cerner-oauth1a 2.3.0 → 2.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 97551b442a5cf8e81197726dd7a076fd49ed7e33c5fd2bbf87e27e6368abea4b
4
- data.tar.gz: de3ec59f5a000715440492c550bebe4f9d3490ce53fd9d88490a08f7539d7208
3
+ metadata.gz: 253284a714a5a69821159cef402c2e228c7d747a15f31dc4d8842bb7e44ee6fe
4
+ data.tar.gz: da348e1e5cfa763a78afd32e3bd252719670c3feb7bce4cad7995023cee384c4
5
5
  SHA512:
6
- metadata.gz: a98454061208707ddab9eb7a79b867f8acbcd88fa2d42c9e68411a04fa645004e20d282e39efec0f9e91a7a57d88551588324c933e76b8336313a38c24747964
7
- data.tar.gz: 6573bfbd3c6ff73b83b957b9b6e784486079b194c9d09c1c4803b16f0336b51376d39ddab369ffdfe5d13ffaa129ecb727256c27f4683169250f7c01fa9498bd
6
+ metadata.gz: 28473811816dc086d4eacdd3eff65d0fe5455087f5e1e5c3fb0bfb3e04ba38a819707536e40968ad157c9efe1e8756bbd8f3f87cd620c796fd3da750a247efa7
7
+ data.tar.gz: ae958bbf7456257dbef524a1e6073d3f9ce0c7988516f24c18f7011b689d769e86d0340fdbca7de44daf0c1b0bdbcf14768112ab13fd6f3b8573846fe284e63f
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ # v2.4.0
2
+ Handle nonce and timestamp as optional fields Per
3
+ https://tools.ietf.org/html/rfc5849#section-3.1, the oauth_timestamp and oauth_nonce
4
+ fields may be omitted when PLAINTEXT signatures are used. This commit make the APIs
5
+ related to those two fields treat the data as optional.
6
+
1
7
  # v2.3.0
2
8
  Added Protection Realm Equivalence feature to Cerner::OAuth1a::AccessTokenAgent,
3
9
  which is used by Cerner::OAuth1a::AccessToken#authenticate when comparing realms.
data/README.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  [![Build Status](https://api.travis-ci.com/cerner/cerner-oauth1a.svg)](https://travis-ci.com/cerner/cerner-oauth1a)
4
4
  [![Gem Version](http://img.shields.io/gem/v/cerner-oauth1a.svg)](https://rubygems.org/gems/cerner-oauth1a)
5
- [![Code Climate](http://img.shields.io/codeclimate/github/cerner/cerner-oauth1a.svg)](https://codeclimate.com/github/cerner/cerner-oauth1a)
5
+ [![AwesomeCode Status](https://awesomecode.io/projects/48ece237-ac9c-49c9-859a-3a825968339b/status)](https://awesomecode.io/repos/cerner/cerner-oauth1a)
6
6
 
7
7
  A minimal dependency library for interacting with a Cerner OAuth 1.0a Access Token Service for
8
8
  invoking Cerner OAuth 1.0a protected services or implementing Cerner OAuth 1.0a authentication.
@@ -6,7 +6,6 @@ require 'uri'
6
6
 
7
7
  module Cerner
8
8
  module OAuth1a
9
-
10
9
  # Public: A Cerner OAuth 1.0a Access Token and related request parameters for use in Consumer or
11
10
  # Service Provider use cases.
12
11
  class AccessToken
@@ -29,10 +28,6 @@ module Cerner
29
28
  missing_params = []
30
29
  consumer_key = params[:oauth_consumer_key]
31
30
  missing_params << :oauth_consumer_key if consumer_key.nil? || consumer_key.empty?
32
- nonce = params[:oauth_nonce]
33
- missing_params << :oauth_nonce if nonce.nil? || nonce.empty?
34
- timestamp = params[:oauth_timestamp]
35
- missing_params << :oauth_timestamp if timestamp.nil? || timestamp.empty?
36
31
  token = params[:oauth_token]
37
32
  missing_params << :oauth_token if token.nil? || token.empty?
38
33
  signature_method = params[:oauth_signature_method]
@@ -44,8 +39,8 @@ module Cerner
44
39
 
45
40
  AccessToken.new(
46
41
  consumer_key: consumer_key,
47
- nonce: nonce,
48
- timestamp: timestamp,
42
+ nonce: params[:oauth_nonce],
43
+ timestamp: params[:oauth_timestamp],
49
44
  token: token,
50
45
  signature_method: signature_method,
51
46
  signature: signature,
@@ -59,9 +54,9 @@ module Cerner
59
54
  attr_reader :consumer_key
60
55
  # Returns a Time, but may be nil, which represents the moment when this token expires.
61
56
  attr_reader :expires_at
62
- # Returns a String with the Nonce (oauth_nonce) related to this token.
57
+ # Returns a String, but may be nil, with the Nonce (oauth_nonce) related to this token.
63
58
  attr_reader :nonce
64
- # Returns a Time, which represents the moment when this token was created (oauth_timestamp).
59
+ # Returns a Time, but may be nil, which represents the moment when this token was created (oauth_timestamp).
65
60
  attr_reader :timestamp
66
61
  # Returns a String with the Token (oauth_token).
67
62
  attr_reader :token
@@ -86,8 +81,8 @@ module Cerner
86
81
  # :expires_at - An optional Time representing the expiration moment or any
87
82
  # object responding to to_i that represents the expiration
88
83
  # moment as the number of seconds since the epoch.
89
- # :nonce - The required String representing the nonce.
90
- # :timestamp - A required Time representing the creation moment or any
84
+ # :nonce - The optional String representing the nonce.
85
+ # :timestamp - A optional Time representing the creation moment or any
91
86
  # object responding to to_i that represents the creation
92
87
  # moment as the number of seconds since the epoch.
93
88
  # :token - The required String representing the token.
@@ -95,26 +90,22 @@ module Cerner
95
90
  # :signature_method - The optional String representing the signature method.
96
91
  # Defaults to PLAINTEXT.
97
92
  # :signature - The optional String representing the signature.
98
- # Defaults to nil.
99
93
  # :realm - The optional String representing the protection realm.
100
- # Defaults to nil.
101
94
  #
102
- # Raises ArgumentError if consumer_key, nonce, timestamp, token or signature_method is nil.
95
+ # Raises ArgumentError if consumer_key or token is nil.
103
96
  def initialize(
104
97
  accessor_secret: nil,
105
98
  consumer_key:,
106
99
  expires_at: nil,
107
- nonce:,
100
+ nonce: nil,
108
101
  signature: nil,
109
102
  signature_method: 'PLAINTEXT',
110
- timestamp:,
103
+ timestamp: nil,
111
104
  token:,
112
105
  token_secret: nil,
113
106
  realm: nil
114
107
  )
115
108
  raise ArgumentError, 'consumer_key is nil' unless consumer_key
116
- raise ArgumentError, 'nonce is nil' unless nonce
117
- raise ArgumentError, 'timestamp is nil' unless timestamp
118
109
  raise ArgumentError, 'token is nil' unless token
119
110
 
120
111
  @accessor_secret = accessor_secret || nil
@@ -125,7 +116,7 @@ module Cerner
125
116
  @nonce = nonce
126
117
  @signature = signature
127
118
  @signature_method = signature_method || 'PLAINTEXT'
128
- @timestamp = convert_to_time(timestamp)
119
+ @timestamp = timestamp ? convert_to_time(timestamp) : nil
129
120
  @token = token
130
121
  @token_secret = token_secret || nil
131
122
  @realm = realm || nil
@@ -154,16 +145,16 @@ module Cerner
154
145
  raise OAuthError.new('accessor_secret or token_secret is nil', nil, 'parameter_absent', nil, @realm)
155
146
  end
156
147
 
157
- tuples = {
158
- realm: @realm,
159
- oauth_version: '1.0',
160
- oauth_signature_method: @signature_method,
161
- oauth_signature: sig,
162
- oauth_consumer_key: @consumer_key,
163
- oauth_nonce: @nonce,
164
- oauth_timestamp: @timestamp.tv_sec,
165
- oauth_token: @token
166
- }
148
+ tuples = {}
149
+ tuples[:realm] = @realm if @realm
150
+ tuples[:oauth_version] = '1.0'
151
+ tuples[:oauth_signature_method] = @signature_method
152
+ tuples[:oauth_signature] = sig
153
+ tuples[:oauth_consumer_key] = @consumer_key
154
+ tuples[:oauth_nonce] = @nonce if @nonce
155
+ tuples[:oauth_timestamp] = @timestamp.tv_sec if @timestamp
156
+ tuples[:oauth_token] = @token
157
+
167
158
  @authorization_header = Protocol.generate_authorization_header(tuples)
168
159
  end
169
160
 
@@ -291,7 +282,7 @@ module Cerner
291
282
  def convert_to_time(time)
292
283
  raise ArgumentError, 'time is nil' unless time
293
284
 
294
- if time.is_a? Time
285
+ if time.is_a?(Time)
295
286
  time.utc
296
287
  else
297
288
  Time.at(time.to_i).utc
@@ -316,26 +307,13 @@ module Cerner
316
307
 
317
308
  expires_on = convert_to_time(expires_on)
318
309
  now = convert_to_time(Time.now)
319
- if now.tv_sec >= expires_on.tv_sec
320
- raise OAuthError.new(
321
- 'token has expired',
322
- nil,
323
- 'token_expired',
324
- nil,
325
- @realm
326
- )
327
- end
310
+
311
+ raise OAuthError.new('token has expired', nil, 'token_expired', nil, @realm) if now.tv_sec >= expires_on.tv_sec
328
312
  end
329
313
 
330
314
  def load_keys(access_token_agent, keys_version)
331
315
  unless keys_version
332
- raise OAuthError.new(
333
- 'token missing KeysVersion',
334
- nil,
335
- 'oauth_parameters_rejected',
336
- 'oauth_token',
337
- @realm
338
- )
316
+ raise OAuthError.new('token missing KeysVersion', nil, 'oauth_parameters_rejected', 'oauth_token', @realm)
339
317
  end
340
318
 
341
319
  begin
@@ -233,7 +233,7 @@ module Cerner
233
233
  def convert_to_http_uri(access_token_url)
234
234
  raise ArgumentError, 'access_token_url is nil' unless access_token_url
235
235
 
236
- if access_token_url.is_a? URI
236
+ if access_token_url.is_a?(URI)
237
237
  uri = access_token_url
238
238
  else
239
239
  begin
@@ -2,12 +2,11 @@
2
2
 
3
3
  module Cerner
4
4
  module OAuth1a
5
-
6
5
  # Internal: A Railtie that initializer the cache implementation to use Rails.cache.
7
6
  # This will be picked up automatically if ::Rails and ::Rails.cache are defined.
8
7
  class CacheRailtie < ::Rails::Railtie
9
8
  initializer 'cerner-oauth1a.cache_initialization' do |_app|
10
- ::Rails.logger.info "#{CacheRailtie.name}: configuring cache to use Rails.cache"
9
+ ::Rails.logger.info("#{CacheRailtie.name}: configuring cache to use Rails.cache")
11
10
  Cerner::OAuth1a::Cache.instance = RailsCache.new(::Rails.cache)
12
11
  end
13
12
  end
@@ -78,11 +78,12 @@ module Cerner
78
78
  realm = "realm=\"#{params.delete(:realm)}\"" if params[:realm]
79
79
  realm += ', ' if realm && !params.empty?
80
80
 
81
- encoded_params = params.map do |k, v|
82
- k = URI.encode_www_form_component(k).gsub('+', '%20')
83
- v = URI.encode_www_form_component(v).gsub('+', '%20')
84
- "#{k}=\"#{v}\""
85
- end
81
+ encoded_params =
82
+ params.map do |k, v|
83
+ k = URI.encode_www_form_component(k).gsub('+', '%20')
84
+ v = URI.encode_www_form_component(v).gsub('+', '%20')
85
+ "#{k}=\"#{v}\""
86
+ end
86
87
 
87
88
  "OAuth #{realm}#{encoded_params.join(',')}"
88
89
  end
@@ -100,8 +101,12 @@ module Cerner
100
101
  # The values come from http://wiki.oauth.net/w/page/12238543/ProblemReporting
101
102
  # and are mapped based on https://oauth.net/core/1.0/#rfc.section.10.
102
103
  BAD_REQUEST_PROBLEMS = %w[
103
- additional_authorization_required parameter_absent parameter_rejected
104
- signature_method_rejected timestamp_refused verifier_invalid
104
+ additional_authorization_required
105
+ parameter_absent
106
+ parameter_rejected
107
+ signature_method_rejected
108
+ timestamp_refused
109
+ verifier_invalid
105
110
  version_rejected
106
111
  ].freeze
107
112
 
@@ -109,9 +114,18 @@ module Cerner
109
114
  # The values come from http://wiki.oauth.net/w/page/12238543/ProblemReporting
110
115
  # and are mapped based on https://oauth.net/core/1.0/#rfc.section.10.
111
116
  UNAUTHORIZED_PROBLEMS = %w[
112
- consumer_key_refused consumer_key_rejected consumer_key_unknown
113
- nonce_used permission_denied permission_unknown signature_invalid
114
- token_expired token_rejected token_revoked token_used user_refused
117
+ consumer_key_refused
118
+ consumer_key_rejected
119
+ consumer_key_unknown
120
+ nonce_used
121
+ permission_denied
122
+ permission_unknown
123
+ signature_invalid
124
+ token_expired
125
+ token_rejected
126
+ token_revoked
127
+ token_used
128
+ user_refused
115
129
  ].freeze
116
130
 
117
131
  # Public: Converts a oauth_problem value to an HTTP Status using the
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Cerner
4
4
  module OAuth1a
5
- VERSION = '2.3.0'
5
+ VERSION = '2.4.0'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cerner-oauth1a
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.0
4
+ version: 2.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nathan Beyer
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-05-30 00:00:00.000000000 Z
11
+ date: 2019-12-05 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: |
14
14
  A minimal dependency library for interacting with a Cerner OAuth 1.0a Access
@@ -53,7 +53,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
53
53
  - !ruby/object:Gem::Version
54
54
  version: '0'
55
55
  requirements: []
56
- rubygems_version: 3.0.3
56
+ rubygems_version: 3.0.6
57
57
  signing_key:
58
58
  specification_version: 4
59
59
  summary: Cerner OAuth 1.0a Consumer and Service Provider Library.