mojodna-oauth 0.3.1.6 → 0.3.1.7

data/History.txt

@@ -1,11 +1,16 @@
 == 0.3.2
 
+* 2xx statuses should be treated as success (Anders Conbere)
+* Support applications using the MethodOverride Rack middleware (László Bácsi)
+* `authorize` command for `oauth` CLI (Seth)
+* Initial support for Problem Reporting extension (Seth)
+* Verify SSL certificates if CA certificates are available (Seth)
 * Fixed ActionController parameter escaping behavior (Thiago Arrais, László
   Bácsi, Brett Gibson, et al)
 * Fixed signature calculation when both options and a block were provided to
-  OAuth::Signature::Base#initialize. (Seth)
-* Added help to the 'oauth' CLI. (Seth)
-* Fixed a problem when attempting to normalize MockRequest URIs. (Seth)
+  OAuth::Signature::Base#initialize (Seth)
+* Added help to the 'oauth' CLI (Seth)
+* Fixed a problem when attempting to normalize MockRequest URIs (Seth)
 
 == 0.3.1 2009-1-26
 

data/Manifest.txt

@@ -14,6 +14,10 @@ lib/oauth/client/action_controller_request.rb
 lib/oauth/client/helper.rb
 lib/oauth/client/net_http.rb
 lib/oauth/consumer.rb
+lib/oauth/errors.rb
+lib/oauth/errors/error.rb
+lib/oauth/errors/problem.rb
+lib/oauth/errors/unauthorized.rb
 lib/oauth/helper.rb
 lib/oauth/oauth_test_helper.rb
 lib/oauth/request_proxy.rb

data/bin/oauth

@@ -2,4 +2,4 @@
 
 require "oauth/cli"
 
-OAuth::CLI.execute(STDOUT, ARGV)
+OAuth::CLI.execute(STDOUT, STDIN, STDERR, ARGV)

data/lib/oauth/cli.rb

@@ -4,24 +4,32 @@ require 'oauth'
 module OAuth
   class CLI
     SUPPORTED_COMMANDS = {
-      "debug" => "Verbosely generate an OAuth signature",
-      "sign"  => "Generate an OAuth signature"
+      "authorize" => "Obtain an access token and secret for a user",
+      "debug"     => "Verbosely generate an OAuth signature",
+      "sign"      => "Generate an OAuth signature"
     }
 
     attr_reader :command
     attr_reader :options
-    attr_reader :stdout
+    attr_reader :stdout, :stdin
 
-    def self.execute(stdout, arguments = [])
-      self.new.execute(stdout, arguments)
+    def self.execute(stdout, stdin, stderr, arguments = [])
+      self.new.execute(stdout, stdin, stderr, arguments)
     end
 
     def initialize
       @options = {}
+
+      # don't dump a backtrace on a ^C
+      trap(:INT) {
+        exit
+      }
     end
 
-    def execute(stdout, arguments = [])
+    def execute(stdout, stdin, stderr, arguments = [])
       @stdout = stdout
+      @stdin  = stdin
+      @stderr = stderr
       extract_command_and_parse_options(arguments)
 
       if sufficient_options? && valid_command?
@@ -31,6 +39,40 @@ module OAuth
         end
 
         case command
+        # TODO move command logic elsewhere
+        when "authorize"
+          # Y! token authority requires realm=yahoo.com when headers are in use
+          # TODO remove :scheme when that's been fixed
+          # TODO determine endpoints w/ X-RDS-Simple
+          consumer = OAuth::Consumer.new \
+            options[:oauth_consumer_key],
+            options[:oauth_consumer_secret],
+            :access_token_url  => options[:access_token_url],
+            :authorize_url     => options[:authorize_url],
+            :request_token_url => options[:request_token_url],
+            :scheme            => :query_string
+
+          # get a request token
+          request_token = consumer.get_request_token
+
+          stdout.puts "Please visit this url to authorize:"
+          stdout.puts request_token.authorize_url
+
+          stdout.puts "Press return to continue..."
+          stdin.gets
+
+          begin
+            # get an access token
+            access_token = request_token.get_access_token
+
+            stdout.puts "Response:"
+            access_token.params.each do |k,v|
+              stdout.puts "  #{k}: #{v}"
+            end
+          rescue OAuth::Unauthorized => e
+            stderr.puts "A problem occurred while attempting to obtain an access token:"
+            stderr.puts e
+          end
         when "sign"
           parameters = prepare_parameters
 
@@ -116,6 +158,8 @@ module OAuth
         options[:oauth_version] = "1.0"
         options[:params] = []
 
+        ## Common Options
+
         opts.on("--consumer-key KEY", "Specifies the consumer key to use.") do |v|
           options[:oauth_consumer_key] = v
         end
@@ -124,6 +168,8 @@ module OAuth
           options[:oauth_consumer_secret] = v
         end
 
+        ## Options for signing
+
         opts.on("--method METHOD", "Specifies the method (e.g. GET) to use when signing.") do |v|
           options[:method] = v
         end
@@ -176,6 +222,20 @@ module OAuth
         opts.on("-v", "--verbose", "Be verbose.") do
           options[:verbose] = true
         end
+
+        ## Options for authorization
+
+        opts.on("--access-token-url URL", "Specifies the access token URL.") do |v|
+          options[:access_token_url] = v
+        end
+
+        opts.on("--authorize-url URL", "Specifies the authorization URL.") do |v|
+          options[:authorize_url] = v
+        end
+
+        opts.on("--request-token-url URL", "Specifies the request token URL.") do |v|
+          options[:request_token_url] = v
+        end
       end
     end
 
@@ -208,7 +268,16 @@ module OAuth
     end
 
     def sufficient_options?
-      options[:oauth_consumer_key] && options[:oauth_consumer_secret] && options[:method] && options[:uri]
+      case command
+      # TODO move command logic elsewhere
+      when "authorize"
+        options[:oauth_consumer_key] && options[:oauth_consumer_secret] &&
+          options[:access_token_url] && options[:authorize_url] &&
+          options[:request_token_url]
+      else
+        options[:oauth_consumer_key] && options[:oauth_consumer_secret] &&
+          options[:method] && options[:uri]
+      end
     end
 
     def usage

data/lib/oauth/client/net_http.rb

@@ -5,6 +5,8 @@ require 'oauth/request_proxy/net_http'
 class Net::HTTPRequest
   include OAuth::Helper
 
+  attr_reader :oauth_helper
+
   def oauth!(http, consumer = nil, token = nil, options = {})
     options = { :request_uri      => oauth_full_request_uri(http),
                 :consumer         => consumer,
@@ -30,10 +32,6 @@ class Net::HTTPRequest
     OAuth::Client::Helper.new(self, options).signature_base_string
   end
 
-  def oauth_helper
-    @oauth_helper
-  end
-
 private
 
   def oauth_full_request_uri(http)
@@ -67,7 +65,7 @@ private
     oauth_params_str = @oauth_helper.oauth_parameters.map { |k,v| [escape(k), escape(v)] * "=" }.join("&")
 
     uri = URI.parse(path)
-    if !uri.query || uri.query == ''
+    if uri.query.to_s == ""
       uri.query = oauth_params_str
     else
       uri.query = uri.query + "&" + oauth_params_str
@@ -75,6 +73,6 @@ private
 
     @path = uri.to_s
 
-    @path << "&oauth_signature=#{escape(@oauth_helper.signature)}"
+    @path << "&oauth_signature=#{escape(oauth_helper.signature)}"
   end
 end

data/lib/oauth/consumer.rb

@@ -1,8 +1,19 @@
 require 'net/http'
 require 'net/https'
 require 'oauth/client/net_http'
+require 'oauth/errors'
+
 module OAuth
   class Consumer
+    # determine the certificate authority path to verify SSL certs
+    CA_FILES = %w(/etc/ssl/certs/ca-certificates.crt /usr/share/curl/curl-ca-bundle.crt)
+    CA_FILES.each do |ca_file|
+      if File.exists?(ca_file)
+        CA_FILE = ca_file
+        break
+      end
+    end
+    CA_FILE = nil unless defined?(CA_FILE)
 
     @@default_options = {
       # Signature method used by server. Defaults to HMAC-SHA1
@@ -102,20 +113,39 @@ module OAuth
     #   @consumer.request(:post, '/people', @token, {}, @person.to_xml, { 'Content-Type' => 'application/xml' })
     #
     def request(http_method, path, token = nil, request_options = {}, *arguments)
-      if path =~ /^\//
-        _http = http
-      else
-        _http = create_http(path)
+      if path !~ /^\//
+        @http = create_http(path)
         _uri = URI.parse(path)
         path = "#{_uri.path}#{_uri.query ? "?#{_uri.query}" : ""}"
       end
 
-      _http.request(create_signed_request(http_method, path, token, request_options, *arguments))
+      rsp = http.request(create_signed_request(http_method, path, token, request_options, *arguments))
+
+      # check for an error reported by the Problem Reporting extension
+      # (http://wiki.oauth.net/ProblemReporting)
+      # note: a 200 may actually be an error; check for an oauth_problem key to be sure
+      if !(headers = rsp.to_hash["www-authenticate"]).nil? &&
+        (h = headers.select { |h| h =~ /^OAuth / }).any? &&
+        h.first =~ /oauth_problem/
+
+        # puts "Header: #{h.first}"
+
+        # TODO doesn't handle broken responses from api.login.yahoo.com
+        # remove debug code when done
+        params = OAuth::Helper.parse_header(h.first)
+
+        # puts "Params: #{params.inspect}"
+        # puts "Body: #{rsp.body}"
+
+        raise OAuth::Problem.new(params.delete("oauth_problem"), rsp, params)
+      end
+
+      rsp
     end
 
     # Creates and signs an http request.
     # It's recommended to use the Token classes to set this up correctly
-    def create_signed_request(http_method, path, token = nil,request_options = {}, *arguments)
+    def create_signed_request(http_method, path, token = nil, request_options = {}, *arguments)
       request = create_http_request(http_method, path, *arguments)
       sign!(request, token, request_options)
       request
@@ -124,20 +154,28 @@ module OAuth
     # Creates a request and parses the result as url_encoded. This is used internally for the RequestToken and AccessToken requests.
     def token_request(http_method, path, token = nil, request_options = {}, *arguments)
       response = request(http_method, path, token, request_options, *arguments)
-      if response.code == "200"
+
+      case response.code.to_i
+
+      when (200..299)
         CGI.parse(response.body).inject({}) { |h,(k,v)| h[k.to_sym] = v.first; h }
+      when (300..399)
+        # this is a redirect
+        response.error!
+      when (400..499)
+        raise OAuth::Unauthorized, response
       else
         response.error!
       end
     end
 
     # Sign the Request object. Use this if you have an externally generated http request object you want to sign.
-    def sign!(request, token=nil, request_options = {})
+    def sign!(request, token = nil, request_options = {})
       request.oauth!(http, self, token, options.merge(request_options))
     end
 
     # Return the signature_base_string
-    def signature_base_string(request, token=nil, request_options = {})
+    def signature_base_string(request, token = nil, request_options = {})
       request.signature_base_string(http, self, token, options.merge(request_options))
     end
 
@@ -167,7 +205,7 @@ module OAuth
     end
 
     def request_token_url?
-      @options[:request_token_url]!=nil
+      @options.has_key?(:request_token_url)
     end
 
     def authorize_url
@@ -175,7 +213,7 @@ module OAuth
     end
 
     def authorize_url?
-      @options[:authorize_url]!=nil
+      @options.has_key?(:authorize_url)
     end
 
     def access_token_url
@@ -183,7 +221,7 @@ module OAuth
     end
 
     def access_token_url?
-      @options[:access_token_url]!=nil
+      @options.has_key?(:access_token_url)
     end
 
   protected
@@ -197,7 +235,16 @@ module OAuth
       end
 
       http_object = Net::HTTP.new(our_uri.host, our_uri.port)
-      http_object.use_ssl = true if our_uri.scheme == "https"
+
+      http_object.use_ssl = (our_uri.scheme == 'https')
+
+      if CA_FILE
+        http_object.ca_file = CA_FILE
+        http_object.verify_mode = OpenSSL::SSL::VERIFY_PEER
+        http_object.verify_depth = 5
+      else
+        http_object.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      end
 
       http_object
     end

data/lib/oauth/request_proxy/action_controller_request.rb

@@ -1,4 +1,3 @@
-require 'rubygems'
 require 'active_support'
 require 'action_controller/request'
 require 'oauth/request_proxy/base'

data/lib/oauth/request_proxy/rack_request.rb

@@ -7,7 +7,7 @@ module OAuth::RequestProxy
     proxies Rack::Request
 
     def method
-      request.request_method
+      request.env["rack.methodoverride.original_method"] || request.request_method
     end
 
     def uri
@@ -37,4 +37,4 @@ module OAuth::RequestProxy
       request.params
     end
   end
-end
+end

data/lib/oauth/signature/hmac/sha1.rb

@@ -1,5 +1,4 @@
 require 'oauth/signature/hmac/base'
-require 'rubygems'
 require 'hmac-sha1'
 
 module OAuth::Signature::HMAC

data/lib/oauth/version.rb

@@ -1,3 +1,3 @@
 module OAuth #:nodoc:
-  VERSION = '0.3.1.6'
+  VERSION = '0.3.1.7'
 end

data/oauth.gemspec

@@ -2,11 +2,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{oauth}
-  s.version = "0.3.1.6"
+  s.version = "0.3.1.7"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons"]
-  s.date = %q{2009-02-11}
+  s.date = %q{2009-03-02}
   s.default_executable = %q{oauth}
   s.description = %q{OAuth Core Ruby implementation}
   s.email = %q{pelleb@gmail.com}

data/test/test_consumer.rb

@@ -143,7 +143,7 @@ class ConsumerTest < Test::Unit::TestCase
 
     assert_equal 'POST', request.method
     assert_equal '/test', request.path
-    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=iMZaUTbQof%2fHMFyIde%2bOIkhW5is%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
+    assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
     assert_equal nil, request['authorization']
   end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: mojodna-oauth
 version: !ruby/object:Gem::Version 
-  version: 0.3.1.6
+  version: 0.3.1.7
 platform: ruby
 authors: 
 - Pelle Braendgaard
@@ -14,11 +14,12 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-02-11 00:00:00 -08:00
+date: 2009-03-02 00:00:00 -08:00
 default_executable: oauth
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: ruby-hmac
+  type: :runtime
   version_requirement: 
   version_requirements: !ruby/object:Gem::Requirement 
     requirements: 
@@ -28,6 +29,7 @@ dependencies:
     version: 
 - !ruby/object:Gem::Dependency 
   name: newgem
+  type: :development
   version_requirement: 
   version_requirements: !ruby/object:Gem::Requirement 
     requirements: 
@@ -37,6 +39,7 @@ dependencies:
     version: 
 - !ruby/object:Gem::Dependency 
   name: actionpack
+  type: :development
   version_requirement: 
   version_requirements: !ruby/object:Gem::Requirement 
     requirements: 
@@ -46,6 +49,7 @@ dependencies:
     version: 
 - !ruby/object:Gem::Dependency 
   name: rack
+  type: :development
   version_requirement: 
   version_requirements: !ruby/object:Gem::Requirement 
     requirements: 
@@ -55,6 +59,7 @@ dependencies:
     version: 
 - !ruby/object:Gem::Dependency 
   name: hoe
+  type: :development
   version_requirement: 
   version_requirements: !ruby/object:Gem::Requirement 
     requirements: