require 'faraday' require 'time' require 'uri' require 'openssl' require 'base64' module Tumblr module Request class TumblrOAuth < Faraday::Middleware def call(env) if env[:method].to_s == "get" params = env[:url].query_values || {} url = "#{env[:url].scheme}://#{env[:url].host}#{env[:url].path}" else params = env[:body] || {} url = env[:url] end signature_params = params params.each do |key, value| signature_params = {} if value.respond_to?(:content_type) end env[:request_headers]["Authorization"] = self.oauth_gen(env[:method], url, signature_params) env[:request_headers]["Content-type"] = "application/x-www-form-urlencoded" env[:request_headers]["Host"] = "api.tumblr.com" @app.call(env) end def initialize(app, options={}) @app, @options = app, options end def oauth_gen(method, url, params) params[:oauth_consumer_key] = @options[:consumer_key] params[:oauth_nonce] = Time.now.to_i params[:oauth_signature_method] = 'HMAC-SHA1' params[:oauth_timestamp] = Time.now.to_i params[:oauth_token] = @options[:token] params[:oauth_version] = "1.0" params[:oauth_signature] = self.oauth_sig(method, url, params) header = [] params.each do |key, value| if key.to_s.include?("oauth") header << "#{key.to_s}=#{value}" end end "OAuth #{header.join(", ")}" end def oauth_sig(method, url, params) parts = [method.upcase, URI.encode(url.to_s, /[^a-z0-9\-\.\_\~]/i)] #sort the parameters params = Hash[params.sort_by{ |key, value| key.to_s}] encoded = [] params.each do |key, value| encoded << "#{key.to_s}=#{URI.encode(value.to_s, /[^a-z0-9\-\.\_\~]/i)}" end parts << URI.encode(encoded.join("&"), /[^a-z0-9\-\.\_\~]/i) signature_base = parts.join("&") secret = "#{@options[:consumer_secret]}&#{@options[:token_secret]}" Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1.new, secret, signature_base)).chomp.gsub(/\n/, '') end end end end