crazylegs 0.0.1

data/.gitignore

@@ -0,0 +1,4 @@
+pkg/*
+*.gem
+.bundle
+html

data/.rvmrc

@@ -0,0 +1 @@
+rvm use 1.8.7@crazylegs --create

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in crazylegs.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,33 @@
+PATH
+  remote: .
+  specs:
+    crazylegs (0.0.1)
+      ruby-hmac (~> 0.4.0)
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    gash (0.1.3)
+      open4 (>= 0, = 0.9.6)
+    grancher (0.1.5)
+      gash
+    json (1.5.1)
+    open4 (0.9.6)
+    rake (0.8.7)
+    rcov (0.9.9)
+    rdoc (2.4.3)
+    ruby-hmac (0.4.0)
+    sdoc (0.2.20)
+      json (>= 1.1.3)
+      rdoc (= 2.4.3)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  crazylegs!
+  grancher (~> 0.1.5)
+  rake
+  rcov
+  rdoc
+  sdoc

data/LICENSE.txt

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

data/README.rdoc

@@ -0,0 +1,35 @@
+= Crazylegs - the hacky 2-legged OAuth Library
+
+Author::  Dave Copeland (mailto:dave@opower.com)
+Copyright:: Copyright (c) 2011 by Dave Copeland
+License:: Distributes under the Apache License, see LICENSE.txt in the source distro
+
+Crazylegs is a *very* small library to sign urls for two-legged OAuth.  This will not request urls for you, it will not parse a response for you, it will not give you some crazy DSL to abstract away the details.  It *will* properly sign a URL using a consumer key and secret so that you can make an OAuth request for 2-legged auth.  That's it.
+
+* {Source on Github}[https://github.com/opower/crazylegs]
+* RDoc[http://rdoc.info/github/opower/crazylegs/master/frames]
+
+== Use
+
+Install if you need to:
+
+    gem install crazylegs
+
+== Example
+
+    include Crazylegs
+    credentials = Credentials.new(consumer_key,shared_secret)
+    url = SignedURL.new(credentials,"http://scrapi-demo-dev.opower.com/api/customers",'GET')
+    url['accountNumber'] = '655321'
+    signed_url = url.full_url
+    # signed_url can now be requested of the remote server
+
+See Crazylegs::SignedURL and Crazylegs::Credentials for more info.
+
+=== Seeing WTF is going on
+
+    logger = Logger.new(STDERR)
+    logger.level = Logger::DEBUG
+    url = SignedURL.new(credentials,"http://scrapi-demo-dev.opower.com/api/customers",'GET',logger)
+
+

data/Rakefile

@@ -0,0 +1,50 @@
+require 'bundler'
+require 'rake/clean'
+require 'rubygems'
+require 'rake/gempackagetask'
+require 'rake/rdoctask'
+require 'rcov/rcovtask'
+require 'sdoc'
+require 'grancher/task'
+require 'rake/testtask'
+
+Grancher::Task.new do |g|
+  g.branch = 'gh-pages'
+  g.push_to = 'origin'
+  g.directory 'html'
+end
+
+
+Rake::RDocTask.new(:rdoc) do |rd|
+  rd.main = "README.rdoc"
+  rd.rdoc_files.include("README.rdoc","lib/**/*.rb","bin/**/*")
+  rd.options << '--fmt' << 'shtml'
+  rd.template = 'direct'
+  rd.title = 'crazylegs'
+end
+
+Rake::TestTask.new do |t|
+  t.libs << "test"
+  t.test_files = FileList['test/tc_*.rb']
+end
+
+task :clobber_coverage do
+  rm_rf "coverage"
+end
+
+desc 'Measures test coverage'
+task :coverage => :rcov do
+  puts "coverage/index.html contains what you need"
+end
+
+Rcov::RcovTask.new do |t|
+  t.libs << 'lib'
+  t.test_files = FileList['test/tc_*.rb']
+end
+
+task :default => :test
+
+Bundler::GemHelper.install_tasks
+
+desc 'Publish rdoc on github pages and push to github'
+task :publish_rdoc => [:rdoc,:publish]

data/crazylegs.gemspec

@@ -0,0 +1,27 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "crazylegs/version"
+
+Gem::Specification.new do |s|
+  s.name        = "crazylegs"
+  s.version     = Crazylegs::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ['Dave Copeland']
+  s.email       = ['dave@opower.com']
+  s.homepage    = ""
+  s.summary     = %q{The two-legged OAuth used in a few OPOWER libraries}
+  s.description = %q{Couldn't get two-legged OAuth working from existing Ruby libs, so this implements it "by-hand"}
+
+  s.rubyforge_project = "crazylegs"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ['lib']
+  s.add_development_dependency('sdoc')
+  s.add_development_dependency('rdoc')
+  s.add_development_dependency('rake')
+  s.add_development_dependency('rcov')
+  s.add_development_dependency('grancher','~> 0.1.5')
+  s.add_dependency('ruby-hmac', '~> 0.4.0')
+end

data/lib/crazylegs.rb

@@ -0,0 +1,3 @@
+require 'crazylegs/credentials'
+require 'crazylegs/url'
+require 'crazylegs/version'

data/lib/crazylegs/credentials.rb

@@ -0,0 +1,73 @@
+require 'base64'
+require 'openssl'
+
+module Crazylegs
+
+  # Encapsulates a request token, which is what the server returns when
+  # you request a user's OAuth Token
+  class AccessToken
+    attr_reader :token
+    attr_reader :secret
+
+    # Create a new token
+    # +token+:: the token itself
+    # +secret+:: the token secret, used for signing requests
+    def initialize(token,secret)
+      raise ArgumentError.new('token is required') if token.nil?
+      raise ArgumentError.new('secret is required') if secret.nil?
+      @token = token
+      @secret = secret
+    end
+  end
+
+  # Encapsulates all the information needed to make a request of the server
+  # outside of request-specific information.
+  class Credentials
+    # Consumer key, provided by the service provider
+    attr_reader :consumer_key
+    # Consumer secret, provided by the service provider
+    attr_reader :consumer_secret
+    # Access Token you might have acquired
+    attr_reader :access_token
+    # The default protocol to use for requests
+    attr_reader :default_protocol
+
+    # Create a new Credentials object.
+    #
+    # +consumer_key+:: The OAuth consumer key given to you when you signed up
+    # +consumer_secret+:: The OAuth consumer secret given to you when you signed up
+    # +default_protocol+:: Symbol, defaults to <tt>:http</tt>, set this if you must request via <tt>:https</tt>
+    # +access_token+:: The access token you were given as a AccessToken, or nil if you don't have one yet.  
+    def initialize(consumer_key, consumer_secret, default_protocol=:http, access_token = nil)
+      raise ArgumentError.new("consumer_key required") if consumer_key.nil?
+      raise ArgumentError.new("consumer_secret required") if consumer_secret.nil?
+
+      @consumer_key = consumer_key
+      @consumer_secret = consumer_secret
+      @access_token = access_token
+      @default_protocol = default_protocol
+    end
+
+    # True if we have an access token
+    def has_access_token?
+      !@access_token.nil?
+    end
+
+    # Update the access token
+    def update_access_token(token)
+      @access_token = token
+      @access_token
+    end
+
+    # Clear the access token if, for some reason, you know the one
+    # you have is bad.
+    def clear_access_token
+      update_access_token(nil)
+    end
+
+    # Return a nonce that hasn't been used before (at least not in this space/time continuum)
+    def nonce
+      Time.now.to_f.to_s
+    end
+  end
+end

data/lib/crazylegs/url.rb

@@ -0,0 +1,186 @@
+require 'rubygems'
+require 'hmac-sha1'
+require 'base64'
+require 'logger'
+
+module Crazylegs
+
+  # Used to create OAuth-signed URLs that you can then request via other means.
+  class SignedURL
+
+    READ_ONLY_PARAMS = {
+      'oauth_consumer_key' => true,
+      'oauth_token' => true,
+      'oauth_signature_method' => true,
+      'oauth_version' => true,
+      'oauth_nonce' => true,
+      'oauth_timestamp' => true,
+    }
+
+    # Encodes each part of this url, accounting for some
+    # of the weirdness we are dealing with
+    def self.encodeParts(url)
+      parts = url.split(/\//).map do |part|
+        if part =~ /^\$/
+          part
+        else
+          encode(part)
+        end
+      end
+      parts.join('/')
+    end
+
+    # Ruby's CGI::encode doesn't encode spaces correctly
+    def self.encode(string)
+      string.gsub(/([^ a-zA-Z0-9_.-]+)/n) do
+        '%' + $1.unpack('H2' * $1.size).join('%').upcase
+      end.gsub(' ', '%20')
+    end
+
+    # Modify the logger
+    attr_accessor :logger
+
+    # Create a new SignedURL
+    #
+    # +credentails+:: The Credentials available when signing the request
+    # +url+:: String containing the URL (without parameters) to request
+    # +method+:: The HTTP Request method that will be made, as a String
+    # +logger+:: a logger where you'd like to see diagnostics, if omitted will try <tt>$logger</tt> and then create one
+    def initialize(credentials,url,method,logger=nil)
+      raise ArgumentError.new("credentials is required") if credentials.nil?
+      raise ArgumentError.new("url is required") if url.nil?
+      raise ArgumentError.new("method is required") if method.nil?
+
+      @credentials = credentials
+
+      @logger = logger || $logger || Logger.new(STDOUT)
+
+      @params = {
+        'oauth_signature_method' => 'HMAC-SHA1',
+        'oauth_version' => '1.0',
+      }
+      @params['oauth_consumer_key'] = credentials.consumer_key
+      @params['oauth_token'] = credentials.access_token.token if credentials.access_token
+      @consumer_secret = credentials.consumer_secret
+      if credentials.access_token
+        @access_secret = credentials.access_token.secret 
+      else
+        @access_secret = nil
+      end
+      @method = method.upcase
+      @url = url
+    end
+
+    # Sets a request parameter
+    #
+    # +param+:: the name of the parameter, as a string or symbol
+    # +value+:: the value of the parameter, unencoded
+    #
+    def []=(param,value)
+      raise ArgumentError.new("param may not be nil") if param.nil?
+      param = param.to_s
+      raise ArgumentError.new("You may not override #{param}") if READ_ONLY_PARAMS[param]
+      if value.nil? 
+        @params.delete(param)
+      else
+        @params[param] = value.to_s
+      end
+    end
+
+    # Sets all request parameters to those in the hash.
+    #
+    # +params_hash+:: hash of all the parameters you want to add; will replace existing parameters
+    def params=(params_hash)
+      raise ArgumentError.new('you may not set params to nil') if params_hash.nil?
+      params_hash.each do |k,v|
+        self[k]=v
+      end
+    end
+
+    # Gets the full URL, signed and ready to be requested
+    # +timestamp::+ the timestamp to use; defaults to 'now' and generally is only visible for testing
+    # +nonce+ the nonce to use; defaults to a reasonable value and generally is only visible for testing
+    #
+    # Returns a String that is the entire encoded OAuth-compliant URL ready to be requested.  Note that
+    # part of the OAuth signing process is to include the HTTP request method; if you request this url
+    # using a method other than the one you passed to the constructor, it will not work.
+    def full_url(timestamp=nil,nonce=nil)
+
+      @logger.debug("Getting full_url of #{@url}")
+      @logger.debug("OAuth Part 1 : #{@method}")
+
+      escaped_url = SignedURL::encode(@url)
+      to_sign = @method + "&" + escaped_url + "&"
+
+      @logger.debug("OAuth Part 2 (raw) : #{@url}")
+      @logger.debug("OAuth Part 2 (esc) : #{escaped_url}")
+
+      timestamp=Time.now.to_i if timestamp.nil?
+      nonce=@credentials.nonce if nonce.nil?
+
+      param_part,url_params = handle_params(timestamp,nonce)
+      escaped_params = SignedURL::encode(param_part)
+      @logger.debug("OAuth Part 3 (raw) : #{param_part}")
+      @logger.debug("OAuth Part 3 (esc) : #{escaped_params}")
+
+      to_sign += escaped_params
+
+      signature = get_signature(to_sign)
+
+      url_params['oauth_signature'] = SignedURL::encode(signature)
+
+      assembled_url = assemble_url(url_params)
+      @logger.debug("Full URL is " + assembled_url)
+      return assembled_url
+    end
+
+    private
+
+    def assemble_url(url_params)
+      url = @url + '?'
+      url_params.keys.sort.each do |key|
+        val = url_params[key]
+        url += "#{key}=#{val}&"
+      end
+      url.gsub!(/\&$/,'')
+      return url
+    end
+
+    def get_signature(to_sign)
+      signing_key = get_signing_key
+      @logger.debug("Signing '#{to_sign}' with key '#{signing_key}'")
+
+      sha1 = HMAC::SHA1.new(signing_key)
+      sha1 << to_sign
+      signature = Base64.encode64(sha1.digest())
+      signature.chomp!
+      @logger.debug("signature == '#{signature}'")
+      signature
+    end
+
+    def get_signing_key
+      SignedURL::encode(@consumer_secret) + "&" + SignedURL::encode(@access_secret.nil? ? "" : @access_secret)
+    end
+
+    def handle_params(timestamp,nonce)
+      url_params = Hash.new
+      param_part = ""
+      params = @params
+      params['oauth_timestamp'] = timestamp.to_s
+      params['oauth_nonce'] = nonce
+      params.keys.sort.each do |key|
+        value = params[key]
+        raise ArgumentError.new("#{key} is nil; don't set params to be nil") if value.nil?
+        
+        @logger.debug("Adding param #{key} with value #{value} escaped as #{SignedURL::encode(value)}")
+        param_part += SignedURL::encode(key)
+        param_part += "="
+        param_part += SignedURL::encode(value)
+        param_part += '&'
+        url_params[key] = SignedURL::encode(value)
+      end
+      param_part.gsub!(/&$/,'')
+      [param_part,url_params]
+    end
+  end
+end

data/lib/crazylegs/version.rb

@@ -0,0 +1,3 @@
+module Crazylegs
+  VERSION = "0.0.1"
+end

data/test/tc_credentials.rb

@@ -0,0 +1,45 @@
+require 'crazylegs'
+require 'test/unit'
+
+include Crazylegs
+
+class TC_testCredentials < Test::Unit::TestCase
+  def test_default_access_token
+    cred = Credentials.new('foo','bar')
+    assert_equal(:http,cred.default_protocol)
+    assert_equal(nil,cred.access_token)
+    assert(!cred.has_access_token?)
+  end
+
+  def test_given_access_token
+    cred = Credentials.new('foo','bar',:https,AccessToken.new('blah','foo'))
+    assert_equal(:https,cred.default_protocol)
+    assert_equal('blah',cred.access_token.token)
+    assert_equal('foo',cred.access_token.secret)
+    assert(cred.has_access_token?)
+  end
+
+  def test_bad_args
+    assert_raises(ArgumentError) { cred = Credentials.new(nil,nil) }
+    assert_raises(ArgumentError) { cred = Credentials.new('foo',nil) }
+  end
+
+  def test_clear_token
+    cred = Credentials.new('foo','bar',:http,AccessToken.new('blah','crud'))
+    cred.clear_access_token
+    assert_equal(nil,cred.access_token)
+  end
+  def test_update_token
+    cred = Credentials.new('foo','bar')
+    cred.update_access_token(AccessToken.new('blah','crud'))
+    assert_equal('blah',cred.access_token.token)
+    assert_equal('crud',cred.access_token.secret)
+  end
+
+  def test_nonce
+    cred = Credentials.new('foo','bar')
+    n1 = cred.nonce
+    n2 = cred.nonce
+    assert(n1 != n2,"Two nonces shouldn't be the same: #{n1} =? #{n2}")
+  end
+end

data/test/tc_url.rb

@@ -0,0 +1,74 @@
+require 'crazylegs'
+require 'test/unit'
+
+include Crazylegs
+
+class TC_testURL < Test::Unit::TestCase
+
+  def setup
+    @cred = Credentials.new('dpf43f3p2l4k3l03',
+                            'kd94hf93k423kf44',
+                            :http,
+                            AccessToken.new('nnch734d00sl2jdk','pfkkdhi9sl3r4s00'))
+    @signed_url = SignedURL.new(@cred,
+                               'http://photos.example.net/photos',
+                               'GET')
+    class << @signed_url
+      def [](param); @params[param]; end
+    end
+  end
+
+  def test_encode_parts
+    url = "/this/is/easy"
+    assert_equal url,SignedURL::encodeParts(url)
+    url = "this/has some spaces/and stuff"
+    assert_equal "this/has%20some%20spaces/and%20stuff",SignedURL::encodeParts(url)
+
+    url = "this/$account/has spaces/$username"
+    assert_equal "this/$account/has%20spaces/$username",SignedURL::encodeParts(url)
+  end
+
+  def test_bad_param_override
+    SignedURL::READ_ONLY_PARAMS.keys.each do |param|
+      assert_raises(ArgumentError) do 
+        @signed_url[param] = 'asdfasdfasdf'
+      end
+    end
+  end
+
+  def test_simple
+    @signed_url['file'] = 'vacation.jpg'
+    @signed_url['size'] = 'original'
+    do_simple_assert
+  end
+
+  def test_simple_bulk_params_set
+    params = {
+      'file' => 'vacation.jpg',
+      'size' => 'original',
+    }
+    @signed_url.params=params
+    do_simple_assert
+  end
+
+  def test_assign_param
+    @signed_url['blah'] = :foo
+    @signed_url['crud'] = 'foo'
+    assert_equal('foo',@signed_url['blah'])
+    assert_equal('foo',@signed_url['crud'])
+  end
+
+  def test_nil_param_assign
+    @signed_url['blah'] = 'foo'
+    assert_raises(ArgumentError) { @signed_url.params = nil }
+  end
+
+  private
+  def do_simple_assert
+    signature = 'tR3+Ty81lMeYAr/Fid0kMTYa/WM='
+    signature_encoced = 'tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D'
+    expected_url = 'http://photos.example.net/photos?file=vacation.jpg&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_nonce=kllo9940pd9333jh&oauth_signature=tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1191242096&oauth_token=nnch734d00sl2jdk&oauth_version=1.0&size=original'
+    assert_equal(expected_url,@signed_url.full_url(1191242096,'kllo9940pd9333jh'))
+  end
+
+end

metadata

@@ -0,0 +1,169 @@
+--- !ruby/object:Gem::Specification 
+name: crazylegs
+version: !ruby/object:Gem::Version 
+  hash: 29
+  prerelease: 
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Dave Copeland
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-05-09 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: sdoc
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: rdoc
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: rake
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: rcov
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: grancher
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 17
+        segments: 
+        - 0
+        - 1
+        - 5
+        version: 0.1.5
+  type: :development
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: ruby-hmac
+  prerelease: false
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 15
+        segments: 
+        - 0
+        - 4
+        - 0
+        version: 0.4.0
+  type: :runtime
+  version_requirements: *id006
+description: Couldn't get two-legged OAuth working from existing Ruby libs, so this implements it "by-hand"
+email: 
+- dave@opower.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- .rvmrc
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.rdoc
+- Rakefile
+- crazylegs.gemspec
+- lib/crazylegs.rb
+- lib/crazylegs/credentials.rb
+- lib/crazylegs/url.rb
+- lib/crazylegs/version.rb
+- test/tc_credentials.rb
+- test/tc_url.rb
+has_rdoc: true
+homepage: ""
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: crazylegs
+rubygems_version: 1.6.2
+signing_key: 
+specification_version: 3
+summary: The two-legged OAuth used in a few OPOWER libraries
+test_files: 
+- test/tc_credentials.rb
+- test/tc_url.rb