or run

tessl search
Log in

Version

Files

evals

scenario-8

rubric.jsontask.md
tile.json

task.mdevals/scenario-8/

OAuth API Request Signer

Build a simple utility that signs API requests using OAuth 1.0a with HMAC-SHA256 signature method for secure authentication.

Requirements

You need to implement a request signing utility that:

  1. Takes HTTP method, URL, request parameters, and OAuth credentials as input
  2. Generates a valid OAuth 1.0a signature using the HMAC-SHA256 algorithm
  3. Returns the generated signature string

The utility should handle:

  • Different HTTP methods (GET, POST, PUT, DELETE)
  • Request parameters that need to be included in the signature
  • OAuth consumer secret and token secret for signature generation

Input Format

Your function should accept:

  • httpMethod: String representing the HTTP method (e.g., "GET", "POST")
  • url: String representing the base URL (without query parameters)
  • params: Object containing request parameters (including OAuth parameters)
  • consumerSecret: String containing the OAuth consumer secret
  • tokenSecret: String containing the OAuth token secret (optional, can be empty string)

Output Format

Return the base64-encoded HMAC-SHA256 signature as a string.

Test Cases

  • It signs a GET request with OAuth parameters using HMAC-SHA256 @test
  • It signs a POST request with both OAuth and application parameters @test
  • It handles requests with empty token secret @test

@generates

API

/**
 * Signs an OAuth request using HMAC-SHA256 signature method.
 *
 * @param {string} httpMethod - The HTTP method (GET, POST, etc.)
 * @param {string} url - The base URL without query parameters
 * @param {Object} params - Request parameters including OAuth parameters
 * @param {string} consumerSecret - OAuth consumer secret
 * @param {string} tokenSecret - OAuth token secret (can be empty string)
 * @returns {string} Base64-encoded HMAC-SHA256 signature
 */
function signRequest(httpMethod, url, params, consumerSecret, tokenSecret) {
  // Implementation here
}

module.exports = { signRequest };

Dependencies { .dependencies }

oauth-sign { .dependency }

Provides OAuth 1.0a signature generation with HMAC-SHA256 support.