Oauth, working

Makefile

@@ -11,10 +11,12 @@ all: \
 	iD.min.js
 
 .INTERMEDIATE iD.js: \
-	js/lib/d3.v2.js \
+	js/lib/d3.v3.js \
 	js/lib/lodash.js \
+	js/lib/ohauth.js \
+	js/lib/sha.js \
 	js/lib/jxon.js \
-	js/lib/underscore.js \
+	js/lib/lodash.js \
 	js/iD/id.js \
 	js/iD/Connection.js \
 	js/iD/Util.js \

css/app.css

@@ -192,3 +192,15 @@ button small {
     right: 0;
     cursor: pointer;
 }
+
+.modal {
+    width:600px;
+    height:400px;
+    padding:10px;
+    position:absolute;
+    background:#fff;
+    top:50px;
+    left:50%;
+    margin-left:-305px;
+    box-shadow:0 0 5px #000;
+}

index.html

@@ -40,6 +40,7 @@
 
         <script type='text/javascript' src='js/iD/id.js'></script>
         <script type='text/javascript' src='js/iD/Util.js'></script>
+        <script type='text/javascript' src='js/iD/OAuth.js'></script>
         <script type='text/javascript' src='js/iD/renderer/style.js'></script>
 
         <script type='text/javascript' src='js/iD/renderer/tiles.js'></script>
@@ -75,6 +76,11 @@
             });
 
             var controller = iD.Controller(map);
+            var oauth = iD.OAuth(map);
+
+            d3.selectAll('button#save').on('click', function() {
+                oauth.authenticate();
+            });
 
             d3.selectAll('button#place').on('click', function() {
                 controller.go(iD.actions.AddPlace);

js/lib/ohauth.js

@@ -8,6 +8,8 @@ ohauth.qsString = function(obj) {
     }).join('&');
 };
 
+ohauth.sha = sha1();
+
 ohauth.stringQs = function(str) {
     return str.split('&').reduce(function(obj, pair){
         var parts = pair.split('=');
@@ -16,13 +18,15 @@ ohauth.stringQs = function(str) {
     }, {});
 };
 
-ohauth.post = function(url, data, callback) {
+ohauth.xhr = function(method, url, auth, data, options, callback) {
     var xhr = new XMLHttpRequest();
     xhr.onreadystatechange = function() {
         if (4 == xhr.readyState && 0 !== xhr.status) callback(xhr);
     };
-    xhr.open('POST', url, true);
-    xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
+    var headers = (options && options.header) || { 'Content-Type': 'application/x-www-form-urlencoded' };
+    xhr.open(method, url, true);
+    xhr.setRequestHeader('Authorization', 'OAuth ' + ohauth.authHeader(auth));
+    for (var h in headers) xhr.setRequestHeader(h, headers[h]);
     xhr.send(data);
 };
 
@@ -33,6 +37,12 @@ ohauth.nonce = function() {
     return o;
 };
 
+ohauth.authHeader = function(obj) {
+    return Object.keys(obj).sort().map(function(key) {
+        return encodeURIComponent(key) + '="' + encodeURIComponent(obj[key]) + '"';
+    }).join(', ');
+};
+
 ohauth.timestamp = function() { return ~~((+new Date()) / 1000); };
 
 ohauth.percentEncode = function(s) {
@@ -42,12 +52,21 @@ ohauth.percentEncode = function(s) {
 };
 
 ohauth.baseString = function(method, url, params) {
+    if (params.oauth_signature) delete params.oauth_signature;
     return [
         method,
         ohauth.percentEncode(url),
         ohauth.percentEncode(ohauth.qsString(params))].join('&');
 };
 
+ohauth.signature = function(oauth_secret, token_secret, baseString) {
+    return ohauth.sha.b64_hmac_sha1(
+        ohauth.percentEncode(oauth_secret) + '&' +
+        ohauth.percentEncode(token_secret),
+        baseString);
+};
+
 context.ohauth = ohauth;
 
 })(this);
+