http/oauth fixes, http/fetch POST support, place/threads signatures, place/userthreads: twitter submit

world/net/http/oauth.c

@@ -13,52 +13,49 @@
 string consumer_key;
 string consumer_secret;
 string request_token_url;
-string request_token;
-string request_secret;
+mapping request_params = ([ ]);
+mapping access_params = ([ ]);
 string access_token_url;
-string access_token;
-string access_secret;
 string authorize_url;
 string callback_url = "http://" + my_lower_case_host() + ":" + HTTP_PORT + "/oauth"; //TODO: https?
-mapping oauth = ([]);
 object user;
 
-varargs void fetch(object ua, string url, string method, mapping oauth) {
+varargs void fetch(object ua, string url, string method, mapping get, mapping post, mapping oauth) {
     P3((">> oauth:fetch(%O, %O, %O)\n", url, method, oauth))
     unless (method) method = "GET";
+    unless (get) get = ([]);
+    unless (post) post = ([]);
     unless (oauth) oauth = ([]);
 
-    oauth["consumer_key"] = consumer_key;
-    if (access_token || request_token) oauth["token"] = access_token || request_token;
-    string token_secret = access_token ? access_secret : request_token ? request_secret : "";
-    oauth["timestamp"] = time();
-    oauth["nonce"] = sprintf("%x", random(oauth["timestamp"] ^ 98987));
-    oauth["signature_method"] = "HMAC-SHA1";
-    oauth["version"] = "1.0";
+    oauth["oauth_consumer_key"] = consumer_key;
+    string token;
+    if (token = access_params["oauth_token"] || request_params["oauth_token"])
+	oauth["oauth_token"] = token;
+    string token_secret = access_params["oauth_token_secret"] || request_params["oauth_token_secret"] || "";
+    oauth["oauth_timestamp"] = time();
+    oauth["oauth_nonce"] = sprintf("%x", random(oauth["oauth_timestamp"] ^ 98987));
+    oauth["oauth_signature_method"] = "HMAC-SHA1";
+    oauth["oauth_version"] = "1.0";
 
-    array(string) params = ({});
-    foreach (string key : sort_array(m_indices(oauth), #'>)) //'))
-	params += ({"oauth_" + key + "=" + urlencode(to_string(oauth[key]))});
-    string base_str = method + "&" + urlencode(url) + "&" + urlencode(implode(params, "&"));
-    oauth["signature"] = hmac_base64(TLS_HASH_SHA1, urlencode(consumer_secret) + "&" + urlencode(token_secret), base_str);
+    P3(("token: %O, token_secret: %O, access: %O, request: %O\n", token, token_secret, access_params, request_params))
+    string base_str = method + "&" + urlencode(url) + "&" + urlencode(make_query_string(get + post + oauth, 1));
+    oauth["oauth_signature"] = hmac_base64(TLS_HASH_SHA1, urlencode(consumer_secret) + "&" + urlencode(token_secret), base_str);
 
-    params = ({});
+    string p = "";
     foreach (string key, string value : oauth)
-	params += ({"oauth_" + key + "=\"" + urlencode(to_string(value)) + "\""});
+	p += (strlen(p) ? "," : "") + key + "=\"" + urlencode(to_string(value)) + "\"";
 
-    ua->fetch(url, method, (["Authorization": "OAuth " + implode(params, ",")]));
+    ua->fetch(url, method, post, (["Authorization": "OAuth " + p]));
 }
 
 void parse_request_token(string body, mapping headers) {
     P3((">> oauth:parse_request_token(%O, %O)\n", body, headers))
-    mapping params = ([]);
-    parse_query(params, body);
-    request_token = params["oauth_token"];
-    request_secret = params["oauth_token_secret"];
-    if (strlen(request_token) && strlen(request_secret)) {
-	shared_memory("oauth_request_tokens")[request_token] = ME;
+    request_params = ([]);
+    parse_query(request_params, body);
+    if (strlen(request_params["oauth_token"]) && strlen(request_params["oauth_token_secret"])) {
+	shared_memory("oauth_request_tokens")[request_params["oauth_token"]] = ME;
 	sendmsg(user, "_notice_oauth_authorize_url", "Open [_url] to perform authorization.",
-		(["_url": authorize_url + "?oauth_token=" + request_token]));
+		(["_url": authorize_url + "?oauth_token=" + request_params["oauth_token"]]));
     } else {
 	sendmsg(user, "_error_oauth_token_request", "OAuth failed: could not get a request token.");
     }
@@ -66,11 +63,9 @@ void parse_request_token(string body, mapping headers) {
 
 void parse_access_token(string body, mapping headers) {
     P3((">> oauth:parse_access_token(%O, %O)\n", body, headers))
-    mapping params = ([]);
-    parse_query(params, body);
-    access_token = params["oauth_token"];
-    access_secret = params["oauth_token_secret"];
-    if (strlen(access_token) && strlen(access_secret)) {
+    access_params = ([]);
+    parse_query(access_params, body);
+    if (strlen(access_params["oauth_token"]) && strlen(access_params["oauth_token_secret"])) {
 	sendmsg(user, "_notice_oauth_success", "OAuth successful.");
     } else {
 	sendmsg(user, "_error_oauth_token_access", "OAuth failed: could not get an access token.");
@@ -81,7 +76,7 @@ void verified(string verifier) {
     P3((">> oauth:verified(%O)\n", verifier))
     object ua = clone_object(NET_PATH "http/fetch");
     ua->content(#'parse_access_token, 1, 1); //');
-    fetch(ua, access_token_url, "POST", (["verifier": verifier]));
+    fetch(ua, access_token_url, "POST", 0, 0, (["oauth_verifier": verifier]));
 }
 
 object load(object usr, string key, string secret, string request, string access, string authorize) {
@@ -95,7 +90,7 @@ object load(object usr, string key, string secret, string request, string access
     if (request_token_url && user) {
 	object ua = clone_object(NET_PATH "http/fetch");
 	ua->content(#'parse_request_token, 1, 1); //');
-	fetch(ua, request_token_url, "POST", (["callback": callback_url]));
+	fetch(ua, request_token_url, "POST", 0, 0, (["oauth_callback": callback_url]));
     }
     return ME;
 }