Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
exports.setConfig = function(cfg){
config = cfg;
oauth = new OAuth.OAuth(
REQUEST_URL,
ACCESS_URL,
config.xeroConsumerKey,
config.xeroConsumerSecret,
'1.0A',
null,
'HMAC-SHA1',
null,
customHeaders
);
// This is important - Xero will redirect to this URL after successful authentication
// and provide the request token as query parameters
oauth._authorize_callback = config.xeroCallbackUrl;
};
return new Promise((resolve, reject) => {
let oa = new oauth(this.options.oauth_request_url, this.options.oauth_access_url, this.options.key, this.options.secret, this.options.oauth_version, this.options.callback, this.options.oauth_encryption);
oa.getOAuthRequestToken((error, oauthToken, oauthTokenSecret, results) => {
if (error) {
return reject(`Error getting OAuth request token : ${JSON.stringify(error)}`, 500);
} else {
// assemble goodreads URL
let url = `https://goodreads.com/oauth/authorize?oauth_token=${oauthToken}&oauth_callback=${oa._authorize_callback}`;
return resolve({oauthToken, oauthTokenSecret, url});
}
})
})
}
apiBase.prototype.authRequest = function apiBaseAuthRequest(callback)
{
// cheatsheet: requestUrl, accessUrl, consumerKey, consumerSecret, version, authorize_callback, signatureMethod
this.OA = new oauth
(
this.OAuth.request,
this.OAuth.access,
this.OAuth.key,
this.OAuth.secret,
this.OAuth.version || Defaults.version,
'http://'+this.Data.callbackHost+this.OAuth.callback,
this.OAuth.signature || Defaults.signature
);
// change header separator to make 500px work with it.
this.OA._oauthParameterSeperator = ', ';
// request token
this.OA.getOAuthRequestToken(callback);
}
exports.listAccounts = function (req, res){
var oa = new OAuth( req.session.oa._requestUrl,
req.session.oa._accessUrl,
req.session.oa._consumerKey,
req.session.oa._consumerSecret,
req.session.oa._version,
req.session.oa._authorize_callback,
req.session.oa._signatureMethod
);
oa.getProtectedResource(
global.url.etrade[global.server].accounts.list,
"GET",
req.session.oauth_access_token,
req.session.oauth_access_token_secret,
function (error, data, response) {
console.log(data);
var feed = JSON.parse(data);
if (typeof process.env.SPACE_CLAW_DEV !== 'undefined') {
config.host = 'spaceclaw.com';
config.port = '8080';
config.admin = '61091860@N00';
config.backdoor = secrets.backdoor_passphrase;
}
app.use(express.static(__dirname + '/public'));
app.use(express.cookieParser());
app.use(express.session({ secret: secrets.express_session_secret, store: new RedisStore }));
app.use(express.bodyParser());
app.set('views', __dirname + '/public');
app.engine('html', require('ejs').renderFile);
var oa = new OAuth("http://www.flickr.com/services/oauth/request_token",
"http://www.flickr.com/services/oauth/access_token",
secrets.flickr_api_key,
secrets.flickr_api_secret,
"1.0A",
"http://" + config.host + (typeof config.port !== 'undefined' ? ':' + config.port : '') + "/callback",
"HMAC-SHA1");
app.get('/', function(req, res){
res.render('index.html');
});
app.get('/loggedin', function(req, res){
res.render('loggedin.html');
});
app.get('/login/:sessionId/', function(req, res){
function initOAuth(callbackURL) {
if (!callbackURL) logWarning('Warning: You have passed no callbackURL.', 'initOAuth()');
const requestURL = `${URL}/oauth/request_token`;
const accessURL = `${URL}/oauth/access_token`;
const version = '1.0';
const encryption = 'HMAC-SHA1';
OAUTH = new OAuth(requestURL, accessURL, KEY, SECRET, version, callbackURL, encryption);
};
'use strict'
const { OAuth } = require('oauth')
const request = require('superagent')
const logger = require('./../logger')
const {
getWebhookURL,
getTwitterWebhookConsumerKey,
getTwitterWebhookConsumerSecret
} = require('../utils/hooks')
const oauth = new OAuth(
'https://api.twitter.com/oauth/request_token',
'https://api.twitter.com/oauth/access_token',
getTwitterWebhookConsumerKey(),
getTwitterWebhookConsumerSecret(),
'1.0',
null,
'HMAC-SHA1'
)
const HOOK_ENV = process.env.TWITTER_WEBHOOK_ENV || 'dev'
/**
* List all registered webhooks
* @param {String} oAuthToken
* @param {String} oAuthAccessTokenSecret
*/
var express = require('express')
, passport = require('passport')
, htts = require('https')
, OAuth = require('oauth').OAuth
, crypto = require('crypto')
, util = require('util')
, fs = require('fs')
, LocalStrategy = require('passport-local').Strategy;
//var couchkeys = require('./couchkeys');
/**
* Prepare to use Twitter as a possible OAuth
*/
var twitterkeys = require('./twitterkeys');
var oa = new OAuth(
"https://api.twitter.com/oauth/request_token",
"https://api.twitter.com/oauth/access_token",
twitterkeys.consumerKey,
twitterkeys.consumerSecret,
"1.0",
"https://ifield.fieldlinguist.com/auth/twitter/callback",
"HMAC-SHA1"
);
var httpsOptions ={
key: fs.readFileSync('ifield.key'),
cert: fs.readFileSync('ifield.crt')};
var app = express.createServer(httpsOptions);
return function (req, res, next) {
var oauth = new OAuth('https://vimeo.com/oauth/request_token',
'https://vimeo.com/oauth/access_token',
config.services.vimeo.clientId,
config.services.vimeo.clientSecret,
'1.0',
null,
'HMAC-SHA1');
var requestToken = req.query.oauth_token;
var verifier = req.query.oauth_verifier;
users.findByRequestToken('vimeoRequestToken', requestToken, userFound);
function userFound (err, user) {
if (err) {
return next(err);
}
function consumer () {
return new oauth.OAuth(
_apiHost + "/oauth/request_token", _apiSecureHost + "/oauth/access_token",
_twitterConsumerKey, _twitterConsumerSecret, "1.0A", _host + _callbackPath, "HMAC-SHA1");
}