Package oauth is consumer interface for OAuth 1.0, OAuth 1.0a and RFC 5849.
This section outlines how to use the oauth package in redirection-based authorization (http://tools.ietf.org/html/rfc5849#section-2).
Step 1: Create a Client using credentials and URIs provided by the server. The Client can be initialized once at application startup and stored in a package-level variable.
Step 2: Request temporary credentials using the Client RequestTemporaryCredentials method. The callbackURL parameter is the URL of the callback handler in step 4. Save the returned credential secret so that it can be later found using credential token as a key. The secret can be stored in a database keyed by the token. Another option is to store the token and secret in session storage or a cookie.
Step 3: Redirect the user to URL returned from AuthorizationURL method. The AuthorizationURL method uses the temporary credentials from step 2 and other parameters as specified by the server.
Step 4: The server redirects back to the callback URL specified in step 2 with the temporary token and a verifier. Use the temporary token to find the temporary secret saved in step 2. Using the temporary token, temporary secret and verifier, request token credentials using the client RequestToken method. Save the returned credentials for later use in the application.
The Client type has two low-level methods for signing requests, SignForm and SetAuthorizationHeader.
The SignForm method adds an OAuth signature to a form. The application makes an authenticated request by encoding the modified form to the query string or request body.
The SetAuthorizationHeader method adds an OAuth siganture to a request header. The SetAuthorizationHeader method is the only way to correctly sign a request if the application sets the URL Opaque field when making a request.
The Get, Put, Post and Delete methods sign and invoke a request using the supplied net/http Client. These methods are easy to use, but not as flexible as constructing a request using one of the low-level methods.