metavida-oauth 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- data/History.txt +66 -0
- data/License.txt +20 -0
- data/Manifest.txt +83 -0
- data/README.rdoc +71 -0
- data/Rakefile +36 -0
- data/TODO +32 -0
- data/bin/oauth +5 -0
- data/examples/yql.rb +44 -0
- data/lib/oauth/cli.rb +300 -0
- data/lib/oauth/client/action_controller_request.rb +53 -0
- data/lib/oauth/client/helper.rb +71 -0
- data/lib/oauth/client/net_http.rb +78 -0
- data/lib/oauth/client.rb +4 -0
- data/lib/oauth/consumer.rb +296 -0
- data/lib/oauth/errors/error.rb +4 -0
- data/lib/oauth/errors/problem.rb +14 -0
- data/lib/oauth/errors/unauthorized.rb +12 -0
- data/lib/oauth/errors.rb +3 -0
- data/lib/oauth/helper.rb +55 -0
- data/lib/oauth/oauth.rb +7 -0
- data/lib/oauth/oauth_test_helper.rb +25 -0
- data/lib/oauth/request_proxy/action_controller_request.rb +68 -0
- data/lib/oauth/request_proxy/base.rb +157 -0
- data/lib/oauth/request_proxy/jabber_request.rb +41 -0
- data/lib/oauth/request_proxy/mock_request.rb +44 -0
- data/lib/oauth/request_proxy/net_http.rb +65 -0
- data/lib/oauth/request_proxy/rack_request.rb +40 -0
- data/lib/oauth/request_proxy.rb +24 -0
- data/lib/oauth/server.rb +66 -0
- data/lib/oauth/signature/base.rb +91 -0
- data/lib/oauth/signature/hmac/base.rb +12 -0
- data/lib/oauth/signature/hmac/md5.rb +9 -0
- data/lib/oauth/signature/hmac/rmd160.rb +9 -0
- data/lib/oauth/signature/hmac/sha1.rb +9 -0
- data/lib/oauth/signature/hmac/sha2.rb +9 -0
- data/lib/oauth/signature/md5.rb +13 -0
- data/lib/oauth/signature/plaintext.rb +23 -0
- data/lib/oauth/signature/rsa/sha1.rb +45 -0
- data/lib/oauth/signature/sha1.rb +13 -0
- data/lib/oauth/signature.rb +28 -0
- data/lib/oauth/token.rb +7 -0
- data/lib/oauth/tokens/access_token.rb +68 -0
- data/lib/oauth/tokens/consumer_token.rb +32 -0
- data/lib/oauth/tokens/request_token.rb +28 -0
- data/lib/oauth/tokens/server_token.rb +9 -0
- data/lib/oauth/tokens/token.rb +17 -0
- data/lib/oauth/version.rb +3 -0
- data/lib/oauth.rb +4 -0
- data/oauth.gemspec +49 -0
- data/script/destroy +14 -0
- data/script/generate +14 -0
- data/script/txt2html +74 -0
- data/setup.rb +1585 -0
- data/tasks/deployment.rake +34 -0
- data/tasks/environment.rake +7 -0
- data/tasks/website.rake +17 -0
- data/test/cases/oauth_case.rb +19 -0
- data/test/cases/spec/1_0-final/test_construct_request_url.rb +62 -0
- data/test/cases/spec/1_0-final/test_normalize_request_parameters.rb +88 -0
- data/test/cases/spec/1_0-final/test_parameter_encodings.rb +86 -0
- data/test/cases/spec/1_0-final/test_signature_base_strings.rb +77 -0
- data/test/keys/rsa.cert +11 -0
- data/test/keys/rsa.pem +16 -0
- data/test/test_access_token.rb +28 -0
- data/test/test_action_controller_request_proxy.rb +45 -0
- data/test/test_consumer.rb +327 -0
- data/test/test_helper.rb +11 -0
- data/test/test_hmac_sha1.rb +21 -0
- data/test/test_net_http_client.rb +169 -0
- data/test/test_net_http_request_proxy.rb +38 -0
- data/test/test_rack_request_proxy.rb +40 -0
- data/test/test_request_token.rb +53 -0
- data/test/test_rsa_sha1.rb +59 -0
- data/test/test_server.rb +40 -0
- data/test/test_signature.rb +11 -0
- data/test/test_signature_base.rb +32 -0
- data/test/test_signature_plain_text.rb +31 -0
- data/test/test_token.rb +14 -0
- data/website/index.html +87 -0
- data/website/index.txt +73 -0
- data/website/javascripts/rounded_corners_lite.inc.js +285 -0
- data/website/stylesheets/screen.css +138 -0
- data/website/template.rhtml +48 -0
- metadata +212 -0
@@ -0,0 +1,68 @@
|
|
1
|
+
require 'active_support'
|
2
|
+
require 'action_controller/request'
|
3
|
+
require 'oauth/request_proxy/base'
|
4
|
+
require 'uri'
|
5
|
+
|
6
|
+
module OAuth::RequestProxy
|
7
|
+
class ActionControllerRequest < OAuth::RequestProxy::Base
|
8
|
+
proxies(defined?(ActionController::AbstractRequest) ? ActionController::AbstractRequest : ActionController::Request)
|
9
|
+
|
10
|
+
def method
|
11
|
+
request.method.to_s.upcase
|
12
|
+
end
|
13
|
+
|
14
|
+
def uri
|
15
|
+
case request
|
16
|
+
when ActionController::CgiRequest
|
17
|
+
tmp = URI.parse("#{ request.protocol }#{ request.host_with_port }#{ request.cgi.path_info }")
|
18
|
+
tmp.query = request.query_string unless request.query_string.blank?
|
19
|
+
tmp.to_s
|
20
|
+
else
|
21
|
+
request.url
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def parameters
|
26
|
+
if options[:clobber_request]
|
27
|
+
options[:parameters] || {}
|
28
|
+
else
|
29
|
+
params = request_params.merge(query_params).merge(header_params)
|
30
|
+
params.stringify_keys! if params.respond_to?(:stringify_keys!)
|
31
|
+
params.merge(options[:parameters] || {})
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
# Override from OAuth::RequestProxy::Base to avoid roundtrip
|
36
|
+
# conversion to Hash or Array and thus preserve the original
|
37
|
+
# parameter names
|
38
|
+
def parameters_for_signature
|
39
|
+
params = []
|
40
|
+
params << options[:parameters].to_query if options[:parameters]
|
41
|
+
|
42
|
+
unless options[:clobber_request]
|
43
|
+
params << header_params.to_query
|
44
|
+
params << request.query_string unless request.query_string.blank?
|
45
|
+
if request.content_type == Mime::Type.lookup("application/x-www-form-urlencoded")
|
46
|
+
params << request.raw_post
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
params.
|
51
|
+
join('&').split('&').
|
52
|
+
reject { |kv| kv =~ /^oauth_signature=.*/}.
|
53
|
+
reject(&:blank?).
|
54
|
+
map { |p| p.split('=').map{|esc| CGI.unescape(esc)} }
|
55
|
+
end
|
56
|
+
|
57
|
+
protected
|
58
|
+
|
59
|
+
def query_params
|
60
|
+
request.query_parameters
|
61
|
+
end
|
62
|
+
|
63
|
+
def request_params
|
64
|
+
request.request_parameters
|
65
|
+
end
|
66
|
+
|
67
|
+
end
|
68
|
+
end
|
@@ -0,0 +1,157 @@
|
|
1
|
+
require 'oauth/request_proxy'
|
2
|
+
require 'oauth/helper'
|
3
|
+
|
4
|
+
module OAuth::RequestProxy
|
5
|
+
class Base
|
6
|
+
include OAuth::Helper
|
7
|
+
|
8
|
+
def self.proxies(klass)
|
9
|
+
OAuth::RequestProxy.available_proxies[klass] = self
|
10
|
+
end
|
11
|
+
|
12
|
+
attr_accessor :request, :options
|
13
|
+
|
14
|
+
def initialize(request, options = {})
|
15
|
+
@request = request
|
16
|
+
@options = options
|
17
|
+
end
|
18
|
+
|
19
|
+
## OAuth parameters
|
20
|
+
|
21
|
+
def oauth_consumer_key
|
22
|
+
parameters['oauth_consumer_key']
|
23
|
+
end
|
24
|
+
|
25
|
+
def oauth_nonce
|
26
|
+
parameters['oauth_nonce']
|
27
|
+
end
|
28
|
+
|
29
|
+
def oauth_signature
|
30
|
+
# TODO can this be nil?
|
31
|
+
parameters['oauth_signature'] || ""
|
32
|
+
end
|
33
|
+
|
34
|
+
def oauth_signature_method
|
35
|
+
case parameters['oauth_signature_method']
|
36
|
+
when Array
|
37
|
+
parameters['oauth_signature_method'].first
|
38
|
+
else
|
39
|
+
parameters['oauth_signature_method']
|
40
|
+
end
|
41
|
+
end
|
42
|
+
|
43
|
+
def oauth_timestamp
|
44
|
+
parameters['oauth_timestamp']
|
45
|
+
end
|
46
|
+
|
47
|
+
def oauth_token
|
48
|
+
parameters['oauth_token']
|
49
|
+
end
|
50
|
+
|
51
|
+
def oauth_version
|
52
|
+
parameters["oauth_version"]
|
53
|
+
end
|
54
|
+
|
55
|
+
# TODO deprecate these
|
56
|
+
alias_method :consumer_key, :oauth_consumer_key
|
57
|
+
alias_method :token, :oauth_token
|
58
|
+
alias_method :nonce, :oauth_nonce
|
59
|
+
alias_method :timestamp, :oauth_timestamp
|
60
|
+
alias_method :signature, :oauth_signature
|
61
|
+
alias_method :signature_method, :oauth_signature_method
|
62
|
+
|
63
|
+
## Parameter accessors
|
64
|
+
|
65
|
+
def parameters
|
66
|
+
raise NotImplementedError, "Must be implemented by subclasses"
|
67
|
+
end
|
68
|
+
|
69
|
+
def parameters_for_signature
|
70
|
+
parameters.reject { |k,v| k == "oauth_signature" }
|
71
|
+
end
|
72
|
+
|
73
|
+
def oauth_parameters
|
74
|
+
parameters.select { |k,v| OAuth::PARAMETERS.include?(k) }.reject { |k,v| v == "" }
|
75
|
+
end
|
76
|
+
|
77
|
+
def non_oauth_parameters
|
78
|
+
parameters.reject { |k,v| OAuth::PARAMETERS.include?(k) }
|
79
|
+
end
|
80
|
+
|
81
|
+
# See 9.1.2 in specs
|
82
|
+
def normalized_uri
|
83
|
+
u = URI.parse(uri)
|
84
|
+
"#{u.scheme.downcase}://#{u.host.downcase}#{(u.scheme.downcase == 'http' && u.port != 80) || (u.scheme.downcase == 'https' && u.port != 443) ? ":#{u.port}" : ""}#{(u.path && u.path != '') ? u.path : '/'}"
|
85
|
+
end
|
86
|
+
|
87
|
+
# See 9.1.1. in specs Normalize Request Parameters
|
88
|
+
def normalized_parameters
|
89
|
+
normalize(parameters_for_signature)
|
90
|
+
end
|
91
|
+
|
92
|
+
def sign(options = {})
|
93
|
+
OAuth::Signature.sign(self, options)
|
94
|
+
end
|
95
|
+
|
96
|
+
def sign!(options = {})
|
97
|
+
parameters["oauth_signature"] = sign(options)
|
98
|
+
@signed = true
|
99
|
+
signature
|
100
|
+
end
|
101
|
+
|
102
|
+
# See 9.1 in specs
|
103
|
+
def signature_base_string
|
104
|
+
base = [method, normalized_uri, normalized_parameters]
|
105
|
+
base.map { |v| escape(v) }.join("&")
|
106
|
+
end
|
107
|
+
|
108
|
+
# Has this request been signed yet?
|
109
|
+
def signed?
|
110
|
+
@signed
|
111
|
+
end
|
112
|
+
|
113
|
+
# URI, including OAuth parameters
|
114
|
+
def signed_uri(with_oauth = true)
|
115
|
+
if signed?
|
116
|
+
if with_oauth
|
117
|
+
params = parameters
|
118
|
+
else
|
119
|
+
params = non_oauth_parameters
|
120
|
+
end
|
121
|
+
|
122
|
+
[uri, normalize(params)] * "?"
|
123
|
+
else
|
124
|
+
STDERR.puts "This request has not yet been signed!"
|
125
|
+
end
|
126
|
+
end
|
127
|
+
|
128
|
+
# Authorization header for OAuth
|
129
|
+
def oauth_header(options = {})
|
130
|
+
header_params_str = oauth_parameters.map { |k,v| "#{k}=\"#{escape(v)}\"" }.join(', ')
|
131
|
+
|
132
|
+
realm = "realm=\"#{options[:realm]}\", " if options[:realm]
|
133
|
+
"OAuth #{realm}#{header_params_str}"
|
134
|
+
end
|
135
|
+
|
136
|
+
protected
|
137
|
+
|
138
|
+
def header_params
|
139
|
+
%w( X-HTTP_AUTHORIZATION Authorization HTTP_AUTHORIZATION ).each do |header|
|
140
|
+
next unless request.env.include?(header)
|
141
|
+
|
142
|
+
header = request.env[header]
|
143
|
+
next unless header[0,6] == 'OAuth '
|
144
|
+
|
145
|
+
# parse the header into a Hash
|
146
|
+
oauth_params = OAuth::Helper.parse_header(header)
|
147
|
+
|
148
|
+
# remove non-OAuth parameters
|
149
|
+
oauth_params.reject! { |k,v| k !~ /^oauth_/ }
|
150
|
+
|
151
|
+
return oauth_params
|
152
|
+
end
|
153
|
+
|
154
|
+
return {}
|
155
|
+
end
|
156
|
+
end
|
157
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
require 'xmpp4r'
|
2
|
+
require 'oauth/request_proxy/base'
|
3
|
+
|
4
|
+
module OAuth
|
5
|
+
module RequestProxy
|
6
|
+
class JabberRequest < OAuth::RequestProxy::Base
|
7
|
+
proxies Jabber::Iq
|
8
|
+
proxies Jabber::Presence
|
9
|
+
proxies Jabber::Message
|
10
|
+
|
11
|
+
def parameters
|
12
|
+
return @params if @params
|
13
|
+
|
14
|
+
@params = {}
|
15
|
+
|
16
|
+
oauth = @request.get_elements('//oauth').first
|
17
|
+
return @params unless oauth
|
18
|
+
|
19
|
+
%w( oauth_token oauth_consumer_key oauth_signature_method oauth_signature
|
20
|
+
oauth_timestamp oauth_nonce oauth_version ).each do |param|
|
21
|
+
next unless element = oauth.first_element(param)
|
22
|
+
@params[param] = element.text
|
23
|
+
end
|
24
|
+
|
25
|
+
@params
|
26
|
+
end
|
27
|
+
|
28
|
+
def method
|
29
|
+
@request.name
|
30
|
+
end
|
31
|
+
|
32
|
+
def uri
|
33
|
+
[@request.from.strip.to_s, @request.to.strip.to_s].join("&")
|
34
|
+
end
|
35
|
+
|
36
|
+
def normalized_uri
|
37
|
+
uri
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
end
|
@@ -0,0 +1,44 @@
|
|
1
|
+
require 'oauth/request_proxy/base'
|
2
|
+
|
3
|
+
module OAuth
|
4
|
+
module RequestProxy
|
5
|
+
# RequestProxy for Hashes to facilitate simpler signature creation.
|
6
|
+
# Usage:
|
7
|
+
# request = OAuth::RequestProxy.proxy \
|
8
|
+
# "method" => "iq",
|
9
|
+
# "uri" => [from, to] * "&",
|
10
|
+
# "parameters" => {
|
11
|
+
# "oauth_consumer_key" => oauth_consumer_key,
|
12
|
+
# "oauth_token" => oauth_token,
|
13
|
+
# "oauth_signature_method" => "HMAC-SHA1"
|
14
|
+
# }
|
15
|
+
#
|
16
|
+
# signature = OAuth::Signature.sign \
|
17
|
+
# request,
|
18
|
+
# :consumer_secret => oauth_consumer_secret,
|
19
|
+
# :token_secret => oauth_token_secret,
|
20
|
+
class MockRequest < OAuth::RequestProxy::Base
|
21
|
+
proxies Hash
|
22
|
+
|
23
|
+
def parameters
|
24
|
+
@request["parameters"]
|
25
|
+
end
|
26
|
+
|
27
|
+
def method
|
28
|
+
@request["method"]
|
29
|
+
end
|
30
|
+
|
31
|
+
def normalized_uri
|
32
|
+
super
|
33
|
+
rescue
|
34
|
+
# if this is a non-standard URI, it may not parse properly
|
35
|
+
# in that case, assume that it's already been normalized
|
36
|
+
uri
|
37
|
+
end
|
38
|
+
|
39
|
+
def uri
|
40
|
+
@request["uri"]
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,65 @@
|
|
1
|
+
require 'oauth/request_proxy/base'
|
2
|
+
require 'net/http'
|
3
|
+
require 'uri'
|
4
|
+
require 'cgi'
|
5
|
+
|
6
|
+
module OAuth::RequestProxy::Net
|
7
|
+
module HTTP
|
8
|
+
class HTTPRequest < OAuth::RequestProxy::Base
|
9
|
+
proxies ::Net::HTTPRequest
|
10
|
+
|
11
|
+
def method
|
12
|
+
request.method
|
13
|
+
end
|
14
|
+
|
15
|
+
def uri
|
16
|
+
uri = options[:uri]
|
17
|
+
uri.to_s
|
18
|
+
end
|
19
|
+
|
20
|
+
def parameters
|
21
|
+
if options[:clobber_request]
|
22
|
+
options[:parameters]
|
23
|
+
else
|
24
|
+
all_parameters
|
25
|
+
end
|
26
|
+
end
|
27
|
+
|
28
|
+
private
|
29
|
+
|
30
|
+
def all_parameters
|
31
|
+
request_params = CGI.parse(query_string)
|
32
|
+
if options[:parameters]
|
33
|
+
options[:parameters].each do |k,v|
|
34
|
+
if request_params.has_key?(k)
|
35
|
+
request_params[k] << v
|
36
|
+
else
|
37
|
+
request_params[k] = [v].flatten
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
request_params
|
42
|
+
end
|
43
|
+
|
44
|
+
def query_string
|
45
|
+
params = [ query_params, auth_header_params ]
|
46
|
+
is_form_urlencoded = request['Content-Type'] != nil && request['Content-Type'].downcase == 'application/x-www-form-urlencoded'
|
47
|
+
params << post_params if method.to_s.upcase == 'POST' && is_form_urlencoded
|
48
|
+
params.compact.join('&')
|
49
|
+
end
|
50
|
+
|
51
|
+
def query_params
|
52
|
+
URI.parse(request.path).query
|
53
|
+
end
|
54
|
+
|
55
|
+
def post_params
|
56
|
+
request.body
|
57
|
+
end
|
58
|
+
|
59
|
+
def auth_header_params
|
60
|
+
return nil unless request['Authorization'] && request['Authorization'][0,5] == 'OAuth'
|
61
|
+
auth_params = request['Authorization']
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
end
|
@@ -0,0 +1,40 @@
|
|
1
|
+
require 'oauth/request_proxy/base'
|
2
|
+
require 'uri'
|
3
|
+
require 'rack'
|
4
|
+
|
5
|
+
module OAuth::RequestProxy
|
6
|
+
class RackRequest < OAuth::RequestProxy::Base
|
7
|
+
proxies Rack::Request
|
8
|
+
|
9
|
+
def method
|
10
|
+
request.env["rack.methodoverride.original_method"] || request.request_method
|
11
|
+
end
|
12
|
+
|
13
|
+
def uri
|
14
|
+
request.url
|
15
|
+
end
|
16
|
+
|
17
|
+
def parameters
|
18
|
+
if options[:clobber_request]
|
19
|
+
options[:parameters] || {}
|
20
|
+
else
|
21
|
+
params = request_params.merge(query_params).merge(header_params)
|
22
|
+
params.merge(options[:parameters] || {})
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
def signature
|
27
|
+
parameters['oauth_signature']
|
28
|
+
end
|
29
|
+
|
30
|
+
protected
|
31
|
+
|
32
|
+
def query_params
|
33
|
+
request.GET
|
34
|
+
end
|
35
|
+
|
36
|
+
def request_params
|
37
|
+
request.params
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
module OAuth
|
2
|
+
module RequestProxy
|
3
|
+
def self.available_proxies #:nodoc:
|
4
|
+
@available_proxies ||= {}
|
5
|
+
end
|
6
|
+
|
7
|
+
def self.proxy(request, options = {})
|
8
|
+
return request if request.kind_of?(OAuth::RequestProxy::Base)
|
9
|
+
|
10
|
+
klass = available_proxies[request.class]
|
11
|
+
|
12
|
+
# Search for possible superclass matches.
|
13
|
+
if klass.nil?
|
14
|
+
request_parent = available_proxies.keys.find { |rc| request.kind_of?(rc) }
|
15
|
+
klass = available_proxies[request_parent]
|
16
|
+
end
|
17
|
+
|
18
|
+
raise UnknownRequestType, request.class.to_s unless klass
|
19
|
+
klass.new(request, options)
|
20
|
+
end
|
21
|
+
|
22
|
+
class UnknownRequestType < Exception; end
|
23
|
+
end
|
24
|
+
end
|
data/lib/oauth/server.rb
ADDED
@@ -0,0 +1,66 @@
|
|
1
|
+
require 'oauth/helper'
|
2
|
+
require 'oauth/consumer'
|
3
|
+
|
4
|
+
module OAuth
|
5
|
+
# This is mainly used to create consumer credentials and can pretty much be ignored if you want to create your own
|
6
|
+
class Server
|
7
|
+
include OAuth::Helper
|
8
|
+
attr_accessor :base_url
|
9
|
+
|
10
|
+
@@server_paths = {
|
11
|
+
:request_token_path => "/oauth/request_token",
|
12
|
+
:authorize_path => "/oauth/authorize",
|
13
|
+
:access_token_path => "/oauth/access_token"
|
14
|
+
}
|
15
|
+
|
16
|
+
# Create a new server instance
|
17
|
+
def initialize(base_url, paths = {})
|
18
|
+
@base_url = base_url
|
19
|
+
@paths = @@server_paths.merge(paths)
|
20
|
+
end
|
21
|
+
|
22
|
+
def generate_credentials
|
23
|
+
[generate_key(16), generate_key]
|
24
|
+
end
|
25
|
+
|
26
|
+
def generate_consumer_credentials(params = {})
|
27
|
+
Consumer.new(*generate_credentials)
|
28
|
+
end
|
29
|
+
|
30
|
+
# mainly for testing purposes
|
31
|
+
def create_consumer
|
32
|
+
creds = generate_credentials
|
33
|
+
Consumer.new(creds[0], creds[1],
|
34
|
+
{
|
35
|
+
:site => base_url,
|
36
|
+
:request_token_path => request_token_path,
|
37
|
+
:authorize_path => authorize_path,
|
38
|
+
:access_token_path => access_token_path
|
39
|
+
})
|
40
|
+
end
|
41
|
+
|
42
|
+
def request_token_path
|
43
|
+
@paths[:request_token_path]
|
44
|
+
end
|
45
|
+
|
46
|
+
def request_token_url
|
47
|
+
base_url + request_token_path
|
48
|
+
end
|
49
|
+
|
50
|
+
def authorize_path
|
51
|
+
@paths[:authorize_path]
|
52
|
+
end
|
53
|
+
|
54
|
+
def authorize_url
|
55
|
+
base_url + authorize_path
|
56
|
+
end
|
57
|
+
|
58
|
+
def access_token_path
|
59
|
+
@paths[:access_token_path]
|
60
|
+
end
|
61
|
+
|
62
|
+
def access_token_url
|
63
|
+
base_url + access_token_path
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
@@ -0,0 +1,91 @@
|
|
1
|
+
require 'oauth/signature'
|
2
|
+
require 'oauth/helper'
|
3
|
+
require 'oauth/request_proxy/base'
|
4
|
+
require 'base64'
|
5
|
+
|
6
|
+
module OAuth::Signature
|
7
|
+
class Base
|
8
|
+
include OAuth::Helper
|
9
|
+
|
10
|
+
attr_accessor :options
|
11
|
+
attr_reader :token_secret, :consumer_secret, :request
|
12
|
+
|
13
|
+
def self.implements(signature_method)
|
14
|
+
OAuth::Signature.available_methods[signature_method] = self
|
15
|
+
end
|
16
|
+
|
17
|
+
def self.digest_class(digest_class = nil)
|
18
|
+
return @digest_class if digest_class.nil?
|
19
|
+
@digest_class = digest_class
|
20
|
+
end
|
21
|
+
|
22
|
+
def initialize(request, options = {}, &block)
|
23
|
+
raise TypeError unless request.kind_of?(OAuth::RequestProxy::Base)
|
24
|
+
@request = request
|
25
|
+
@options = options
|
26
|
+
|
27
|
+
## consumer secret was determined beforehand
|
28
|
+
|
29
|
+
@consumer_secret = options[:consumer].secret if options[:consumer]
|
30
|
+
|
31
|
+
# presence of :consumer_secret option will override any Consumer that's provided
|
32
|
+
@consumer_secret = options[:consumer_secret] if options[:consumer_secret]
|
33
|
+
|
34
|
+
## token secret was determined beforehand
|
35
|
+
|
36
|
+
@token_secret = options[:token].secret if options[:token]
|
37
|
+
|
38
|
+
# presence of :token_secret option will override any Token that's provided
|
39
|
+
@token_secret = options[:token_secret] if options[:token_secret]
|
40
|
+
|
41
|
+
|
42
|
+
# override secrets based on the values returned from the block (if any)
|
43
|
+
if block_given?
|
44
|
+
# consumer secret and token secret need to be looked up based on pieces of the request
|
45
|
+
secrets = yield block.arity == 1 ? request : [token, consumer_key, nonce, request.timestamp]
|
46
|
+
if secrets.is_a?(Array) && secrets.size == 2
|
47
|
+
@token_secret = secrets[0]
|
48
|
+
@consumer_secret = secrets[1]
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
def signature
|
54
|
+
Base64.encode64(digest).chomp.gsub(/\n/,'')
|
55
|
+
end
|
56
|
+
|
57
|
+
def ==(cmp_signature)
|
58
|
+
Base64.decode64(signature) == Base64.decode64(cmp_signature)
|
59
|
+
end
|
60
|
+
|
61
|
+
def verify
|
62
|
+
self == self.request.signature
|
63
|
+
end
|
64
|
+
|
65
|
+
def signature_base_string
|
66
|
+
request.signature_base_string
|
67
|
+
end
|
68
|
+
|
69
|
+
private
|
70
|
+
|
71
|
+
def token
|
72
|
+
request.token
|
73
|
+
end
|
74
|
+
|
75
|
+
def consumer_key
|
76
|
+
request.consumer_key
|
77
|
+
end
|
78
|
+
|
79
|
+
def nonce
|
80
|
+
request.nonce
|
81
|
+
end
|
82
|
+
|
83
|
+
def secret
|
84
|
+
"#{escape(consumer_secret)}&#{escape(token_secret)}"
|
85
|
+
end
|
86
|
+
|
87
|
+
def digest
|
88
|
+
self.class.digest_class.digest(signature_base_string)
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require 'oauth/signature/base'
|
2
|
+
|
3
|
+
module OAuth::Signature
|
4
|
+
class PLAINTEXT < Base
|
5
|
+
implements 'plaintext'
|
6
|
+
|
7
|
+
def signature
|
8
|
+
signature_base_string
|
9
|
+
end
|
10
|
+
|
11
|
+
def ==(cmp_signature)
|
12
|
+
signature == escape(cmp_signature)
|
13
|
+
end
|
14
|
+
|
15
|
+
def signature_base_string
|
16
|
+
secret
|
17
|
+
end
|
18
|
+
|
19
|
+
def secret
|
20
|
+
escape(super)
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|