docs
evals
scenario-1
scenario-10
scenario-2
scenario-3
scenario-4
scenario-5
scenario-6
scenario-7
scenario-8
scenario-9
Build a flexible OAuth request authenticator that can sign HTTP requests using different signature methods based on runtime configuration.
Your authenticator should support multiple authentication scenarios:
The system should handle various OAuth providers that may require different signature algorithms (HMAC-SHA1, HMAC-SHA256, RSA-SHA1, or PLAINTEXT).
Create a function signRequest(config) that accepts a configuration object and returns the appropriate OAuth signature. The configuration includes:
method: HTTP method (e.g., 'GET', 'POST')url: Request URLparams: Request parameters as an objectconsumerSecret: OAuth consumer secrettokenSecret: OAuth token secret (optional, use empty string if not provided)signatureMethod: The signature method to use ('HMAC-SHA1', 'HMAC-SHA256', 'RSA-SHA1', or 'PLAINTEXT')For RSA-SHA1, the configuration will include privateKey instead of consumerSecret.
Create a function encodeParameter(str) that properly encodes strings for OAuth signature generation according to RFC 3986 specifications.
Create a function createProviderAuthenticator(providerConfig) that returns a specialized signing function for a specific OAuth provider. The provider config includes:
signatureMethod: The default signature method for this providerconsumerSecret: The consumer secret (or privateKey for RSA)tokenSecret: The token secret (optional)The returned function should accept (method, url, params) and return the signature using the provider's configured settings.
When signRequest is called with HMAC-SHA1 method for a POST request to 'http://example.com/api' with params {foo: 'bar'}, consumer secret 'secret1', and token secret 'secret2', it returns a base64-encoded string signature @test
When encodeParameter is called with the string 'Hello World!', it returns 'Hello%20World%21' @test
When createProviderAuthenticator is called with config {signatureMethod: 'HMAC-SHA256', consumerSecret: 'cs1', tokenSecret: 'ts1'} and the returned function is called with method 'GET', url 'http://api.provider.com/data', and params {id: '123'}, it returns a base64-encoded string signature @test
When signRequest is called with PLAINTEXT method, consumer secret 'secret1', and token secret 'secret2', it returns 'secret1&secret2' (both secrets properly encoded and concatenated) @test
/**
* Signs an OAuth request based on the provided configuration
*
* @param {Object} config - Configuration object
* @param {string} config.method - HTTP method
* @param {string} config.url - Request URL
* @param {Object} config.params - Request parameters
* @param {string} config.consumerSecret - Consumer secret (not used for RSA-SHA1)
* @param {string} config.tokenSecret - Token secret (optional, defaults to empty string)
* @param {string} config.signatureMethod - Signature method ('HMAC-SHA1', 'HMAC-SHA256', 'RSA-SHA1', 'PLAINTEXT')
* @param {string} [config.privateKey] - RSA private key (required for RSA-SHA1)
* @returns {string} The OAuth signature
*/
function signRequest(config) {
// Implementation
}
/**
* Encodes a string according to RFC 3986 for OAuth
*
* @param {string} str - String to encode
* @returns {string} RFC 3986 encoded string
*/
function encodeParameter(str) {
// Implementation
}
/**
* Creates a provider-specific authenticator function
*
* @param {Object} providerConfig - Provider configuration
* @param {string} providerConfig.signatureMethod - Default signature method
* @param {string} providerConfig.consumerSecret - Consumer secret
* @param {string} [providerConfig.tokenSecret] - Token secret (optional)
* @param {string} [providerConfig.privateKey] - RSA private key (for RSA-SHA1)
* @returns {Function} Authenticator function (method, url, params) => signature
*/
function createProviderAuthenticator(providerConfig) {
// Implementation
}
module.exports = {
signRequest,
encodeParameter,
createProviderAuthenticator
};Provides OAuth 1.0 signature generation capabilities