The north Reference Manual

Table of Contents

Next: , Previous: , Up: (dir)   [Contents][Index]

The north Reference Manual

This is the north Reference Manual, version 1.0.0, generated automatically by Declt version 2.3 "Robert April" on Tue Feb 20 09:07:34 2018 GMT+0.


Next: , Previous: , Up: Top   [Contents][Index]

1 Introduction

About North

North is a library that implements the OAuth 1.0a consumer and provider protocols. It allows you to connect to an OAuth provider and request its resources, or to build your own OAuth provider.

How To: Client

If you want to connect to an OAuth provider, simply instantiate a client and pass it the required parameters. Following the Twitter requirements and using the tokens from Chirp, we end up with this:

(defvar *client*
  (make-instance
   'north:client
   :key "D1pMCK17gI10bQ6orBPS0w"
   :secret "BfkvKNRRMoBPkEtDYAAOPW4s2G9U8Z7u3KAf0dBUA"
   :request-token-uri "https://api.twitter.com/oauth/request_token"
   :authorize-uri "https://api.twitter.com/oauth/authorize"
   :access-token-uri "https://api.twitter.com/oauth/access_token"))

Next we start the authentication process:

(north:initiate-authentication *client*)

Visit the returned URL and enter the verification code:

(north:complete-authentication *client* ".....")

And finally we can access some resources:

(ql:quickload :cl-json)
(defmacro with-json-decoding (() &body body)
  `(let ((drakma:*text-content-types* (list* '("application" . "json") drakma:*text-content-types*)))
     (cl-json:decode-json-from-string
      (progn ,@body))))

(with-json-decoding ()
  (north:make-signed-request *client* "https://api.twitter.com/1.1/account/verify_credentials.json" :get
                             :params '(("include_entities" . "true"))))

(with-json-decoding ()
  (north:make-signed-request *client* "https://api.twitter.com/1.1/statuses/update.json" :post
                             :params '(("status" . "North and South, no matter where I look there's parens."))))

We can also post some data:

(with-json-decoding ()
  (north:make-signed-data-request *client* "https://api.twitter.com/1.1/statuses/update_with_media.json"
                                  `(("media[]" . #p"~/sweet-bear.jpg"))
                                  :params '(("status" . "Check out this sweet bear!"))))

In order to keep the access token and secret so you can resume your session without repeatedly logging in every time, you can serialise the client with make-load-form.

How To: Server

In order to provide a server you need to have a way of persisting two main pieces of information: applications, and sessions. The minimal amount of information necessary for an application is its key and secret. You most likely want to add additional information such as a name, icon, and description so that they can be displayed to the user when they authorise a consumer. A session needs to store quite a few pieces more: a token, token-secret, verifier token, callback, the application key, and the access rights. Default classes to contain all this information are provided through application and session.

However, the persistence and bookkeeping of these objects is still up to your server implementations. To do this, you should subclass server and implement methods for make-application, make-session, application, session, rehash-session, revoke-application, revoke-session, record-nonce, and find-nonce. What exactly these functions should accomplish is described in their docstrings and should be fairly obvious.

Once that is done, what's left to do is create a webservice with at least three endpoints. One for the request token, one for the authorization page, and one for the access token.

General Behaviour for All Endpoints

For each endpoint there exists a corresponding function to call, which will return a number of values that should be returned to the user. You can use alist->oauth-response to construct a properly formatted response body. The objects that you need to pass to these calls are your server instance and a request instance that encapsulates the data that the server received with the request.

Each endpoint function performs certain checks against the request and in case of problems signals an error. Your server should intercept these and act as follows: if the error is a parameter-error, the HTTP response code should be 400, and if the error is a verification-error, it should be 401. Any other error is up to you. You may display information about the error in the response body, but the exact formatting thereof is up to you as well. It is however a good idea to output the same data format as your other endpoints would, aside from the oauth specific ones.

The Request Token Endpoint

The request token endpoint should call oauth/request-token and return the values as oauth_token, oauth_token_secret, and oauth_callback_confirmed respectively.

The Authorize Endpoint

The authorize page is special in the sense that it is not called with an oauth signed request. Instead the user calls it through a browser and the only thing it receives is the request token. The provider must then first authenticate the user and after having done so, display a page to the user that shows information about the application that they're connecting through and give them the option to either allow the application access or deny it.

If the user selects allow, oauth/authorize should be called. If it returns a third value, the server should cause the user to be redirected to that URL. If not, the server should display a page that shows the second value, which is the verification token. The user must then copy this value into the consumer.

If the user selects deny, the provider must not necessarily do anything except ensure that the session is revoked and thus prevent the consumer from gaining access. It is not required to notify the consumer of this in any way.

The Access Token Endpoint

The access token endpoint should call oauth/access-token and return the values as oauth_token, and oauth_token_secret respectively.

Protected Resource Endpoint

Any such endpoint should call oauth/verify. This function returns nothing useful and only performs checks that if failed result in an error being signalled as usual. You may additionally want to check the session for permissions to access the specific endpoint if such a distinction exists. However, such additional functionality is up to you to design.

An Example Server / Client Setup

See the north-example system for a primitive, simple setup of a provider and consumer.

OAuth Overview

OAuth is supposed to provide a relatively convenient standardised way to authenticate a user against a service (provider), and then allow the application (consumer) to access resources on the user's behalf. Key to this are two parts, the signing process, and the actual authorisation process itself.

The Authorisation Process

Before an OAuth consumer can access any resources, it needs to obtain an access token. The path to this token happens in three distinct steps, during which several pieces of information need to be remembered and modified on both the consumer and provider's sides.

Step 0: Generating an Application

Unfortunately this is already where things begin to become awkward with the OAuth specification. The spec conflates what is essentially an application with the consumer. In order to improve clarity, North makes a distinction here. An application is a server-side instance that identifies a range of consumers. A consumer is a specific instance of a program that would like to connect to a provider through an application.

Whatever the case may be, before you can connect at all, you need to have access to an application key and secret. These two pieces are vital in the signing and requesting process. In North, this can be done through make-application. Once you have an application, you can get its key and secret.

Step 1: Requesting a Request Token

Now we actually start exchanging things with the provider as a consumer. To do this we send a signed request to the server's request-token endpoint. The request is signed using our application's secret, and we pass along the application's key as an OAuth parameter. Additionally we must give the provider a callback parameter that tells it what to do in the next step.

The provider then verifies our signature, and if it thinks everything is proper, then it sends back a body containing a request token and request secret. From here on out our requests will need to contain the token as an OAuth parameter and be signed with the request secret along with the application secret.

Step 2: The User Authorises the Consumer

The next step has to be done by the user themselves, such that granting access is always done through explicit consent. To do this, the consumer constructs an URL to the provider's authorize endpoint with the request token added as a GET parameter. The user then has to visit this URL.

Once on the page, the user should be confronted with a confirmation dialog, potentially also displaying all the things the consumer could get access to, if authorised. If the user accepts, the server generates a verifier token, which is then passed back to the consumer. This happens either automatically through a redirect, if the callback was a valid URL, or through the user manually, if the callback was the string "oob". In the latter case, the verifier is displayed to the user on the website, and they have to copy it into the consumer.

Step 3: Requesting an Access Token

The final step is to exchange the request token with an access token, using the verifier that was obtained in the previous section. To do this, a fully signed request is made to the provider's access-token endpoint, which verifies the request and verifier, rehashes the consumer's token, and upgrades its access. It then returns the newly generated access token and secret that will henceforth be used to sign requests.

Step 4: Accessing Resources

Now that we have an access token, we can start requesting whatever resources we were permitted to. A provider may for example offer several kinds of access tokens with varying ranges of permissions. The request endpoints are of course the provider's own decision. The only thing that OAuth specifies henceforth is that the request must be fully signed.

Error Handling

Now, you may notice in all this that there's no specification on how to handle errors. And you're right. The only thing OAuth says is that missing/duplicate parameters must result in an HTTP return code of 400, and an invalid signature must result in a return code of 401. Everything else, what specifically went wrong, how to fix it, or any other thing that might be useful is unspecified. Some providers do give some error information, but the format in which the error is presented is up to them.

As such, North makes no assumptions whatsoever about how to parse the body contents on an error. You will, unfortunately, have to deal with that on your own. To do this, handle the request-failed error and parse the body of it.

The Signing Process

Now comes the hard part. The actual signing process is unbelievably convoluted and incredibly easy to mess up. Let's start simple.

The Authorization Header

A signed request must contain an "Authorization" header, which must begin with the string "OAuth ". Following it are a series of oauth parameters. Each key/value pair is separated by a comma and a space, each key is separated from the value by an equals sign, and each value is surrounded by double-quotes. Each key and value must also be url-encoded. Keep in mind here that in order to transmit the request, this header is again url-encoded.

The OAuth Parameters

For each request a certain set of OAuth parameters must be present. Every request must have the oauth_consumer_key, oauth_signature_method, oauth_signature, oauth_timestamp, and oauth_nonce. Additional parameters are oauth_callback, oauth_token, and oauth_verifier, and whatever else the provider may want to require. These parameters must be ordered lexicographically by their keys and in case of duplicate keys by their values.

The oauth_consumer_key is the application key that we obtained in step 0. The oauth_timestamp must be an integer representing the unix-time when the request was formed. The oauth_nonce must be a unique string for each timestamp, but must not necessarily be globally unique.

The OAuth Signature

The final piece is the signature itself. The signature is created using a signing method (oauth_signature_method) over a signature base string, using a signature key.

The signature key is simply the application secret, appended with an &, appended with the token secret, if we have one.

The signature base string is constructed by the uppercase representation of the request method (POST/GET) followed by an &, followed by the url-encoded, normalised url, followed by an &, followed by the url-encoded, concatenated parameters.

Normalising the URL

The URL must be normalised such that the schema is in all lowercase and the port is omitted if it is 80 and the schema is http, or if it is 443 and the schema is https.

Concatenating the Parameters

The parameters here are all of the parameters. Namely the oauth parameters (except the signature itself), the get parameters, and the post parameters. The parameters must again be sorted as before, but now they are concatenated differently. Namely each pair is separated by an ampersand, the key is separated from the value by an equals sign, and both keys and values must be url-encoded. Note that unlike before, values must not be surrounded by double-quotes.

Signing the Token

Potentially any signature method you might want is supported. The provider can request whatever they want. North implements the plaintext, hmac-sha1, and cmac-aes methods suggested by the spec. See the relevant hashing methods for information on how they work.

A Reminder, Just For Fun

The request is sent, url-encoded. The authorization header has url-encoded parameter values. One of those is the signature, which was constructed from a base string that has an url-encoded url part, and an url-encoded parameter part. The parameter part has url-encoded parameter values. Url-encode!


Next: , Previous: , Up: Top   [Contents][Index]

2 Systems

The main system appears first, followed by any subsystem dependency.


Next: , Previous: , Up: Systems   [Contents][Index]

2.1 north

Maintainer

Nicolas Hafner <shinmera@tymoon.eu>

Author

Nicolas Hafner <shinmera@tymoon.eu>

Home Page

https://github.com/Shinmera/north

License

Artistic

Description

oAuth 1.0a server and client implementation, the successor to South.

Version

1.0.0

Dependency

north-drakma (system)

Source

north.asd (file)


Next: , Previous: , Up: Systems   [Contents][Index]

2.2 north-drakma

Maintainer

Nicolas Hafner <shinmera@tymoon.eu>

Author

Nicolas Hafner <shinmera@tymoon.eu>

Home Page

https://github.com/Shinmera/north

License

Artistic

Description

Drakma backend for North

Version

1.0.0

Dependencies
Source

north-drakma.asd (file)

Component

drakma.lisp (file)


Previous: , Up: Systems   [Contents][Index]

2.3 north-core

Maintainer

Nicolas Hafner <shinmera@tymoon.eu>

Author

Nicolas Hafner <shinmera@tymoon.eu>

Home Page

https://github.com/Shinmera/north

License

Artistic

Description

Core functionality of North, excluding the HTTP backend.

Version

1.0.0

Dependencies
Source

north-core.asd (file)

Components

Next: , Previous: , Up: Top   [Contents][Index]

3 Files

Files are sorted by type and then listed depth-first from the systems components trees.


Previous: , Up: Files   [Contents][Index]

3.1 Lisp


Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.1 north.asd

Location

north.asd

Systems

north (system)


Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.2 north-drakma.asd

Location

north-drakma.asd

Systems

north-drakma (system)


Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.3 north-core.asd

Location

north-core.asd

Systems

north-core (system)


Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.4 north-drakma/drakma.lisp

Parent

north-drakma (system)

Location

drakma.lisp

Exported Definitions

call (method)


Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.5 north-core/package.lisp

Parent

north-core (system)

Location

package.lisp

Packages

north


Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.6 north-core/toolkit.lisp

Dependency

package.lisp (file)

Parent

north-core (system)

Location

toolkit.lisp

Exported Definitions
Internal Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.7 north-core/conditions.lisp

Dependency

toolkit.lisp (file)

Parent

north-core (system)

Location

conditions.lisp

Exported Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.8 north-core/request.lisp

Dependency

conditions.lisp (file)

Parent

north-core (system)

Location

request.lisp

Exported Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.9 north-core/server.lisp

Dependency

request.lisp (file)

Parent

north-core (system)

Location

server.lisp

Exported Definitions
Internal Definitions

Next: , Previous: , Up: Lisp files   [Contents][Index]

3.1.10 north-core/client.lisp

Dependency

server.lisp (file)

Parent

north-core (system)

Location

client.lisp

Exported Definitions

Previous: , Up: Lisp files   [Contents][Index]

3.1.11 north-core/documentation.lisp

Dependency

client.lisp (file)

Parent

north-core (system)

Location

documentation.lisp


Next: , Previous: , Up: Top   [Contents][Index]

4 Packages

Packages are listed by definition order.


Previous: , Up: Packages   [Contents][Index]

4.1 north

Source

package.lisp (file)

Nickname

org.shirakumo.north

Use List

common-lisp

Exported Definitions
Internal Definitions

Next: , Previous: , Up: Top   [Contents][Index]

5 Definitions

Definitions are sorted by export status, category, package, and then by lexicographic order.


Next: , Previous: , Up: Definitions   [Contents][Index]

5.1 Exported definitions


Next: , Previous: , Up: Exported definitions   [Contents][Index]

5.1.1 Special variables

Special Variable: *external-format*

The external format to use to url-en/decode and execute requests. Defaults to :UTF-8

Package

north

Source

toolkit.lisp (file)


Next: , Previous: , Up: Exported definitions   [Contents][Index]

5.1.2 Functions

Function: alist->oauth-response ALIST

Concatenates an alist into an oauth response body.

See CONCAT-PARAMS.

Package

north

Source

toolkit.lisp (file)

Function: concat-params PARAMS &key QUOTE DELIM

Concatenate the given alist into a single parameter string.

This intermits an equal sign between key and value, and DELIM between each pair. If QUOTE is non-NIL, the values are surrounded by #\".

Package

north

Source

toolkit.lisp (file)

Function: create-signature CONSUMER-SECRET TOKEN-SECRET METHOD URL OAUTH-PARAMS &optional PARAMS

Create an oAuth signature for the given parameters.

This does not include the oauth_signature parameters if it is passed in OAUTH-PARAMS. Calls SIGN using the oauth_signature_method oauth param, a normalized token from the OAUTH-PARAMS and GET-PARAMS, and the given CONSUMER-SECRET and TOKEN-SECRET.

See SIGN
See NORMALIZE-TOKEN

Package

north

Source

toolkit.lisp (file)

Function: destructure-oauth-header HEADER

Destructures an Authorization header into its oauth parameters.

Returns an alist of all the parameters with their associated values. If the header is malformed, an error is signalled.

Package

north

Source

toolkit.lisp (file)

Function: make-nonce ()

Creates a default nonce by turning a V4 UUID into a string.

Package

north

Source

toolkit.lisp (file)

Function: make-request URL METHOD &key PARAMS HEADERS OAUTH

Shorthand function to construct a request object.

Package

north

Source

request.lisp (file)

Function: make-timestamp ()

Creates a default timestamp by turning a unix timestamp into a string.

Package

north

Source

toolkit.lisp (file)

Function: normalize-url URL

Normalises the URL to avoid ambiguity.

In specific, it downcases the scheme, removes leading slashes from the path, and omits the 80 port if the scheme is HTTP, and the 443 port if the scheme is HTTPS.

Package

north

Source

toolkit.lisp (file)

Function: oauth-response->alist BODY

Splits the body into an alist of keys and values.

Package

north

Source

toolkit.lisp (file)

Function: pget KEY ALIST

Easy accessor for alists.

Checks keys STRING-EQUALly and returns the value directly, if found. SETF-able. If a key is set that does not occur in the alist, a new entry is PUSHed, otherwise the existing one is modified. The key is coerced using ALIST-KEY

See ALIST-KEY

Package

north

Source

toolkit.lisp (file)

Setf Expander

(setf pget) (setf expander)

Setf Expander: (setf pget) KEY ALIST
Package

north

Source

toolkit.lisp (file)

Reader

pget (function)

Function: sort-params PARAMS

Creates a fresh list in which the parameters are sorted.

See PARAM<

Package

north

Source

toolkit.lisp (file)

Function: url-decode STRING &optional EXTERNAL-FORMAT

Decode the string into plain text format.

See *EXTERNAL-FORMAT*

Package

north

Source

toolkit.lisp (file)

Function: url-encode THING &optional EXTERNAL-FORMAT

Encode the string into url-encoded format as required by the oAuth spec.

Namely all characters except [0-9], [a-z], [A-Z], and [-._~] are encoded.

See *EXTERNAL-FORMAT*

Package

north

Source

toolkit.lisp (file)


Next: , Previous: , Up: Exported definitions   [Contents][Index]

5.1.3 Generic functions

Generic Function: access OBJECT

Accessor to what kind of access the session has. Should initially be :request, and is set to :access once the handshake has completed.

See SESSION

Package

north

Writer

(setf access) (generic function)

Methods
Method: access (SESSION session)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf access) NEW-VALUE OBJECT
Package

north

Reader

access (generic function)

Methods
Method: (setf access) NEW-VALUE (SESSION session)

automatically generated writer method

Source

server.lisp (file)

Generic Function: access-token-uri OBJECT

Accesses the oauth/access-token uri, the third endpoint for the oAuth process.

Package

north

Writer

(setf access-token-uri) (generic function)

Methods
Method: access-token-uri (CLIENT client)

automatically generated reader method

Source

client.lisp (file)

Generic Function: (setf access-token-uri) NEW-VALUE OBJECT
Package

north

Reader

access-token-uri (generic function)

Methods
Method: (setf access-token-uri) NEW-VALUE (CLIENT client)

automatically generated writer method

Source

client.lisp (file)

Generic Function: application SERVER APPLICATION-KEY

Returns the application object associated with the given key on the server, if any.

See SERVER
See APPLICATION

Package

north

Source

server.lisp (file)

Methods
Method: application (SERVER simple-server) APPLICATION-KEY
Generic Function: applications OBJECT

Accessor to the hash table of key -> application in the server.

See SIMPLE-SERVER

Package

north

Writer

(setf applications) (generic function)

Methods
Method: applications (SIMPLE-SERVER simple-server)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf applications) NEW-VALUE OBJECT
Package

north

Reader

applications (generic function)

Methods
Method: (setf applications) NEW-VALUE (SIMPLE-SERVER simple-server)

automatically generated writer method

Source

server.lisp (file)

Generic Function: authorize-uri OBJECT

Accesses the oauth/authorize uri, the second endpoint for the oAuth process.

Package

north

Writer

(setf authorize-uri) (generic function)

Methods
Method: authorize-uri (CLIENT client)

automatically generated reader method

Source

client.lisp (file)

Generic Function: (setf authorize-uri) NEW-VALUE OBJECT
Package

north

Reader

authorize-uri (generic function)

Methods
Method: (setf authorize-uri) NEW-VALUE (CLIENT client)

automatically generated writer method

Source

client.lisp (file)

Generic Function: body CONDITION

The returned http body of the failed request. This may be an octet-vector if the content type is not known to drakma.

See REQUEST-FAILED
See DRAKMA:*TEXT-CONTENT-TYPES*

Package

north

Methods
Method: body (CONDITION request-failed)
Source

conditions.lisp (file)

Generic Function: call REQUEST &rest ARGS

Executes the given request object.

If the http status code returned is 200, the response body is returned. Otherwise, an error of type REQUEST-FAILED is signalled. Note that the allowed extra arguments are dependant on the backend being used. The one parameter that must be universally recognised is the :FORM-DATA boolean, designating whether the parameters contain form data to be sent over the request such as files.

See REQUEST
See REQUEST-FAILED

Package

north

Source

client.lisp (file)

Methods
Method: call (REQUEST request) &rest DRAKMA-ARGS
Source

drakma.lisp (file)

Generic Function: call-signed REQUEST CONSUMER-SECRET &optional TOKEN-SECRET &rest ARGS

Execute the given request object after signing it.

See REQUEST
See CALL
See MAKE-AUTHORIZED
See MAKE-SIGNED

Package

north

Source

client.lisp (file)

Methods
Method: call-signed (REQUEST request) CONSUMER-SECRET &optional TOKEN-SECRET &rest ARGS
Generic Function: callback OBJECT

Accesses the callback to which the oauth/authorize step should redirect. If it should not redirect, the callback must be exactly the string "oob".

Package

north

Writer

(setf callback) (generic function)

Methods
Method: callback (CLIENT client)

automatically generated reader method

Source

client.lisp (file)

Method: callback (SESSION session)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf callback) NEW-VALUE OBJECT
Package

north

Reader

callback (generic function)

Methods
Method: (setf callback) NEW-VALUE (CLIENT client)

automatically generated writer method

Source

client.lisp (file)

Method: (setf callback) NEW-VALUE (SESSION session)

automatically generated writer method

Source

server.lisp (file)

Generic Function: complete-authentication CLIENT VERIFIER &optional TOKEN

Complete the authentication process for the client.

This performs an oauth/access-token request.
This operation modifies the TOKEN and TOKEN-SECRET fields of the client.
When the client has a VERIFY-URI given, an additional oauth/verify request is made to test whether the full process was complete.

See CLIENT
See MAKE-SIGNED-REQUEST

Package

north

Source

client.lisp (file)

Methods
Method: complete-authentication (CLIENT client) VERIFIER &optional TOKEN
Generic Function: find-nonce SERVER TIMESTAMP NONCE

If the given nonce was used before on the given timestamp, return non-NIL.

Package

north

Source

server.lisp (file)

Methods
Method: find-nonce (SERVER simple-server) (TIMESTAMP integer) (NONCE string)
Method: find-nonce (SERVER server) (TIMESTAMP string) NONCE
Generic Function: headers CONDITION

Accesses the HTTP headers of the request.

Package

north

Writer

(setf headers) (generic function)

Methods
Method: headers (REQUEST request)

automatically generated reader method

Source

request.lisp (file)

Method: headers (CONDITION request-failed)
Source

conditions.lisp (file)

Generic Function: (setf headers) NEW-VALUE OBJECT
Package

north

Reader

headers (generic function)

Methods
Method: (setf headers) NEW-VALUE (REQUEST request)

automatically generated writer method

Source

request.lisp (file)

Generic Function: http-method OBJECT

Accesses the HTTP-METHOD (GET/POST) of the request.

Package

north

Writer

(setf http-method) (generic function)

Methods
Method: http-method (REQUEST request)

automatically generated reader method

Source

request.lisp (file)

Generic Function: (setf http-method) NEW-VALUE OBJECT
Package

north

Reader

http-method (generic function)

Methods
Method: (setf http-method) NEW-VALUE (REQUEST request)

automatically generated writer method

Source

request.lisp (file)

Generic Function: initiate-authentication CLIENT

Start the authentication process for the client.

This performs an oauth/request-token request and constructs the proper oauth/authorize URL for the user to visit. This address is returned.
If the provider did not confirm the callback, an error of type CALLBACK-UNCONFIRMED is signalled.
This operation modifies the TOKEN and TOKEN-SECRET fields of the client.

See CLIENT
See MAKE-SIGNED-REQUEST

Package

north

Source

client.lisp (file)

Methods
Method: initiate-authentication (CLIENT client)
Generic Function: key OBJECT

Accesses the application key.

Package

north

Writer

(setf key) (generic function)

Methods
Method: key (CLIENT client)

automatically generated reader method

Source

client.lisp (file)

Method: key (APPLICATION application)

automatically generated reader method

Source

server.lisp (file)

Method: key (SESSION session)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf key) NEW-VALUE OBJECT
Package

north

Reader

key (generic function)

Methods
Method: (setf key) NEW-VALUE (CLIENT client)

automatically generated writer method

Source

client.lisp (file)

Method: (setf key) NEW-VALUE (APPLICATION application)

automatically generated writer method

Source

server.lisp (file)

Method: (setf key) NEW-VALUE (SESSION session)

automatically generated writer method

Source

server.lisp (file)

Generic Function: make-application SERVER &key NAME &allow-other-keys

Creates and adds a new application object to the server.

Additionally supported keyword arguments are used as initargs for the application instance. Which application class is used depends on the server.

See SERVER
See APPLICATION

Package

north

Source

server.lisp (file)

Methods
Method: make-application (SERVER simple-server) &key NAME
Generic Function: make-authorized REQUEST

Modifies the request to add the authorization header using the oauth parameters.

If the oauth_signature parameter is missing, an error is signalled.
Returns the request.

See REQUEST

Package

north

Source

request.lisp (file)

Methods
Method: make-authorized (REQUEST request)
Generic Function: make-session SERVER APPLICATION CALLBACK &key ACCESS &allow-other-keys

Creates and adds a new session object to the server.

Additionally supported keyword arguments are used as initargs for the session instance. Which session class is used depends on the server.

See SERVER
See SESSION

Package

north

Source

server.lisp (file)

Methods
Method: make-session (SERVER simple-server) (APPLICATION application) CALLBACK &key ACCESS
Method: make-session (SERVER server) (APPLICATION-KEY string) CALLBACK &rest ARGS
Generic Function: make-signed REQUEST CONSUMER-SECRET &optional TOKEN-SECRET

Modifies the request to add a signature to the oauth parameters.

This will also modify the oauth parameters list to remove duplicates or empty values. Returns the request.

See REQUEST
See CREATE-SIGNATURE

Package

north

Source

request.lisp (file)

Methods
Method: make-signed (REQUEST request) CONSUMER-SECRET &optional TOKEN-SECRET
Generic Function: make-signed-data-request CLIENT URL DATA &key PARAMS HEADERS OAUTH

Construct and execute a signed request to send data payloads.

Each data value can be either a pathname or an octet-vector.
Returns the result of the request execution as the first value and the constructed request object itself as the second.

See CLIENT
See REQUEST
See CALL-SIGNED

Package

north

Source

client.lisp (file)

Methods
Method: make-signed-data-request (CLIENT client) URL DATA &key PARAMS HEADERS OAUTH
Generic Function: make-signed-request CLIENT URL METHOD &key PARAMS HEADERS OAUTH

Construct and execute a signed request for the given client.

Returns the result of the request execution as the first value and the constructed request object itself as the second.

See CLIENT
See REQUEST
See CALL-SIGNED

Package

north

Source

client.lisp (file)

Methods
Method: make-signed-request (CLIENT client) URL METHOD &key PARAMS HEADERS OAUTH
Generic Function: name OBJECT

Accessor to the name of the application.

See APPLICATION

Package

north

Writer

(setf name) (generic function)

Methods
Method: name (APPLICATION application)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf name) NEW-VALUE OBJECT
Package

north

Reader

name (generic function)

Methods
Method: (setf name) NEW-VALUE (APPLICATION application)

automatically generated writer method

Source

server.lisp (file)

Generic Function: nonces OBJECT

Accessor to the hash table of timestamp -> nonce-list in the server.

See SIMPLE-SERVER

Package

north

Writer

(setf nonces) (generic function)

Methods
Method: nonces (SIMPLE-SERVER simple-server)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf nonces) NEW-VALUE OBJECT
Package

north

Reader

nonces (generic function)

Methods
Method: (setf nonces) NEW-VALUE (SIMPLE-SERVER simple-server)

automatically generated writer method

Source

server.lisp (file)

Generic Function: oauth OBJECT

Accesses the pure oauth parameters of the request.

Package

north

Writer

(setf oauth) (generic function)

Methods
Method: oauth (REQUEST request)

automatically generated reader method

Source

request.lisp (file)

Generic Function: (setf oauth) NEW-VALUE OBJECT
Package

north

Reader

oauth (generic function)

Methods
Method: (setf oauth) NEW-VALUE (REQUEST request)

automatically generated writer method

Source

request.lisp (file)

Generic Function: oauth/access-token SERVER REQUEST

Perform the oauth/access-token step of the process.

This verifies the request and if successful, upgrades its access to full. It will also invalidate the session’s verifier and rehash it.

Returns two values:
TOKEN — The newly generated access token.
TOKEN-SECRET — The newly generated access token secret.

Signals a PARAMETER-ERROR or VERIFICATION-ERROR on an invalid request.

See SERVER
See VERIFIER
See REHASH-SESSION
See TOKEN
See TOKEN-SECRET

Package

north

Source

server.lisp (file)

Methods
Method: oauth/access-token (SERVER server) (REQUEST request)
Generic Function: oauth/authorize SERVER REQUEST

Perform the oauth/authorize step of the process.

This verifies the request and returns three values:
TOKEN — The current request token.
VERIFIER — The (possibly newly generated) verifier for the next step. URL — The callback URL to redirect to if the callback is not "oob". If the callback is indeed "oob", NIL is returned for this.

Signals a VERIFICATION-ERROR on an invalid request.

See SERVER
See TOKEN
See VERIFIER
See CALLBACK

Package

north

Source

server.lisp (file)

Methods
Method: oauth/authorize (SERVER server) (REQUEST request)
Generic Function: oauth/request-token SERVER REQUEST

Perform the oauth/request-token step of the process.

This creates a new session object and returns three values:
TOKEN — The newly generated request token.
TOKEN-SECRET — The newly generated request token secret. CALLBACK-CONFIRMED — Whether the callback has been confirmed. According to the spec, this should always be T.

Signals a PARAMETER-ERROR or VERIFICATION-ERROR on an invalid request.

See SERVER
See MAKE-SESSION
See TOKEN
See TOKEN-SECRET

Package

north

Source

server.lisp (file)

Methods
Method: oauth/request-token (SERVER server) (REQUEST request)
Generic Function: oauth/verify SERVER REQUEST

Standard endpoint to use on any protected resource.

This verifies the request and makes sure it uses a valid access token. Returns T on success.

Signals a PARAMETER-ERROR or VERIFICATION-ERROR on an invalid request.

Package

north

Source

server.lisp (file)

Methods
Method: oauth/verify (SERVER server) (REQUEST request)
Generic Function: parameters CONDITION

Accesses the parameters of the request.

Package

north

Writer

(setf parameters) (generic function)

Methods
Method: parameters (REQUEST request)

automatically generated reader method

Source

request.lisp (file)

Method: parameters (CONDITION parameters-missing)
Source

conditions.lisp (file)

Generic Function: (setf parameters) NEW-VALUE OBJECT
Package

north

Reader

parameters (generic function)

Methods
Method: (setf parameters) NEW-VALUE (REQUEST request)

automatically generated writer method

Source

request.lisp (file)

Generic Function: record-nonce SERVER TIMESTAMP NONCE

Remember the given nonce for the used timestamp.

Package

north

Source

server.lisp (file)

Methods
Method: record-nonce (SERVER simple-server) TIMESTAMP NONCE
Generic Function: rehash-session SERVER SESSION

Updates the session object to use a new token and token-secret.

The server must ensure that the session will no longer be accessible through SESSION using the old token, but will be accessible through the newly generated token.

See SERVER
See SESSION

Package

north

Source

server.lisp (file)

Methods
Method: rehash-session (SERVER simple-server) (SESSION session)
Method: rehash-session (SERVER server) (STRING string)
Generic Function: request CONDITION

The request object that the error occurred on.

See NORTH-CONDITION

Package

north

Methods
Method: request (CONDITION north-condition)
Source

conditions.lisp (file)

Generic Function: request-token-uri OBJECT

Accesses the oauth/request-token uri, the first endpoint for the oAuth process.

Package

north

Writer

(setf request-token-uri) (generic function)

Methods
Method: request-token-uri (CLIENT client)

automatically generated reader method

Source

client.lisp (file)

Generic Function: (setf request-token-uri) NEW-VALUE OBJECT
Package

north

Reader

request-token-uri (generic function)

Methods
Method: (setf request-token-uri) NEW-VALUE (CLIENT client)

automatically generated writer method

Source

client.lisp (file)

Generic Function: revoke-application SERVER APPLICATION-KEY

Removes the given application from the server.

The application must be no longer reachable through CONSUMER on the server and all sessions authorized through this application must be invalidated.

See SERVER
See APPLICATION
See SESSION

Package

north

Source

server.lisp (file)

Methods
Method: revoke-application (SERVER simple-server) (APPLICATION application)
Method: revoke-application (SERVER server) (STRING string)
Generic Function: revoke-session SERVER TOKEN

Removes the given session from the server.

The session must no longer be valid and any client trying to use its tokens to access any resource or perform any step of the oauth process must be rejected.

See SERVER
See SESSION

Package

north

Source

server.lisp (file)

Methods
Method: revoke-session (SERVER simple-server) (SESSION session)
Method: revoke-session (SERVER server) (STRING string)
Generic Function: secret OBJECT

Accesses the application secret.

Package

north

Writer

(setf secret) (generic function)

Methods
Method: secret (CLIENT client)

automatically generated reader method

Source

client.lisp (file)

Method: secret (APPLICATION application)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf secret) NEW-VALUE OBJECT
Package

north

Reader

secret (generic function)

Methods
Method: (setf secret) NEW-VALUE (CLIENT client)

automatically generated writer method

Source

client.lisp (file)

Method: (setf secret) NEW-VALUE (APPLICATION application)

automatically generated writer method

Source

server.lisp (file)

Generic Function: session SERVER TOKEN

Returns the session object associated with the given token on the server, if any.

See SERVER
See SESSION

Package

north

Source

server.lisp (file)

Methods
Method: session (SERVER simple-server) TOKEN
Generic Function: sessions OBJECT

Accessor to the hash table of token -> session in the server.

See SIMPLE-SERVER

Package

north

Writer

(setf sessions) (generic function)

Methods
Method: sessions (SIMPLE-SERVER simple-server)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf sessions) NEW-VALUE OBJECT
Package

north

Reader

sessions (generic function)

Methods
Method: (setf sessions) NEW-VALUE (SIMPLE-SERVER simple-server)

automatically generated writer method

Source

server.lisp (file)

Generic Function: sign METHOD DATA CONSUMER-SECRET &optional TOKEN-SECRET

Signs the given data using the specified method.

By default, :PLAINTEXT, :HMAC-SHA1, and :CMAC-AES are supported. A string can be used for the method as well, but will be converted to a keyword first.

Package

north

Source

toolkit.lisp (file)

Methods
Method: sign METHOD DATA CONSUMER-SECRET &optional TOKEN-SECRET
Method: sign (METHOD (eql plaintext)) DATA CONSUMER-SECRET &optional TOKEN-SECRET
Method: sign (METHOD (eql hmac-sha1)) DATA CONSUMER-SECRET &optional TOKEN-SECRET
Method: sign (METHOD (eql cmac-aes)) DATA CONSUMER-SECRET &optional TOKEN-SECRET
Method: sign (METHOD string) DATA CONSUMER-SECRET &optional TOKEN-SECRET
Generic Function: status-code CONDITION

The returned status code of the failed request.

See REQUEST-FAILED

Package

north

Methods
Method: status-code (CONDITION request-failed)
Source

conditions.lisp (file)

Generic Function: token OBJECT

Accesses the current (access or request) token.

Package

north

Writer

(setf token) (generic function)

Methods
Method: token (CLIENT client)

automatically generated reader method

Source

client.lisp (file)

Method: token (SESSION session)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf token) NEW-VALUE OBJECT
Package

north

Reader

token (generic function)

Methods
Method: (setf token) NEW-VALUE (CLIENT client)

automatically generated writer method

Source

client.lisp (file)

Method: (setf token) NEW-VALUE (SESSION session)

automatically generated writer method

Source

server.lisp (file)

Generic Function: token-secret OBJECT

Accesses the current (access or request) token secret.

Package

north

Writer

(setf token-secret) (generic function)

Methods
Method: token-secret (CLIENT client)

automatically generated reader method

Source

client.lisp (file)

Method: token-secret (SESSION session)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf token-secret) NEW-VALUE OBJECT
Package

north

Reader

token-secret (generic function)

Methods
Method: (setf token-secret) NEW-VALUE (CLIENT client)

automatically generated writer method

Source

client.lisp (file)

Method: (setf token-secret) NEW-VALUE (SESSION session)

automatically generated writer method

Source

server.lisp (file)

Generic Function: url OBJECT

Accesses the URL of the request.

Package

north

Writer

(setf url) (generic function)

Methods
Method: url (REQUEST request)

automatically generated reader method

Source

request.lisp (file)

Generic Function: (setf url) NEW-VALUE OBJECT
Package

north

Reader

url (generic function)

Methods
Method: (setf url) NEW-VALUE (REQUEST request)

automatically generated writer method

Source

request.lisp (file)

Generic Function: verifier OBJECT

Accessor to the verifier token that the consumer has to provide to exchange the request token for an access token.

See SESSION

Package

north

Writer

(setf verifier) (generic function)

Methods
Method: verifier (SESSION session)

automatically generated reader method

Source

server.lisp (file)

Generic Function: (setf verifier) NEW-VALUE OBJECT
Package

north

Reader

verifier (generic function)

Methods
Method: (setf verifier) NEW-VALUE (SESSION session)

automatically generated writer method

Source

server.lisp (file)

Generic Function: verify REQUEST CONSUMER-SECRET &optional TOKEN-SECRET

Verifies whether the signature in the request is valid.
To do this it destructures the Authorization header and uses it values to construct a new signature. This is then compared against the oauth_signature value in the oauth alist.

See REQUEST
See DESTRUCTURE-OAUTH-HEADER
See CREATE-SIGNATURE

Package

north

Source

request.lisp (file)

Methods
Method: verify (REQUEST request) CONSUMER-SECRET &optional TOKEN-SECRET
Generic Function: verify-uri OBJECT

Accesses the oauth/verify uri, an optional endpoint to test whether the process completed successfully.

Package

north

Writer

(setf verify-uri) (generic function)

Methods
Method: verify-uri (CLIENT client)

automatically generated reader method

Source

client.lisp (file)

Generic Function: (setf verify-uri) NEW-VALUE OBJECT
Package

north

Reader

verify-uri (generic function)

Methods
Method: (setf verify-uri) NEW-VALUE (CLIENT client)

automatically generated writer method

Source

client.lisp (file)


Next: , Previous: , Up: Exported definitions   [Contents][Index]

5.1.4 Conditions

Condition: bad-version ()

An error signalled when the oAuth request specifies a bad version field.

See PARAMETER-ERROR

Package

north

Source

conditions.lisp (file)

Direct superclasses

parameter-error (condition)

Condition: callback-unconfirmed ()

An error signalled when the provider returns a non-"true" value for the oauth_callback_confirmed key.

See CLIENT-ERROR

Package

north

Source

conditions.lisp (file)

Direct superclasses

client-error (condition)

Condition: client-error ()

An error signalled when the oAuth client encounters a problem.

See NORTH-CONDITION

Package

north

Source

conditions.lisp (file)

Direct superclasses
Direct subclasses
Condition: invalid-application ()

An error signalled when the oauth_consumer_key of the request is invalid or unknown.

See VERIFICATION-ERROR

Package

north

Source

conditions.lisp (file)

Direct superclasses

verification-error (condition)

Condition: invalid-signature ()

An error signalled when the oAuth signature cannot be verified.
This is most likely due to a bad signing procedure on the client’s behalf, or a disagreement about the tokens and secrets used in the signing process.

See VERIFICATION-ERROR

Package

north

Source

conditions.lisp (file)

Direct superclasses

verification-error (condition)

Condition: invalid-token ()

An error signalled when the token of the request is invalid or unknown.

See VERIFICATION-ERROR

Package

north

Source

conditions.lisp (file)

Direct superclasses

verification-error (condition)

Condition: invalid-verifier ()

An error signalled when the verifier of the request is invalid for the associated request token.

See VERIFICATION-ERROR

Package

north

Source

conditions.lisp (file)

Direct superclasses

verification-error (condition)

Condition: nonce-reused ()

An error signalled when a nonce is used twice within the same timestamp.

See VERIFICATION-ERROR

Package

north

Source

conditions.lisp (file)

Direct superclasses

verification-error (condition)

Condition: north-condition ()

Base condition class for conditions in the North system.

See REQUEST

Package

north

Source

conditions.lisp (file)

Direct superclasses

condition (condition)

Direct subclasses
Direct methods

request (method)

Direct slots
Slot: request
Initargs

:request

Readers

request (generic function)

Direct Default Initargs
InitargValue
:request(error "request required.")
Condition: parameter-error ()

An error signalled when the parameters given to the provider are incomplete or badly specified. Should end up in an HTTP 400 return code.

See NORTH-CONDITION

Package

north

Source

conditions.lisp (file)

Direct superclasses
Direct subclasses
Condition: parameters-missing ()

An error signalled when the oAuth request does not include all the required oAuth parameters.

See PARAMETERS
See PARAMETER-ERROR

Package

north

Source

conditions.lisp (file)

Direct superclasses

parameter-error (condition)

Direct methods

parameters (method)

Direct slots
Slot: parameters
Initargs

:parameters

Readers

parameters (generic function)

Direct Default Initargs
InitargValue
:parameters(error "parameters required.")
Condition: request-failed ()

An error signalled when a client’s request returned with a non-200 status code.

See BODY
See STATUS-CODE
See HEADERS
See CLIENT-ERROR

Package

north

Source

conditions.lisp (file)

Direct superclasses

client-error (condition)

Direct methods
Direct slots
Slot: body
Initargs

:body

Readers

body (generic function)

Slot: status-code
Initargs

:status-code

Readers

status-code (generic function)

Slot: headers
Initargs

:headers

Readers

headers (generic function)

Direct Default Initargs
InitargValue
:headers(error "headers required.")
:status-code(error "status-code required.")
:body(error "body required.")
Condition: verification-error ()

An error signalled when the parameters given to the provider fail the verification test. Should end up in an HTTP 401 return code.

See NORTH-CONDITION

Package

north

Source

conditions.lisp (file)

Direct superclasses
Direct subclasses
Condition: verifier-taken ()

An error signalled when a verifier token for a request is re-used or the authorization step is repeated for the same request token.

See VERIFICATION-ERROR

Package

north

Source

conditions.lisp (file)

Direct superclasses

verification-error (condition)


Previous: , Up: Exported definitions   [Contents][Index]

5.1.5 Classes

Class: application ()

Container for an OAuth application that provides consumers a means to connect to the provider.

See KEY
See SECRET
See NAME

Package

north

Source

server.lisp (file)

Direct superclasses

standard-object (class)

Direct methods
Direct slots
Slot: key
Initargs

:key

Readers

key (generic function)

Writers

(setf key) (generic function)

Slot: secret
Initargs

:secret

Readers

secret (generic function)

Writers

(setf secret) (generic function)

Slot: name
Initargs

:name

Readers

name (generic function)

Writers

(setf name) (generic function)

Direct Default Initargs
InitargValue
:key(north:make-nonce)
:secret(north:make-nonce)
:name(error "name required.")
Class: client ()

An oAuth client class to encapsulate a single connection to a provider.

Contains all the necessary information and state to manage the connection. You may serialise this object into a reloadable form using MAKE-LOAD-FORM. Unless the provider expires access tokens or the token is revoked for some reason or another, the authentication process for a client has to be done only once.

See KEY
See SECRET
See TOKEN
See TOKEN-SECRET
See CALLBACK
See REQUEST-TOKEN-URI
See AUTHORIZE-URI
See ACCESS-TOKEN-URI
See VERIFY-URI
See INITIATE-AUTHENTICATION
See COMPLETE-AUTHENTICATION

Package

north

Source

client.lisp (file)

Direct superclasses

standard-object (class)

Direct methods
Direct slots
Slot: key
Initargs

:key

Readers

key (generic function)

Writers

(setf key) (generic function)

Slot: secret
Initargs

:secret

Readers

secret (generic function)

Writers

(setf secret) (generic function)

Slot: token
Initargs

:token

Readers

token (generic function)

Writers

(setf token) (generic function)

Slot: token-secret
Initargs

:token-secret

Readers

token-secret (generic function)

Writers

(setf token-secret) (generic function)

Slot: callback
Initargs

:callback

Readers

callback (generic function)

Writers

(setf callback) (generic function)

Slot: request-token-uri
Initargs

:request-token-uri

Readers

request-token-uri (generic function)

Writers

(setf request-token-uri) (generic function)

Slot: authorize-uri
Initargs

:authorize-uri

Readers

authorize-uri (generic function)

Writers

(setf authorize-uri) (generic function)

Slot: access-token-uri
Initargs

:access-token-uri

Readers

access-token-uri (generic function)

Writers

(setf access-token-uri) (generic function)

Slot: verify-uri
Initargs

:verify-uri

Readers

verify-uri (generic function)

Writers

(setf verify-uri) (generic function)

Direct Default Initargs
InitargValue
:key(error "key required. this is your oauth application's key.")
:secret(error "secret required. this is your oauth application's secret.")
:tokennil
:token-secretnil
:callback"oob"
:request-token-uri(error "request-token-uri required.")
:authorize-uri(error "authorize-uri required.")
:access-token-uri(error "access-token-uri required.")
:verify-urinil
Class: request ()

Container class to represent an HTTP request.

Upon initialisation a few default oauth parameters are set, if not given already: oauth_nonce Set to (make-nonce)
oauth_signature_method Set to "HMAC-SHA1"
oauth_timestamp Set to (make-timestamp)
oauth_version Set to "1.0"
Additionally, if the headers given include an Authorization header, then the oauth parameters are overridden by the results of DESTRUCTURE-OAUTH-HEADER.

See HTTP-METHOD
See URL
See PARAMETERS
See HEADERS
See OAUTH
See DESTRUCTURE-OAUTH-HEADER

Package

north

Source

request.lisp (file)

Direct superclasses

standard-object (class)

Direct methods
Direct slots
Slot: http-method
Initargs

:http-method

Readers

http-method (generic function)

Writers

(setf http-method) (generic function)

Slot: url
Initargs

:url

Readers

url (generic function)

Writers

(setf url) (generic function)

Slot: parameters
Initargs

:parameters

Readers

parameters (generic function)

Writers

(setf parameters) (generic function)

Slot: headers
Initargs

:headers

Readers

headers (generic function)

Writers

(setf headers) (generic function)

Slot: oauth
Initargs

:oauth

Readers

oauth (generic function)

Writers

(setf oauth) (generic function)

Direct Default Initargs
InitargValue
:http-method:get
:url"http://example.com"
:parametersnil
:headersnil
:oauthnil
Class: server ()

Mixin representing a server class.

Package

north

Source

server.lisp (file)

Direct superclasses

standard-object (class)

Direct subclasses

simple-server (class)

Direct methods
Class: session ()

Session container to represent a connection with a consumer.

See TOKEN
See TOKEN-SECRET
See VERIFIER
See CALLBACK
See KEY
See ACCESS

Package

north

Source

server.lisp (file)

Direct superclasses

standard-object (class)

Direct methods
Direct slots
Slot: token
Initargs

:token

Readers

token (generic function)

Writers

(setf token) (generic function)

Slot: token-secret
Initargs

:token-secret

Readers

token-secret (generic function)

Writers

(setf token-secret) (generic function)

Slot: verifier
Initargs

:verifier

Readers

verifier (generic function)

Writers

(setf verifier) (generic function)

Slot: callback
Initargs

:callback

Readers

callback (generic function)

Writers

(setf callback) (generic function)

Slot: key
Initargs

:key

Readers

key (generic function)

Writers

(setf key) (generic function)

Slot: access
Initargs

:access

Readers

access (generic function)

Writers

(setf access) (generic function)

Direct Default Initargs
InitargValue
:token(north:make-nonce)
:token-secret(north:make-nonce)
:verifier(north:make-nonce)
:callback"oob"
:key(error "key required.")
:access:request
Class: simple-server ()

A very primitive and simple sample server implementation that stores everything in mere hash tables.

Do not use this server for your production provider. You should implement
one yourself the provides proper persistence and expiration of the providers,
sessions, and nonces.

See SERVER
See APPLICATIONS
See SESSIONS
See NONCES

Package

north

Source

server.lisp (file)

Direct superclasses

server (class)

Direct methods
Direct slots
Slot: applications
Initform

(make-hash-table :test (quote equal))

Readers

applications (generic function)

Writers

(setf applications) (generic function)

Slot: sessions
Initform

(make-hash-table :test (quote equal))

Readers

sessions (generic function)

Writers

(setf sessions) (generic function)

Slot: nonces
Initform

(make-hash-table :test (quote eql))

Readers

nonces (generic function)

Writers

(setf nonces) (generic function)


Previous: , Up: Definitions   [Contents][Index]

5.2 Internal definitions


Next: , Previous: , Up: Internal definitions   [Contents][Index]

5.2.1 Special variables

Special Variable: *whitespace*
Package

north

Source

toolkit.lisp (file)


Previous: , Up: Internal definitions   [Contents][Index]

5.2.2 Functions

Function: alist-key THING

Turn THING into a string suitable for a property alist.

Symbols get downcased, strings stay as they are, everything else results in a type error.

Package

north

Source

toolkit.lisp (file)

Function: check-nonce REQUEST SERVER
Package

north

Source

server.lisp (file)

Function: check-parameters-present REQUEST &rest PARAMETERS
Package

north

Source

server.lisp (file)

Function: check-request REQUEST SERVER
Package

north

Source

server.lisp (file)

Function: check-token REQUEST SERVER
Package

north

Source

server.lisp (file)

Function: check-verifier REQUEST SERVER
Package

north

Source

server.lisp (file)

Function: check-version REQUEST
Package

north

Source

server.lisp (file)

Function: make-signature-base-string METHOD URL PARAMS

Creates a normalized signature base string as follows.

TOKEN ::= METHOD ’&’ URL ’&’ PARAMS
METHOD — The method in uppercase
URL — The url-encoded and normalized URL. PARAMS — The url-encoded and concatenated params.

See URL-ENCODE
See NORMALIZE-URL
See CONCAT-PARAMS

Package

north

Source

toolkit.lisp (file)

Function: param< A B

Compares two parameters as required by the oauth spec.

If the two keys of the parameters are equal, the values are compared instead. Comparison happens by lexicographic string<. If a key is a symbol it is coerced using ALIST-KEY before comparison.

Package

north

Source

toolkit.lisp (file)

Function: remove-param KEY ALIST

Remove the given key from the alist.

Checks keys STRING-EQUALly and constructs a new alist.

Package

north

Source

toolkit.lisp (file)

Function: start-p START STRING

Returns T if START is found at the beginning of STRING.

Package

north

Source

toolkit.lisp (file)

Function: url-parts URL

Splits the given URL into its parts of SCHEME, HOST, PORT, and PATH.

Package

north

Source

toolkit.lisp (file)


Previous: , Up: Top   [Contents][Index]

Appendix A Indexes


Next: , Previous: , Up: Indexes   [Contents][Index]

A.1 Concepts

Jump to:   F   L   N  
Index Entry  Section

F
File, Lisp, north-core.asd: The north-core<dot>asd file
File, Lisp, north-core/client.lisp: The north-core/client<dot>lisp file
File, Lisp, north-core/conditions.lisp: The north-core/conditions<dot>lisp file
File, Lisp, north-core/documentation.lisp: The north-core/documentation<dot>lisp file
File, Lisp, north-core/package.lisp: The north-core/package<dot>lisp file
File, Lisp, north-core/request.lisp: The north-core/request<dot>lisp file
File, Lisp, north-core/server.lisp: The north-core/server<dot>lisp file
File, Lisp, north-core/toolkit.lisp: The north-core/toolkit<dot>lisp file
File, Lisp, north-drakma.asd: The north-drakma<dot>asd file
File, Lisp, north-drakma/drakma.lisp: The north-drakma/drakma<dot>lisp file
File, Lisp, north.asd: The north<dot>asd file

L
Lisp File, north-core.asd: The north-core<dot>asd file
Lisp File, north-core/client.lisp: The north-core/client<dot>lisp file
Lisp File, north-core/conditions.lisp: The north-core/conditions<dot>lisp file
Lisp File, north-core/documentation.lisp: The north-core/documentation<dot>lisp file
Lisp File, north-core/package.lisp: The north-core/package<dot>lisp file
Lisp File, north-core/request.lisp: The north-core/request<dot>lisp file
Lisp File, north-core/server.lisp: The north-core/server<dot>lisp file
Lisp File, north-core/toolkit.lisp: The north-core/toolkit<dot>lisp file
Lisp File, north-drakma.asd: The north-drakma<dot>asd file
Lisp File, north-drakma/drakma.lisp: The north-drakma/drakma<dot>lisp file
Lisp File, north.asd: The north<dot>asd file

N
north-core.asd: The north-core<dot>asd file
north-core/client.lisp: The north-core/client<dot>lisp file
north-core/conditions.lisp: The north-core/conditions<dot>lisp file
north-core/documentation.lisp: The north-core/documentation<dot>lisp file
north-core/package.lisp: The north-core/package<dot>lisp file
north-core/request.lisp: The north-core/request<dot>lisp file
north-core/server.lisp: The north-core/server<dot>lisp file
north-core/toolkit.lisp: The north-core/toolkit<dot>lisp file
north-drakma.asd: The north-drakma<dot>asd file
north-drakma/drakma.lisp: The north-drakma/drakma<dot>lisp file
north.asd: The north<dot>asd file

Jump to:   F   L   N  

Next: , Previous: , Up: Indexes   [Contents][Index]

A.2 Functions

Jump to:   (  
A   B   C   D   F   G   H   I   K   M   N   O   P   R   S   T   U   V  
Index Entry  Section

(
(setf access): Exported generic functions
(setf access): Exported generic functions
(setf access-token-uri): Exported generic functions
(setf access-token-uri): Exported generic functions
(setf applications): Exported generic functions
(setf applications): Exported generic functions
(setf authorize-uri): Exported generic functions
(setf authorize-uri): Exported generic functions
(setf callback): Exported generic functions
(setf callback): Exported generic functions
(setf callback): Exported generic functions
(setf headers): Exported generic functions
(setf headers): Exported generic functions
(setf http-method): Exported generic functions
(setf http-method): Exported generic functions
(setf key): Exported generic functions
(setf key): Exported generic functions
(setf key): Exported generic functions
(setf key): Exported generic functions
(setf name): Exported generic functions
(setf name): Exported generic functions
(setf nonces): Exported generic functions
(setf nonces): Exported generic functions
(setf oauth): Exported generic functions
(setf oauth): Exported generic functions
(setf parameters): Exported generic functions
(setf parameters): Exported generic functions
(setf pget): Exported functions
(setf request-token-uri): Exported generic functions
(setf request-token-uri): Exported generic functions
(setf secret): Exported generic functions
(setf secret): Exported generic functions
(setf secret): Exported generic functions
(setf sessions): Exported generic functions
(setf sessions): Exported generic functions
(setf token): Exported generic functions
(setf token): Exported generic functions
(setf token): Exported generic functions
(setf token-secret): Exported generic functions
(setf token-secret): Exported generic functions
(setf token-secret): Exported generic functions
(setf url): Exported generic functions
(setf url): Exported generic functions
(setf verifier): Exported generic functions
(setf verifier): Exported generic functions
(setf verify-uri): Exported generic functions
(setf verify-uri): Exported generic functions

A
access: Exported generic functions
access: Exported generic functions
access-token-uri: Exported generic functions
access-token-uri: Exported generic functions
alist->oauth-response: Exported functions
alist-key: Internal functions
application: Exported generic functions
application: Exported generic functions
applications: Exported generic functions
applications: Exported generic functions
authorize-uri: Exported generic functions
authorize-uri: Exported generic functions

B
body: Exported generic functions
body: Exported generic functions

C
call: Exported generic functions
call: Exported generic functions
call-signed: Exported generic functions
call-signed: Exported generic functions
callback: Exported generic functions
callback: Exported generic functions
callback: Exported generic functions
check-nonce: Internal functions
check-parameters-present: Internal functions
check-request: Internal functions
check-token: Internal functions
check-verifier: Internal functions
check-version: Internal functions
complete-authentication: Exported generic functions
complete-authentication: Exported generic functions
concat-params: Exported functions
create-signature: Exported functions

D
destructure-oauth-header: Exported functions

F
find-nonce: Exported generic functions
find-nonce: Exported generic functions
find-nonce: Exported generic functions
Function, alist->oauth-response: Exported functions
Function, alist-key: Internal functions
Function, check-nonce: Internal functions
Function, check-parameters-present: Internal functions
Function, check-request: Internal functions
Function, check-token: Internal functions
Function, check-verifier: Internal functions
Function, check-version: Internal functions
Function, concat-params: Exported functions
Function, create-signature: Exported functions
Function, destructure-oauth-header: Exported functions
Function, make-nonce: Exported functions
Function, make-request: Exported functions
Function, make-signature-base-string: Internal functions
Function, make-timestamp: Exported functions
Function, normalize-url: Exported functions
Function, oauth-response->alist: Exported functions
Function, param<: Internal functions
Function, pget: Exported functions
Function, remove-param: Internal functions
Function, sort-params: Exported functions
Function, start-p: Internal functions
Function, url-decode: Exported functions
Function, url-encode: Exported functions
Function, url-parts: Internal functions

G
Generic Function, (setf access): Exported generic functions
Generic Function, (setf access-token-uri): Exported generic functions
Generic Function, (setf applications): Exported generic functions
Generic Function, (setf authorize-uri): Exported generic functions
Generic Function, (setf callback): Exported generic functions
Generic Function, (setf headers): Exported generic functions
Generic Function, (setf http-method): Exported generic functions
Generic Function, (setf key): Exported generic functions
Generic Function, (setf name): Exported generic functions
Generic Function, (setf nonces): Exported generic functions
Generic Function, (setf oauth): Exported generic functions
Generic Function, (setf parameters): Exported generic functions
Generic Function, (setf request-token-uri): Exported generic functions
Generic Function, (setf secret): Exported generic functions
Generic Function, (setf sessions): Exported generic functions
Generic Function, (setf token): Exported generic functions
Generic Function, (setf token-secret): Exported generic functions
Generic Function, (setf url): Exported generic functions
Generic Function, (setf verifier): Exported generic functions
Generic Function, (setf verify-uri): Exported generic functions
Generic Function, access: Exported generic functions
Generic Function, access-token-uri: Exported generic functions
Generic Function, application: Exported generic functions
Generic Function, applications: Exported generic functions
Generic Function, authorize-uri: Exported generic functions
Generic Function, body: Exported generic functions
Generic Function, call: Exported generic functions
Generic Function, call-signed: Exported generic functions
Generic Function, callback: Exported generic functions
Generic Function, complete-authentication: Exported generic functions
Generic Function, find-nonce: Exported generic functions
Generic Function, headers: Exported generic functions
Generic Function, http-method: Exported generic functions
Generic Function, initiate-authentication: Exported generic functions
Generic Function, key: Exported generic functions
Generic Function, make-application: Exported generic functions
Generic Function, make-authorized: Exported generic functions
Generic Function, make-session: Exported generic functions
Generic Function, make-signed: Exported generic functions
Generic Function, make-signed-data-request: Exported generic functions
Generic Function, make-signed-request: Exported generic functions
Generic Function, name: Exported generic functions
Generic Function, nonces: Exported generic functions
Generic Function, oauth: Exported generic functions
Generic Function, oauth/access-token: Exported generic functions
Generic Function, oauth/authorize: Exported generic functions
Generic Function, oauth/request-token: Exported generic functions
Generic Function, oauth/verify: Exported generic functions
Generic Function, parameters: Exported generic functions
Generic Function, record-nonce: Exported generic functions
Generic Function, rehash-session: Exported generic functions
Generic Function, request: Exported generic functions
Generic Function, request-token-uri: Exported generic functions
Generic Function, revoke-application: Exported generic functions
Generic Function, revoke-session: Exported generic functions
Generic Function, secret: Exported generic functions
Generic Function, session: Exported generic functions
Generic Function, sessions: Exported generic functions
Generic Function, sign: Exported generic functions
Generic Function, status-code: Exported generic functions
Generic Function, token: Exported generic functions
Generic Function, token-secret: Exported generic functions
Generic Function, url: Exported generic functions
Generic Function, verifier: Exported generic functions
Generic Function, verify: Exported generic functions
Generic Function, verify-uri: Exported generic functions

H
headers: Exported generic functions
headers: Exported generic functions
headers: Exported generic functions
http-method: Exported generic functions
http-method: Exported generic functions

I
initiate-authentication: Exported generic functions
initiate-authentication: Exported generic functions

K
key: Exported generic functions
key: Exported generic functions
key: Exported generic functions
key: Exported generic functions

M
make-application: Exported generic functions
make-application: Exported generic functions
make-authorized: Exported generic functions
make-authorized: Exported generic functions
make-nonce: Exported functions
make-request: Exported functions
make-session: Exported generic functions
make-session: Exported generic functions
make-session: Exported generic functions
make-signature-base-string: Internal functions
make-signed: Exported generic functions
make-signed: Exported generic functions
make-signed-data-request: Exported generic functions
make-signed-data-request: Exported generic functions
make-signed-request: Exported generic functions
make-signed-request: Exported generic functions
make-timestamp: Exported functions
Method, (setf access): Exported generic functions
Method, (setf access-token-uri): Exported generic functions
Method, (setf applications): Exported generic functions
Method, (setf authorize-uri): Exported generic functions
Method, (setf callback): Exported generic functions
Method, (setf callback): Exported generic functions
Method, (setf headers): Exported generic functions
Method, (setf http-method): Exported generic functions
Method, (setf key): Exported generic functions
Method, (setf key): Exported generic functions
Method, (setf key): Exported generic functions
Method, (setf name): Exported generic functions
Method, (setf nonces): Exported generic functions
Method, (setf oauth): Exported generic functions
Method, (setf parameters): Exported generic functions
Method, (setf request-token-uri): Exported generic functions
Method, (setf secret): Exported generic functions
Method, (setf secret): Exported generic functions
Method, (setf sessions): Exported generic functions
Method, (setf token): Exported generic functions
Method, (setf token): Exported generic functions
Method, (setf token-secret): Exported generic functions
Method, (setf token-secret): Exported generic functions
Method, (setf url): Exported generic functions
Method, (setf verifier): Exported generic functions
Method, (setf verify-uri): Exported generic functions
Method, access: Exported generic functions
Method, access-token-uri: Exported generic functions
Method, application: Exported generic functions
Method, applications: Exported generic functions
Method, authorize-uri: Exported generic functions
Method, body: Exported generic functions
Method, call: Exported generic functions
Method, call-signed: Exported generic functions
Method, callback: Exported generic functions
Method, callback: Exported generic functions
Method, complete-authentication: Exported generic functions
Method, find-nonce: Exported generic functions
Method, find-nonce: Exported generic functions
Method, headers: Exported generic functions
Method, headers: Exported generic functions
Method, http-method: Exported generic functions
Method, initiate-authentication: Exported generic functions
Method, key: Exported generic functions
Method, key: Exported generic functions
Method, key: Exported generic functions
Method, make-application: Exported generic functions
Method, make-authorized: Exported generic functions
Method, make-session: Exported generic functions
Method, make-session: Exported generic functions
Method, make-signed: Exported generic functions
Method, make-signed-data-request: Exported generic functions
Method, make-signed-request: Exported generic functions
Method, name: Exported generic functions
Method, nonces: Exported generic functions
Method, oauth: Exported generic functions
Method, oauth/access-token: Exported generic functions
Method, oauth/authorize: Exported generic functions
Method, oauth/request-token: Exported generic functions
Method, oauth/verify: Exported generic functions
Method, parameters: Exported generic functions
Method, parameters: Exported generic functions
Method, record-nonce: Exported generic functions
Method, rehash-session: Exported generic functions
Method, rehash-session: Exported generic functions
Method, request: Exported generic functions
Method, request-token-uri: Exported generic functions
Method, revoke-application: Exported generic functions
Method, revoke-application: Exported generic functions
Method, revoke-session: Exported generic functions
Method, revoke-session: Exported generic functions
Method, secret: Exported generic functions
Method, secret: Exported generic functions
Method, session: Exported generic functions
Method, sessions: Exported generic functions
Method, sign: Exported generic functions
Method, sign: Exported generic functions
Method, sign: Exported generic functions
Method, sign: Exported generic functions
Method, sign: Exported generic functions
Method, status-code: Exported generic functions
Method, token: Exported generic functions
Method, token: Exported generic functions
Method, token-secret: Exported generic functions
Method, token-secret: Exported generic functions
Method, url: Exported generic functions
Method, verifier: Exported generic functions
Method, verify: Exported generic functions
Method, verify-uri: Exported generic functions

N
name: Exported generic functions
name: Exported generic functions
nonces: Exported generic functions
nonces: Exported generic functions
normalize-url: Exported functions

O
oauth: Exported generic functions
oauth: Exported generic functions
oauth-response->alist: Exported functions
oauth/access-token: Exported generic functions
oauth/access-token: Exported generic functions
oauth/authorize: Exported generic functions
oauth/authorize: Exported generic functions
oauth/request-token: Exported generic functions
oauth/request-token: Exported generic functions
oauth/verify: Exported generic functions
oauth/verify: Exported generic functions

P
param<: Internal functions
parameters: Exported generic functions
parameters: Exported generic functions
parameters: Exported generic functions
pget: Exported functions

R
record-nonce: Exported generic functions
record-nonce: Exported generic functions
rehash-session: Exported generic functions
rehash-session: Exported generic functions
rehash-session: Exported generic functions
remove-param: Internal functions
request: Exported generic functions
request: Exported generic functions
request-token-uri: Exported generic functions
request-token-uri: Exported generic functions
revoke-application: Exported generic functions
revoke-application: Exported generic functions
revoke-application: Exported generic functions
revoke-session: Exported generic functions
revoke-session: Exported generic functions
revoke-session: Exported generic functions

S
secret: Exported generic functions
secret: Exported generic functions
secret: Exported generic functions
session: Exported generic functions
session: Exported generic functions
sessions: Exported generic functions
sessions: Exported generic functions
Setf Expander, (setf pget): Exported functions
sign: Exported generic functions
sign: Exported generic functions
sign: Exported generic functions
sign: Exported generic functions
sign: Exported generic functions
sign: Exported generic functions
sort-params: Exported functions
start-p: Internal functions
status-code: Exported generic functions
status-code: Exported generic functions

T
token: Exported generic functions
token: Exported generic functions
token: Exported generic functions
token-secret: Exported generic functions
token-secret: Exported generic functions
token-secret: Exported generic functions

U
url: Exported generic functions
url: Exported generic functions
url-decode: Exported functions
url-encode: Exported functions
url-parts: Internal functions

V
verifier: Exported generic functions
verifier: Exported generic functions
verify: Exported generic functions
verify: Exported generic functions
verify-uri: Exported generic functions
verify-uri: Exported generic functions

Jump to:   (  
A   B   C   D   F   G   H   I   K   M   N   O   P   R   S   T   U   V  

Next: , Previous: , Up: Indexes   [Contents][Index]

A.3 Variables

Jump to:   *  
A   B   C   H   K   N   O   P   R   S   T   U   V  
Index Entry  Section

*
*external-format*: Exported special variables
*whitespace*: Internal special variables

A
access: Exported classes
access-token-uri: Exported classes
applications: Exported classes
authorize-uri: Exported classes

B
body: Exported conditions

C
callback: Exported classes
callback: Exported classes

H
headers: Exported conditions
headers: Exported classes
http-method: Exported classes

K
key: Exported classes
key: Exported classes
key: Exported classes

N
name: Exported classes
nonces: Exported classes

O
oauth: Exported classes

P
parameters: Exported conditions
parameters: Exported classes

R
request: Exported conditions
request-token-uri: Exported classes

S
secret: Exported classes
secret: Exported classes
sessions: Exported classes
Slot, access: Exported classes
Slot, access-token-uri: Exported classes
Slot, applications: Exported classes
Slot, authorize-uri: Exported classes
Slot, body: Exported conditions
Slot, callback: Exported classes
Slot, callback: Exported classes
Slot, headers: Exported conditions
Slot, headers: Exported classes
Slot, http-method: Exported classes
Slot, key: Exported classes
Slot, key: Exported classes
Slot, key: Exported classes
Slot, name: Exported classes
Slot, nonces: Exported classes
Slot, oauth: Exported classes
Slot, parameters: Exported conditions
Slot, parameters: Exported classes
Slot, request: Exported conditions
Slot, request-token-uri: Exported classes
Slot, secret: Exported classes
Slot, secret: Exported classes
Slot, sessions: Exported classes
Slot, status-code: Exported conditions
Slot, token: Exported classes
Slot, token: Exported classes
Slot, token-secret: Exported classes
Slot, token-secret: Exported classes
Slot, url: Exported classes
Slot, verifier: Exported classes
Slot, verify-uri: Exported classes
Special Variable, *external-format*: Exported special variables
Special Variable, *whitespace*: Internal special variables
status-code: Exported conditions

T
token: Exported classes
token: Exported classes
token-secret: Exported classes
token-secret: Exported classes

U
url: Exported classes

V
verifier: Exported classes
verify-uri: Exported classes

Jump to:   *  
A   B   C   H   K   N   O   P   R   S   T   U   V  

Previous: , Up: Indexes   [Contents][Index]

A.4 Data types

Jump to:   A   B   C   I   N   P   R   S   V  
Index Entry  Section

A
application: Exported classes

B
bad-version: Exported conditions

C
callback-unconfirmed: Exported conditions
Class, application: Exported classes
Class, client: Exported classes
Class, request: Exported classes
Class, server: Exported classes
Class, session: Exported classes
Class, simple-server: Exported classes
client: Exported classes
client-error: Exported conditions
Condition, bad-version: Exported conditions
Condition, callback-unconfirmed: Exported conditions
Condition, client-error: Exported conditions
Condition, invalid-application: Exported conditions
Condition, invalid-signature: Exported conditions
Condition, invalid-token: Exported conditions
Condition, invalid-verifier: Exported conditions
Condition, nonce-reused: Exported conditions
Condition, north-condition: Exported conditions
Condition, parameter-error: Exported conditions
Condition, parameters-missing: Exported conditions
Condition, request-failed: Exported conditions
Condition, verification-error: Exported conditions
Condition, verifier-taken: Exported conditions

I
invalid-application: Exported conditions
invalid-signature: Exported conditions
invalid-token: Exported conditions
invalid-verifier: Exported conditions

N
nonce-reused: Exported conditions
north: The north system
north: The north package
north-condition: Exported conditions
north-core: The north-core system
north-drakma: The north-drakma system

P
Package, north: The north package
parameter-error: Exported conditions
parameters-missing: Exported conditions

R
request: Exported classes
request-failed: Exported conditions

S
server: Exported classes
session: Exported classes
simple-server: Exported classes
System, north: The north system
System, north-core: The north-core system
System, north-drakma: The north-drakma system

V
verification-error: Exported conditions
verifier-taken: Exported conditions

Jump to:   A   B   C   I   N   P   R   S   V