) As String
+    CreateSignature = RestHelpers.Base64_HMACSHA1(base, signingKey)
 End Function
 
-Private Function CreateTimestamp() As String
+Public Function CreateTimestamp() As String
     CreateTimestamp = CStr(DateDiff("s", #1/1/1970#, GetGMT()))
 End Function
 

build/export-specs.vbs

@@ -30,7 +30,8 @@ Modules = Array(_
   "RestRequestSpecs.bas", _
   "RestHelpersSpecs.bas", _
   "DigestAuthenticatorSpecs.bas", _
-  "GoogleAuthenticatorSpecs.bas" _
+  "GoogleAuthenticatorSpecs.bas", _
+  "OAuth1AuthenticatorSpecs.bas" _
 )
 
 If WBPath <> "" And OutputPath <> "" Then

build/export.vbs

@@ -29,7 +29,7 @@ Modules = Array(_
   "IAuthenticator.cls", _
   "RestClient.cls", _
   "RestRequest.cls", _
-  "RestResponse.cls", _
+  "RestResponse.cls" _
 )
 
 If WBPath <> "" And OutputPath <> "" Then

credentials - example.txt

@@ -25,4 +25,10 @@ Salesforce
 Facebook
 # Url: developers.facebook.com
 - id: Your App Id
-- secret: Your App Secret
+- secret: Your App Secret
+
+LinkedIn
+- api_key: Your API key
+- api_secret: Your API secret
+- user_token: Your user token
+- user_secret: Your user secret

examples/Excel-REST - Example.xlsm

@@ -0,0 +1,82 @@
+Attribute VB_Name = "LinkedIn"
+Private pLinkedInClient As RestClient
+Private pLinkedInAPIKey As String
+Private pLinkedInAPISecret As String
+Private pLinkedInUserToken As String
+Private pLinkedInUserSecret As String
+
+Private Property Get LinkedInAPIKey() As String
+    If pLinkedInAPIKey = "" Then
+        If Credentials.Loaded Then
+            pLinkedInAPIKey = Credentials.Values("LinkedIn")("api_key")
+        Else
+            pLinkedInAPIKey = InputBox("Please Enter LinkedIn API Key")
+        End If
+    End If
+    
+    LinkedInAPIKey = pLinkedInAPIKey
+End Property
+
+Private Property Get LinkedInAPISecret() As String
+    If pLinkedInAPISecret = "" Then
+        If Credentials.Loaded Then
+            pLinkedInAPISecret = Credentials.Values("LinkedIn")("api_secret")
+        Else
+            pLinkedInAPISecret = InputBox("Please Enter LinkedIn API Secret")
+        End If
+    End If
+    
+    LinkedInAPISecret = pLinkedInAPISecret
+End Property
+
+Private Property Get LinkedInUserToken() As String
+    If pLinkedInUserToken = "" Then
+        If Credentials.Loaded Then
+            pLinkedInUserToken = Credentials.Values("LinkedIn")("user_token")
+        Else
+            pLinkedInUserToken = InputBox("Please Enter LinkedIn User Token")
+        End If
+    End If
+    
+    LinkedInUserToken = pLinkedInUserToken
+End Property
+
+Private Property Get LinkedInUserSecret() As String
+    If pLinkedInUserSecret = "" Then
+        If Credentials.Loaded Then
+            pLinkedInUserSecret = Credentials.Values("LinkedIn")("user_secret")
+        Else
+            pLinkedInUserSecret = InputBox("Please Enter LinkedIn User Secret")
+        End If
+    End If
+    
+    LinkedInUserSecret = pLinkedInUserSecret
+End Property
+
+Private Property Get LinkedInClient() As RestClient
+    If pLinkedInClient Is Nothing Then
+        Set pLinkedInClient = New RestClient
+        pLinkedInClient.BaseUrl = "http://api.linkedin.com/v1/"
+        
+        Dim Auth As New OAuth1Authenticator
+        Auth.Setup _
+            ConsumerKey:=LinkedInAPIKey, _
+            ConsumerSecret:=LinkedInAPISecret, _
+            Token:=LinkedInUserToken, _
+            TokenSecret:=LinkedInUserSecret
+        Set pLinkedInClient.Authenticator = Auth
+    End If
+    
+    Set LinkedInClient = pLinkedInClient
+End Property
+
+Public Function GetProfile(Optional Callback As String = "") As RestResponse
+    Dim Request As New RestRequest
+    Request.Resource = "people/~?format={format}"
+    
+    If Callback <> "" Then
+        LinkedInClient.ExecuteAsync Request, Callback
+    Else
+        Set GetProfile = LinkedInClient.Execute(Request)
+    End If
+End Function