From This Day

Lastly I improved some things in the QOAuth library, also did small code refactoring and provided new functionality. All in all, I’m pretty much able to call the new version 1.0 and say that it’s mostly feature complete. Here’s exactly what I did:

• Added support for RSA-SHA1 signing algorithm, also working with passphrase-protected private RSA keys. Passphrase is passed as a QCA::SecureArray, so it won’t be cached on disk or left in memory after quitting the application.
• Added initial support for PLAINTEXT authorization. It seems to be working, however it may fail with untrusted SSL connections. I didn’t find a service that takes PLAINTEXT into use, only tested it with a test server which communicates over HTTP (unencrypted). But still, if anybody uses PLAINTEXT authorization and provides untrusted server to handle it, it kinda sucks…
• inlineParameters() extended by the parameter specifying parsing method – now it’s usable for both GET and POST requests,
• Introduced the QOAuth namespace, with QOAuth::Interface class holding the core functionality.

The detailed documentation (together with simple usage examples) resides here. The library was tested with a test server at http://term.ie/oauth/example and appears to be working. The test set is distributed alongside the library. I also use QOAuth for communication with Twitter API in qTwitter and find HMAC-SHA1 signing working properly.

The source code repository for QOAuth is hosted on GitHub. The framework for MacOS X as well as packages for several Linux distros are available from qt-apps.org. Gentoo users do emerge qoauth :)