func (bs *BossSearch) signQuery(url string, values *url.Values) {
cred := oauth.Credentials{}
cred.Token = bs.Token
cred.Secret = bs.Secret
client := oauth.Client{}
client.SignatureMethod = oauth.HMACSHA1
client.Credentials = cred
client.SignForm(nil, "GET", url, *values)
}
// url: GET /oauthtwittercb?redirect=$redirect
func handleOauthTwitterCallback(w http.ResponseWriter, r *http.Request) {
//fmt.Printf("handleOauthTwitterCallback()\n")
redirect := strings.TrimSpace(r.FormValue("redirect"))
if redirect == "" {
serveErrorMsg(w, "Missing redirect value for /login")
return
}
tempCred := oauth.Credentials{
Token: r.FormValue("oauth_token"),
}
tempCred.Secret = decodeTwitterTempFromCookie(r)
if "" == tempCred.Secret {
http.Error(w, "Error getting temp token secret from cookie, ", 500)
return
}
//fmt.Printf(" tempCred.Secret: %s\n", tempCred.Secret)
tokenCred, _, err := oauthClient.RequestToken(http.DefaultClient, &tempCred, r.FormValue("oauth_verifier"))
if err != nil {
http.Error(w, "Error getting request token, "+err.Error(), 500)
return
}
//fmt.Printf(" tokenCred.Token: %s\n", tokenCred.Token)
var info map[string]interface{}
if err := getTwitter(
tokenCred,
"https://api.twitter.com/1/account/verify_credentials.json",
nil,
&info); err != nil {
http.Error(w, "Error getting timeline, "+err.Error(), 500)
return
}
if user, ok := info["screen_name"].(string); ok {
//fmt.Printf(" username: %s\n", user)
cookie := getSecureCookie(r)
cookie.User = user
setSecureCookie(w, cookie)
}
http.Redirect(w, r, redirect, 302)
}
func (h *authHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
var cred oauth.Credentials
if err := getCookie(r, "auth", &cred); err != nil {
if err != http.ErrNoCookie {
http.Error(w, "Error reading auth cookie, "+err.Error(), 500)
return
}
cred.Token = ""
}
var pcred *oauth.Credentials
if cred.Token != "" && cred.Secret != "" {
pcred = &cred
}
if pcred == nil && !h.optional {
http.Error(w, "Not logged in.", 403)
return
}
h.handler(w, r, pcred)
}
