crazylegs 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +4 -0
- data/.rvmrc +1 -0
- data/Gemfile +4 -0
- data/Gemfile.lock +33 -0
- data/LICENSE.txt +201 -0
- data/README.rdoc +35 -0
- data/Rakefile +50 -0
- data/crazylegs.gemspec +27 -0
- data/lib/crazylegs.rb +3 -0
- data/lib/crazylegs/credentials.rb +73 -0
- data/lib/crazylegs/url.rb +186 -0
- data/lib/crazylegs/version.rb +3 -0
- data/test/tc_credentials.rb +45 -0
- data/test/tc_url.rb +74 -0
- metadata +169 -0
data/.gitignore
ADDED
data/.rvmrc
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
rvm use 1.8.7@crazylegs --create
|
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,33 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
crazylegs (0.0.1)
|
5
|
+
ruby-hmac (~> 0.4.0)
|
6
|
+
|
7
|
+
GEM
|
8
|
+
remote: http://rubygems.org/
|
9
|
+
specs:
|
10
|
+
gash (0.1.3)
|
11
|
+
open4 (>= 0, = 0.9.6)
|
12
|
+
grancher (0.1.5)
|
13
|
+
gash
|
14
|
+
json (1.5.1)
|
15
|
+
open4 (0.9.6)
|
16
|
+
rake (0.8.7)
|
17
|
+
rcov (0.9.9)
|
18
|
+
rdoc (2.4.3)
|
19
|
+
ruby-hmac (0.4.0)
|
20
|
+
sdoc (0.2.20)
|
21
|
+
json (>= 1.1.3)
|
22
|
+
rdoc (= 2.4.3)
|
23
|
+
|
24
|
+
PLATFORMS
|
25
|
+
ruby
|
26
|
+
|
27
|
+
DEPENDENCIES
|
28
|
+
crazylegs!
|
29
|
+
grancher (~> 0.1.5)
|
30
|
+
rake
|
31
|
+
rcov
|
32
|
+
rdoc
|
33
|
+
sdoc
|
data/LICENSE.txt
ADDED
@@ -0,0 +1,201 @@
|
|
1
|
+
Apache License
|
2
|
+
Version 2.0, January 2004
|
3
|
+
http://www.apache.org/licenses/
|
4
|
+
|
5
|
+
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
6
|
+
|
7
|
+
1. Definitions.
|
8
|
+
|
9
|
+
"License" shall mean the terms and conditions for use, reproduction,
|
10
|
+
and distribution as defined by Sections 1 through 9 of this document.
|
11
|
+
|
12
|
+
"Licensor" shall mean the copyright owner or entity authorized by
|
13
|
+
the copyright owner that is granting the License.
|
14
|
+
|
15
|
+
"Legal Entity" shall mean the union of the acting entity and all
|
16
|
+
other entities that control, are controlled by, or are under common
|
17
|
+
control with that entity. For the purposes of this definition,
|
18
|
+
"control" means (i) the power, direct or indirect, to cause the
|
19
|
+
direction or management of such entity, whether by contract or
|
20
|
+
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
21
|
+
outstanding shares, or (iii) beneficial ownership of such entity.
|
22
|
+
|
23
|
+
"You" (or "Your") shall mean an individual or Legal Entity
|
24
|
+
exercising permissions granted by this License.
|
25
|
+
|
26
|
+
"Source" form shall mean the preferred form for making modifications,
|
27
|
+
including but not limited to software source code, documentation
|
28
|
+
source, and configuration files.
|
29
|
+
|
30
|
+
"Object" form shall mean any form resulting from mechanical
|
31
|
+
transformation or translation of a Source form, including but
|
32
|
+
not limited to compiled object code, generated documentation,
|
33
|
+
and conversions to other media types.
|
34
|
+
|
35
|
+
"Work" shall mean the work of authorship, whether in Source or
|
36
|
+
Object form, made available under the License, as indicated by a
|
37
|
+
copyright notice that is included in or attached to the work
|
38
|
+
(an example is provided in the Appendix below).
|
39
|
+
|
40
|
+
"Derivative Works" shall mean any work, whether in Source or Object
|
41
|
+
form, that is based on (or derived from) the Work and for which the
|
42
|
+
editorial revisions, annotations, elaborations, or other modifications
|
43
|
+
represent, as a whole, an original work of authorship. For the purposes
|
44
|
+
of this License, Derivative Works shall not include works that remain
|
45
|
+
separable from, or merely link (or bind by name) to the interfaces of,
|
46
|
+
the Work and Derivative Works thereof.
|
47
|
+
|
48
|
+
"Contribution" shall mean any work of authorship, including
|
49
|
+
the original version of the Work and any modifications or additions
|
50
|
+
to that Work or Derivative Works thereof, that is intentionally
|
51
|
+
submitted to Licensor for inclusion in the Work by the copyright owner
|
52
|
+
or by an individual or Legal Entity authorized to submit on behalf of
|
53
|
+
the copyright owner. For the purposes of this definition, "submitted"
|
54
|
+
means any form of electronic, verbal, or written communication sent
|
55
|
+
to the Licensor or its representatives, including but not limited to
|
56
|
+
communication on electronic mailing lists, source code control systems,
|
57
|
+
and issue tracking systems that are managed by, or on behalf of, the
|
58
|
+
Licensor for the purpose of discussing and improving the Work, but
|
59
|
+
excluding communication that is conspicuously marked or otherwise
|
60
|
+
designated in writing by the copyright owner as "Not a Contribution."
|
61
|
+
|
62
|
+
"Contributor" shall mean Licensor and any individual or Legal Entity
|
63
|
+
on behalf of whom a Contribution has been received by Licensor and
|
64
|
+
subsequently incorporated within the Work.
|
65
|
+
|
66
|
+
2. Grant of Copyright License. Subject to the terms and conditions of
|
67
|
+
this License, each Contributor hereby grants to You a perpetual,
|
68
|
+
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
69
|
+
copyright license to reproduce, prepare Derivative Works of,
|
70
|
+
publicly display, publicly perform, sublicense, and distribute the
|
71
|
+
Work and such Derivative Works in Source or Object form.
|
72
|
+
|
73
|
+
3. Grant of Patent License. Subject to the terms and conditions of
|
74
|
+
this License, each Contributor hereby grants to You a perpetual,
|
75
|
+
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
76
|
+
(except as stated in this section) patent license to make, have made,
|
77
|
+
use, offer to sell, sell, import, and otherwise transfer the Work,
|
78
|
+
where such license applies only to those patent claims licensable
|
79
|
+
by such Contributor that are necessarily infringed by their
|
80
|
+
Contribution(s) alone or by combination of their Contribution(s)
|
81
|
+
with the Work to which such Contribution(s) was submitted. If You
|
82
|
+
institute patent litigation against any entity (including a
|
83
|
+
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
84
|
+
or a Contribution incorporated within the Work constitutes direct
|
85
|
+
or contributory patent infringement, then any patent licenses
|
86
|
+
granted to You under this License for that Work shall terminate
|
87
|
+
as of the date such litigation is filed.
|
88
|
+
|
89
|
+
4. Redistribution. You may reproduce and distribute copies of the
|
90
|
+
Work or Derivative Works thereof in any medium, with or without
|
91
|
+
modifications, and in Source or Object form, provided that You
|
92
|
+
meet the following conditions:
|
93
|
+
|
94
|
+
(a) You must give any other recipients of the Work or
|
95
|
+
Derivative Works a copy of this License; and
|
96
|
+
|
97
|
+
(b) You must cause any modified files to carry prominent notices
|
98
|
+
stating that You changed the files; and
|
99
|
+
|
100
|
+
(c) You must retain, in the Source form of any Derivative Works
|
101
|
+
that You distribute, all copyright, patent, trademark, and
|
102
|
+
attribution notices from the Source form of the Work,
|
103
|
+
excluding those notices that do not pertain to any part of
|
104
|
+
the Derivative Works; and
|
105
|
+
|
106
|
+
(d) If the Work includes a "NOTICE" text file as part of its
|
107
|
+
distribution, then any Derivative Works that You distribute must
|
108
|
+
include a readable copy of the attribution notices contained
|
109
|
+
within such NOTICE file, excluding those notices that do not
|
110
|
+
pertain to any part of the Derivative Works, in at least one
|
111
|
+
of the following places: within a NOTICE text file distributed
|
112
|
+
as part of the Derivative Works; within the Source form or
|
113
|
+
documentation, if provided along with the Derivative Works; or,
|
114
|
+
within a display generated by the Derivative Works, if and
|
115
|
+
wherever such third-party notices normally appear. The contents
|
116
|
+
of the NOTICE file are for informational purposes only and
|
117
|
+
do not modify the License. You may add Your own attribution
|
118
|
+
notices within Derivative Works that You distribute, alongside
|
119
|
+
or as an addendum to the NOTICE text from the Work, provided
|
120
|
+
that such additional attribution notices cannot be construed
|
121
|
+
as modifying the License.
|
122
|
+
|
123
|
+
You may add Your own copyright statement to Your modifications and
|
124
|
+
may provide additional or different license terms and conditions
|
125
|
+
for use, reproduction, or distribution of Your modifications, or
|
126
|
+
for any such Derivative Works as a whole, provided Your use,
|
127
|
+
reproduction, and distribution of the Work otherwise complies with
|
128
|
+
the conditions stated in this License.
|
129
|
+
|
130
|
+
5. Submission of Contributions. Unless You explicitly state otherwise,
|
131
|
+
any Contribution intentionally submitted for inclusion in the Work
|
132
|
+
by You to the Licensor shall be under the terms and conditions of
|
133
|
+
this License, without any additional terms or conditions.
|
134
|
+
Notwithstanding the above, nothing herein shall supersede or modify
|
135
|
+
the terms of any separate license agreement you may have executed
|
136
|
+
with Licensor regarding such Contributions.
|
137
|
+
|
138
|
+
6. Trademarks. This License does not grant permission to use the trade
|
139
|
+
names, trademarks, service marks, or product names of the Licensor,
|
140
|
+
except as required for reasonable and customary use in describing the
|
141
|
+
origin of the Work and reproducing the content of the NOTICE file.
|
142
|
+
|
143
|
+
7. Disclaimer of Warranty. Unless required by applicable law or
|
144
|
+
agreed to in writing, Licensor provides the Work (and each
|
145
|
+
Contributor provides its Contributions) on an "AS IS" BASIS,
|
146
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
147
|
+
implied, including, without limitation, any warranties or conditions
|
148
|
+
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
149
|
+
PARTICULAR PURPOSE. You are solely responsible for determining the
|
150
|
+
appropriateness of using or redistributing the Work and assume any
|
151
|
+
risks associated with Your exercise of permissions under this License.
|
152
|
+
|
153
|
+
8. Limitation of Liability. In no event and under no legal theory,
|
154
|
+
whether in tort (including negligence), contract, or otherwise,
|
155
|
+
unless required by applicable law (such as deliberate and grossly
|
156
|
+
negligent acts) or agreed to in writing, shall any Contributor be
|
157
|
+
liable to You for damages, including any direct, indirect, special,
|
158
|
+
incidental, or consequential damages of any character arising as a
|
159
|
+
result of this License or out of the use or inability to use the
|
160
|
+
Work (including but not limited to damages for loss of goodwill,
|
161
|
+
work stoppage, computer failure or malfunction, or any and all
|
162
|
+
other commercial damages or losses), even if such Contributor
|
163
|
+
has been advised of the possibility of such damages.
|
164
|
+
|
165
|
+
9. Accepting Warranty or Additional Liability. While redistributing
|
166
|
+
the Work or Derivative Works thereof, You may choose to offer,
|
167
|
+
and charge a fee for, acceptance of support, warranty, indemnity,
|
168
|
+
or other liability obligations and/or rights consistent with this
|
169
|
+
License. However, in accepting such obligations, You may act only
|
170
|
+
on Your own behalf and on Your sole responsibility, not on behalf
|
171
|
+
of any other Contributor, and only if You agree to indemnify,
|
172
|
+
defend, and hold each Contributor harmless for any liability
|
173
|
+
incurred by, or claims asserted against, such Contributor by reason
|
174
|
+
of your accepting any such warranty or additional liability.
|
175
|
+
|
176
|
+
END OF TERMS AND CONDITIONS
|
177
|
+
|
178
|
+
APPENDIX: How to apply the Apache License to your work.
|
179
|
+
|
180
|
+
To apply the Apache License to your work, attach the following
|
181
|
+
boilerplate notice, with the fields enclosed by brackets "[]"
|
182
|
+
replaced with your own identifying information. (Don't include
|
183
|
+
the brackets!) The text should be enclosed in the appropriate
|
184
|
+
comment syntax for the file format. We also recommend that a
|
185
|
+
file or class name and description of purpose be included on the
|
186
|
+
same "printed page" as the copyright notice for easier
|
187
|
+
identification within third-party archives.
|
188
|
+
|
189
|
+
Copyright [yyyy] [name of copyright owner]
|
190
|
+
|
191
|
+
Licensed under the Apache License, Version 2.0 (the "License");
|
192
|
+
you may not use this file except in compliance with the License.
|
193
|
+
You may obtain a copy of the License at
|
194
|
+
|
195
|
+
http://www.apache.org/licenses/LICENSE-2.0
|
196
|
+
|
197
|
+
Unless required by applicable law or agreed to in writing, software
|
198
|
+
distributed under the License is distributed on an "AS IS" BASIS,
|
199
|
+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
200
|
+
See the License for the specific language governing permissions and
|
201
|
+
limitations under the License.
|
data/README.rdoc
ADDED
@@ -0,0 +1,35 @@
|
|
1
|
+
= Crazylegs - the hacky 2-legged OAuth Library
|
2
|
+
|
3
|
+
Author:: Dave Copeland (mailto:dave@opower.com)
|
4
|
+
Copyright:: Copyright (c) 2011 by Dave Copeland
|
5
|
+
License:: Distributes under the Apache License, see LICENSE.txt in the source distro
|
6
|
+
|
7
|
+
Crazylegs is a *very* small library to sign urls for two-legged OAuth. This will not request urls for you, it will not parse a response for you, it will not give you some crazy DSL to abstract away the details. It *will* properly sign a URL using a consumer key and secret so that you can make an OAuth request for 2-legged auth. That's it.
|
8
|
+
|
9
|
+
* {Source on Github}[https://github.com/opower/crazylegs]
|
10
|
+
* RDoc[http://rdoc.info/github/opower/crazylegs/master/frames]
|
11
|
+
|
12
|
+
== Use
|
13
|
+
|
14
|
+
Install if you need to:
|
15
|
+
|
16
|
+
gem install crazylegs
|
17
|
+
|
18
|
+
== Example
|
19
|
+
|
20
|
+
include Crazylegs
|
21
|
+
credentials = Credentials.new(consumer_key,shared_secret)
|
22
|
+
url = SignedURL.new(credentials,"http://scrapi-demo-dev.opower.com/api/customers",'GET')
|
23
|
+
url['accountNumber'] = '655321'
|
24
|
+
signed_url = url.full_url
|
25
|
+
# signed_url can now be requested of the remote server
|
26
|
+
|
27
|
+
See Crazylegs::SignedURL and Crazylegs::Credentials for more info.
|
28
|
+
|
29
|
+
=== Seeing WTF is going on
|
30
|
+
|
31
|
+
logger = Logger.new(STDERR)
|
32
|
+
logger.level = Logger::DEBUG
|
33
|
+
url = SignedURL.new(credentials,"http://scrapi-demo-dev.opower.com/api/customers",'GET',logger)
|
34
|
+
|
35
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1,50 @@
|
|
1
|
+
require 'bundler'
|
2
|
+
require 'rake/clean'
|
3
|
+
require 'rubygems'
|
4
|
+
require 'rake/gempackagetask'
|
5
|
+
require 'rake/rdoctask'
|
6
|
+
require 'rcov/rcovtask'
|
7
|
+
require 'sdoc'
|
8
|
+
require 'grancher/task'
|
9
|
+
require 'rake/testtask'
|
10
|
+
|
11
|
+
Grancher::Task.new do |g|
|
12
|
+
g.branch = 'gh-pages'
|
13
|
+
g.push_to = 'origin'
|
14
|
+
g.directory 'html'
|
15
|
+
end
|
16
|
+
|
17
|
+
|
18
|
+
Rake::RDocTask.new(:rdoc) do |rd|
|
19
|
+
rd.main = "README.rdoc"
|
20
|
+
rd.rdoc_files.include("README.rdoc","lib/**/*.rb","bin/**/*")
|
21
|
+
rd.options << '--fmt' << 'shtml'
|
22
|
+
rd.template = 'direct'
|
23
|
+
rd.title = 'crazylegs'
|
24
|
+
end
|
25
|
+
|
26
|
+
Rake::TestTask.new do |t|
|
27
|
+
t.libs << "test"
|
28
|
+
t.test_files = FileList['test/tc_*.rb']
|
29
|
+
end
|
30
|
+
|
31
|
+
task :clobber_coverage do
|
32
|
+
rm_rf "coverage"
|
33
|
+
end
|
34
|
+
|
35
|
+
desc 'Measures test coverage'
|
36
|
+
task :coverage => :rcov do
|
37
|
+
puts "coverage/index.html contains what you need"
|
38
|
+
end
|
39
|
+
|
40
|
+
Rcov::RcovTask.new do |t|
|
41
|
+
t.libs << 'lib'
|
42
|
+
t.test_files = FileList['test/tc_*.rb']
|
43
|
+
end
|
44
|
+
|
45
|
+
task :default => :test
|
46
|
+
|
47
|
+
Bundler::GemHelper.install_tasks
|
48
|
+
|
49
|
+
desc 'Publish rdoc on github pages and push to github'
|
50
|
+
task :publish_rdoc => [:rdoc,:publish]
|
data/crazylegs.gemspec
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
$:.push File.expand_path("../lib", __FILE__)
|
3
|
+
require "crazylegs/version"
|
4
|
+
|
5
|
+
Gem::Specification.new do |s|
|
6
|
+
s.name = "crazylegs"
|
7
|
+
s.version = Crazylegs::VERSION
|
8
|
+
s.platform = Gem::Platform::RUBY
|
9
|
+
s.authors = ['Dave Copeland']
|
10
|
+
s.email = ['dave@opower.com']
|
11
|
+
s.homepage = ""
|
12
|
+
s.summary = %q{The two-legged OAuth used in a few OPOWER libraries}
|
13
|
+
s.description = %q{Couldn't get two-legged OAuth working from existing Ruby libs, so this implements it "by-hand"}
|
14
|
+
|
15
|
+
s.rubyforge_project = "crazylegs"
|
16
|
+
|
17
|
+
s.files = `git ls-files`.split("\n")
|
18
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
19
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
|
20
|
+
s.require_paths = ['lib']
|
21
|
+
s.add_development_dependency('sdoc')
|
22
|
+
s.add_development_dependency('rdoc')
|
23
|
+
s.add_development_dependency('rake')
|
24
|
+
s.add_development_dependency('rcov')
|
25
|
+
s.add_development_dependency('grancher','~> 0.1.5')
|
26
|
+
s.add_dependency('ruby-hmac', '~> 0.4.0')
|
27
|
+
end
|
data/lib/crazylegs.rb
ADDED
@@ -0,0 +1,73 @@
|
|
1
|
+
require 'base64'
|
2
|
+
require 'openssl'
|
3
|
+
|
4
|
+
module Crazylegs
|
5
|
+
|
6
|
+
# Encapsulates a request token, which is what the server returns when
|
7
|
+
# you request a user's OAuth Token
|
8
|
+
class AccessToken
|
9
|
+
attr_reader :token
|
10
|
+
attr_reader :secret
|
11
|
+
|
12
|
+
# Create a new token
|
13
|
+
# +token+:: the token itself
|
14
|
+
# +secret+:: the token secret, used for signing requests
|
15
|
+
def initialize(token,secret)
|
16
|
+
raise ArgumentError.new('token is required') if token.nil?
|
17
|
+
raise ArgumentError.new('secret is required') if secret.nil?
|
18
|
+
@token = token
|
19
|
+
@secret = secret
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
# Encapsulates all the information needed to make a request of the server
|
24
|
+
# outside of request-specific information.
|
25
|
+
class Credentials
|
26
|
+
# Consumer key, provided by the service provider
|
27
|
+
attr_reader :consumer_key
|
28
|
+
# Consumer secret, provided by the service provider
|
29
|
+
attr_reader :consumer_secret
|
30
|
+
# Access Token you might have acquired
|
31
|
+
attr_reader :access_token
|
32
|
+
# The default protocol to use for requests
|
33
|
+
attr_reader :default_protocol
|
34
|
+
|
35
|
+
# Create a new Credentials object.
|
36
|
+
#
|
37
|
+
# +consumer_key+:: The OAuth consumer key given to you when you signed up
|
38
|
+
# +consumer_secret+:: The OAuth consumer secret given to you when you signed up
|
39
|
+
# +default_protocol+:: Symbol, defaults to <tt>:http</tt>, set this if you must request via <tt>:https</tt>
|
40
|
+
# +access_token+:: The access token you were given as a AccessToken, or nil if you don't have one yet.
|
41
|
+
def initialize(consumer_key, consumer_secret, default_protocol=:http, access_token = nil)
|
42
|
+
raise ArgumentError.new("consumer_key required") if consumer_key.nil?
|
43
|
+
raise ArgumentError.new("consumer_secret required") if consumer_secret.nil?
|
44
|
+
|
45
|
+
@consumer_key = consumer_key
|
46
|
+
@consumer_secret = consumer_secret
|
47
|
+
@access_token = access_token
|
48
|
+
@default_protocol = default_protocol
|
49
|
+
end
|
50
|
+
|
51
|
+
# True if we have an access token
|
52
|
+
def has_access_token?
|
53
|
+
!@access_token.nil?
|
54
|
+
end
|
55
|
+
|
56
|
+
# Update the access token
|
57
|
+
def update_access_token(token)
|
58
|
+
@access_token = token
|
59
|
+
@access_token
|
60
|
+
end
|
61
|
+
|
62
|
+
# Clear the access token if, for some reason, you know the one
|
63
|
+
# you have is bad.
|
64
|
+
def clear_access_token
|
65
|
+
update_access_token(nil)
|
66
|
+
end
|
67
|
+
|
68
|
+
# Return a nonce that hasn't been used before (at least not in this space/time continuum)
|
69
|
+
def nonce
|
70
|
+
Time.now.to_f.to_s
|
71
|
+
end
|
72
|
+
end
|
73
|
+
end
|
@@ -0,0 +1,186 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'hmac-sha1'
|
3
|
+
require 'base64'
|
4
|
+
require 'logger'
|
5
|
+
|
6
|
+
module Crazylegs
|
7
|
+
|
8
|
+
# Used to create OAuth-signed URLs that you can then request via other means.
|
9
|
+
class SignedURL
|
10
|
+
|
11
|
+
READ_ONLY_PARAMS = {
|
12
|
+
'oauth_consumer_key' => true,
|
13
|
+
'oauth_token' => true,
|
14
|
+
'oauth_signature_method' => true,
|
15
|
+
'oauth_version' => true,
|
16
|
+
'oauth_nonce' => true,
|
17
|
+
'oauth_timestamp' => true,
|
18
|
+
}
|
19
|
+
|
20
|
+
# Encodes each part of this url, accounting for some
|
21
|
+
# of the weirdness we are dealing with
|
22
|
+
def self.encodeParts(url)
|
23
|
+
parts = url.split(/\//).map do |part|
|
24
|
+
if part =~ /^\$/
|
25
|
+
part
|
26
|
+
else
|
27
|
+
encode(part)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
parts.join('/')
|
31
|
+
end
|
32
|
+
|
33
|
+
# Ruby's CGI::encode doesn't encode spaces correctly
|
34
|
+
def self.encode(string)
|
35
|
+
string.gsub(/([^ a-zA-Z0-9_.-]+)/n) do
|
36
|
+
'%' + $1.unpack('H2' * $1.size).join('%').upcase
|
37
|
+
end.gsub(' ', '%20')
|
38
|
+
end
|
39
|
+
|
40
|
+
# Modify the logger
|
41
|
+
attr_accessor :logger
|
42
|
+
|
43
|
+
# Create a new SignedURL
|
44
|
+
#
|
45
|
+
# +credentails+:: The Credentials available when signing the request
|
46
|
+
# +url+:: String containing the URL (without parameters) to request
|
47
|
+
# +method+:: The HTTP Request method that will be made, as a String
|
48
|
+
# +logger+:: a logger where you'd like to see diagnostics, if omitted will try <tt>$logger</tt> and then create one
|
49
|
+
def initialize(credentials,url,method,logger=nil)
|
50
|
+
raise ArgumentError.new("credentials is required") if credentials.nil?
|
51
|
+
raise ArgumentError.new("url is required") if url.nil?
|
52
|
+
raise ArgumentError.new("method is required") if method.nil?
|
53
|
+
|
54
|
+
@credentials = credentials
|
55
|
+
|
56
|
+
@logger = logger || $logger || Logger.new(STDOUT)
|
57
|
+
|
58
|
+
@params = {
|
59
|
+
'oauth_signature_method' => 'HMAC-SHA1',
|
60
|
+
'oauth_version' => '1.0',
|
61
|
+
}
|
62
|
+
@params['oauth_consumer_key'] = credentials.consumer_key
|
63
|
+
@params['oauth_token'] = credentials.access_token.token if credentials.access_token
|
64
|
+
@consumer_secret = credentials.consumer_secret
|
65
|
+
if credentials.access_token
|
66
|
+
@access_secret = credentials.access_token.secret
|
67
|
+
else
|
68
|
+
@access_secret = nil
|
69
|
+
end
|
70
|
+
@method = method.upcase
|
71
|
+
@url = url
|
72
|
+
end
|
73
|
+
|
74
|
+
# Sets a request parameter
|
75
|
+
#
|
76
|
+
# +param+:: the name of the parameter, as a string or symbol
|
77
|
+
# +value+:: the value of the parameter, unencoded
|
78
|
+
#
|
79
|
+
def []=(param,value)
|
80
|
+
raise ArgumentError.new("param may not be nil") if param.nil?
|
81
|
+
param = param.to_s
|
82
|
+
raise ArgumentError.new("You may not override #{param}") if READ_ONLY_PARAMS[param]
|
83
|
+
if value.nil?
|
84
|
+
@params.delete(param)
|
85
|
+
else
|
86
|
+
@params[param] = value.to_s
|
87
|
+
end
|
88
|
+
end
|
89
|
+
|
90
|
+
# Sets all request parameters to those in the hash.
|
91
|
+
#
|
92
|
+
# +params_hash+:: hash of all the parameters you want to add; will replace existing parameters
|
93
|
+
def params=(params_hash)
|
94
|
+
raise ArgumentError.new('you may not set params to nil') if params_hash.nil?
|
95
|
+
params_hash.each do |k,v|
|
96
|
+
self[k]=v
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
# Gets the full URL, signed and ready to be requested
|
101
|
+
# +timestamp::+ the timestamp to use; defaults to 'now' and generally is only visible for testing
|
102
|
+
# +nonce+ the nonce to use; defaults to a reasonable value and generally is only visible for testing
|
103
|
+
#
|
104
|
+
# Returns a String that is the entire encoded OAuth-compliant URL ready to be requested. Note that
|
105
|
+
# part of the OAuth signing process is to include the HTTP request method; if you request this url
|
106
|
+
# using a method other than the one you passed to the constructor, it will not work.
|
107
|
+
def full_url(timestamp=nil,nonce=nil)
|
108
|
+
|
109
|
+
@logger.debug("Getting full_url of #{@url}")
|
110
|
+
@logger.debug("OAuth Part 1 : #{@method}")
|
111
|
+
|
112
|
+
escaped_url = SignedURL::encode(@url)
|
113
|
+
to_sign = @method + "&" + escaped_url + "&"
|
114
|
+
|
115
|
+
@logger.debug("OAuth Part 2 (raw) : #{@url}")
|
116
|
+
@logger.debug("OAuth Part 2 (esc) : #{escaped_url}")
|
117
|
+
|
118
|
+
timestamp=Time.now.to_i if timestamp.nil?
|
119
|
+
nonce=@credentials.nonce if nonce.nil?
|
120
|
+
|
121
|
+
param_part,url_params = handle_params(timestamp,nonce)
|
122
|
+
escaped_params = SignedURL::encode(param_part)
|
123
|
+
@logger.debug("OAuth Part 3 (raw) : #{param_part}")
|
124
|
+
@logger.debug("OAuth Part 3 (esc) : #{escaped_params}")
|
125
|
+
|
126
|
+
to_sign += escaped_params
|
127
|
+
|
128
|
+
signature = get_signature(to_sign)
|
129
|
+
|
130
|
+
url_params['oauth_signature'] = SignedURL::encode(signature)
|
131
|
+
|
132
|
+
assembled_url = assemble_url(url_params)
|
133
|
+
@logger.debug("Full URL is " + assembled_url)
|
134
|
+
return assembled_url
|
135
|
+
end
|
136
|
+
|
137
|
+
private
|
138
|
+
|
139
|
+
def assemble_url(url_params)
|
140
|
+
url = @url + '?'
|
141
|
+
url_params.keys.sort.each do |key|
|
142
|
+
val = url_params[key]
|
143
|
+
url += "#{key}=#{val}&"
|
144
|
+
end
|
145
|
+
url.gsub!(/\&$/,'')
|
146
|
+
return url
|
147
|
+
end
|
148
|
+
|
149
|
+
def get_signature(to_sign)
|
150
|
+
signing_key = get_signing_key
|
151
|
+
@logger.debug("Signing '#{to_sign}' with key '#{signing_key}'")
|
152
|
+
|
153
|
+
sha1 = HMAC::SHA1.new(signing_key)
|
154
|
+
sha1 << to_sign
|
155
|
+
signature = Base64.encode64(sha1.digest())
|
156
|
+
signature.chomp!
|
157
|
+
@logger.debug("signature == '#{signature}'")
|
158
|
+
signature
|
159
|
+
end
|
160
|
+
|
161
|
+
def get_signing_key
|
162
|
+
SignedURL::encode(@consumer_secret) + "&" + SignedURL::encode(@access_secret.nil? ? "" : @access_secret)
|
163
|
+
end
|
164
|
+
|
165
|
+
def handle_params(timestamp,nonce)
|
166
|
+
url_params = Hash.new
|
167
|
+
param_part = ""
|
168
|
+
params = @params
|
169
|
+
params['oauth_timestamp'] = timestamp.to_s
|
170
|
+
params['oauth_nonce'] = nonce
|
171
|
+
params.keys.sort.each do |key|
|
172
|
+
value = params[key]
|
173
|
+
raise ArgumentError.new("#{key} is nil; don't set params to be nil") if value.nil?
|
174
|
+
|
175
|
+
@logger.debug("Adding param #{key} with value #{value} escaped as #{SignedURL::encode(value)}")
|
176
|
+
param_part += SignedURL::encode(key)
|
177
|
+
param_part += "="
|
178
|
+
param_part += SignedURL::encode(value)
|
179
|
+
param_part += '&'
|
180
|
+
url_params[key] = SignedURL::encode(value)
|
181
|
+
end
|
182
|
+
param_part.gsub!(/&$/,'')
|
183
|
+
[param_part,url_params]
|
184
|
+
end
|
185
|
+
end
|
186
|
+
end
|
@@ -0,0 +1,45 @@
|
|
1
|
+
require 'crazylegs'
|
2
|
+
require 'test/unit'
|
3
|
+
|
4
|
+
include Crazylegs
|
5
|
+
|
6
|
+
class TC_testCredentials < Test::Unit::TestCase
|
7
|
+
def test_default_access_token
|
8
|
+
cred = Credentials.new('foo','bar')
|
9
|
+
assert_equal(:http,cred.default_protocol)
|
10
|
+
assert_equal(nil,cred.access_token)
|
11
|
+
assert(!cred.has_access_token?)
|
12
|
+
end
|
13
|
+
|
14
|
+
def test_given_access_token
|
15
|
+
cred = Credentials.new('foo','bar',:https,AccessToken.new('blah','foo'))
|
16
|
+
assert_equal(:https,cred.default_protocol)
|
17
|
+
assert_equal('blah',cred.access_token.token)
|
18
|
+
assert_equal('foo',cred.access_token.secret)
|
19
|
+
assert(cred.has_access_token?)
|
20
|
+
end
|
21
|
+
|
22
|
+
def test_bad_args
|
23
|
+
assert_raises(ArgumentError) { cred = Credentials.new(nil,nil) }
|
24
|
+
assert_raises(ArgumentError) { cred = Credentials.new('foo',nil) }
|
25
|
+
end
|
26
|
+
|
27
|
+
def test_clear_token
|
28
|
+
cred = Credentials.new('foo','bar',:http,AccessToken.new('blah','crud'))
|
29
|
+
cred.clear_access_token
|
30
|
+
assert_equal(nil,cred.access_token)
|
31
|
+
end
|
32
|
+
def test_update_token
|
33
|
+
cred = Credentials.new('foo','bar')
|
34
|
+
cred.update_access_token(AccessToken.new('blah','crud'))
|
35
|
+
assert_equal('blah',cred.access_token.token)
|
36
|
+
assert_equal('crud',cred.access_token.secret)
|
37
|
+
end
|
38
|
+
|
39
|
+
def test_nonce
|
40
|
+
cred = Credentials.new('foo','bar')
|
41
|
+
n1 = cred.nonce
|
42
|
+
n2 = cred.nonce
|
43
|
+
assert(n1 != n2,"Two nonces shouldn't be the same: #{n1} =? #{n2}")
|
44
|
+
end
|
45
|
+
end
|
data/test/tc_url.rb
ADDED
@@ -0,0 +1,74 @@
|
|
1
|
+
require 'crazylegs'
|
2
|
+
require 'test/unit'
|
3
|
+
|
4
|
+
include Crazylegs
|
5
|
+
|
6
|
+
class TC_testURL < Test::Unit::TestCase
|
7
|
+
|
8
|
+
def setup
|
9
|
+
@cred = Credentials.new('dpf43f3p2l4k3l03',
|
10
|
+
'kd94hf93k423kf44',
|
11
|
+
:http,
|
12
|
+
AccessToken.new('nnch734d00sl2jdk','pfkkdhi9sl3r4s00'))
|
13
|
+
@signed_url = SignedURL.new(@cred,
|
14
|
+
'http://photos.example.net/photos',
|
15
|
+
'GET')
|
16
|
+
class << @signed_url
|
17
|
+
def [](param); @params[param]; end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def test_encode_parts
|
22
|
+
url = "/this/is/easy"
|
23
|
+
assert_equal url,SignedURL::encodeParts(url)
|
24
|
+
url = "this/has some spaces/and stuff"
|
25
|
+
assert_equal "this/has%20some%20spaces/and%20stuff",SignedURL::encodeParts(url)
|
26
|
+
|
27
|
+
url = "this/$account/has spaces/$username"
|
28
|
+
assert_equal "this/$account/has%20spaces/$username",SignedURL::encodeParts(url)
|
29
|
+
end
|
30
|
+
|
31
|
+
def test_bad_param_override
|
32
|
+
SignedURL::READ_ONLY_PARAMS.keys.each do |param|
|
33
|
+
assert_raises(ArgumentError) do
|
34
|
+
@signed_url[param] = 'asdfasdfasdf'
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
def test_simple
|
40
|
+
@signed_url['file'] = 'vacation.jpg'
|
41
|
+
@signed_url['size'] = 'original'
|
42
|
+
do_simple_assert
|
43
|
+
end
|
44
|
+
|
45
|
+
def test_simple_bulk_params_set
|
46
|
+
params = {
|
47
|
+
'file' => 'vacation.jpg',
|
48
|
+
'size' => 'original',
|
49
|
+
}
|
50
|
+
@signed_url.params=params
|
51
|
+
do_simple_assert
|
52
|
+
end
|
53
|
+
|
54
|
+
def test_assign_param
|
55
|
+
@signed_url['blah'] = :foo
|
56
|
+
@signed_url['crud'] = 'foo'
|
57
|
+
assert_equal('foo',@signed_url['blah'])
|
58
|
+
assert_equal('foo',@signed_url['crud'])
|
59
|
+
end
|
60
|
+
|
61
|
+
def test_nil_param_assign
|
62
|
+
@signed_url['blah'] = 'foo'
|
63
|
+
assert_raises(ArgumentError) { @signed_url.params = nil }
|
64
|
+
end
|
65
|
+
|
66
|
+
private
|
67
|
+
def do_simple_assert
|
68
|
+
signature = 'tR3+Ty81lMeYAr/Fid0kMTYa/WM='
|
69
|
+
signature_encoced = 'tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D'
|
70
|
+
expected_url = 'http://photos.example.net/photos?file=vacation.jpg&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_nonce=kllo9940pd9333jh&oauth_signature=tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1191242096&oauth_token=nnch734d00sl2jdk&oauth_version=1.0&size=original'
|
71
|
+
assert_equal(expected_url,@signed_url.full_url(1191242096,'kllo9940pd9333jh'))
|
72
|
+
end
|
73
|
+
|
74
|
+
end
|
metadata
ADDED
@@ -0,0 +1,169 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: crazylegs
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 29
|
5
|
+
prerelease:
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 0
|
9
|
+
- 1
|
10
|
+
version: 0.0.1
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- Dave Copeland
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2011-05-09 00:00:00 -04:00
|
19
|
+
default_executable:
|
20
|
+
dependencies:
|
21
|
+
- !ruby/object:Gem::Dependency
|
22
|
+
name: sdoc
|
23
|
+
prerelease: false
|
24
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
hash: 3
|
30
|
+
segments:
|
31
|
+
- 0
|
32
|
+
version: "0"
|
33
|
+
type: :development
|
34
|
+
version_requirements: *id001
|
35
|
+
- !ruby/object:Gem::Dependency
|
36
|
+
name: rdoc
|
37
|
+
prerelease: false
|
38
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
39
|
+
none: false
|
40
|
+
requirements:
|
41
|
+
- - ">="
|
42
|
+
- !ruby/object:Gem::Version
|
43
|
+
hash: 3
|
44
|
+
segments:
|
45
|
+
- 0
|
46
|
+
version: "0"
|
47
|
+
type: :development
|
48
|
+
version_requirements: *id002
|
49
|
+
- !ruby/object:Gem::Dependency
|
50
|
+
name: rake
|
51
|
+
prerelease: false
|
52
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
53
|
+
none: false
|
54
|
+
requirements:
|
55
|
+
- - ">="
|
56
|
+
- !ruby/object:Gem::Version
|
57
|
+
hash: 3
|
58
|
+
segments:
|
59
|
+
- 0
|
60
|
+
version: "0"
|
61
|
+
type: :development
|
62
|
+
version_requirements: *id003
|
63
|
+
- !ruby/object:Gem::Dependency
|
64
|
+
name: rcov
|
65
|
+
prerelease: false
|
66
|
+
requirement: &id004 !ruby/object:Gem::Requirement
|
67
|
+
none: false
|
68
|
+
requirements:
|
69
|
+
- - ">="
|
70
|
+
- !ruby/object:Gem::Version
|
71
|
+
hash: 3
|
72
|
+
segments:
|
73
|
+
- 0
|
74
|
+
version: "0"
|
75
|
+
type: :development
|
76
|
+
version_requirements: *id004
|
77
|
+
- !ruby/object:Gem::Dependency
|
78
|
+
name: grancher
|
79
|
+
prerelease: false
|
80
|
+
requirement: &id005 !ruby/object:Gem::Requirement
|
81
|
+
none: false
|
82
|
+
requirements:
|
83
|
+
- - ~>
|
84
|
+
- !ruby/object:Gem::Version
|
85
|
+
hash: 17
|
86
|
+
segments:
|
87
|
+
- 0
|
88
|
+
- 1
|
89
|
+
- 5
|
90
|
+
version: 0.1.5
|
91
|
+
type: :development
|
92
|
+
version_requirements: *id005
|
93
|
+
- !ruby/object:Gem::Dependency
|
94
|
+
name: ruby-hmac
|
95
|
+
prerelease: false
|
96
|
+
requirement: &id006 !ruby/object:Gem::Requirement
|
97
|
+
none: false
|
98
|
+
requirements:
|
99
|
+
- - ~>
|
100
|
+
- !ruby/object:Gem::Version
|
101
|
+
hash: 15
|
102
|
+
segments:
|
103
|
+
- 0
|
104
|
+
- 4
|
105
|
+
- 0
|
106
|
+
version: 0.4.0
|
107
|
+
type: :runtime
|
108
|
+
version_requirements: *id006
|
109
|
+
description: Couldn't get two-legged OAuth working from existing Ruby libs, so this implements it "by-hand"
|
110
|
+
email:
|
111
|
+
- dave@opower.com
|
112
|
+
executables: []
|
113
|
+
|
114
|
+
extensions: []
|
115
|
+
|
116
|
+
extra_rdoc_files: []
|
117
|
+
|
118
|
+
files:
|
119
|
+
- .gitignore
|
120
|
+
- .rvmrc
|
121
|
+
- Gemfile
|
122
|
+
- Gemfile.lock
|
123
|
+
- LICENSE.txt
|
124
|
+
- README.rdoc
|
125
|
+
- Rakefile
|
126
|
+
- crazylegs.gemspec
|
127
|
+
- lib/crazylegs.rb
|
128
|
+
- lib/crazylegs/credentials.rb
|
129
|
+
- lib/crazylegs/url.rb
|
130
|
+
- lib/crazylegs/version.rb
|
131
|
+
- test/tc_credentials.rb
|
132
|
+
- test/tc_url.rb
|
133
|
+
has_rdoc: true
|
134
|
+
homepage: ""
|
135
|
+
licenses: []
|
136
|
+
|
137
|
+
post_install_message:
|
138
|
+
rdoc_options: []
|
139
|
+
|
140
|
+
require_paths:
|
141
|
+
- lib
|
142
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
143
|
+
none: false
|
144
|
+
requirements:
|
145
|
+
- - ">="
|
146
|
+
- !ruby/object:Gem::Version
|
147
|
+
hash: 3
|
148
|
+
segments:
|
149
|
+
- 0
|
150
|
+
version: "0"
|
151
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
152
|
+
none: false
|
153
|
+
requirements:
|
154
|
+
- - ">="
|
155
|
+
- !ruby/object:Gem::Version
|
156
|
+
hash: 3
|
157
|
+
segments:
|
158
|
+
- 0
|
159
|
+
version: "0"
|
160
|
+
requirements: []
|
161
|
+
|
162
|
+
rubyforge_project: crazylegs
|
163
|
+
rubygems_version: 1.6.2
|
164
|
+
signing_key:
|
165
|
+
specification_version: 3
|
166
|
+
summary: The two-legged OAuth used in a few OPOWER libraries
|
167
|
+
test_files:
|
168
|
+
- test/tc_credentials.rb
|
169
|
+
- test/tc_url.rb
|