gregwebs-oauth 0.3.6.1

data/History.txt

@@ -0,0 +1,102 @@
+== 0.3.6 2009-09-14
+
+* Added -B CLI option to use the :body authentication scheme (Seth)
+* Respect `--method` in `authorize` CLI command (Seth)
+* Support POST and PUT with raw bodies (Yu-Shan Fung et al)
+* Test clean-up (Xavier Shay, Hannes Tydén)
+* Added :ca_file consumer option to allow consumer specific certificate
+  override. (Pelle)
+
+== 0.3.5 2009-06-03
+
+* `query` CLI command to access protected resources (Seth)
+* Added -H, -Q CLI options for specifying the authentication scheme (Seth)
+* Added -O CLI option for specifying a file containing options (Seth)
+* Support streamable body contents for large request bodies (Seth Cousins)
+* Support for OAuth 1.0a (Seth)
+* Added proxy support to OAuth::Consumer (Marshall Huss)
+* Added --scope CLI option for Google's 'scope' parameter (Seth)
+
+== 0.3.4 2009-05-06
+
+* OAuth::Client::Helper uses OAuth::VERSION (chadisfaction)
+* Fix OAuth::RequestProxy::ActionControllerRequest's handling of params
+  (Tristan Groléat)
+
+== 0.3.3 2009-05-04
+
+* Corrected OAuth XMPP namespace (Seth)
+* Improved error handling for invalid Authorization headers (Matt Sanford)
+* Fixed signatures for non-ASCII under $KCODE other than 'u' (Matt Sanford)
+* Fixed edge cases in ActionControllerRequestProxy where params were being
+  incorrectly signed (Marcos Wright Kuhns)
+* Support for arguments in OAuth::Consumer#get_access_token (Matt Sanford)
+* Add gem version to user-agent header (Matt Sanford)
+* Handle input from aggressive form encoding libraries (Matt Wood)
+
+== 0.3.2 2009-03-23
+
+* 2xx statuses should be treated as success (Anders Conbere)
+* Support applications using the MethodOverride Rack middleware (László Bácsi)
+* `authorize` command for `oauth` CLI (Seth)
+* Initial support for Problem Reporting extension (Seth)
+* Verify SSL certificates if CA certificates are available (Seth)
+* Fixed ActionController parameter escaping behavior (Thiago Arrais, László
+  Bácsi, Brett Gibson, et al)
+* Fixed signature calculation when both options and a block were provided to
+  OAuth::Signature::Base#initialize (Seth)
+* Added help to the 'oauth' CLI (Seth)
+* Fixed a problem when attempting to normalize MockRequest URIs (Seth)
+
+== 0.3.1 2009-1-26
+
+* Fixed a problem with relative and absolute token request paths. (Michael
+  Wood)
+
+== 0.3.0 2009-1-25
+
+* Support ActionController::Request from Edge Rails (László Bácsi)
+* Correctly handle multi-valued parameters (Seth)
+* Added #normalized_parameters to OAuth::RequestProxy::Base (Pelle)
+* OAuth::Signature.sign and friends now yield the RequestProxy instead of the
+  token when the passed block's arity is 1. (Seth)
+* Token requests are made to the configured URL rather than generating a
+  potentially incorrect one.  (Kellan Elliott-McCrea)
+* Command-line app for generating signatures. (Seth)
+* Improved test-cases and compatibility for encoding issues. (Pelle)
+
+== 0.2.7 2008-9-10 The lets fix the last release release
+
+* Fixed plain text signatures (Andrew Arrow)
+* Fixed RSA requests using OAuthTokens. (Philip Lipu Tsai)
+
+== 0.2.6 2008-9-9 The lets RSA release
+
+* Improved support for Ruby 1.8.7 (Bill Kocik)
+* Fixed RSA verification to support RSA providers
+  now using Ruby and RSA
+* Improved RSA testing
+* Omit token when signing with RSA
+* Added support for 'private_key_file' option for RSA signatures (Chris Mear)
+* Fixed several edge cases where params were being incorrectly signed (Scott
+  Hill)
+* Fixed RSA signing (choonkeat)
+
+== 0.2.2 2008-2-22 Lets actually support SSL release
+
+* Use HTTPS when required.
+
+== 0.2 2008-1-19 All together now release
+
+This is a big release, where we have merged the efforts of various parties into one common library. This means there are definitely some API changes you should be aware of. They should be minimal but please have a look at the unit tests.
+
+== 0.1.2 2007-12-1
+
+* Fixed checks for missing OAuth params to improve performance
+* Includes Pat's fix for getting the realm out.
+
+== 0.1.1 2007-11-26
+
+* First release as a GEM
+* Moved all non-Rails functionality from the Rails plugin:
+  http://code.google.com/p/oauth-plugin/

data/License.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2007 Blaine Cook, Larry Halff, Pelle Braendgaard
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/Manifest.txt

@@ -0,0 +1,84 @@
+History.txt
+License.txt
+Manifest.txt
+README.rdoc
+Rakefile
+TODO
+bin/oauth
+examples/yql.rb
+lib/oauth.rb
+lib/oauth/oauth.rb
+lib/oauth/cli.rb
+lib/oauth/client.rb
+lib/oauth/client/action_controller_request.rb
+lib/oauth/client/helper.rb
+lib/oauth/client/net_http.rb
+lib/oauth/consumer.rb
+lib/oauth/errors.rb
+lib/oauth/errors/error.rb
+lib/oauth/errors/problem.rb
+lib/oauth/errors/unauthorized.rb
+lib/oauth/helper.rb
+lib/oauth/oauth_test_helper.rb
+lib/oauth/request_proxy.rb
+lib/oauth/request_proxy/action_controller_request.rb
+lib/oauth/request_proxy/base.rb
+lib/oauth/request_proxy/jabber_request.rb
+lib/oauth/request_proxy/mock_request.rb
+lib/oauth/request_proxy/net_http.rb
+lib/oauth/request_proxy/rack_request.rb
+lib/oauth/server.rb
+lib/oauth/signature.rb
+lib/oauth/signature/base.rb
+lib/oauth/signature/hmac/base.rb
+lib/oauth/signature/hmac/md5.rb
+lib/oauth/signature/hmac/rmd160.rb
+lib/oauth/signature/hmac/sha1.rb
+lib/oauth/signature/hmac/sha2.rb
+lib/oauth/signature/md5.rb
+lib/oauth/signature/plaintext.rb
+lib/oauth/signature/rsa/sha1.rb
+lib/oauth/signature/sha1.rb
+lib/oauth/token.rb
+lib/oauth/tokens/access_token.rb
+lib/oauth/tokens/consumer_token.rb
+lib/oauth/tokens/request_token.rb
+lib/oauth/tokens/server_token.rb
+lib/oauth/tokens/token.rb
+lib/oauth/version.rb
+oauth.gemspec
+script/destroy
+script/generate
+script/txt2html
+setup.rb
+tasks/deployment.rake
+tasks/environment.rake
+tasks/website.rake
+test/cases/oauth_case.rb
+test/cases/spec/1_0-final/test_construct_request_url.rb
+test/cases/spec/1_0-final/test_normalize_request_parameters.rb
+test/cases/spec/1_0-final/test_parameter_encodings.rb
+test/cases/spec/1_0-final/test_signature_base_strings.rb
+test/keys/rsa.cert
+test/keys/rsa.pem
+test/test_access_token.rb
+test/test_action_controller_request_proxy.rb
+test/test_consumer.rb
+test/test_helper.rb
+test/test_hmac_sha1.rb
+test/test_net_http_client.rb
+test/test_net_http_request_proxy.rb
+test/test_oauth_helper.rb
+test/test_rack_request_proxy.rb
+test/test_request_token.rb
+test/test_rsa_sha1.rb
+test/test_server.rb
+test/test_signature.rb
+test/test_signature_base.rb
+test/test_signature_plain_text.rb
+test/test_token.rb
+website/index.html
+website/index.txt
+website/javascripts/rounded_corners_lite.inc.js
+website/stylesheets/screen.css
+website/template.rhtml

data/README.rdoc

@@ -0,0 +1,71 @@
+= Ruby OAuth GEM
+
+== What
+
+This is a RubyGem for implementing both OAuth clients and servers in Ruby applications.
+
+See the OAuth specs http://oauth.net/core/1.0/
+
+== Installing
+
+  sudo gem install oauth
+
+You can also install it from the oauth rubyforge project http://rubyforge.org/projects/oauth/.
+
+The source code is now hosted on the OAuth GitHub Project http://github.com/mojodna/oauth
+
+== The basics
+
+This is a ruby library which is intended to be used in creating Ruby Consumer and Service Provider applications. It is NOT a Rails plugin, but could easily be used for the foundation for such a Rails plugin.
+
+As a matter of fact it has been pulled out from an OAuth Rails Plugin http://code.google.com/p/oauth-plugin/ which now requires this GEM.
+
+== Demonstration of usage
+
+Create a new consumer instance by passing it a configuration hash:
+
+  @consumer = OAuth::Consumer.new("key","secret", :site => "https://agree2")
+
+Start the process by requesting a token
+
+  @request_token = @consumer.get_request_token
+  session[:request_token] = @request_token
+  redirect_to @request_token.authorize_url
+
+When user returns create an access_token
+
+  @access_token = @request_token.get_access_token
+  @photos = @access_token.get('/photos.xml')
+
+For more detailed instructions I have written this OAuth Client Tutorial http://stakeventures.com/articles/2008/02/23/developing-oauth-clients-in-ruby and "How to turn your rails site into an OAuth Provider ":http://stakeventures.com/articles/2007/11/26/how-to-turn-your-rails-site-into-an-oauth-provider .
+
+Finally be sure to check out the OAuth RDoc Manual http://oauth.rubyforge.org/rdoc/ .
+
+== Documentation Wiki
+
+There is some documentation on the Google Code project for the "OAuth Rails Plugin":http://code.google.com/p/oauth-plugin/ :
+
+* RequestToken http://code.google.com/p/oauth-plugin/wiki/RequestToken
+* AccessToken http://code.google.com/p/oauth-plugin/wiki/AccessToken
+
+== Forum
+
+http://groups.google.com/group/oauth-ruby
+
+
+== How to submit patches
+
+Read the "8 steps for fixing other people's code" http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/.
+
+The source code is now hosted on the OAuth GitHub Project http://github.com/mojodna/oauth
+
+To submit a patch, please fork the oauth project and create a patch with tests. Once you're happy with it send a pull request and post a message to the google group.
+
+== License
+
+This code is free to use under the terms of the MIT license. 
+
+== Contact
+
+Comments are welcome. Send an email to "Pelle Braendgaard" pelleb@gmail.com email via the OAuth Ruby mailing list http://groups.google.com/group/oauth-ruby
+

data/Rakefile

@@ -0,0 +1,36 @@
+%w[rubygems rake rake/clean fileutils newgem rubigen hoe].each { |f| require f }
+$LOAD_PATH << File.dirname(__FILE__) + '/lib'
+require 'oauth'
+require 'oauth/version'
+
+# Generate all the Rake tasks
+# Run 'rake -T' to see list of generated tasks (from gem root directory)
+$hoe = Hoe.new('oauth', OAuth::VERSION) do |p|
+  p.author = ['Pelle Braendgaard','Blaine Cook','Larry Halff','Jesse Clark','Jon Crosby', 'Seth Fitzsimmons']
+  p.email = "oauth-ruby@googlegroups.com"
+  p.description = "OAuth Core Ruby implementation"
+  p.summary = p.description
+  p.changes              = p.paragraphs_of("History.txt", 0..1).join("\n\n")
+  p.rubyforge_name       = p.name # TODO this is default value
+  p.url = "http://oauth.rubyforge.org"
+
+  p.extra_deps         = [
+    ['ruby-hmac','>= 0.3.1']
+  ]
+  p.extra_dev_deps = [
+    ['newgem', ">= #{::Newgem::VERSION}"],
+    ['actionpack'],
+    ['rack']
+  ]
+
+  p.clean_globs |= %w[**/.DS_Store tmp *.log **/.*.sw? *.gem .config **/.DS_Store]
+  path = (p.rubyforge_name == p.name) ? p.rubyforge_name : "\#{p.rubyforge_name}/\#{p.name}"
+  p.remote_rdoc_dir = File.join(path.gsub(/^#{p.rubyforge_name}\/?/,''), 'rdoc')
+  p.rsync_args = '-av --delete --ignore-errors'
+end
+
+require 'newgem/tasks' # load /tasks/*.rake
+Dir['tasks/**/*.rake'].each { |t| load t }
+
+# TODO - want other tests/tasks run by default? Add them to the list
+# task :default => [:spec, :features]

data/TODO

@@ -0,0 +1,31 @@
+Common use-cases should be streamlined:
+
+* I have a URL that I want to sign (given consumer key/secret, optional
+  token/secret, optional nonce/timestamp).
+* I have a URL that I want to sign AND I want to see what the components
+  (e.g. signature base string, etc.) are while it's being signed (i.e. verbose
+  signing).
+* I have a URL that I want to sign and I only want the signature.
+* I have a URL that I want to sign and I want something suitable to put in
+  {the header, the querystring, XMPP}.
+* I want to make a query to an OAuth-enabled web service (with sensible
+  errors, if available).
+* I want to host an OAuth-enabled web service.
+* I want to test my OAuth-enabled web service (i.e. test helpers)
+
+Example applications for:
+* Ning
+* Fire Eagle
+* Google (blogger, contacts)
+* Twitter
+* YOS / YQL
+* Netflix
+
+In addition to providing best practices of use, these can also be part of
+the pre-release checks to make sure that there have been no regressions.
+
+Random TODOs:
+* finish CLI
+* sensible Exception hierarchy
+* Tokens as Modules
+* don't tie to Net::HTTP

data/bin/oauth

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby -w -rubygems
+
+require "oauth/cli"
+
+OAuth::CLI.execute(STDOUT, STDIN, STDERR, ARGV)

data/examples/yql.rb

@@ -0,0 +1,44 @@
+#!/usr/bin/env ruby -rubygems
+
+# Sample queries:
+#  ./yql.rb --consumer-key <key> --consumer-secret <secret> "show tables"
+#  ./yql.rb --consumer-key <key> --consumer-secret <secret> "select * from flickr.photos.search where text='Cat' limit 10"
+
+require 'oauth'
+require 'optparse'
+require 'json'
+require 'pp'
+
+options = {}
+
+option_parser = OptionParser.new do |opts|
+  opts.banner = "Usage: #{$0} [options] <query>"
+
+  opts.on("--consumer-key KEY", "Specifies the consumer key to use.") do |v|
+    options[:consumer_key] = v
+  end
+
+  opts.on("--consumer-secret SECRET", "Specifies the consumer secret to use.") do |v|
+    options[:consumer_secret] = v
+  end
+end
+
+option_parser.parse!
+query = ARGV.pop
+query = STDIN.read if query == "-"
+
+if options[:consumer_key].nil? || options[:consumer_secret].nil? || query.nil?
+  puts option_parser.help
+  exit 1
+end
+
+consumer = OAuth::Consumer.new \
+  options[:consumer_key],
+  options[:consumer_secret],
+  :site => "http://query.yahooapis.com"
+
+access_token = OAuth::AccessToken.new(consumer)
+
+response = access_token.request(:get, "/v1/yql?q=#{OAuth::Helper.escape(query)}&format=json")
+rsp = JSON.parse(response.body)
+pp rsp

data/lib/oauth.rb

@@ -0,0 +1,4 @@
+require 'oauth/oauth'
+require 'oauth/client/helper'
+require 'oauth/signature/hmac/sha1'
+require 'oauth/request_proxy/mock_request'

data/lib/oauth/cli.rb

@@ -0,0 +1,378 @@
+require 'optparse'
+require 'oauth'
+
+module OAuth
+  class CLI
+    SUPPORTED_COMMANDS = {
+      "authorize" => "Obtain an access token and secret for a user",
+      "debug"     => "Verbosely generate an OAuth signature",
+      "query"     => "Query a protected resource",
+      "sign"      => "Generate an OAuth signature",
+      "version"   => "Display the current version of the library"
+    }
+
+    attr_reader :command
+    attr_reader :options
+    attr_reader :stdout, :stdin
+
+    def self.execute(stdout, stdin, stderr, arguments = [])
+      self.new.execute(stdout, stdin, stderr, arguments)
+    end
+
+    def initialize
+      @options = {}
+
+      # don't dump a backtrace on a ^C
+      trap(:INT) {
+        exit
+      }
+    end
+
+    def execute(stdout, stdin, stderr, arguments = [])
+      @stdout = stdout
+      @stdin  = stdin
+      @stderr = stderr
+      extract_command_and_parse_options(arguments)
+
+      if sufficient_options? && valid_command?
+        if command == "debug"
+          @command = "sign"
+          @options[:verbose] = true
+        end
+
+        case command
+        # TODO move command logic elsewhere
+        when "authorize"
+          begin
+            consumer = OAuth::Consumer.new \
+              options[:oauth_consumer_key],
+              options[:oauth_consumer_secret],
+              :access_token_url  => options[:access_token_url],
+              :authorize_url     => options[:authorize_url],
+              :request_token_url => options[:request_token_url],
+              :scheme            => options[:scheme],
+              :http_method       => options[:method].to_s.downcase.to_sym
+
+            # parameters for OAuth 1.0a
+            oauth_verifier = nil
+
+            # get a request token
+            request_token = consumer.get_request_token({ :oauth_callback => options[:oauth_callback] }, { "scope" => options[:scope] })
+
+            if request_token.callback_confirmed?
+              stdout.puts "Server appears to support OAuth 1.0a; enabling support."
+              options[:version] = "1.0a"
+            end
+
+            stdout.puts "Please visit this url to authorize:"
+            stdout.puts request_token.authorize_url
+
+            if options[:version] == "1.0a"
+              stdout.puts "Please enter the verification code provided by the SP (oauth_verifier):"
+              oauth_verifier = stdin.gets.chomp
+            else
+              stdout.puts "Press return to continue..."
+              stdin.gets
+            end
+
+            begin
+              # get an access token
+              access_token = request_token.get_access_token(:oauth_verifier => oauth_verifier)
+
+              stdout.puts "Response:"
+              access_token.params.each do |k,v|
+                stdout.puts "  #{k}: #{v}" unless k.is_a?(Symbol)
+              end
+            rescue OAuth::Unauthorized => e
+              stderr.puts "A problem occurred while attempting to obtain an access token:"
+              stderr.puts e
+              stderr.puts e.request.body
+            end
+          rescue OAuth::Unauthorized => e
+            stderr.puts "A problem occurred while attempting to authorize:"
+            stderr.puts e
+            stderr.puts e.request.body
+          end
+        when "query"
+          consumer = OAuth::Consumer.new \
+            options[:oauth_consumer_key],
+            options[:oauth_consumer_secret],
+            :scheme => options[:scheme]
+
+          access_token = OAuth::AccessToken.new(consumer, options[:oauth_token], options[:oauth_token_secret])
+
+          # append params to the URL
+          uri = URI.parse(options[:uri])
+          params = prepare_parameters.map { |k,v| v.map { |v2| "#{URI.encode(k)}=#{URI.encode(v2)}" } * "&" }
+          uri.query = [uri.query, *params].reject { |x| x.nil? } * "&"
+          p uri.to_s
+
+          response = access_token.request(options[:method].downcase.to_sym, uri.to_s)
+          puts "#{response.code} #{response.message}"
+          puts response.body
+        when "sign"
+          parameters = prepare_parameters
+
+          request = OAuth::RequestProxy.proxy \
+             "method"     => options[:method],
+             "uri"        => options[:uri],
+             "parameters" => parameters
+
+          if verbose?
+            stdout.puts "OAuth parameters:"
+            request.oauth_parameters.each do |k,v|
+              stdout.puts "  " + [k, v] * ": "
+            end
+            stdout.puts
+
+            if request.non_oauth_parameters.any?
+              stdout.puts "Parameters:"
+              request.non_oauth_parameters.each do |k,v|
+                stdout.puts "  " + [k, v] * ": "
+              end
+              stdout.puts
+            end
+          end
+
+          request.sign! \
+            :consumer_secret => options[:oauth_consumer_secret],
+            :token_secret    => options[:oauth_token_secret]
+
+          if verbose?
+            stdout.puts "Method: #{request.method}"
+            stdout.puts "URI: #{request.uri}"
+            stdout.puts "Normalized params: #{request.normalized_parameters}" unless options[:xmpp]
+            stdout.puts "Signature base string: #{request.signature_base_string}"
+
+            if options[:xmpp]
+              stdout.puts
+              stdout.puts "XMPP Stanza:"
+              stdout.puts <<-EOS
+  <oauth xmlns='urn:xmpp:oauth:0'>
+    <oauth_consumer_key>#{request.oauth_consumer_key}</oauth_consumer_key>
+    <oauth_token>#{request.oauth_token}</oauth_token>
+    <oauth_signature_method>#{request.oauth_signature_method}</oauth_signature_method>
+    <oauth_signature>#{request.oauth_signature}</oauth_signature>
+    <oauth_timestamp>#{request.oauth_timestamp}</oauth_timestamp>
+    <oauth_nonce>#{request.oauth_nonce}</oauth_nonce>
+    <oauth_version>#{request.oauth_version}</oauth_version>
+  </oauth>
+              EOS
+              stdout.puts
+              stdout.puts "Note: You may want to use bare JIDs in your URI."
+              stdout.puts
+            else
+              stdout.puts "OAuth Request URI: #{request.signed_uri}"
+              stdout.puts "Request URI: #{request.signed_uri(false)}"
+              stdout.puts "Authorization header: #{request.oauth_header(:realm => options[:realm])}"
+            end
+            stdout.puts "Signature:         #{request.oauth_signature}"
+            stdout.puts "Escaped signature: #{OAuth::Helper.escape(request.oauth_signature)}"
+          else
+            stdout.puts request.oauth_signature
+          end
+        when "version"
+          puts "OAuth for Ruby #{OAuth::VERSION}"
+        end
+      else
+        usage
+      end
+    end
+
+  protected
+
+    def extract_command_and_parse_options(arguments)
+      @command = arguments[-1]
+      parse_options(arguments[0..-1])
+    end
+
+    def option_parser(arguments = "")
+      # TODO add realm parameter
+      # TODO add user-agent parameter
+      option_parser = OptionParser.new do |opts|
+        opts.banner = "Usage: #{$0} [options] <command>"
+
+        # defaults
+        options[:oauth_nonce] = OAuth::Helper.generate_key
+        options[:oauth_signature_method] = "HMAC-SHA1"
+        options[:oauth_timestamp] = OAuth::Helper.generate_timestamp
+        options[:oauth_version] = "1.0"
+        options[:method] = :post
+        options[:params] = []
+        options[:scheme] = :header
+        options[:version] = "1.0"
+
+        ## Common Options
+
+        opts.on("-B", "--body", "Use the request body for OAuth parameters.") do
+          options[:scheme] = :body
+        end
+
+        opts.on("--consumer-key KEY", "Specifies the consumer key to use.") do |v|
+          options[:oauth_consumer_key] = v
+        end
+
+        opts.on("--consumer-secret SECRET", "Specifies the consumer secret to use.") do |v|
+          options[:oauth_consumer_secret] = v
+        end
+
+        opts.on("-H", "--header", "Use the 'Authorization' header for OAuth parameters (default).") do
+          options[:scheme] = :header
+        end
+
+        opts.on("-Q", "--query-string", "Use the query string for OAuth parameters.") do
+          options[:scheme] = :query_string
+        end
+
+        opts.on("-O", "--options FILE", "Read options from a file") do |v|
+          arguments.unshift(*open(v).readlines.map { |l| l.chomp.split(" ") }.flatten)
+        end
+
+        ## Options for signing and making requests
+
+        opts.separator("\n  options for signing and querying")
+
+        opts.on("--method METHOD", "Specifies the method (e.g. GET) to use when signing.") do |v|
+          options[:method] = v
+        end
+
+        opts.on("--nonce NONCE", "Specifies the none to use.") do |v|
+          options[:oauth_nonce] = v
+        end
+
+        opts.on("--parameters PARAMS", "Specifies the parameters to use when signing.") do |v|
+          options[:params] << v
+        end
+
+        opts.on("--signature-method METHOD", "Specifies the signature method to use; defaults to HMAC-SHA1.") do |v|
+          options[:oauth_signature_method] = v
+        end
+
+        opts.on("--secret SECRET", "Specifies the token secret to use.") do |v|
+          options[:oauth_token_secret] = v
+        end
+
+        opts.on("--timestamp TIMESTAMP", "Specifies the timestamp to use.") do |v|
+          options[:oauth_timestamp] = v
+        end
+
+        opts.on("--token TOKEN", "Specifies the token to use.") do |v|
+          options[:oauth_token] = v
+        end
+
+        opts.on("--realm REALM", "Specifies the realm to use.") do |v|
+          options[:realm] = v
+        end
+
+        opts.on("--uri URI", "Specifies the URI to use when signing.") do |v|
+          options[:uri] = v
+        end
+
+        opts.on(:OPTIONAL, "--version VERSION", "Specifies the OAuth version to use.") do |v|
+          if v
+            options[:oauth_version] = v
+          else
+            @command = "version"
+          end
+        end
+
+        opts.on("--no-version", "Omit oauth_version.") do
+          options[:oauth_version] = nil
+        end
+
+        opts.on("--xmpp", "Generate XMPP stanzas.") do
+          options[:xmpp] = true
+          options[:method] ||= "iq"
+        end
+
+        opts.on("-v", "--verbose", "Be verbose.") do
+          options[:verbose] = true
+        end
+
+        ## Options for authorization
+
+        opts.separator("\n  options for authorization")
+
+        opts.on("--access-token-url URL", "Specifies the access token URL.") do |v|
+          options[:access_token_url] = v
+        end
+
+        opts.on("--authorize-url URL", "Specifies the authorization URL.") do |v|
+          options[:authorize_url] = v
+        end
+
+        opts.on("--callback-url URL", "Specifies a callback URL.") do |v|
+          options[:oauth_callback] = v
+        end
+
+        opts.on("--request-token-url URL", "Specifies the request token URL.") do |v|
+          options[:request_token_url] = v
+        end
+
+        opts.on("--scope SCOPE", "Specifies the scope (Google-specific).") do |v|
+          options[:scope] = v
+        end
+      end
+    end
+
+    def parse_options(arguments)
+      option_parser(arguments).parse!(arguments)
+    end
+
+    def prepare_parameters
+      escaped_pairs = options[:params].collect do |pair|
+        if pair =~ /:/
+          Hash[*pair.split(":", 2)].collect do |k,v|
+            [CGI.escape(k.strip), CGI.escape(v.strip)] * "="
+          end
+        else
+          pair
+        end
+      end
+
+      querystring = escaped_pairs * "&"
+      cli_params = CGI.parse(querystring)
+
+      {
+        "oauth_consumer_key"     => options[:oauth_consumer_key],
+        "oauth_nonce"            => options[:oauth_nonce],
+        "oauth_timestamp"        => options[:oauth_timestamp],
+        "oauth_token"            => options[:oauth_token],
+        "oauth_signature_method" => options[:oauth_signature_method],
+        "oauth_version"          => options[:oauth_version]
+      }.reject { |k,v| v.nil? || v == "" }.merge(cli_params)
+    end
+
+    def sufficient_options?
+      case command
+      # TODO move command logic elsewhere
+      when "authorize"
+        options[:oauth_consumer_key] && options[:oauth_consumer_secret] &&
+          options[:access_token_url] && options[:authorize_url] &&
+          options[:request_token_url]
+      when "version"
+        true
+      else
+        options[:oauth_consumer_key] && options[:oauth_consumer_secret] &&
+          options[:method] && options[:uri]
+      end
+    end
+
+    def usage
+      stdout.puts option_parser.help
+      stdout.puts
+      stdout.puts "Available commands:"
+      SUPPORTED_COMMANDS.each do |command, desc|
+        puts "   #{command.ljust(15)}#{desc}"
+      end
+    end
+
+    def valid_command?
+      SUPPORTED_COMMANDS.keys.include?(command)
+    end
+
+    def verbose?
+      options[:verbose]
+    end
+  end
+end