flickraw 0.9.8 → 0.9.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bc6ebd96bb86d75cb32adff22f3e2110405c9d53
-  data.tar.gz: c00d50468c5b8aa775bd0a9145d590c83fc4365a
+  metadata.gz: cdf1d2ebe95cae5115bb7e53b0e4e8f4dc9fa56a
+  data.tar.gz: 0e68d6ee1844edab7fb300051993cf071711e036
 SHA512:
-  metadata.gz: 6e600b2afe460bc96a670a0a20d7a1815cca53af6091191884f65177a843ee2d534f7a5eb1bbe965579643411f3f27dcbed1e8d26f3b4075011006d9c8b882bf
-  data.tar.gz: e784c567318a3483d5ae9c31f17aa5ca5fb8433caae3361f9c5bcd7e74664821bc5e99a2156e045eba809baeb6d5a9403078395398630b56636bd9caf36c075c
+  metadata.gz: 3d28e97c5452a9a8f662b565b02c24100bf91462b77db11a179e638ec51425efaad66a9d203b6fad997cdaac9b25c9935cb6145cb8230e62d7c16a7f16361881
+  data.tar.gz: eea3e153758348555ca757fd996089b3dad4bfda8b43eb774f2c052ef4d8f1c46411107d8ee2e87a09a9a8a245839153033a8a7749a2521fc26d2868357013d8

data/README.rdoc

@@ -101,7 +101,7 @@ If you need to have several users authenticated at the same time in your applica
 
   PHOTO_PATH='photo.jpg'
 
-  # You need to be authentified to do that, see the previous examples.
+  # You need to be authenticated to do that, see the previous examples.
   flickr.upload_photo PHOTO_PATH, :title => "Title", :description => "This is the description"
 
 == Proxy
@@ -116,11 +116,40 @@ https endpoints are used by default. If you want to use unencrypted endpoints :
   require 'flickraw'
   FlickRaw.secure = false
 
+=== Server Certificate Verification
+
+Server certificate verification is enabled by default. If you don't want to check the server certificate :
+
+  require 'flickraw'
+  FlickRaw.check_certificate = false
+
+=== CA Certificate File Path
+
+OpenSSL::X509::DEFAULT_CERT_FILE is used as a CA certificate file. If you want to change the path :
+
+  require 'flickraw'
+  FlickRaw.ca_file = '/path/to/cacert.pem'
+
+You can also specify a path to a directory with a number of certifications:
+
+  FlickRaw.ca_path = '/path/to/certificates'
+
 == Flickr URL Helpers
 
 There are some helpers to build flickr urls :
 
 === url, url_m, url_s, url_t, url_b, url_z, url_q, url_n, url_c, url_o
+ 
+  # url_s : Square
+  # url_q : Large Square
+  # url_t : Thumbnail
+  # url_m : Small
+  # url_n : Small 320
+  # url   : Medium
+  # url_z : Medium 640
+  # url_c : Medium 800
+  # url_b : Large
+  # url_o : Original
 
   info = flickr.photos.getInfo(:photo_id => "3839885270")
   FlickRaw.url_b(info) # => "https://farm3.static.flickr.com/2485/3839885270_6fb8b54e06_b.jpg"

data/examples/sinatra.rb

@@ -3,7 +3,7 @@ require 'sinatra'
 
 FlickRaw.api_key = API_KEY
 FlickRaw.shared_secret = SHARED_SECRET
-enable :sessions
+use Rack::Session::Pool
 
 get '/authenticate' do
   token = flickr.get_request_token(:oauth_callback => to('check'))
@@ -15,17 +15,17 @@ get '/check' do
   token = session.delete :token
   session[:auth_flickr] = @auth_flickr = FlickRaw::Flickr.new
   @auth_flickr.get_access_token(token['oauth_token'], token['oauth_token_secret'], params['oauth_verifier'])
-  
+
   redirect to('/authenticated')
 end
 
 get '/authenticated' do
   @auth_flickr = session[:auth_flickr]
-  
+
   login = @auth_flickr.test.login
   %{
 You are now authenticated as <em>#{login.username}</em>
 with token <strong>#{@auth_flickr.access_token}</strong> and secret <strong>#{@auth_flickr.access_secret}</strong>.
-}
+  }
 end
 

data/lib/flickraw.rb

@@ -1,4 +1,5 @@
 require 'json'
+require 'flickraw/util'
 require 'flickraw/error'
 require 'flickraw/oauth'
 require 'flickraw/request'
@@ -6,10 +7,11 @@ require 'flickraw/response'
 require 'flickraw/api'
 
 module FlickRaw
-  VERSION='0.9.8'
+  VERSION='0.9.9'
   USER_AGENT = "FlickRaw/#{VERSION}"
   
   self.secure = true
+  self.check_certificate = true
 end
 
 # Use this to access the flickr API easily. You can type directly the flickr requests as they are described on the flickr website.

data/lib/flickraw/api.rb

@@ -36,12 +36,19 @@ module FlickRaw
     
     def self.build(methods); methods.each { |m| build_request m } end
 
-    def initialize # :nodoc:
-      if FlickRaw.api_key.nil? or FlickRaw.shared_secret.nil?
-        raise FlickrAppNotConfigured.new("No API key or secret defined!")
+    def initialize(api_key: FlickRaw.api_key,
+                   shared_secret: FlickRaw.shared_secret)
+      if api_key.nil?
+        raise FlickrAppNotConfigured.new("No API key defined!")
       end
-      @oauth_consumer = OAuthClient.new(FlickRaw.api_key, FlickRaw.shared_secret)
+      if shared_secret.nil?
+        raise FlickrAppNotConfigured.new("No shared secret defined!")
+      end
+      @oauth_consumer = OAuthClient.new(api_key, shared_secret)
       @oauth_consumer.proxy = FlickRaw.proxy
+      @oauth_consumer.check_certificate = FlickRaw.check_certificate
+      @oauth_consumer.ca_file = FlickRaw.ca_file
+      @oauth_consumer.ca_path = FlickRaw.ca_path
       @oauth_consumer.user_agent = USER_AGENT
       @access_token = @access_secret = nil
       
@@ -164,7 +171,16 @@ module FlickRaw
     
     # Use ssl connection
     attr_accessor :secure
+
+    # Check the server certificate (ssl connection only)
+    attr_accessor :check_certificate
     
+    # Set path of a CA certificate file in PEM format (ssl connection only)
+    attr_accessor :ca_file
+
+    # Set path to a directory of CA certificate files in PEM format (ssl connection only)
+    attr_accessor :ca_path
+
     BASE58_ALPHABET="123456789abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ".freeze
     def base58(id)
       id = id.to_i

data/lib/flickraw/oauth.rb

@@ -63,6 +63,9 @@ module FlickRaw
     
     attr_accessor :user_agent
     attr_reader :proxy
+    attr_accessor :check_certificate
+    attr_accessor :ca_file
+    attr_accessor :ca_path
     def proxy=(url); @proxy = URI.parse(url || '') end
     
     def initialize(consumer_key, consumer_secret)
@@ -144,6 +147,9 @@ module FlickRaw
 
       http = Net::HTTP.new(url.host, url.port, @proxy.host, @proxy.port, @proxy.user, @proxy.password)
       http.use_ssl = (url.scheme == 'https')
+      http.verify_mode = (@check_certificate ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE)
+      http.ca_file = @ca_file
+      http.ca_path = @ca_path
       r = http.start {|agent|
         request = Net::HTTP::Post.new(url.path)
         request['User-Agent'] = @user_agent if @user_agent

data/lib/flickraw/request.rb

@@ -32,7 +32,7 @@ class Request
         def #{req}(*args, &block)
           @flickr.call("#{request_name}.#{req}", *args, &block)
         end
-      }
+      } if Util.safe_for_eval?(req)
       flickr_methods << req
     end
   end

data/lib/flickraw/response.rb

@@ -22,7 +22,7 @@ class Response
         when Array then v.collect {|e| Response.build(e, k)}
         else v
       end
-      methods << "def #{k}; @h['#{k}'] end;"
+      methods << "def #{k}; @h['#{k}'] end;" if Util.safe_for_eval?(k)
     }
     eval methods << "end"
   end

data/lib/flickraw/util.rb

@@ -0,0 +1,14 @@
+module FlickRaw
+  module Util
+    extend self
+
+    def sanitize(string)
+      string.gsub(/\W+/, '_') if string
+    end
+
+    def safe_for_eval?(string)
+      string == sanitize(string)
+    end
+
+  end
+end

data/test/test_request.rb

@@ -0,0 +1,32 @@
+# -*- coding: utf-8 -*-
+
+lib = File.dirname(__FILE__)
+$:.unshift lib unless $:.include?(lib)
+
+require 'test/unit'
+require 'helper'
+
+class TestReqeust < Test::Unit::TestCase
+
+  def test_flickr_api_is_accessible_via_methods
+    # Reset FlickRaw (was initialized in test/helper.rb) so the request methods
+    # are properly built
+    $flickraw = nil
+    FlickRaw::Request.instance_variable_set(:@flickr_objects, nil)
+
+    FlickRaw::Flickr.build(['flickr.fully.legal'])
+
+    assert_equal true, flickr.methods.include?(:fully)
+    assert_equal true, flickr.fully.methods.include?(:legal)
+  end
+
+  def test_invalid_keys_are_skipped
+    assert_nothing_raised {
+      FlickRaw::Flickr.build ["flickr.hacked; end; raise 'Pwned'; def x"]
+    }
+
+    assert_equal false, flickr.methods.include?(:hacked)
+  end
+
+end
+

data/test/test_response.rb

@@ -0,0 +1,31 @@
+# -*- coding: utf-8 -*-
+
+lib = File.dirname(__FILE__)
+$:.unshift lib unless $:.include?(lib)
+
+require 'test/unit'
+require 'helper'
+
+class TestResponse < Test::Unit::TestCase
+
+  def test_response_keys_are_turned_into_methods
+    subject = FlickRaw::Response.new({ 'le_gal' => 'ok', }, nil)
+
+    assert_equal true, subject.methods.include?(:le_gal)
+    assert_equal 'ok', subject.le_gal
+  end
+
+  def test_invalid_keys_are_skipped
+    response_hash = {
+      'illegal; end; raise "Pwned"; def x' => 'skipped'
+    }
+
+    assert_nothing_raised {
+      FlickRaw::Response.new(response_hash, nil)
+    }
+
+    subject = FlickRaw::Response.new(response_hash, nil)
+    assert_equal false, subject.methods.include?(:illegal)
+  end
+
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: flickraw
 version: !ruby/object:Gem::Version
-  version: 0.9.8
+  version: 0.9.9
 platform: ruby
 authors:
 - Mael Clerambault
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-04-06 00:00:00.000000000 Z
+date: 2016-06-30 00:00:00.000000000 Z
 dependencies: []
 description: 
 email: mael@clerambault.fr
@@ -16,25 +16,28 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- LICENSE
-- README.rdoc
 - examples/auth.rb
 - examples/interestingness.rb
 - examples/search.rb
 - examples/sinatra.rb
 - examples/upload.rb
 - examples/web_oauth.rb
-- flickraw_rdoc.rb
-- lib/flickraw.rb
+- test/helper.rb
+- test/test.rb
+- test/test_request.rb
+- test/test_response.rb
+- test/test_upload.rb
 - lib/flickraw/api.rb
 - lib/flickraw/error.rb
 - lib/flickraw/oauth.rb
 - lib/flickraw/request.rb
 - lib/flickraw/response.rb
+- lib/flickraw/util.rb
+- lib/flickraw.rb
+- flickraw_rdoc.rb
+- LICENSE
+- README.rdoc
 - rakefile
-- test/helper.rb
-- test/test.rb
-- test/test_upload.rb
 homepage: http://hanklords.github.com/flickraw/
 licenses:
 - MIT
@@ -55,7 +58,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.0.14
 signing_key: 
 specification_version: 4
 summary: Flickr library with a syntax close to the syntax described on http://www.flickr.com/services/api