cerner-oauth1a 2.3.0 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 97551b442a5cf8e81197726dd7a076fd49ed7e33c5fd2bbf87e27e6368abea4b
4
- data.tar.gz: de3ec59f5a000715440492c550bebe4f9d3490ce53fd9d88490a08f7539d7208
3
+ metadata.gz: 253284a714a5a69821159cef402c2e228c7d747a15f31dc4d8842bb7e44ee6fe
4
+ data.tar.gz: da348e1e5cfa763a78afd32e3bd252719670c3feb7bce4cad7995023cee384c4
5
5
  SHA512:
6
- metadata.gz: a98454061208707ddab9eb7a79b867f8acbcd88fa2d42c9e68411a04fa645004e20d282e39efec0f9e91a7a57d88551588324c933e76b8336313a38c24747964
7
- data.tar.gz: 6573bfbd3c6ff73b83b957b9b6e784486079b194c9d09c1c4803b16f0336b51376d39ddab369ffdfe5d13ffaa129ecb727256c27f4683169250f7c01fa9498bd
6
+ metadata.gz: 28473811816dc086d4eacdd3eff65d0fe5455087f5e1e5c3fb0bfb3e04ba38a819707536e40968ad157c9efe1e8756bbd8f3f87cd620c796fd3da750a247efa7
7
+ data.tar.gz: ae958bbf7456257dbef524a1e6073d3f9ce0c7988516f24c18f7011b689d769e86d0340fdbca7de44daf0c1b0bdbcf14768112ab13fd6f3b8573846fe284e63f
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ # v2.4.0
2
+ Handle nonce and timestamp as optional fields Per
3
+ https://tools.ietf.org/html/rfc5849#section-3.1, the oauth_timestamp and oauth_nonce
4
+ fields may be omitted when PLAINTEXT signatures are used. This commit make the APIs
5
+ related to those two fields treat the data as optional.
6
+
1
7
  # v2.3.0
2
8
  Added Protection Realm Equivalence feature to Cerner::OAuth1a::AccessTokenAgent,
3
9
  which is used by Cerner::OAuth1a::AccessToken#authenticate when comparing realms.
data/README.md CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  [![Build Status](https://api.travis-ci.com/cerner/cerner-oauth1a.svg)](https://travis-ci.com/cerner/cerner-oauth1a)
4
4
  [![Gem Version](http://img.shields.io/gem/v/cerner-oauth1a.svg)](https://rubygems.org/gems/cerner-oauth1a)
5
- [![Code Climate](http://img.shields.io/codeclimate/github/cerner/cerner-oauth1a.svg)](https://codeclimate.com/github/cerner/cerner-oauth1a)
5
+ [![AwesomeCode Status](https://awesomecode.io/projects/48ece237-ac9c-49c9-859a-3a825968339b/status)](https://awesomecode.io/repos/cerner/cerner-oauth1a)
6
6
 
7
7
  A minimal dependency library for interacting with a Cerner OAuth 1.0a Access Token Service for
8
8
  invoking Cerner OAuth 1.0a protected services or implementing Cerner OAuth 1.0a authentication.
@@ -6,7 +6,6 @@ require 'uri'
6
6
 
7
7
  module Cerner
8
8
  module OAuth1a
9
-
10
9
  # Public: A Cerner OAuth 1.0a Access Token and related request parameters for use in Consumer or
11
10
  # Service Provider use cases.
12
11
  class AccessToken
@@ -29,10 +28,6 @@ module Cerner
29
28
  missing_params = []
30
29
  consumer_key = params[:oauth_consumer_key]
31
30
  missing_params << :oauth_consumer_key if consumer_key.nil? || consumer_key.empty?
32
- nonce = params[:oauth_nonce]
33
- missing_params << :oauth_nonce if nonce.nil? || nonce.empty?
34
- timestamp = params[:oauth_timestamp]
35
- missing_params << :oauth_timestamp if timestamp.nil? || timestamp.empty?
36
31
  token = params[:oauth_token]
37
32
  missing_params << :oauth_token if token.nil? || token.empty?
38
33
  signature_method = params[:oauth_signature_method]
@@ -44,8 +39,8 @@ module Cerner
44
39
 
45
40
  AccessToken.new(
46
41
  consumer_key: consumer_key,
47
- nonce: nonce,
48
- timestamp: timestamp,
42
+ nonce: params[:oauth_nonce],
43
+ timestamp: params[:oauth_timestamp],
49
44
  token: token,
50
45
  signature_method: signature_method,
51
46
  signature: signature,
@@ -59,9 +54,9 @@ module Cerner
59
54
  attr_reader :consumer_key
60
55
  # Returns a Time, but may be nil, which represents the moment when this token expires.
61
56
  attr_reader :expires_at
62
- # Returns a String with the Nonce (oauth_nonce) related to this token.
57
+ # Returns a String, but may be nil, with the Nonce (oauth_nonce) related to this token.
63
58
  attr_reader :nonce
64
- # Returns a Time, which represents the moment when this token was created (oauth_timestamp).
59
+ # Returns a Time, but may be nil, which represents the moment when this token was created (oauth_timestamp).
65
60
  attr_reader :timestamp
66
61
  # Returns a String with the Token (oauth_token).
67
62
  attr_reader :token
@@ -86,8 +81,8 @@ module Cerner
86
81
  # :expires_at - An optional Time representing the expiration moment or any
87
82
  # object responding to to_i that represents the expiration
88
83
  # moment as the number of seconds since the epoch.
89
- # :nonce - The required String representing the nonce.
90
- # :timestamp - A required Time representing the creation moment or any
84
+ # :nonce - The optional String representing the nonce.
85
+ # :timestamp - A optional Time representing the creation moment or any
91
86
  # object responding to to_i that represents the creation
92
87
  # moment as the number of seconds since the epoch.
93
88
  # :token - The required String representing the token.
@@ -95,26 +90,22 @@ module Cerner
95
90
  # :signature_method - The optional String representing the signature method.
96
91
  # Defaults to PLAINTEXT.
97
92
  # :signature - The optional String representing the signature.
98
- # Defaults to nil.
99
93
  # :realm - The optional String representing the protection realm.
100
- # Defaults to nil.
101
94
  #
102
- # Raises ArgumentError if consumer_key, nonce, timestamp, token or signature_method is nil.
95
+ # Raises ArgumentError if consumer_key or token is nil.
103
96
  def initialize(
104
97
  accessor_secret: nil,
105
98
  consumer_key:,
106
99
  expires_at: nil,
107
- nonce:,
100
+ nonce: nil,
108
101
  signature: nil,
109
102
  signature_method: 'PLAINTEXT',
110
- timestamp:,
103
+ timestamp: nil,
111
104
  token:,
112
105
  token_secret: nil,
113
106
  realm: nil
114
107
  )
115
108
  raise ArgumentError, 'consumer_key is nil' unless consumer_key
116
- raise ArgumentError, 'nonce is nil' unless nonce
117
- raise ArgumentError, 'timestamp is nil' unless timestamp
118
109
  raise ArgumentError, 'token is nil' unless token
119
110
 
120
111
  @accessor_secret = accessor_secret || nil
@@ -125,7 +116,7 @@ module Cerner
125
116
  @nonce = nonce
126
117
  @signature = signature
127
118
  @signature_method = signature_method || 'PLAINTEXT'
128
- @timestamp = convert_to_time(timestamp)
119
+ @timestamp = timestamp ? convert_to_time(timestamp) : nil
129
120
  @token = token
130
121
  @token_secret = token_secret || nil
131
122
  @realm = realm || nil
@@ -154,16 +145,16 @@ module Cerner
154
145
  raise OAuthError.new('accessor_secret or token_secret is nil', nil, 'parameter_absent', nil, @realm)
155
146
  end
156
147
 
157
- tuples = {
158
- realm: @realm,
159
- oauth_version: '1.0',
160
- oauth_signature_method: @signature_method,
161
- oauth_signature: sig,
162
- oauth_consumer_key: @consumer_key,
163
- oauth_nonce: @nonce,
164
- oauth_timestamp: @timestamp.tv_sec,
165
- oauth_token: @token
166
- }
148
+ tuples = {}
149
+ tuples[:realm] = @realm if @realm
150
+ tuples[:oauth_version] = '1.0'
151
+ tuples[:oauth_signature_method] = @signature_method
152
+ tuples[:oauth_signature] = sig
153
+ tuples[:oauth_consumer_key] = @consumer_key
154
+ tuples[:oauth_nonce] = @nonce if @nonce
155
+ tuples[:oauth_timestamp] = @timestamp.tv_sec if @timestamp
156
+ tuples[:oauth_token] = @token
157
+
167
158
  @authorization_header = Protocol.generate_authorization_header(tuples)
168
159
  end
169
160
 
@@ -291,7 +282,7 @@ module Cerner
291
282
  def convert_to_time(time)
292
283
  raise ArgumentError, 'time is nil' unless time
293
284
 
294
- if time.is_a? Time
285
+ if time.is_a?(Time)
295
286
  time.utc
296
287
  else
297
288
  Time.at(time.to_i).utc
@@ -316,26 +307,13 @@ module Cerner
316
307
 
317
308
  expires_on = convert_to_time(expires_on)
318
309
  now = convert_to_time(Time.now)
319
- if now.tv_sec >= expires_on.tv_sec
320
- raise OAuthError.new(
321
- 'token has expired',
322
- nil,
323
- 'token_expired',
324
- nil,
325
- @realm
326
- )
327
- end
310
+
311
+ raise OAuthError.new('token has expired', nil, 'token_expired', nil, @realm) if now.tv_sec >= expires_on.tv_sec
328
312
  end
329
313
 
330
314
  def load_keys(access_token_agent, keys_version)
331
315
  unless keys_version
332
- raise OAuthError.new(
333
- 'token missing KeysVersion',
334
- nil,
335
- 'oauth_parameters_rejected',
336
- 'oauth_token',
337
- @realm
338
- )
316
+ raise OAuthError.new('token missing KeysVersion', nil, 'oauth_parameters_rejected', 'oauth_token', @realm)
339
317
  end
340
318
 
341
319
  begin
@@ -233,7 +233,7 @@ module Cerner
233
233
  def convert_to_http_uri(access_token_url)
234
234
  raise ArgumentError, 'access_token_url is nil' unless access_token_url
235
235
 
236
- if access_token_url.is_a? URI
236
+ if access_token_url.is_a?(URI)
237
237
  uri = access_token_url
238
238
  else
239
239
  begin
@@ -2,12 +2,11 @@
2
2
 
3
3
  module Cerner
4
4
  module OAuth1a
5
-
6
5
  # Internal: A Railtie that initializer the cache implementation to use Rails.cache.
7
6
  # This will be picked up automatically if ::Rails and ::Rails.cache are defined.
8
7
  class CacheRailtie < ::Rails::Railtie
9
8
  initializer 'cerner-oauth1a.cache_initialization' do |_app|
10
- ::Rails.logger.info "#{CacheRailtie.name}: configuring cache to use Rails.cache"
9
+ ::Rails.logger.info("#{CacheRailtie.name}: configuring cache to use Rails.cache")
11
10
  Cerner::OAuth1a::Cache.instance = RailsCache.new(::Rails.cache)
12
11
  end
13
12
  end
@@ -78,11 +78,12 @@ module Cerner
78
78
  realm = "realm=\"#{params.delete(:realm)}\"" if params[:realm]
79
79
  realm += ', ' if realm && !params.empty?
80
80
 
81
- encoded_params = params.map do |k, v|
82
- k = URI.encode_www_form_component(k).gsub('+', '%20')
83
- v = URI.encode_www_form_component(v).gsub('+', '%20')
84
- "#{k}=\"#{v}\""
85
- end
81
+ encoded_params =
82
+ params.map do |k, v|
83
+ k = URI.encode_www_form_component(k).gsub('+', '%20')
84
+ v = URI.encode_www_form_component(v).gsub('+', '%20')
85
+ "#{k}=\"#{v}\""
86
+ end
86
87
 
87
88
  "OAuth #{realm}#{encoded_params.join(',')}"
88
89
  end
@@ -100,8 +101,12 @@ module Cerner
100
101
  # The values come from http://wiki.oauth.net/w/page/12238543/ProblemReporting
101
102
  # and are mapped based on https://oauth.net/core/1.0/#rfc.section.10.
102
103
  BAD_REQUEST_PROBLEMS = %w[
103
- additional_authorization_required parameter_absent parameter_rejected
104
- signature_method_rejected timestamp_refused verifier_invalid
104
+ additional_authorization_required
105
+ parameter_absent
106
+ parameter_rejected
107
+ signature_method_rejected
108
+ timestamp_refused
109
+ verifier_invalid
105
110
  version_rejected
106
111
  ].freeze
107
112
 
@@ -109,9 +114,18 @@ module Cerner
109
114
  # The values come from http://wiki.oauth.net/w/page/12238543/ProblemReporting
110
115
  # and are mapped based on https://oauth.net/core/1.0/#rfc.section.10.
111
116
  UNAUTHORIZED_PROBLEMS = %w[
112
- consumer_key_refused consumer_key_rejected consumer_key_unknown
113
- nonce_used permission_denied permission_unknown signature_invalid
114
- token_expired token_rejected token_revoked token_used user_refused
117
+ consumer_key_refused
118
+ consumer_key_rejected
119
+ consumer_key_unknown
120
+ nonce_used
121
+ permission_denied
122
+ permission_unknown
123
+ signature_invalid
124
+ token_expired
125
+ token_rejected
126
+ token_revoked
127
+ token_used
128
+ user_refused
115
129
  ].freeze
116
130
 
117
131
  # Public: Converts a oauth_problem value to an HTTP Status using the
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Cerner
4
4
  module OAuth1a
5
- VERSION = '2.3.0'
5
+ VERSION = '2.4.0'
6
6
  end
7
7
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cerner-oauth1a
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.0
4
+ version: 2.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nathan Beyer
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-05-30 00:00:00.000000000 Z
11
+ date: 2019-12-05 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description: |
14
14
  A minimal dependency library for interacting with a Cerner OAuth 1.0a Access
@@ -53,7 +53,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
53
53
  - !ruby/object:Gem::Version
54
54
  version: '0'
55
55
  requirements: []
56
- rubygems_version: 3.0.3
56
+ rubygems_version: 3.0.6
57
57
  signing_key:
58
58
  specification_version: 4
59
59
  summary: Cerner OAuth 1.0a Consumer and Service Provider Library.