Common Lisp Package: CL-OAUTH

README:

FUNCTION

Public

ABORT-REQUEST (RESULT)

Return the string RESULT immediately from the request handler.

ACCESS-PROTECTED-RESOURCE (URI ACCESS-TOKEN &REST KWARGS &KEY (CONSUMER-TOKEN (TOKEN-CONSUMER ACCESS-TOKEN)) ON-REFRESH (TIMESTAMP (GET-UNIX-TIME)) USER-PARAMETERS ADDITIONAL-HEADERS (VERSION 1.0) DRAKMA-ARGS (AUTH-LOCATION HEADER) (REQUEST-METHOD GET) (SIGNATURE-METHOD HMAC-SHA1) (INCLUDE-USER-PARAMETERS-IN-SIGNATURE-P T))

Access the protected resource at URI using ACCESS-TOKEN. If the token contains OAuth Session information it will be checked for validity before the request is made. Should the server notify us that it has prematurely expired the token will be refresh as well and the request sent again using the new token. ON-REFRESH will be called whenever the access token is renewed.

AUTHORIZE-REQUEST-TOKEN (REQUEST-TOKEN)

Authorize a request token explicitly. Returns the authorized token.

AUTHORIZE-REQUEST-TOKEN-FROM-REQUEST (REQUEST-TOKEN-LOOKUP-FN)

Authorize a request token. Must be running in request context. REQUEST-TOKEN-LOOKUP-FN will be called with the request token key and must return a valid unauthorized request token or NIL. Returns the authorized token or NIL if the token couldn't be found.

DEFAULT-ERROR-HANDLER (CONDITION)

Default error handler for conditions of type HTTP-ERROR.

ENCODE-SIGNATURE (OCTETS URL-ENCODE-P)

9.2.1

FINALIZE-CALLBACK-URI (REQUEST-TOKEN)

Prepares the callback URI of REQUEST-TOKEN for redirection.

GET-SUPPLIED-REQUEST-TOKEN (&KEY CHECK-VERIFICATION-CODE-P)

Utility function that extracts the Consumer-supplied request token from a list of normalized parameters. Guards against non-existing and unknown tokens. Returns the request token on success.

HMAC-KEY (CONSUMER-SECRET &OPTIONAL TOKEN-SECRET)

9.2

MAKE-AUTHORIZATION-URI (URI REQUEST-TOKEN &KEY CALLBACK-URI USER-PARAMETERS)

Return the service provider's authorization URI. Use the resulting PURI for a redirect. [6.2.1] in 1.0.

MAKE-RESPONSE (ALIST)

[5.3]

NORMALIZED-PARAMETERS (&KEY REMOVE-DUPLICATES-P)

Collect request parameters and remove those excluded by the standard. See 9.1.1. Note: REMOVE-DUPLICATES-P has no effect right now.

OBTAIN-ACCESS-TOKEN (URI REQUEST-OR-ACCESS-TOKEN &KEY (CONSUMER-TOKEN (TOKEN-CONSUMER REQUEST-OR-ACCESS-TOKEN)) (REQUEST-METHOD POST) (AUTH-LOCATION HEADER) (VERSION 1.0) (TIMESTAMP (GET-UNIX-TIME)) XAUTH-USERNAME XAUTH-PASSWORD DRAKMA-ARGS (SIGNATURE-METHOD HMAC-SHA1))

Additional parameters will be stored in the USER-DATA slot of the token. POST is recommended as request method. [6.3.1]

OBTAIN-REQUEST-TOKEN (URI CONSUMER-TOKEN &KEY (VERSION 1.0) USER-PARAMETERS DRAKMA-ARGS (TIMESTAMP (GET-UNIX-TIME)) (AUTH-LOCATION HEADER) (REQUEST-METHOD POST) CALLBACK-URI ADDITIONAL-HEADERS (SIGNATURE-METHOD HMAC-SHA1) (INCLUDE-USER-PARAMETERS-IN-SIGNATURE-P T))

Additional parameters will be stored in the USER-DATA slot of the token.

PARAMETER (NAME &KEY (TEST #'EQUAL))

Note: OAuth parameters are case-sensitive per section 5. The case of user-supplied parameters is not restricted.

REQUEST-TOKEN-RESPONSE (REQUEST-TOKEN &REST ADDITIONAL-PARAMETERS)

Respond to a valid request token request. [6.1.2]

REQUEST-URI (&OPTIONAL (REQUEST (REQUEST)))

Return the request uri including protocol, host, port and path. Other parts like the query string are optional and will be ignored. The result type is (or string puri:uri).

SORT-PARAMETERS (PARAMETERS)

Sort PARAMETERS according to the OAuth spec. This is a destructive operation.

URL-ENCODE (INPUT &OPTIONAL (EXTERNAL-FORMAT +UTF-8+))

URL-encodes INPUT according to the percent encoding rules of RFC5849 (section 3.6). If a string is passed as INPUT, it is encoded using the external format EXTERNAL-FORMAT. If a vector of bytes is passed, the values are used verbatim.

VALIDATE-REQUEST-TOKEN-REQUEST (&KEY (REQUEST-TOKEN-CTOR #'MAKE-REQUEST-TOKEN) ALLOW-OOB-CALLBACK-P)

Check whether REQUEST is a valid request token request. Returns the supplied Consumer callback (a PURI:URI) or NIL if the callback is supposed to be transferred oob. [6.1.1]

Undocumented

ACCESS-TOKEN-EXPIRED-P (ACCESS-TOKEN)

AUTH-PARAMETERS (&OPTIONAL (REQUEST (REQUEST)))

CHECK-NONCE-AND-TIMESTAMP (CONSUMER-TOKEN)

CHECK-SIGNATURE

CHECK-VERIFICATION-CODE

CHECK-VERSION

GET-PARAMETERS (&OPTIONAL (REQUEST (REQUEST)))

HMAC-SHA1 (S KEY)

INIT-DEFAULT-REQUEST-ADAPTER

MAKE-ACCESS-TOKEN (&REST ARGS)

MAKE-CONSUMER-TOKEN (&REST ARGS)

MAKE-HUNCHENTOOT-REQUEST-ADAPTER

MAKE-REQUEST-ADAPTER (&KEY ((REQUEST-OBJECT-FN DUM3) NIL) ((REQUEST-METHOD-FN DUM4) NIL) ((REQUEST-URI-FN DUM5) NIL) ((ABORT-REQUEST-FN DUM6) NIL) ((AUTH-PARAMETERS-FN DUM7) NIL) ((POST-PARAMETERS-FN DUM8) NIL) ((GET-PARAMETERS-FN DUM9) NIL) ((DOCUMENTATION DUM10) An adapter for server-specific parts of OAuth. The return value of REQUEST-OBJECT-FN must be comparable with EQ.))

MAKE-REQUEST-TOKEN (&REST ARGS)

POST-PARAMETERS (&OPTIONAL (REQUEST (REQUEST)))

RAISE-ERROR (TYPE &OPTIONAL REASON-PHRASE-FMT &REST REASON-PHRASE-ARGS)

REQUEST

REQUEST-METHOD (&OPTIONAL (REQUEST (REQUEST)))

SIGNATURE-BASE-STRING (&KEY (URI (REQUEST-URI)) (REQUEST-METHOD (REQUEST-METHOD)) (PARAMETERS (NORMALIZED-PARAMETERS)))

VALIDATE-ACCESS-TOKEN

VALIDATE-ACCESS-TOKEN-REQUEST (&KEY (ACCESS-TOKEN-CTOR #'MAKE-ACCESS-TOKEN))

Private

ALIST->PLIST (ALIST)

Converts an alist to plist.

COMPOSE (FUNCTION &REST MORE-FUNCTIONS)

Returns a function composed of FUNCTION and MORE-FUNCTIONS that applies its arguments to to each in turn, starting from the rightmost of MORE-FUNCTIONS, and then calling the next one with the primary value of the last.

CREATE-PREFIX-DISPATCHER (PREFIX HANDLER)

Creates a request dispatch function which will dispatch to the function denoted by HANDLER if the file name of the current request starts with the string PREFIX.

CURRY (FUNCTION &REST ARGUMENTS)

Returns a function that applies ARGUMENTS and the arguments it is called with to FUNCTION.

ENSURE-LIST (LIST)

If LIST is a list, it is returned. Otherwise returns the list designated by LIST.

GET-SUPPLIED-ACCESS-TOKEN

Utility function that extracts the Consumer-supplied request token from a list of normalized parameters. Guards against non-existing and unknown tokens. Returns the request token on success.

OAUTH-PARAMETER-P (PARAMETER)

Return T if PARAMETER starts with "oauth_". PARAMETER is a string denoting the parameter name.

RCURRY (FUNCTION &REST ARGUMENTS)

Returns a function that applies the arguments it is called with and ARGUMENTS to FUNCTION.

REQUEST-ADAPTER-ABORT-REQUEST-FN (INSTANCE)

@arg[extid]{A @class{extid}} @return[sytemid]{puri:uri or nil} Returns the System ID part of this External ID.

REQUEST-ADAPTER-AUTH-PARAMETERS-FN (INSTANCE)

@arg[extid]{A @class{extid}} @return[sytemid]{puri:uri or nil} Returns the System ID part of this External ID.

REQUEST-ADAPTER-DOCUMENTATION (INSTANCE)

@arg[extid]{A @class{extid}} @return[sytemid]{puri:uri or nil} Returns the System ID part of this External ID.

REQUEST-ADAPTER-GET-PARAMETERS-FN (INSTANCE)

@arg[extid]{A @class{extid}} @return[sytemid]{puri:uri or nil} Returns the System ID part of this External ID.

REQUEST-ADAPTER-POST-PARAMETERS-FN (INSTANCE)

@arg[extid]{A @class{extid}} @return[sytemid]{puri:uri or nil} Returns the System ID part of this External ID.

REQUEST-ADAPTER-REQUEST-METHOD-FN (INSTANCE)

@arg[extid]{A @class{extid}} @return[sytemid]{puri:uri or nil} Returns the System ID part of this External ID.

REQUEST-ADAPTER-REQUEST-OBJECT-FN (INSTANCE)

@arg[extid]{A @class{extid}} @return[sytemid]{puri:uri or nil} Returns the System ID part of this External ID.

REQUEST-ADAPTER-REQUEST-URI-FN (INSTANCE)

@arg[extid]{A @class{extid}} @return[sytemid]{puri:uri or nil} Returns the System ID part of this External ID.

SPLIT-SEQUENCE (DELIMITER SEQUENCE &KEY (START 0) (END NIL) (FROM-END NIL) (COUNT NIL) (REMOVE-EMPTY-SUBSEQS NIL) (TEST #'EQL) (TEST-NOT NIL) (KEY #'IDENTITY))

Return a list of subsequences in seq delimited by delimiter. If :remove-empty-subseqs is NIL, empty subsequences will be included in the result; otherwise they will be discarded. All other keywords work analogously to those for CL:SUBSTITUTE. In particular, the behaviour of :from-end is possibly different from other versions of this function; :from-end values of NIL and T are equivalent unless :count is supplied. The second return value is an index suitable as an argument to CL:SUBSEQ into the sequence indicating where processing stopped.

URI-WITH-ADDITIONAL-QUERY-PART (URI QUERY-PART)

Given a URI string or PURI uri, adds the string QUERY-PART to the end of the URI. If it has query params already they are added onto it.

URL-DECODE (STRING &OPTIONAL (EXTERNAL-FORMAT +UTF-8+))

Decodes a URL-encoded STRING which is assumed to be encoded using the external format EXTERNAL-FORMAT.

Undocumented

ACCESS-TOKEN-RESPONSE (ACCESS-TOKEN &REST ADDITIONAL-PARAMETERS)

ALIST->QUERY-STRING (ALIST &KEY (INCLUDE-LEADING-AMPERSAND T) URL-ENCODE)

BETWEEN (WHAT LOWER UPPER)

BUILD-AUTH-STRING (PARAMETERS)

COPY-REQUEST-ADAPTER (INSTANCE)

GENERATE-AUTH-PARAMETERS (CONSUMER SIGNATURE-METHOD TIMESTAMP VERSION &OPTIONAL TOKEN)

GENERATE-NONCE (&OPTIONAL (SIZE 30))

GET-CONSUMER-TOKEN (KEY)

GET-PROBLEM-REPORT (HEADERS BODY)

GET-PROBLEM-REPORT-FROM-HEADERS (HEADERS)

GET-SUPPLIED-CALLBACK-URI (&KEY ALLOW-OOB-CALLBACK-P (ALLOW-NONE (EQ *PROTOCOL-VERSION* 1.0)))

GET-SUPPLIED-CONSUMER-TOKEN

GET-UNIX-TIME (&OPTIONAL (UT (GET-UNIVERSAL-TIME)))

HTTP-REQUEST (URI &KEY (AUTH-LOCATION HEADER) (METHOD GET) AUTH-PARAMETERS PARAMETERS ADDITIONAL-HEADERS DRAKMA-ARGS)

INVALIDATE-REQUEST-TOKEN (REQUEST-TOKEN)

MAYBE-REFRESH-ACCESS-TOKEN (ACCESS-TOKEN &OPTIONAL ON-REFRESH)

QUERY-STRING->ALIST (QUERY-STRING)

RANDOM-KEY

RANDOM-SECRET

RANDOM-VERIFICATION-CODE

REFRESH-ACCESS-TOKEN (ACCESS-TOKEN)

REMOVE-OAUTH-PARAMETERS (PARAMETERS)

SETFREQUEST-ADAPTER-ABORT-REQUEST-FN (NEW-VALUE INSTANCE)

SETFREQUEST-ADAPTER-AUTH-PARAMETERS-FN (NEW-VALUE INSTANCE)

SETFREQUEST-ADAPTER-DOCUMENTATION (NEW-VALUE INSTANCE)

SETFREQUEST-ADAPTER-GET-PARAMETERS-FN (NEW-VALUE INSTANCE)

REQUEST-ADAPTER-P (OBJECT)

SETFREQUEST-ADAPTER-POST-PARAMETERS-FN (NEW-VALUE INSTANCE)

SETFREQUEST-ADAPTER-REQUEST-METHOD-FN (NEW-VALUE INSTANCE)

SETFREQUEST-ADAPTER-REQUEST-OBJECT-FN (NEW-VALUE INSTANCE)

SETFREQUEST-ADAPTER-REQUEST-URI-FN (NEW-VALUE INSTANCE)

SPLICE-ALIST (ALIST)

STRING-OR-OCTETS->OCTETS (X)

MACRO

Public

Undocumented

PROTOCOL-ASSERT (&BODY BODY)

Private

UPGRADE-VECTOR (VECTOR NEW-TYPE &KEY CONVERTER)

Returns a vector with the same length and the same elements as VECTOR (a variable holding a vector) but having element type NEW-TYPE. If CONVERTER is not NIL, it should designate a function which will be applied to each element of VECTOR before the result is stored in the new vector. The resulting vector will have a fill pointer set to its end. The macro also uses SETQ to store the new vector in VECTOR.

WITH-UNIQUE-NAMES (NAMES &BODY FORMS)

Alias for WITH-GENSYMS.

Undocumented

IGNORE-OAUTH-ERRORS (&BODY BODY)

GENERIC-FUNCTION

Public

Undocumented

REGISTER-TOKEN (TOKEN)

UNREGISTER-TOKEN (TOKEN)

Private

Undocumented

HTTP-ERROR-REASON-PHRASE (CONDITION)

HTTP-ERROR-STATUS-CODE (CONDITION)

NORMALIZE-URI (URI)

SLOT-ACCESSOR

Public

ACCESS-TOKEN-AUTHORIZATION-EXPIRES (OBJECT)

Universal time when this token's session expires.

ACCESS-TOKEN-EXPIRES (OBJECT)

Universal time when this token expires.

REQUEST-TOKEN-CALLBACK-URI (OBJECT)

Callback URI for this request token. NIL means oob.

REQUEST-TOKEN-VERIFICATION-CODE (OBJECT)

Might be NIL for OAuth 1.0

SETFREQUEST-TOKEN-VERIFICATION-CODE (NEW-VALUE OBJECT)

Might be NIL for OAuth 1.0

TOKEN-CONSUMER (OBJECT)

The Consumer that originally requested this token.

SETFTOKEN-CONSUMER (NEW-VALUE OBJECT)

The Consumer that originally requested this token.

TOKEN-USER-DATA (OBJECT)

Application-specific data associated with this token; an alist.

SETFTOKEN-USER-DATA (NEW-VALUE OBJECT)

Application-specific data associated with this token; an alist.

Undocumented

ACCESS-TOKEN-SESSION-HANDLE (OBJECT)

REQUEST-TOKEN-AUTHORIZED-P (OBJECT)

SETFREQUEST-TOKEN-AUTHORIZED-P (NEW-VALUE OBJECT)

TOKEN-KEY (OBJECT)

TOKEN-SECRET (OBJECT)

Private

ACCESS-TOKEN-ORIGIN-URI (OBJECT)

URI this access token has been obtained from. Needed for refresh.

Undocumented

CONSUMER-TOKEN-LAST-TIMESTAMP (OBJECT)

SETFCONSUMER-TOKEN-LAST-TIMESTAMP (NEW-VALUE OBJECT)

VARIABLE

Public

*REQUEST*

User-supplied request override. Only if you know what you're doing.

*REQUEST-ADAPTER*

Set this variable to an instance of REQUEST-ADAPTER tailored to your web server.

Undocumented

*PROTOCOL-VERSION*

Private

*DISPATCH-TABLE*

A global list of dispatch functions.

*PARAMETERS-CACHE*

Per-request cache for parameters in OAuth requests.

*SIGNATURE-CACHE*

Per-request cache for signatures in OAuth requests.

Undocumented

*ISSUED-ACCESS-TOKENS*

*ISSUED-REQUEST-TOKENS*

*REGISTERED-CONSUMERS*

+UTF-8+

CLASS

Public

Undocumented

ACCESS-TOKEN

CONSUMER-TOKEN

REQUEST-ADAPTER

REQUEST-TOKEN

TOKEN

Private

CONSUMER-REF-MIXIN

Mixin for classes that refer to a consumer.

CONDITION

Public

Undocumented

BAD-REQUEST

HTTP-ERROR

UNAUTHORIZED

CONSTANT

Private

Undocumented

+UNIX-TO-UNIVERSAL-TIME+