It is possible to use OAuth credentials to create a signature, which can then be used for OAuth authentication. Depending on the site, this may generate a token which can be stored and then re-used in the next step to log in, or it may directly log in to the site. OAuth signatures are supported for both API and Transaction tests.
Different sites may use different variations of the method described in this article, but the basic methodology is the same. A signature has to be created by hashing a combination of various things.
The macro used to create the signature is the ${hash} macro. Input into this macro the signature method, the base string, and the consumer secret. Then create and set the Authorization header and include the consumer key as well as the other parameters which are required (such as nonce, timestamp and signature).
Example: Below is a sample Selenium script with explanations of each line. The full URL requiring OAuth signature is https://www.domain.com/apps?id=example&requester=abcd1234&app_name=CatchpointApp&description=testapp
The two most important things that required are the Key and Secret.
//Store these as variables.
var key = "ReplaceWithYourKey"
var secret = "ReplaceWithYourSecret"
// create a variable to grab the current timestamp
var timestamp = ${timeepoch};
//create a random nonce value and store as a variable.
var nonce = ${random};
//set the basestring as a variable
var basestring = POST&https%3A%2F%2Fwww.domain.com%2Fapps&id%3Dexample%26app_name%3DCatchpointApp%26description%3Dtestapp%26oauth_consumer_key%3D${extractVariable('key')}%26oauth_nonce%3D${extractVariable('nonce')}%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D${extractVariable('timestamp')}%26oauth_version%3D1.0%26requester%3Dabcd1234;
//store a variable called sig which is the hashed value of the signature method, secret and basestring NOTE: there has to be an & at the end of the secret.
storeVariable("${hash('sha1', '${extractVariable('basestring')}', '${extractVariable('secret')}&')}", "sig")
//urlEncode the signature
storeVariable("${urlEncode(${extractVariable('sig')},'u')}", "sig")
//open the URL that you need this posting to.
open("https://www.domain.com/apps")
//Set the Authorization header
setHeader("Authorization", "OAuth", "oauth_consumer_key=\"${extractVariable('key')}\",oauth_nonce=\"${extractVariable('nonce')}\",oauth_signature=\"${extractVariable('sig')}\",oauth_signature_method=\"HMAC-SHA1\",oauth_timestamp=\"${extractVariable('timestamp')}\",oauth_version=\"1.0\"")
//post the parameters
SetNavigatePostData("id=example&requester=abcd1234&app_name=CatchpointApp&description=testapp")