mojodna-oauth 0.3.1.5 → 0.3.1.6

data/History.txt

@@ -1,5 +1,7 @@
 == 0.3.2
 
+* Fixed ActionController parameter escaping behavior (Thiago Arrais, László
+  Bácsi, Brett Gibson, et al)
 * Fixed signature calculation when both options and a block were provided to
   OAuth::Signature::Base#initialize. (Seth)
 * Added help to the 'oauth' CLI. (Seth)

data/Manifest.txt

@@ -5,6 +5,7 @@ README.rdoc
 Rakefile
 TODO
 bin/oauth
+examples/yql.rb
 lib/oauth.rb
 lib/oauth/oauth.rb
 lib/oauth/cli.rb
@@ -35,6 +36,11 @@ lib/oauth/signature/plaintext.rb
 lib/oauth/signature/rsa/sha1.rb
 lib/oauth/signature/sha1.rb
 lib/oauth/token.rb
+lib/oauth/tokens/access_token.rb
+lib/oauth/tokens/consumer_token.rb
+lib/oauth/tokens/request_token.rb
+lib/oauth/tokens/server_token.rb
+lib/oauth/tokens/token.rb
 lib/oauth/version.rb
 oauth.gemspec
 script/destroy
@@ -51,6 +57,7 @@ test/cases/spec/1_0-final/test_parameter_encodings.rb
 test/cases/spec/1_0-final/test_signature_base_strings.rb
 test/keys/rsa.cert
 test/keys/rsa.pem
+test/test_access_token.rb
 test/test_action_controller_request_proxy.rb
 test/test_consumer.rb
 test/test_helper.rb
@@ -58,6 +65,7 @@ test/test_hmac_sha1.rb
 test/test_net_http_client.rb
 test/test_net_http_request_proxy.rb
 test/test_rack_request_proxy.rb
+test/test_request_token.rb
 test/test_rsa_sha1.rb
 test/test_server.rb
 test/test_signature.rb

data/Rakefile

@@ -6,14 +6,14 @@ require 'oauth/version'
 # Generate all the Rake tasks
 # Run 'rake -T' to see list of generated tasks (from gem root directory)
 $hoe = Hoe.new('oauth', OAuth::VERSION) do |p|
-  p.author = ['Pelle Braendgaard','Blaine Cook','Larry Halff','Jesse Clark','Jon Crosby', 'Seth Fitzsimmons']  
+  p.author = ['Pelle Braendgaard','Blaine Cook','Larry Halff','Jesse Clark','Jon Crosby', 'Seth Fitzsimmons']
   p.email = "pelleb@gmail.com"
   p.description = "OAuth Core Ruby implementation"
   p.summary = p.description
   p.changes              = p.paragraphs_of("History.txt", 0..1).join("\n\n")
   p.rubyforge_name       = p.name # TODO this is default value
   p.url = "http://oauth.rubyforge.org"
-  
+
   p.extra_deps         = [
     ['ruby-hmac','>= 0.3.1']
   ]
@@ -22,7 +22,7 @@ $hoe = Hoe.new('oauth', OAuth::VERSION) do |p|
     ['actionpack'],
     ['rack']
   ]
-  
+
   p.clean_globs |= %w[**/.DS_Store tmp *.log **/.*.sw? *.gem .config **/.DS_Store]
   path = (p.rubyforge_name == p.name) ? p.rubyforge_name : "\#{p.rubyforge_name}/\#{p.name}"
   p.remote_rdoc_dir = File.join(path.gsub(/^#{p.rubyforge_name}\/?/,''), 'rdoc')

data/examples/yql.rb

@@ -0,0 +1,44 @@
+#!/usr/bin/env ruby -rubygems
+
+# Sample queries:
+#  ./yql.rb --consumer-key <key> --consumer-secret <secret> "show tables"
+#  ./yql.rb --consumer-key <key> --consumer-secret <secret> "select * from flickr.photos.search where text='Cat' limit 10"
+
+require 'oauth'
+require 'optparse'
+require 'json'
+require 'pp'
+
+options = {}
+
+option_parser = OptionParser.new do |opts|
+  opts.banner = "Usage: #{$0} [options] <query>"
+
+  opts.on("--consumer-key KEY", "Specifies the consumer key to use.") do |v|
+    options[:consumer_key] = v
+  end
+
+  opts.on("--consumer-secret SECRET", "Specifies the consumer secret to use.") do |v|
+    options[:consumer_secret] = v
+  end
+end
+
+option_parser.parse!
+query = ARGV.pop
+query = STDIN.read if query == "-"
+
+if options[:consumer_key].nil? || options[:consumer_secret].nil? || query.nil?
+  puts option_parser.help
+  exit 1
+end
+
+consumer = OAuth::Consumer.new \
+  options[:consumer_key],
+  options[:consumer_secret],
+  :site => "http://query.yahooapis.com"
+
+access_token = OAuth::AccessToken.new(consumer)
+
+response = access_token.request(:get, url = "/v1/yql?q=#{OAuth::Helper.escape(query)}&format=json")
+rsp = JSON.parse(response.body)
+pp rsp

data/lib/oauth/cli.rb

@@ -3,7 +3,10 @@ require 'oauth'
 
 module OAuth
   class CLI
-    SUPPORTED_COMMANDS = %w(sign)
+    SUPPORTED_COMMANDS = {
+      "debug" => "Verbosely generate an OAuth signature",
+      "sign"  => "Generate an OAuth signature"
+    }
 
     attr_reader :command
     attr_reader :options
@@ -22,6 +25,11 @@ module OAuth
       extract_command_and_parse_options(arguments)
 
       if sufficient_options? && valid_command?
+        if command == "debug"
+          @command = "sign"
+          @options[:verbose] = true
+        end
+
         case command
         when "sign"
           parameters = prepare_parameters
@@ -82,7 +90,7 @@ module OAuth
             stdout.puts "Signature:         #{request.oauth_signature}"
             stdout.puts "Escaped signature: #{OAuth::Helper.escape(request.oauth_signature)}"
           else
-            stdout.puts signature
+            stdout.puts request.oauth_signature
           end
         end
       else
@@ -207,13 +215,13 @@ module OAuth
       stdout.puts option_parser.help
       stdout.puts
       stdout.puts "Available commands:"
-      SUPPORTED_COMMANDS.each do |command|
-        puts "   #{command.ljust(15)}"
+      SUPPORTED_COMMANDS.each do |command, desc|
+        puts "   #{command.ljust(15)}#{desc}"
       end
     end
 
     def valid_command?
-      SUPPORTED_COMMANDS.include?(command)
+      SUPPORTED_COMMANDS.keys.include?(command)
     end
 
     def verbose?

data/lib/oauth/client/helper.rb

@@ -34,7 +34,7 @@ module OAuth::Client
         'oauth_timestamp'        => timestamp,
         'oauth_nonce'            => nonce,
         'oauth_version'          => '1.0'
-      }.reject { |k,v| v == "" }
+      }.reject { |k,v| v.to_s == "" }
     end
 
     def signature(extra_options = {})

data/lib/oauth/client/net_http.rb

@@ -64,7 +64,7 @@ private
   end
 
   def set_oauth_query_string
-    oauth_params_str = @oauth_helper.oauth_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
+    oauth_params_str = @oauth_helper.oauth_parameters.map { |k,v| [escape(k), escape(v)] * "=" }.join("&")
 
     uri = URI.parse(path)
     if !uri.query || uri.query == ''

data/lib/oauth/helper.rb

@@ -1,13 +1,12 @@
 require 'openssl'
 require 'base64'
-require 'cgi'
 
 module OAuth
   module Helper
     extend self
 
     def escape(value)
-      CGI.escape(value.to_s).gsub("%7E", '~').gsub("+", "%20")
+      URI::escape(value.to_s, OAuth::RESERVED_CHARACTERS)
     end
 
     def generate_key(size=32)
@@ -34,6 +33,21 @@ module OAuth
       end * "&"
     end
 
+    # Parse an Authorization / WWW-Authenticate header into a hash
+    def parse_header(header)
+      # decompose
+      params = header[6,header.length].split(/[,=]/)
+
+      # strip and unescape
+      params.map! { |v| unescape(v.strip) }
+
+      # strip quotes
+      params.map! { |v| v =~ /^\".*\"$/ ? v[1..-2] : v }
+
+      # convert into a Hash
+      Hash[*params.flatten]
+    end
+
     def unescape(value)
       URI.unescape(value.gsub('+', '%2B'))
     end

data/lib/oauth/oauth.rb

@@ -1,3 +1,7 @@
 module OAuth
+  # required parameters, per sections 6.1.1, 6.3.1, and 7
   PARAMETERS = %w(oauth_consumer_key oauth_token oauth_signature_method oauth_timestamp oauth_nonce oauth_version oauth_signature)
-end
+
+  # reserved character regexp, per section 5.1
+  RESERVED_CHARACTERS = /[^\w\d\-\.\_\~]/
+end

data/lib/oauth/request_proxy/base.rb

@@ -142,10 +142,10 @@ module OAuth::RequestProxy
         header = request.env[header]
         next unless header[0,6] == 'OAuth '
 
-        oauth_param_string = header[6,header.length].split(/[,=]/)
-        oauth_param_string.map! { |v| unescape(v.strip) }
-        oauth_param_string.map! { |v| v =~ /^\".*\"$/ ? v[1..-2] : v }
-        oauth_params = Hash[*oauth_param_string.flatten]
+        # parse the header into a Hash
+        oauth_params = OAuth::Helper.parse_header(header)
+
+        # remove non-OAuth parameters
         oauth_params.reject! { |k,v| k !~ /^oauth_/ }
 
         return oauth_params

data/lib/oauth/token.rb

@@ -1,135 +1,7 @@
-require 'oauth/helper'
-module OAuth
+# this exists for backwards-compatibility
 
-  # Superclass for the various tokens used by OAuth
-  class Token
-    include OAuth::Helper
-
-    attr_accessor :token, :secret
-
-    def initialize(token, secret)
-      @token = token
-      @secret = secret
-    end
-
-    def to_query
-      "oauth_token=#{escape(token)}&oauth_secret=#{escape(secret)}"
-    end
-  end
-
-  # Used on the server for generating tokens
-  class ServerToken < Token
-
-    def initialize
-      super(generate_key(16), generate_key)
-    end
-  end
-
-  # Superclass for tokens used by OAuth Clients
-  class ConsumerToken < Token
-    attr_accessor :consumer
-
-    def initialize(consumer, token="", secret="")
-      super(token, secret)
-      @consumer = consumer
-    end
-
-    # Make a signed request using given http_method to the path
-    #
-    #   @token.request(:get,  '/people')
-    #   @token.request(:post, '/people', @person.to_xml, { 'Content-Type' => 'application/xml' })
-    #
-    def request(http_method, path, *arguments)
-      response = consumer.request(http_method, path, self, {}, *arguments)
-    end
-
-    # Sign a request generated elsewhere using Net:HTTP::Post.new or friends
-    def sign!(request, options = {})
-      consumer.sign!(request, self, options)
-    end
-  end
-
-  # The RequestToken is used for the initial Request.
-  # This is normally created by the Consumer object.
-  class RequestToken < ConsumerToken
-
-    # Returns the authorization url that you need to use for redirecting the user
-    def authorize_url
-      consumer.authorize_url + "?oauth_token=" + CGI.escape(token)
-    end
-
-    # exchange for AccessToken on server
-    def get_access_token(options = {})
-      response = consumer.token_request(consumer.http_method, (consumer.access_token_url? ? consumer.access_token_url : consumer.access_token_path), self, options)
-      OAuth::AccessToken.new(consumer, response[:oauth_token], response[:oauth_token_secret])
-    end
-  end
-
-  # The Access Token is used for the actual "real" web service calls thatyou perform against the server
-  class AccessToken < ConsumerToken
-
-    # The less intrusive way. Otherwise, if we are to do it correctly inside consumer,
-    # we need to restructure and touch more methods: request(), sign!(), etc.
-    def request(http_method, path, *arguments)
-      request_uri = URI.parse(path)
-      site_uri = consumer.uri
-      is_service_uri_different = (request_uri.absolute? && request_uri != site_uri)
-      consumer.uri(request_uri) if is_service_uri_different
-      resp = super(http_method, path, *arguments)
-      # NOTE: reset for wholesomeness? meaning that we admit only AccessToken service calls may use different URIs?
-      # so reset in case consumer is still used for other token-management tasks subsequently?
-      consumer.uri(site_uri) if is_service_uri_different
-      resp
-    end
-
-    # Make a regular GET request using AccessToken
-    #
-    #   @response = @token.get('/people')
-    #   @response = @token.get('/people', { 'Accept'=>'application/xml' })
-    #
-    def get(path, headers = {})
-      request(:get, path, headers)
-    end
-
-    # Make a regular HEAD request using AccessToken
-    #
-    #   @response = @token.head('/people')
-    #
-    def head(path, headers = {})
-      request(:head, path, headers)
-    end
-
-    # Make a regular POST request using AccessToken
-    #
-    #   @response = @token.post('/people')
-    #   @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' })
-    #   @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
-    #   @response = @token.post('/people', nil, {'Accept' => 'application/xml' })
-    #   @response = @token.post('/people', @person.to_xml, { 'Accept'=>'application/xml', 'Content-Type' => 'application/xml' })
-    #
-    def post(path, body = '', headers = {})
-      request(:post, path, body, headers)
-    end
-
-    # Make a regular PUT request using AccessToken
-    #
-    #   @response = @token.put('/people/123')
-    #   @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' })
-    #   @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
-    #   @response = @token.put('/people/123', nil, { 'Accept' => 'application/xml' })
-    #   @response = @token.put('/people/123', @person.to_xml, { 'Accept' => 'application/xml', 'Content-Type' => 'application/xml' })
-    #
-    def put(path, body = '', headers = {})
-      request(:put, path, body, headers)
-    end
-
-    # Make a regular DELETE request using AccessToken
-    #
-    #   @response = @token.delete('/people/123')
-    #   @response = @token.delete('/people/123', { 'Accept' => 'application/xml' })
-    #
-    def delete(path, headers = {})
-      request(:delete, path, headers)
-    end
-  end
-end
+require 'oauth/tokens/token'
+require 'oauth/tokens/server_token'
+require 'oauth/tokens/consumer_token'
+require 'oauth/tokens/request_token'
+require 'oauth/tokens/access_token'

data/lib/oauth/tokens/access_token.rb

@@ -0,0 +1,68 @@
+module OAuth
+  # The Access Token is used for the actual "real" web service calls that you perform against the server
+  class AccessToken < ConsumerToken
+    # The less intrusive way. Otherwise, if we are to do it correctly inside consumer,
+    # we need to restructure and touch more methods: request(), sign!(), etc.
+    def request(http_method, path, *arguments)
+      request_uri = URI.parse(path)
+      site_uri = consumer.uri
+      is_service_uri_different = (request_uri.absolute? && request_uri != site_uri)
+      consumer.uri(request_uri) if is_service_uri_different
+      @response = super(http_method, path, *arguments)
+      # NOTE: reset for wholesomeness? meaning that we admit only AccessToken service calls may use different URIs?
+      # so reset in case consumer is still used for other token-management tasks subsequently?
+      consumer.uri(site_uri) if is_service_uri_different
+      @response
+    end
+
+    # Make a regular GET request using AccessToken
+    #
+    #   @response = @token.get('/people')
+    #   @response = @token.get('/people', { 'Accept'=>'application/xml' })
+    #
+    def get(path, headers = {})
+      request(:get, path, headers)
+    end
+
+    # Make a regular HEAD request using AccessToken
+    #
+    #   @response = @token.head('/people')
+    #
+    def head(path, headers = {})
+      request(:head, path, headers)
+    end
+
+    # Make a regular POST request using AccessToken
+    #
+    #   @response = @token.post('/people')
+    #   @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' })
+    #   @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
+    #   @response = @token.post('/people', nil, {'Accept' => 'application/xml' })
+    #   @response = @token.post('/people', @person.to_xml, { 'Accept'=>'application/xml', 'Content-Type' => 'application/xml' })
+    #
+    def post(path, body = '', headers = {})
+      request(:post, path, body, headers)
+    end
+
+    # Make a regular PUT request using AccessToken
+    #
+    #   @response = @token.put('/people/123')
+    #   @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' })
+    #   @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
+    #   @response = @token.put('/people/123', nil, { 'Accept' => 'application/xml' })
+    #   @response = @token.put('/people/123', @person.to_xml, { 'Accept' => 'application/xml', 'Content-Type' => 'application/xml' })
+    #
+    def put(path, body = '', headers = {})
+      request(:put, path, body, headers)
+    end
+
+    # Make a regular DELETE request using AccessToken
+    #
+    #   @response = @token.delete('/people/123')
+    #   @response = @token.delete('/people/123', { 'Accept' => 'application/xml' })
+    #
+    def delete(path, headers = {})
+      request(:delete, path, headers)
+    end
+  end
+end

data/lib/oauth/tokens/consumer_token.rb

@@ -0,0 +1,32 @@
+module OAuth
+  # Superclass for tokens used by OAuth Clients
+  class ConsumerToken < Token
+    attr_accessor :consumer, :params
+    attr_reader   :response
+
+    def self.from_hash(consumer, hash)
+      token = self.new(consumer, hash[:oauth_token], hash[:oauth_token_secret])
+      token.params = hash
+      token
+    end
+
+    def initialize(consumer, token="", secret="")
+      super(token, secret)
+      @consumer = consumer
+    end
+
+    # Make a signed request using given http_method to the path
+    #
+    #   @token.request(:get,  '/people')
+    #   @token.request(:post, '/people', @person.to_xml, { 'Content-Type' => 'application/xml' })
+    #
+    def request(http_method, path, *arguments)
+      @response = consumer.request(http_method, path, self, {}, *arguments)
+    end
+
+    # Sign a request generated elsewhere using Net:HTTP::Post.new or friends
+    def sign!(request, options = {})
+      consumer.sign!(request, self, options)
+    end
+  end
+end

data/lib/oauth/tokens/request_token.rb

@@ -0,0 +1,28 @@
+module OAuth
+  # The RequestToken is used for the initial Request.
+  # This is normally created by the Consumer object.
+  class RequestToken < ConsumerToken
+
+    # Generate an authorization URL for user authorization
+    def authorize_url(params = nil)
+      params = (params || {}).merge(:oauth_token => self.token)
+      build_authorize_url(consumer.authorize_url, params)
+    end
+
+    # exchange for AccessToken on server
+    def get_access_token(options = {})
+      response = consumer.token_request(consumer.http_method, (consumer.access_token_url? ? consumer.access_token_url : consumer.access_token_path), self, options)
+      OAuth::AccessToken.from_hash(consumer, response)
+    end
+
+  protected
+
+    # construct an authorization url
+    def build_authorize_url(base_url, params)
+      uri = URI.parse(base_url.to_s)
+      # TODO doesn't handle array values correctly
+      uri.query = params.map { |k,v| [k, CGI.escape(v)] * "=" } * "&"
+      uri.to_s
+    end
+  end
+end

data/lib/oauth/tokens/server_token.rb

@@ -0,0 +1,9 @@
+module OAuth
+  # Used on the server for generating tokens
+  class ServerToken < Token
+
+    def initialize
+      super(generate_key(16), generate_key)
+    end
+  end
+end

data/lib/oauth/tokens/token.rb

@@ -0,0 +1,17 @@
+module OAuth
+  # Superclass for the various tokens used by OAuth
+  class Token
+    include OAuth::Helper
+
+    attr_accessor :token, :secret
+
+    def initialize(token, secret)
+      @token = token
+      @secret = secret
+    end
+
+    def to_query
+      "oauth_token=#{escape(token)}&oauth_secret=#{escape(secret)}"
+    end
+  end
+end

data/lib/oauth/version.rb

@@ -1,3 +1,3 @@
 module OAuth #:nodoc:
-  VERSION = '0.3.1.5'
+  VERSION = '0.3.1.6'
 end

data/oauth.gemspec

@@ -2,17 +2,17 @@
 
 Gem::Specification.new do |s|
   s.name = %q{oauth}
-  s.version = "0.3.1.5"
+  s.version = "0.3.1.6"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons"]
-  s.date = %q{2009-02-05}
+  s.date = %q{2009-02-11}
   s.default_executable = %q{oauth}
   s.description = %q{OAuth Core Ruby implementation}
   s.email = %q{pelleb@gmail.com}
   s.executables = ["oauth"]
   s.extra_rdoc_files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "website/index.txt"]
-  s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "lib/oauth.rb", "lib/oauth/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
+  s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "examples/yql.rb", "lib/oauth.rb", "lib/oauth/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/tokens/access_token.rb", "lib/oauth/tokens/consumer_token.rb", "lib/oauth/tokens/request_token.rb", "lib/oauth/tokens/server_token.rb", "lib/oauth/tokens/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
   s.has_rdoc = true
   s.homepage = %q{http://oauth.rubyforge.org}
   s.rdoc_options = ["--main", "README.rdoc"]
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
   s.rubyforge_project = %q{oauth}
   s.rubygems_version = %q{1.3.1}
   s.summary = %q{OAuth Core Ruby implementation}
-  s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
+  s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
 
   if s.respond_to? :specification_version then
     current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION

data/test/test_access_token.rb

@@ -0,0 +1,28 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+require 'oauth/token'
+require 'oauth/consumer'
+
+class TestAccessToken < Test::Unit::TestCase
+  def setup
+    @fake_response = {
+      :user_id => 5734758743895,
+      :oauth_token => "key",
+      :oauth_token_secret => "secret"
+    }
+    # setup a fake req. token. mocking Consumer would be more appropriate...
+    @access_token = OAuth::AccessToken.from_hash(
+      OAuth::Consumer.new("key", "secret", {}),
+      @fake_response
+    )
+  end
+
+  def test_provides_response_parameters
+    assert @access_token
+    assert_respond_to @access_token, :params
+  end
+
+  def test_access_token_makes_non_oauth_response_params_available
+    assert_not_nil @access_token.params[:user_id]
+    assert_equal 5734758743895, @access_token.params[:user_id]
+  end
+end

data/test/test_request_token.rb

@@ -0,0 +1,53 @@
+require File.dirname(__FILE__) + '/test_helper.rb'
+require 'oauth/token'
+require 'oauth/consumer'
+
+class StubbedToken < OAuth::RequestToken
+  define_method :build_authorize_url_promoted do |root_domain, params|
+    build_authorize_url root_domain, params
+  end
+end
+
+class TestRequestToken < Test::Unit::TestCase
+  def setup
+    # setup a fake req. token. mocking Consumer would be more appropriate...
+    @request_token = OAuth::RequestToken.new(
+      OAuth::Consumer.new("key", "secret", {}),
+      "key",
+      "secret"
+    )
+  end
+
+  def test_request_token_builds_authorize_url_connectly_with_additional_params
+    auth_url = @request_token.authorize_url({:oauth_callback => "github.com"})
+    assert_not_nil auth_url
+    assert_match(/oauth_token/, auth_url)
+    assert_match(/oauth_callback/, auth_url)
+  end
+
+  def test_request_token_builds_authorize_url_connectly_with_no_or_nil_params
+    # we should only have 1 key in the url returned if we didn't pass anything.
+    # this is the only required param to authenticate the client.
+    auth_url = @request_token.authorize_url(nil)
+    assert_not_nil auth_url
+    assert_match(/\?oauth_token=/, auth_url)
+
+    auth_url = @request_token.authorize_url
+    assert_not_nil auth_url
+    assert_match(/\?oauth_token=/, auth_url)
+  end
+
+  #TODO: mock out the Consumer to test the Consumer/AccessToken interaction.
+  def test_get_access_token
+  end
+
+  def test_build_authorize_url
+   @stubbed_token = StubbedToken.new(nil, nil, nil)
+    assert_respond_to @stubbed_token, :build_authorize_url_promoted
+    url = @stubbed_token.build_authorize_url_promoted(
+      "http://github.com/oauth/authorize",
+      {:foo => "bar bar"})
+    assert url
+    assert_equal "http://github.com/oauth/authorize?foo=bar+bar", url
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: mojodna-oauth
 version: !ruby/object:Gem::Version 
-  version: 0.3.1.5
+  version: 0.3.1.6
 platform: ruby
 authors: 
 - Pelle Braendgaard
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-02-05 00:00:00 -08:00
+date: 2009-02-11 00:00:00 -08:00
 default_executable: oauth
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -82,6 +82,7 @@ files:
 - Rakefile
 - TODO
 - bin/oauth
+- examples/yql.rb
 - lib/oauth.rb
 - lib/oauth/oauth.rb
 - lib/oauth/cli.rb
@@ -112,6 +113,11 @@ files:
 - lib/oauth/signature/rsa/sha1.rb
 - lib/oauth/signature/sha1.rb
 - lib/oauth/token.rb
+- lib/oauth/tokens/access_token.rb
+- lib/oauth/tokens/consumer_token.rb
+- lib/oauth/tokens/request_token.rb
+- lib/oauth/tokens/server_token.rb
+- lib/oauth/tokens/token.rb
 - lib/oauth/version.rb
 - oauth.gemspec
 - script/destroy
@@ -128,6 +134,7 @@ files:
 - test/cases/spec/1_0-final/test_signature_base_strings.rb
 - test/keys/rsa.cert
 - test/keys/rsa.pem
+- test/test_access_token.rb
 - test/test_action_controller_request_proxy.rb
 - test/test_consumer.rb
 - test/test_helper.rb
@@ -135,6 +142,7 @@ files:
 - test/test_net_http_client.rb
 - test/test_net_http_request_proxy.rb
 - test/test_rack_request_proxy.rb
+- test/test_request_token.rb
 - test/test_rsa_sha1.rb
 - test/test_server.rb
 - test/test_signature.rb
@@ -178,6 +186,7 @@ test_files:
 - test/cases/spec/1_0-final/test_normalize_request_parameters.rb
 - test/cases/spec/1_0-final/test_parameter_encodings.rb
 - test/cases/spec/1_0-final/test_signature_base_strings.rb
+- test/test_access_token.rb
 - test/test_action_controller_request_proxy.rb
 - test/test_consumer.rb
 - test/test_helper.rb
@@ -185,6 +194,7 @@ test_files:
 - test/test_net_http_client.rb
 - test/test_net_http_request_proxy.rb
 - test/test_rack_request_proxy.rb
+- test/test_request_token.rb
 - test/test_rsa_sha1.rb
 - test/test_server.rb
 - test/test_signature.rb