/usr/share/tcltk/tcllib1.17/oauth/oauth.tcl is in tcllib 1.17-dfsg-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 | # !/bin/sh
# the next line will restart with tclsh wherever it is \
exec tclsh "$0" "$@"
# oauth.tcl -*- tcl -*-
# This module pretend give full support to API version 1.1 of Twitter
# according to API v1.1’s Authentication Model
#
# Copyright (c) 2014 Javier Pérez - <hxm@eggdrop.es>
# gave to tcllib
#
# About OAuthv1.0a
# There are 3 steps we need complete to get authenticated with OAuth.
# Steps:
# 1. Authorizing a request: we need 7 parameters.
# 1.1 Consumer key (oauth_consumer_key) from your app (dev.twitter.com/apps)
# 1.2 Nonce (oauth_nonce) unique&random token autogenerated by base64 32bits
# 1.3 Signature (oauth_signature) all the other requests and 2 secret values
# trought a signing algorithm.
# 1.4 Signature method (oauth_signature_method) which is HMAC-SHA1
# 1.5 Timestamp (oauth_timestamp) time in unix format of the request
# 1.6 Token (oauth_token) a parameter you can obtain in your account settings
# 1.7 Version (oauth_version) the OAuth version, actually 1.0
# TODO: create online documentation
package require Tcl 8.5
package provide oauth 1
package require http
package require tls
package require base64
package require sha1
http::register https 443 ::tls::socket
namespace eval ::oauth {
namespace export query
variable commands [namespace export]
variable project {OAuth1.0}
variable version [package present oauth]
variable description {OAuth authentication for Twitter support.}
variable author {Javier Pérez <hxm@eggdrop.es>}
# AK: changed to ISO date format.
variable created {2012-12-30, published 2014-02-10}
variable script [info script]
variable contact "$project $version ~ $description ($author)"
variable oauth
if {![info exists oauth]} {
array set oauth {
-accesstoken {}
-accesstokensecret {}
-consumerkey {}
-consumersecret {}
-debug 0
-oauthversion 1.0
-proxyhost {}
-proxyport {}
-ratelimit 1
-signmethod HMAC-SHA1
-timeout 6000
-urlencoding utf-8
}
set oauth(-useragent) "Mozilla/5.0\
([string totitle $::tcl_platform(platform)]; U;\
$::tcl_platform(os) $::tcl_platform(osVersion))\
oauth/${version} Tcl/[package provide Tcl]"
}
}
# config --
#
# See documentation for details.
#
# Arguments:
# args options parsed by the procedure.
# Results:
# This procedure returns the array with the current configuration
# In order to create an array with the result of this procedure you can do
# it in this way: array set settings [oauth::config ...]
proc ::oauth::config {args} {
variable oauth
set options [array names oauth -*]
set usage [join $options {, }]
if {$args eq {}} {
return [array get oauth]
}
foreach {flag value} $args {
set optionflag [lsearch -inline -nocase $options $flag]
if {$optionflag eq ""} {
Error "Unknown option \"${flag}\", must be: $usage" BAD OPTION
}
set oauth($optionflag) $value
}
return [array get oauth]
}
# header --
# Following OAuth1.0a rules, this procedure collects all
# information required for get the authentication. All we need
# is a header for our api queries with our user and app
# information for the verification of who we are. Collect it,
# encode it as the protocol says and add it to the geturl
# command. If you want, you can use this procedure for your
# own queries, just use it as header. Example:
# http::geturl $twitter(url) -header [oauth::header <...>] <...>
#
# You can get more information about how twitter api works reading this:
# https://dev.twitter.com/overview/documentation
#
# Arguments:
# baseURL: full url path of twitter api. If it should be sent
# as GET, add the query string.
# postQuery: arguments passed at the request body as POST. This
# should be in http query format.
# Result:
# This proc will return a list of values like this:
# Authorization:
# OAuth oauth_consumer_key="xvz1evFS4wEEPTGEFPHBog",
# oauth_nonce="kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
# oauth_signature="tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
# oauth_signature_method="HMAC-SHA1",
# oauth_timestamp="1318622958",
# oauth_token="370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
# oauth_version="1.0"
proc ::oauth::header {baseURL {postQuery ""}} {
variable oauth
if {$oauth(-signmethod) eq ""} {
Error "ERROR: invalid argument for -signmethod." BAD SIGN-METHOD
}
if {[package vcompare $oauth(-oauthversion) 1.0] != 0} {
Error "ERROR: this script only supports oauth_version 1.0" \
BAD OAUTH-VERSION
}
if {$oauth(-consumerkey) eq ""} {
Error "ERROR: please define your consumer key.\
[namespace current]::config -consumerkey <...>" \
BAD CONSUMER-KEY
}
if {$oauth(-accesstoken) eq ""} {
Error "ERROR: please define your app's access token.\
[namespace current]::config -accesstoken <...>" \
BAD ACCESS-TOKEN
}
set randomKey [sha1::sha1 [expr {[clock milliseconds] + round(rand()*50000)}]]
set timestamp [clock seconds]
lappend paramList "oauth_consumer_key=$oauth(-consumerkey)"
lappend paramList "oauth_nonce=$randomKey"
lappend paramList "oauth_signature_method=$oauth(-signmethod)"
lappend paramList "oauth_timestamp=$timestamp"
lappend paramList "oauth_token=$oauth(-accesstoken)"
lappend paramList "oauth_version=$oauth(-oauthversion)"
if {$postQuery eq {}} {
set url [lindex [split $baseURL {?}] 0]
set queryString [lindex [split $baseURL {?}] 1]
foreach argument [split $queryString {&}] {
lappend paramList $argument
}
set httpMethod {GET}
} else {
set url $baseURL
set httpMethod {POST}
}
foreach parameter $paramList {
set key [lindex [split $parameter {=}] 0]
set value [join [lrange [split $parameter {=}] 1 end] {=}]
lappend header "${key}=\"${value}\""
}
set paramString [join [lsort -dictionary $paramList] {&}]
lappend baseList $httpMethod
lappend baseList [PercentEncode $url]
lappend baseList [PercentEncode $paramString]
set signString [join $baseList {&}]
set signKey "[PercentEncode $oauth(-consumersecret)]&[PercentEncode $oauth(-accesstokensecret)]"
set signature [base64::encode [sha1::hmac -bin -key $signKey $signString]]
lappend header "oauth_signature=\"[PercentEncode $signature]\""
if {$oauth(-debug) == 1} {
puts {oauth::header: Authorization Oauth}
foreach line $header {
puts "\t$line"
}
puts "\nBaseString: $signString"
}
return "Authorization [list [concat OAuth [join [lsort -dictionary $header] {, }]]]"
}
# query --
# Sends to oauth API url the proper oauth header and querybody
# returning the raw data from Twitter for your parse.
# Arguments:
# baseURL api host URL with ?arguments if it's a GET request
# postQuery POST query if it's a POST query
# Result:
# The result will be list with 2 arguments.
# The first argument is an array with the http's header
# and the second one is JSON data received from the server. The header is
# very important because it reports your rest API limit and will
# inform you if you can get your account suspended.
proc ::oauth::query {baseURL {postQuery ""}} {
variable oauth
if {$oauth(-consumerkey) eq ""} {
Error "ERROR: please define your consumer key.\
[namespace current]::config -consumerkey <...>" \
BAD CONSUMER-KEY
}
if {$oauth(-consumersecret) eq ""} {
Error "ERROR: please define your app's consumer secret.\
[namespace current]::config -consumersecret <...>" \
BAD CONSUMER-SECRET
}
if {$oauth(-accesstoken) eq ""} {
Error "ERROR: please define your access token.\
[namespace current]::config -accesstoken <...>" \
BAD ACCESS-TOKEN
}
if {$oauth(-accesstokensecret) eq ""} {
Error "ERROR: please define your app's access token secret.\
[namespace current]::config -accesstokensecret <...>" \
BAD ACCESS-TOKEN-SECRET
}
if {$postQuery eq ""} {
set url [lindex [split $baseURL {?}] 0]
set queryString [join [lrange [split $baseURL {?}] 1 end] {?}]
set httpMethod {GET}
} else {
set url $baseURL
set httpMethod {POST}
}
if {$httpMethod eq {GET}} {
if {$queryString ne {}} {
append url ? $queryString
}
set requestBody {}
} else {
set requestBody $queryString
}
if {$queryString ne {}} {
set headerURL ${url}?${queryString}
} else {
set headerURL $url
}
set header [header $headerURL]
http::config \
-proxyhost $oauth(-proxyhost) \
-proxyport $oauth(-proxyport) \
-useragent $oauth(-useragent)
set token [http::geturl $baseURL \
-headers $header \
-query $requestBody \
-method $httpMethod \
-timeout $oauth(-timeout)]
set ncode [http::ncode $token]
set data [http::data $token]
upvar #0 $token state
lappend result [array names state]
lappend result $data
http::cleanup $token
return $result
}
# PercentEncode --
# Encoding process in http://tools.ietf.org/html/rfc3986#section-2.1
# for Twitter authentication. (http::formatQuery is lowcase)
proc ::oauth::PercentEncode {string} {
set utf8String [encoding convertto utf-8 $string]
return [string map {"\n" "%0A"} \
[subst [regsub -all \
{[^-A-Za-z0-9._~\n]} $utf8String \
{%[format "%02X" [scan "\\\0" "%c"]]}]]]
}
proc ::oauth::Error {string args} {
return -code error -errorcode [linsert $args 0 OAUTH] $string
}
return
|