metavida-oauth 0.3.2

data/lib/oauth/signature/rsa/sha1.rb

@@ -0,0 +1,45 @@
+require 'oauth/signature/base'
+require 'openssl'
+
+module OAuth::Signature::RSA
+  class SHA1 < OAuth::Signature::Base
+    implements 'rsa-sha1'
+
+    def ==(cmp_signature)
+      public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(cmp_signature.is_a?(Array) ? cmp_signature.first : cmp_signature), signature_base_string)
+    end
+
+    def public_key
+      if consumer_secret.is_a?(String)
+        decode_public_key
+      elsif consumer_secret.is_a?(OpenSSL::X509::Certificate)
+        consumer_secret.public_key
+      else
+        consumer_secret
+      end
+    end
+
+  private
+
+    def decode_public_key
+      case consumer_secret
+      when /-----BEGIN CERTIFICATE-----/
+        OpenSSL::X509::Certificate.new( consumer_secret).public_key
+      else
+        OpenSSL::PKey::RSA.new( consumer_secret)
+      end
+    end
+
+    def digest
+      private_key = OpenSSL::PKey::RSA.new(
+        if options[:private_key_file]
+          IO.read(options[:private_key_file])
+        else
+          consumer_secret
+        end
+      )
+
+      private_key.sign(OpenSSL::Digest::SHA1.new, signature_base_string)
+    end
+  end
+end

data/lib/oauth/signature/sha1.rb

@@ -0,0 +1,13 @@
+require 'oauth/signature/base'
+require 'digest/sha1'
+
+module OAuth::Signature
+  class SHA1 < Base
+    implements 'sha1'
+    digest_class Digest::SHA1
+
+    def signature_base_string
+      secret + super
+    end
+  end
+end

data/lib/oauth/signature.rb

@@ -0,0 +1,28 @@
+module OAuth
+  module Signature
+    def self.available_methods
+      @available_methods ||= {}
+    end
+
+    def self.build(request, options = {}, &block)
+      request = OAuth::RequestProxy.proxy(request, options)
+      klass = available_methods[(request.signature_method || "").downcase]
+      raise UnknownSignatureMethod, request.signature_method unless klass
+      klass.new(request, options, &block)
+    end
+
+    def self.sign(request, options = {}, &block)
+      self.build(request, options, &block).signature
+    end
+
+    def self.verify(request, options = {}, &block)
+      self.build(request, options, &block).verify
+    end
+
+    def self.signature_base_string(request, options = {}, &block)
+      self.build(request, options, &block).signature_base_string
+    end
+
+    class UnknownSignatureMethod < Exception; end
+  end
+end

data/lib/oauth/token.rb

@@ -0,0 +1,7 @@
+# this exists for backwards-compatibility
+
+require 'oauth/tokens/token'
+require 'oauth/tokens/server_token'
+require 'oauth/tokens/consumer_token'
+require 'oauth/tokens/request_token'
+require 'oauth/tokens/access_token'

data/lib/oauth/tokens/access_token.rb

@@ -0,0 +1,68 @@
+module OAuth
+  # The Access Token is used for the actual "real" web service calls that you perform against the server
+  class AccessToken < ConsumerToken
+    # The less intrusive way. Otherwise, if we are to do it correctly inside consumer,
+    # we need to restructure and touch more methods: request(), sign!(), etc.
+    def request(http_method, path, *arguments)
+      request_uri = URI.parse(path)
+      site_uri = consumer.uri
+      is_service_uri_different = (request_uri.absolute? && request_uri != site_uri)
+      consumer.uri(request_uri) if is_service_uri_different
+      @response = super(http_method, path, *arguments)
+      # NOTE: reset for wholesomeness? meaning that we admit only AccessToken service calls may use different URIs?
+      # so reset in case consumer is still used for other token-management tasks subsequently?
+      consumer.uri(site_uri) if is_service_uri_different
+      @response
+    end
+
+    # Make a regular GET request using AccessToken
+    #
+    #   @response = @token.get('/people')
+    #   @response = @token.get('/people', { 'Accept'=>'application/xml' })
+    #
+    def get(path, headers = {})
+      request(:get, path, headers)
+    end
+
+    # Make a regular HEAD request using AccessToken
+    #
+    #   @response = @token.head('/people')
+    #
+    def head(path, headers = {})
+      request(:head, path, headers)
+    end
+
+    # Make a regular POST request using AccessToken
+    #
+    #   @response = @token.post('/people')
+    #   @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' })
+    #   @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
+    #   @response = @token.post('/people', nil, {'Accept' => 'application/xml' })
+    #   @response = @token.post('/people', @person.to_xml, { 'Accept'=>'application/xml', 'Content-Type' => 'application/xml' })
+    #
+    def post(path, body = '', headers = {})
+      request(:post, path, body, headers)
+    end
+
+    # Make a regular PUT request using AccessToken
+    #
+    #   @response = @token.put('/people/123')
+    #   @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' })
+    #   @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
+    #   @response = @token.put('/people/123', nil, { 'Accept' => 'application/xml' })
+    #   @response = @token.put('/people/123', @person.to_xml, { 'Accept' => 'application/xml', 'Content-Type' => 'application/xml' })
+    #
+    def put(path, body = '', headers = {})
+      request(:put, path, body, headers)
+    end
+
+    # Make a regular DELETE request using AccessToken
+    #
+    #   @response = @token.delete('/people/123')
+    #   @response = @token.delete('/people/123', { 'Accept' => 'application/xml' })
+    #
+    def delete(path, headers = {})
+      request(:delete, path, headers)
+    end
+  end
+end

data/lib/oauth/tokens/consumer_token.rb

@@ -0,0 +1,32 @@
+module OAuth
+  # Superclass for tokens used by OAuth Clients
+  class ConsumerToken < Token
+    attr_accessor :consumer, :params
+    attr_reader   :response
+
+    def self.from_hash(consumer, hash)
+      token = self.new(consumer, hash[:oauth_token], hash[:oauth_token_secret])
+      token.params = hash
+      token
+    end
+
+    def initialize(consumer, token="", secret="")
+      super(token, secret)
+      @consumer = consumer
+    end
+
+    # Make a signed request using given http_method to the path
+    #
+    #   @token.request(:get,  '/people')
+    #   @token.request(:post, '/people', @person.to_xml, { 'Content-Type' => 'application/xml' })
+    #
+    def request(http_method, path, *arguments)
+      @response = consumer.request(http_method, path, self, {}, *arguments)
+    end
+
+    # Sign a request generated elsewhere using Net:HTTP::Post.new or friends
+    def sign!(request, options = {})
+      consumer.sign!(request, self, options)
+    end
+  end
+end

data/lib/oauth/tokens/request_token.rb

@@ -0,0 +1,28 @@
+module OAuth
+  # The RequestToken is used for the initial Request.
+  # This is normally created by the Consumer object.
+  class RequestToken < ConsumerToken
+
+    # Generate an authorization URL for user authorization
+    def authorize_url(params = nil)
+      params = (params || {}).merge(:oauth_token => self.token)
+      build_authorize_url(consumer.authorize_url, params)
+    end
+
+    # exchange for AccessToken on server
+    def get_access_token(options = {})
+      response = consumer.token_request(consumer.http_method, (consumer.access_token_url? ? consumer.access_token_url : consumer.access_token_path), self, options)
+      OAuth::AccessToken.from_hash(consumer, response)
+    end
+
+  protected
+
+    # construct an authorization url
+    def build_authorize_url(base_url, params)
+      uri = URI.parse(base_url.to_s)
+      # TODO doesn't handle array values correctly
+      uri.query = params.map { |k,v| [k, CGI.escape(v)] * "=" } * "&"
+      uri.to_s
+    end
+  end
+end

data/lib/oauth/tokens/server_token.rb

@@ -0,0 +1,9 @@
+module OAuth
+  # Used on the server for generating tokens
+  class ServerToken < Token
+
+    def initialize
+      super(generate_key(16), generate_key)
+    end
+  end
+end

data/lib/oauth/tokens/token.rb

@@ -0,0 +1,17 @@
+module OAuth
+  # Superclass for the various tokens used by OAuth
+  class Token
+    include OAuth::Helper
+
+    attr_accessor :token, :secret
+
+    def initialize(token, secret)
+      @token = token
+      @secret = secret
+    end
+
+    def to_query
+      "oauth_token=#{escape(token)}&oauth_secret=#{escape(secret)}"
+    end
+  end
+end

data/lib/oauth/version.rb

@@ -0,0 +1,3 @@
+module OAuth #:nodoc:
+  VERSION = '0.3.2'
+end

data/lib/oauth.rb

@@ -0,0 +1,4 @@
+require 'oauth/oauth'
+require 'oauth/client/helper'
+require 'oauth/signature/hmac/sha1'
+require 'oauth/request_proxy/mock_request'

data/oauth.gemspec

@@ -0,0 +1,49 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{oauth}
+  s.version = "0.3.2"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons"]
+  s.date = %q{2009-03-23}
+  s.default_executable = %q{oauth}
+  s.description = %q{OAuth Core Ruby implementation}
+  s.email = %q{oauth-ruby@googlegroups.com}
+  s.executables = ["oauth"]
+  s.extra_rdoc_files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "website/index.txt"]
+  s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "examples/yql.rb", "lib/oauth.rb", "lib/oauth/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/errors.rb", "lib/oauth/errors/error.rb", "lib/oauth/errors/problem.rb", "lib/oauth/errors/unauthorized.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/tokens/access_token.rb", "lib/oauth/tokens/consumer_token.rb", "lib/oauth/tokens/request_token.rb", "lib/oauth/tokens/server_token.rb", "lib/oauth/tokens/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
+  s.has_rdoc = true
+  s.homepage = %q{http://oauth.rubyforge.org}
+  s.rdoc_options = ["--main", "README.rdoc"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{oauth}
+  s.rubygems_version = %q{1.3.1}
+  s.summary = %q{OAuth Core Ruby implementation}
+  s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 2
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<ruby-hmac>, [">= 0.3.1"])
+      s.add_development_dependency(%q<newgem>, [">= 1.2.3"])
+      s.add_development_dependency(%q<actionpack>, [">= 0"])
+      s.add_development_dependency(%q<rack>, [">= 0"])
+      s.add_development_dependency(%q<hoe>, [">= 1.8.0"])
+    else
+      s.add_dependency(%q<ruby-hmac>, [">= 0.3.1"])
+      s.add_dependency(%q<newgem>, [">= 1.2.3"])
+      s.add_dependency(%q<actionpack>, [">= 0"])
+      s.add_dependency(%q<rack>, [">= 0"])
+      s.add_dependency(%q<hoe>, [">= 1.8.0"])
+    end
+  else
+    s.add_dependency(%q<ruby-hmac>, [">= 0.3.1"])
+    s.add_dependency(%q<newgem>, [">= 1.2.3"])
+    s.add_dependency(%q<actionpack>, [">= 0"])
+    s.add_dependency(%q<rack>, [">= 0"])
+    s.add_dependency(%q<hoe>, [">= 1.8.0"])
+  end
+end

data/script/destroy

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+APP_ROOT = File.join(File.dirname(__FILE__), '..')
+
+begin
+  require 'rubigen'
+rescue LoadError
+  require 'rubygems'
+  require 'rubigen'
+end
+require 'rubigen/scripts/destroy'
+
+ARGV.shift if ['--help', '-h'].include?(ARGV[0])
+RubiGen::Base.use_component_sources! [:rubygems, :newgem, :newgem_theme, :test_unit]
+RubiGen::Scripts::Destroy.new.run(ARGV)

data/script/generate

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+APP_ROOT = File.join(File.dirname(__FILE__), '..')
+
+begin
+  require 'rubigen'
+rescue LoadError
+  require 'rubygems'
+  require 'rubigen'
+end
+require 'rubigen/scripts/generate'
+
+ARGV.shift if ['--help', '-h'].include?(ARGV[0])
+RubiGen::Base.use_component_sources! [:rubygems, :newgem, :newgem_theme, :test_unit]
+RubiGen::Scripts::Generate.new.run(ARGV)

data/script/txt2html

@@ -0,0 +1,74 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+begin
+  require 'newgem'
+rescue LoadError
+  puts "\n\nGenerating the website requires the newgem RubyGem"
+  puts "Install: gem install newgem\n\n"
+  exit(1)
+end
+require 'redcloth'
+require 'syntax/convertors/html'
+require 'erb'
+require File.dirname(__FILE__) + '/../lib/oauth/version.rb'
+
+version  = OAuth::VERSION::STRING
+download = 'http://rubyforge.org/projects/oauth'
+
+class Fixnum
+  def ordinal
+    # teens
+    return 'th' if (10..19).include?(self % 100)
+    # others
+    case self % 10
+    when 1: return 'st'
+    when 2: return 'nd'
+    when 3: return 'rd'
+    else    return 'th'
+    end
+  end
+end
+
+class Time
+  def pretty
+    return "#{mday}#{mday.ordinal} #{strftime('%B')} #{year}"
+  end
+end
+
+def convert_syntax(syntax, source)
+  return Syntax::Convertors::HTML.for_syntax(syntax).convert(source).gsub(%r!^<pre>|</pre>$!,'')
+end
+
+if ARGV.length >= 1
+  src, template = ARGV
+  template ||= File.join(File.dirname(__FILE__), '/../website/template.rhtml')
+  
+else
+  puts("Usage: #{File.split($0).last} source.txt [template.rhtml] > output.html")
+  exit!
+end
+
+template = ERB.new(File.open(template).read)
+
+title = nil
+body = nil
+File.open(src) do |fsrc|
+  title_text = fsrc.readline
+  body_text = fsrc.read
+  syntax_items = []
+  body_text.gsub!(%r!<(pre|code)[^>]*?syntax=['"]([^'"]+)[^>]*>(.*?)</\1>!m){
+    ident = syntax_items.length
+    element, syntax, source = $1, $2, $3
+    syntax_items << "<#{element} class='syntax'>#{convert_syntax(syntax, source)}</#{element}>"
+    "syntax-temp-#{ident}"
+  }
+  title = RedCloth.new(title_text).to_html.gsub(%r!<.*?>!,'').strip
+  body = RedCloth.new(body_text).to_html
+  body.gsub!(%r!(?:<pre><code>)?syntax-temp-(\d+)(?:</code></pre>)?!){ syntax_items[$1.to_i] }
+end
+stat = File.stat(src)
+created = stat.ctime
+modified = stat.mtime
+
+$stdout << template.result(binding)