func (bs *BossSearch) signQuery(url string, values *url.Values) { cred := oauth.Credentials{} cred.Token = bs.Token cred.Secret = bs.Secret client := oauth.Client{} client.SignatureMethod = oauth.HMACSHA1 client.Credentials = cred client.SignForm(nil, "GET", url, *values) }
// url: GET /oauthtwittercb?redirect=$redirect func handleOauthTwitterCallback(w http.ResponseWriter, r *http.Request) { //fmt.Printf("handleOauthTwitterCallback()\n") redirect := strings.TrimSpace(r.FormValue("redirect")) if redirect == "" { serveErrorMsg(w, "Missing redirect value for /login") return } tempCred := oauth.Credentials{ Token: r.FormValue("oauth_token"), } tempCred.Secret = decodeTwitterTempFromCookie(r) if "" == tempCred.Secret { http.Error(w, "Error getting temp token secret from cookie, ", 500) return } //fmt.Printf(" tempCred.Secret: %s\n", tempCred.Secret) tokenCred, _, err := oauthClient.RequestToken(http.DefaultClient, &tempCred, r.FormValue("oauth_verifier")) if err != nil { http.Error(w, "Error getting request token, "+err.Error(), 500) return } //fmt.Printf(" tokenCred.Token: %s\n", tokenCred.Token) var info map[string]interface{} if err := getTwitter( tokenCred, "https://api.twitter.com/1/account/verify_credentials.json", nil, &info); err != nil { http.Error(w, "Error getting timeline, "+err.Error(), 500) return } if user, ok := info["screen_name"].(string); ok { //fmt.Printf(" username: %s\n", user) cookie := getSecureCookie(r) cookie.User = user setSecureCookie(w, cookie) } http.Redirect(w, r, redirect, 302) }
func (h *authHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { var cred oauth.Credentials if err := getCookie(r, "auth", &cred); err != nil { if err != http.ErrNoCookie { http.Error(w, "Error reading auth cookie, "+err.Error(), 500) return } cred.Token = "" } var pcred *oauth.Credentials if cred.Token != "" && cred.Secret != "" { pcred = &cred } if pcred == nil && !h.optional { http.Error(w, "Not logged in.", 403) return } h.handler(w, r, pcred) }