oauth1-signer-go

Table of Contents

• Overview
  • Compatibility
  • References
  • Versioning and Deprecation Policy
• Usage
  • Prerequisites
  • Installation
  • Loading the Signing Key
  • Creating the OAuth Authorization Header
  • Signing HTTP Request
  • Integrating with OpenAPI Generator API Client Libraries

Overview

Library for Generating a Mastercard API compliant OAuth signature.

Compatibility

• Go 1.20+

References

• OAuth 1.0a specification
• Body hash extension for non application/x-www-form-urlencoded payloads

Versioning and Deprecation Policy

• Mastercard Versioning and Deprecation Policy

Usage

Prerequisites

Before using this library, you will need to set up a project in the Mastercard Developers Portal.

As part of this set up, you'll receive credentials for your app:

• A consumer key (displayed on the Mastercard Developer Portal)
• A private request signing key (matching the public certificate displayed on the Mastercard Developer Portal)

Installation

import github.com/mastercard/oauth1-signer-go

Loading the Signing Key

A signingKey can be created by calling the utils.LoadSigningKey function:

import "github.com/mastercard/oauth1-signer-go/utils"

//…
signingKey, err := utils.LoadSigningKey(
                                    "<insert PKCS#12 key file path>", 
                                    "<insert key password>")
//…

Creating the OAuth Authorization Header

The function that does all the heavy lifting is OAuth.GetAuthorizationHeader. You can call into it directly and as long as you provide the correct parameters, it will return a string that you can add into your request's Authorization header.

import "github.com/mastercard/oauth1-signer-go"

//…
consumerKey := "<insert consumer key>"
url, _ := url.Parse("https://sandbox.api.mastercard.com/service")
method := "POST"
payload := "<insert payload>"
authHeader, err := oauth.GetAuthorizationHeader(url, method, payload, consumerKey, signingKey)
//…

Signing HTTP Request

Alternatively, you can use helper function for http request.

Usage briefly described below, but you can also refer to the test package for examples.

import (
  "strings"
  "github.com/mastercard/oauth1-signer-go"
  )

//…
payload := strings.NewReader("<insert payload>")
request, _ := http.NewRequest("POST", "https://sandbox.api.mastercard.com/service", payload)
signer := &oauth.Signer{
    ConsumerKey: consumerKey,
    SigningKey:  signingKey,
}
err = signer.Sign(request)
//…

Integrating with OpenAPI Generator API Client Libraries

OpenAPI Generator generates API client libraries from OpenAPI Specs. It provides generators and library templates for supporting multiple languages and frameworks.

The github.com/mastercard/oauth1-signer-go/interceptor package provides you function for http request interception you can use when configuring your API client. This function takes care of adding the correct Authorization header before sending the request.

Generators currently supported:

• Go

Go

OpenAPI Generator

Client libraries can be generated using the following command:

openapi-generator-cli generate -i openapi-spec.yaml -g go -o out

See also:

• OpenAPI Generator CLI Installation
• CONFIG OPTIONS for Go

Usage of the github.com/mastercard/oauth1-signer-go/interceptor

import "github.com/mastercard/oauth1-signer-go/interceptor"

//…
configuration := openapi.NewConfiguration()
configuration.BasePath = "https://sandbox.api.mastercard.com"
httpClient, _ := interceptor.GetHttpClient("<insert consumer key>", "<insert PKCS#12 key file path>", "<insert key password>")
configuration.HTTPClient = httpClient
apiClient := openapi.NewAPIClient(configuration)

response, err = apiClient.SomeApi.doSomething()
//…