monkeyhelper-oauth 0.3.1 → 0.3.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/History.txt +62 -17
- data/Manifest.txt +14 -1
- data/README.rdoc +7 -9
- data/Rakefile +7 -5
- data/TODO +17 -0
- data/bin/oauth +2 -2
- data/examples/yql.rb +44 -0
- data/lib/oauth/cli.rb +267 -31
- data/lib/oauth/client/action_controller_request.rb +14 -12
- data/lib/oauth/client/helper.rb +22 -14
- data/lib/oauth/client/net_http.rb +53 -22
- data/lib/oauth/consumer.rb +217 -111
- data/lib/oauth/errors/error.rb +4 -0
- data/lib/oauth/errors/problem.rb +14 -0
- data/lib/oauth/errors/unauthorized.rb +12 -0
- data/lib/oauth/errors.rb +3 -0
- data/lib/oauth/helper.rb +67 -6
- data/lib/oauth/oauth.rb +11 -0
- data/lib/oauth/oauth_test_helper.rb +12 -13
- data/lib/oauth/request_proxy/action_controller_request.rb +8 -8
- data/lib/oauth/request_proxy/base.rb +102 -44
- data/lib/oauth/request_proxy/jabber_request.rb +1 -2
- data/lib/oauth/request_proxy/mock_request.rb +8 -0
- data/lib/oauth/request_proxy/net_http.rb +2 -2
- data/lib/oauth/request_proxy/rack_request.rb +7 -7
- data/lib/oauth/server.rb +31 -33
- data/lib/oauth/signature/base.rb +23 -21
- data/lib/oauth/signature/hmac/base.rb +1 -1
- data/lib/oauth/signature/hmac/sha1.rb +0 -1
- data/lib/oauth/signature/plaintext.rb +2 -2
- data/lib/oauth/signature/rsa/sha1.rb +5 -4
- data/lib/oauth/signature.rb +9 -0
- data/lib/oauth/token.rb +6 -136
- data/lib/oauth/tokens/access_token.rb +68 -0
- data/lib/oauth/tokens/consumer_token.rb +33 -0
- data/lib/oauth/tokens/request_token.rb +32 -0
- data/lib/oauth/tokens/server_token.rb +9 -0
- data/lib/oauth/tokens/token.rb +17 -0
- data/lib/oauth/version.rb +1 -1
- data/lib/oauth.rb +1 -0
- data/oauth.gemspec +12 -6
- data/test/cases/spec/1_0-final/test_construct_request_url.rb +1 -1
- data/test/test_access_token.rb +28 -0
- data/test/test_action_controller_request_proxy.rb +105 -6
- data/test/test_consumer.rb +41 -5
- data/test/test_helper.rb +0 -5
- data/test/test_net_http_client.rb +38 -20
- data/test/test_net_http_request_proxy.rb +43 -8
- data/test/test_oauth_helper.rb +50 -0
- data/test/test_request_token.rb +53 -0
- data/test/test_server.rb +1 -1
- data/test/test_signature.rb +19 -11
- data/website/index.html +2 -2
- metadata +41 -3
data/lib/oauth/token.rb
CHANGED
|
@@ -1,137 +1,7 @@
|
|
|
1
|
-
|
|
2
|
-
module OAuth
|
|
3
|
-
|
|
4
|
-
# Superclass for the various tokens used by OAuth
|
|
5
|
-
|
|
6
|
-
class Token
|
|
7
|
-
include OAuth::Helper
|
|
8
|
-
|
|
9
|
-
attr_accessor :token, :secret
|
|
1
|
+
# this exists for backwards-compatibility
|
|
10
2
|
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
def to_query
|
|
17
|
-
"oauth_token=#{escape(token)}&oauth_secret=#{escape(secret)}"
|
|
18
|
-
end
|
|
19
|
-
|
|
20
|
-
end
|
|
21
|
-
|
|
22
|
-
# Used on the server for generating tokens
|
|
23
|
-
class ServerToken<Token
|
|
24
|
-
|
|
25
|
-
def initialize
|
|
26
|
-
super generate_key(16),generate_key
|
|
27
|
-
end
|
|
28
|
-
end
|
|
29
|
-
# Superclass for tokens used by OAuth Clients
|
|
30
|
-
class ConsumerToken<Token
|
|
31
|
-
attr_accessor :consumer
|
|
32
|
-
|
|
33
|
-
def initialize(consumer,token="",secret="")
|
|
34
|
-
super token,secret
|
|
35
|
-
@consumer=consumer
|
|
36
|
-
end
|
|
37
|
-
|
|
38
|
-
# Make a signed request using given http_method to the path
|
|
39
|
-
#
|
|
40
|
-
# @token.request(:get,'/people')
|
|
41
|
-
# @token.request(:post,'/people',@person.to_xml,{ 'Content-Type' => 'application/xml' })
|
|
42
|
-
#
|
|
43
|
-
def request(http_method,path,*arguments)
|
|
44
|
-
response=consumer.request(http_method,path,self,{},*arguments)
|
|
45
|
-
end
|
|
46
|
-
|
|
47
|
-
# Sign a request generated elsewhere using Net:HTTP::Post.new or friends
|
|
48
|
-
def sign!(request,options = {})
|
|
49
|
-
consumer.sign!(request,self,options)
|
|
50
|
-
end
|
|
51
|
-
|
|
52
|
-
end
|
|
53
|
-
|
|
54
|
-
# The RequestToken is used for the initial Request.
|
|
55
|
-
# This is normally created by the Consumer object.
|
|
56
|
-
class RequestToken<ConsumerToken
|
|
57
|
-
|
|
58
|
-
# Returns the authorization url that you need to use for redirecting the user
|
|
59
|
-
def authorize_url
|
|
60
|
-
consumer.authorize_url+"?oauth_token="+CGI.escape(token)
|
|
61
|
-
end
|
|
62
|
-
|
|
63
|
-
# exchange for AccessToken on server
|
|
64
|
-
def get_access_token(options={})
|
|
65
|
-
response=consumer.token_request(consumer.http_method,(consumer.access_token_url? ? consumer.access_token_url : consumer.access_token_path),self,options)
|
|
66
|
-
OAuth::AccessToken.new(consumer,response[:oauth_token],response[:oauth_token_secret])
|
|
67
|
-
end
|
|
68
|
-
end
|
|
69
|
-
|
|
70
|
-
# The Access Token is used for the actual "real" web service calls thatyou perform against the server
|
|
71
|
-
class AccessToken<ConsumerToken
|
|
72
|
-
|
|
73
|
-
# The less intrusive way. Otherwise, if we are to do it correctly inside consumer,
|
|
74
|
-
# we need to restructure and touch more methods: request(), sign!(), etc.
|
|
75
|
-
def request(http_method, path, *arguments)
|
|
76
|
-
request_uri = URI.parse(path)
|
|
77
|
-
site_uri = consumer.uri
|
|
78
|
-
is_service_uri_different = (request_uri.absolute? && request_uri != site_uri)
|
|
79
|
-
consumer.uri(request_uri) if is_service_uri_different
|
|
80
|
-
resp = super(http_method, path, *arguments)
|
|
81
|
-
# NOTE: reset for wholesomeness? meaning that we admit only AccessToken service calls may use different URIs?
|
|
82
|
-
# so reset in case consumer is still used for other token-management tasks subsequently?
|
|
83
|
-
consumer.uri(site_uri) if is_service_uri_different
|
|
84
|
-
resp
|
|
85
|
-
end
|
|
86
|
-
|
|
87
|
-
# Make a regular get request using AccessToken
|
|
88
|
-
#
|
|
89
|
-
# @response=@token.get('/people')
|
|
90
|
-
# @response=@token.get('/people',{'Accept'=>'application/xml'})
|
|
91
|
-
#
|
|
92
|
-
def get(path,headers={})
|
|
93
|
-
request(:get,path,headers)
|
|
94
|
-
end
|
|
95
|
-
|
|
96
|
-
# Make a regular head request using AccessToken
|
|
97
|
-
#
|
|
98
|
-
# @response=@token.head('/people')
|
|
99
|
-
#
|
|
100
|
-
def head(path,headers={})
|
|
101
|
-
request(:head,path,headers)
|
|
102
|
-
end
|
|
103
|
-
|
|
104
|
-
# Make a regular post request using AccessToken
|
|
105
|
-
#
|
|
106
|
-
# @response=@token.post('/people')
|
|
107
|
-
# @response=@token.post('/people',{:name=>'Bob',:email=>'bob@mailinator.com'})
|
|
108
|
-
# @response=@token.post('/people',{:name=>'Bob',:email=>'bob@mailinator.com'},{'Accept'=>'application/xml'})
|
|
109
|
-
# @response=@token.post('/people',nil,{'Accept'=>'application/xml'})
|
|
110
|
-
# @response=@token.post('/people',@person.to_xml,{'Accept'=>'application/xml','Content-Type' => 'application/xml'})
|
|
111
|
-
#
|
|
112
|
-
def post(path, body = '',headers={})
|
|
113
|
-
request(:post,path,body,headers)
|
|
114
|
-
end
|
|
115
|
-
|
|
116
|
-
# Make a regular put request using AccessToken
|
|
117
|
-
#
|
|
118
|
-
# @response=@token.put('/people/123')
|
|
119
|
-
# @response=@token.put('/people/123',{:name=>'Bob',:email=>'bob@mailinator.com'})
|
|
120
|
-
# @response=@token.put('/people/123',{:name=>'Bob',:email=>'bob@mailinator.com'},{'Accept'=>'application/xml'})
|
|
121
|
-
# @response=@token.put('/people/123',nil,{'Accept'=>'application/xml'})
|
|
122
|
-
# @response=@token.put('/people/123',@person.to_xml,{'Accept'=>'application/xml','Content-Type' => 'application/xml'})
|
|
123
|
-
#
|
|
124
|
-
def put(path, body = '', headers={})
|
|
125
|
-
request(:put,path,body,headers)
|
|
126
|
-
end
|
|
127
|
-
|
|
128
|
-
# Make a regular delete request using AccessToken
|
|
129
|
-
#
|
|
130
|
-
# @response=@token.delete('/people/123')
|
|
131
|
-
# @response=@token.delete('/people/123',{'Accept'=>'application/xml'})
|
|
132
|
-
#
|
|
133
|
-
def delete(path,headers={})
|
|
134
|
-
request(:delete,path,headers)
|
|
135
|
-
end
|
|
136
|
-
end
|
|
137
|
-
end
|
|
3
|
+
require 'oauth/tokens/token'
|
|
4
|
+
require 'oauth/tokens/server_token'
|
|
5
|
+
require 'oauth/tokens/consumer_token'
|
|
6
|
+
require 'oauth/tokens/request_token'
|
|
7
|
+
require 'oauth/tokens/access_token'
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
module OAuth
|
|
2
|
+
# The Access Token is used for the actual "real" web service calls that you perform against the server
|
|
3
|
+
class AccessToken < ConsumerToken
|
|
4
|
+
# The less intrusive way. Otherwise, if we are to do it correctly inside consumer,
|
|
5
|
+
# we need to restructure and touch more methods: request(), sign!(), etc.
|
|
6
|
+
def request(http_method, path, *arguments)
|
|
7
|
+
request_uri = URI.parse(path)
|
|
8
|
+
site_uri = consumer.uri
|
|
9
|
+
is_service_uri_different = (request_uri.absolute? && request_uri != site_uri)
|
|
10
|
+
consumer.uri(request_uri) if is_service_uri_different
|
|
11
|
+
@response = super(http_method, path, *arguments)
|
|
12
|
+
# NOTE: reset for wholesomeness? meaning that we admit only AccessToken service calls may use different URIs?
|
|
13
|
+
# so reset in case consumer is still used for other token-management tasks subsequently?
|
|
14
|
+
consumer.uri(site_uri) if is_service_uri_different
|
|
15
|
+
@response
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
# Make a regular GET request using AccessToken
|
|
19
|
+
#
|
|
20
|
+
# @response = @token.get('/people')
|
|
21
|
+
# @response = @token.get('/people', { 'Accept'=>'application/xml' })
|
|
22
|
+
#
|
|
23
|
+
def get(path, headers = {})
|
|
24
|
+
request(:get, path, headers)
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
# Make a regular HEAD request using AccessToken
|
|
28
|
+
#
|
|
29
|
+
# @response = @token.head('/people')
|
|
30
|
+
#
|
|
31
|
+
def head(path, headers = {})
|
|
32
|
+
request(:head, path, headers)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
# Make a regular POST request using AccessToken
|
|
36
|
+
#
|
|
37
|
+
# @response = @token.post('/people')
|
|
38
|
+
# @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' })
|
|
39
|
+
# @response = @token.post('/people', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
|
|
40
|
+
# @response = @token.post('/people', nil, {'Accept' => 'application/xml' })
|
|
41
|
+
# @response = @token.post('/people', @person.to_xml, { 'Accept'=>'application/xml', 'Content-Type' => 'application/xml' })
|
|
42
|
+
#
|
|
43
|
+
def post(path, body = '', headers = {})
|
|
44
|
+
request(:post, path, body, headers)
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
# Make a regular PUT request using AccessToken
|
|
48
|
+
#
|
|
49
|
+
# @response = @token.put('/people/123')
|
|
50
|
+
# @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' })
|
|
51
|
+
# @response = @token.put('/people/123', { :name => 'Bob', :email => 'bob@mailinator.com' }, { 'Accept' => 'application/xml' })
|
|
52
|
+
# @response = @token.put('/people/123', nil, { 'Accept' => 'application/xml' })
|
|
53
|
+
# @response = @token.put('/people/123', @person.to_xml, { 'Accept' => 'application/xml', 'Content-Type' => 'application/xml' })
|
|
54
|
+
#
|
|
55
|
+
def put(path, body = '', headers = {})
|
|
56
|
+
request(:put, path, body, headers)
|
|
57
|
+
end
|
|
58
|
+
|
|
59
|
+
# Make a regular DELETE request using AccessToken
|
|
60
|
+
#
|
|
61
|
+
# @response = @token.delete('/people/123')
|
|
62
|
+
# @response = @token.delete('/people/123', { 'Accept' => 'application/xml' })
|
|
63
|
+
#
|
|
64
|
+
def delete(path, headers = {})
|
|
65
|
+
request(:delete, path, headers)
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
end
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
module OAuth
|
|
2
|
+
# Superclass for tokens used by OAuth Clients
|
|
3
|
+
class ConsumerToken < Token
|
|
4
|
+
attr_accessor :consumer, :params
|
|
5
|
+
attr_reader :response
|
|
6
|
+
|
|
7
|
+
def self.from_hash(consumer, hash)
|
|
8
|
+
token = self.new(consumer, hash[:oauth_token], hash[:oauth_token_secret])
|
|
9
|
+
token.params = hash
|
|
10
|
+
token
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def initialize(consumer, token="", secret="")
|
|
14
|
+
super(token, secret)
|
|
15
|
+
@consumer = consumer
|
|
16
|
+
@params = {}
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
# Make a signed request using given http_method to the path
|
|
20
|
+
#
|
|
21
|
+
# @token.request(:get, '/people')
|
|
22
|
+
# @token.request(:post, '/people', @person.to_xml, { 'Content-Type' => 'application/xml' })
|
|
23
|
+
#
|
|
24
|
+
def request(http_method, path, *arguments)
|
|
25
|
+
@response = consumer.request(http_method, path, self, {}, *arguments)
|
|
26
|
+
end
|
|
27
|
+
|
|
28
|
+
# Sign a request generated elsewhere using Net:HTTP::Post.new or friends
|
|
29
|
+
def sign!(request, options = {})
|
|
30
|
+
consumer.sign!(request, self, options)
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
module OAuth
|
|
2
|
+
# The RequestToken is used for the initial Request.
|
|
3
|
+
# This is normally created by the Consumer object.
|
|
4
|
+
class RequestToken < ConsumerToken
|
|
5
|
+
|
|
6
|
+
# Generate an authorization URL for user authorization
|
|
7
|
+
def authorize_url(params = nil)
|
|
8
|
+
params = (params || {}).merge(:oauth_token => self.token)
|
|
9
|
+
build_authorize_url(consumer.authorize_url, params)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
def callback_confirmed?
|
|
13
|
+
params[:oauth_callback_confirmed] == "true"
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
# exchange for AccessToken on server
|
|
17
|
+
def get_access_token(options = {}, *arguments)
|
|
18
|
+
response = consumer.token_request(consumer.http_method, (consumer.access_token_url? ? consumer.access_token_url : consumer.access_token_path), self, options, *arguments)
|
|
19
|
+
OAuth::AccessToken.from_hash(consumer, response)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
protected
|
|
23
|
+
|
|
24
|
+
# construct an authorization url
|
|
25
|
+
def build_authorize_url(base_url, params)
|
|
26
|
+
uri = URI.parse(base_url.to_s)
|
|
27
|
+
# TODO doesn't handle array values correctly
|
|
28
|
+
uri.query = params.map { |k,v| [k, CGI.escape(v)] * "=" } * "&"
|
|
29
|
+
uri.to_s
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
module OAuth
|
|
2
|
+
# Superclass for the various tokens used by OAuth
|
|
3
|
+
class Token
|
|
4
|
+
include OAuth::Helper
|
|
5
|
+
|
|
6
|
+
attr_accessor :token, :secret
|
|
7
|
+
|
|
8
|
+
def initialize(token, secret)
|
|
9
|
+
@token = token
|
|
10
|
+
@secret = secret
|
|
11
|
+
end
|
|
12
|
+
|
|
13
|
+
def to_query
|
|
14
|
+
"oauth_token=#{escape(token)}&oauth_secret=#{escape(secret)}"
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
data/lib/oauth/version.rb
CHANGED
data/lib/oauth.rb
CHANGED
data/oauth.gemspec
CHANGED
|
@@ -2,17 +2,17 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = %q{oauth}
|
|
5
|
-
s.version = "0.3.
|
|
5
|
+
s.version = "0.3.5"
|
|
6
6
|
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
|
8
|
-
s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons"]
|
|
9
|
-
s.date = %q{2009-
|
|
8
|
+
s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons", "Matt Sanford"]
|
|
9
|
+
s.date = %q{2009-06-03}
|
|
10
10
|
s.default_executable = %q{oauth}
|
|
11
11
|
s.description = %q{OAuth Core Ruby implementation}
|
|
12
|
-
s.email = %q{
|
|
12
|
+
s.email = %q{oauth-ruby@googlegroups.com}
|
|
13
13
|
s.executables = ["oauth"]
|
|
14
14
|
s.extra_rdoc_files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "website/index.txt"]
|
|
15
|
-
s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "lib/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
|
|
15
|
+
s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "examples/yql.rb", "lib/oauth.rb", "lib/oauth/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/errors.rb", "lib/oauth/errors/error.rb", "lib/oauth/errors/problem.rb", "lib/oauth/errors/unauthorized.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/tokens/access_token.rb", "lib/oauth/tokens/consumer_token.rb", "lib/oauth/tokens/request_token.rb", "lib/oauth/tokens/server_token.rb", "lib/oauth/tokens/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_oauth_helper.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
|
|
16
16
|
s.has_rdoc = true
|
|
17
17
|
s.homepage = %q{http://oauth.rubyforge.org}
|
|
18
18
|
s.rdoc_options = ["--main", "README.rdoc"]
|
|
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
|
|
|
20
20
|
s.rubyforge_project = %q{oauth}
|
|
21
21
|
s.rubygems_version = %q{1.3.1}
|
|
22
22
|
s.summary = %q{OAuth Core Ruby implementation}
|
|
23
|
-
s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
|
|
23
|
+
s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_access_token.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_oauth_helper.rb", "test/test_rack_request_proxy.rb", "test/test_request_token.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
|
|
24
24
|
|
|
25
25
|
if s.respond_to? :specification_version then
|
|
26
26
|
current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
|
|
@@ -29,15 +29,21 @@ Gem::Specification.new do |s|
|
|
|
29
29
|
if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
|
|
30
30
|
s.add_runtime_dependency(%q<ruby-hmac>, [">= 0.3.1"])
|
|
31
31
|
s.add_development_dependency(%q<newgem>, [">= 1.2.3"])
|
|
32
|
+
s.add_development_dependency(%q<actionpack>, [">= 0"])
|
|
33
|
+
s.add_development_dependency(%q<rack>, [">= 0"])
|
|
32
34
|
s.add_development_dependency(%q<hoe>, [">= 1.8.0"])
|
|
33
35
|
else
|
|
34
36
|
s.add_dependency(%q<ruby-hmac>, [">= 0.3.1"])
|
|
35
37
|
s.add_dependency(%q<newgem>, [">= 1.2.3"])
|
|
38
|
+
s.add_dependency(%q<actionpack>, [">= 0"])
|
|
39
|
+
s.add_dependency(%q<rack>, [">= 0"])
|
|
36
40
|
s.add_dependency(%q<hoe>, [">= 1.8.0"])
|
|
37
41
|
end
|
|
38
42
|
else
|
|
39
43
|
s.add_dependency(%q<ruby-hmac>, [">= 0.3.1"])
|
|
40
44
|
s.add_dependency(%q<newgem>, [">= 1.2.3"])
|
|
45
|
+
s.add_dependency(%q<actionpack>, [">= 0"])
|
|
46
|
+
s.add_dependency(%q<rack>, [">= 0"])
|
|
41
47
|
s.add_dependency(%q<hoe>, [">= 1.8.0"])
|
|
42
48
|
end
|
|
43
49
|
end
|
|
@@ -40,7 +40,7 @@ class ConstructRequestUrlTest < OAuthCase
|
|
|
40
40
|
assert_request_url("https://example.com/resource","HTTPS://Example.com:443/resource?id=123")
|
|
41
41
|
end
|
|
42
42
|
|
|
43
|
-
def
|
|
43
|
+
def test_of_normalized_https
|
|
44
44
|
assert_request_url("https://example.com/resource","https://example.com/resource")
|
|
45
45
|
end
|
|
46
46
|
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
require File.dirname(__FILE__) + '/test_helper.rb'
|
|
2
|
+
require 'oauth/token'
|
|
3
|
+
require 'oauth/consumer'
|
|
4
|
+
|
|
5
|
+
class TestAccessToken < Test::Unit::TestCase
|
|
6
|
+
def setup
|
|
7
|
+
@fake_response = {
|
|
8
|
+
:user_id => 5734758743895,
|
|
9
|
+
:oauth_token => "key",
|
|
10
|
+
:oauth_token_secret => "secret"
|
|
11
|
+
}
|
|
12
|
+
# setup a fake req. token. mocking Consumer would be more appropriate...
|
|
13
|
+
@access_token = OAuth::AccessToken.from_hash(
|
|
14
|
+
OAuth::Consumer.new("key", "secret", {}),
|
|
15
|
+
@fake_response
|
|
16
|
+
)
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
def test_provides_response_parameters
|
|
20
|
+
assert @access_token
|
|
21
|
+
assert_respond_to @access_token, :params
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def test_access_token_makes_non_oauth_response_params_available
|
|
25
|
+
assert_not_nil @access_token.params[:user_id]
|
|
26
|
+
assert_equal 5734758743895, @access_token.params[:user_id]
|
|
27
|
+
end
|
|
28
|
+
end
|
|
@@ -5,24 +5,123 @@ require 'action_controller/test_process'
|
|
|
5
5
|
|
|
6
6
|
class ActionControllerRequestProxyTest < Test::Unit::TestCase
|
|
7
7
|
|
|
8
|
-
def request_proxy(
|
|
9
|
-
request = ActionController::TestRequest.new
|
|
8
|
+
def request_proxy(request_method = :get, uri_params = {}, body_params = {})
|
|
9
|
+
request = ActionController::TestRequest.new
|
|
10
|
+
|
|
11
|
+
case request_method
|
|
12
|
+
when :post
|
|
13
|
+
request.env['REQUEST_METHOD'] = 'POST'
|
|
14
|
+
when :put
|
|
15
|
+
request.env['REQUEST_METHOD'] = 'PUT'
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
request.env['RAW_POST_DATA'] = body_params.to_query
|
|
10
19
|
request.env['CONTENT_TYPE'] = 'application/x-www-form-urlencoded'
|
|
20
|
+
|
|
11
21
|
yield request if block_given?
|
|
12
|
-
OAuth::RequestProxy.proxy(request)
|
|
22
|
+
OAuth::RequestProxy.proxy(request, :parameters=>uri_params)
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
def test_that_proxy_simple_get_request_works_with_query_params
|
|
26
|
+
request_proxy = request_proxy(:get, {'key'=>'value'})
|
|
27
|
+
|
|
28
|
+
expected_parameters = [["key", "value"]]
|
|
29
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
|
30
|
+
assert_equal 'GET', request_proxy.method
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def test_that_proxy_simple_post_request_works_with_query_params
|
|
34
|
+
request_proxy = request_proxy(:post, {'key'=>'value'})
|
|
35
|
+
|
|
36
|
+
expected_parameters = [["key", "value"]]
|
|
37
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
|
38
|
+
assert_equal 'POST', request_proxy.method
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
def test_that_proxy_simple_put_request_works_with_query_params
|
|
42
|
+
request_proxy = request_proxy(:put, {'key'=>'value'})
|
|
43
|
+
|
|
44
|
+
expected_parameters = [["key", "value"]]
|
|
45
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
|
46
|
+
assert_equal 'PUT', request_proxy.method
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def test_that_proxy_simple_put_request_works_with_post_params
|
|
50
|
+
request_proxy = request_proxy(:get, {}, {'key'=>'value'})
|
|
51
|
+
|
|
52
|
+
expected_parameters = []
|
|
53
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
|
54
|
+
assert_equal 'GET', request_proxy.method
|
|
13
55
|
end
|
|
14
|
-
|
|
56
|
+
|
|
57
|
+
def test_that_proxy_simple_post_request_works_with_post_params
|
|
58
|
+
request_proxy = request_proxy(:post, {}, {'key'=>'value'})
|
|
59
|
+
|
|
60
|
+
expected_parameters = [["key", "value"]]
|
|
61
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
|
62
|
+
assert_equal 'POST', request_proxy.method
|
|
63
|
+
end
|
|
64
|
+
|
|
65
|
+
def test_that_proxy_simple_put_request_works_with_post_params
|
|
66
|
+
request_proxy = request_proxy(:put, {}, {'key'=>'value'})
|
|
67
|
+
|
|
68
|
+
expected_parameters = []
|
|
69
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
|
70
|
+
assert_equal 'PUT', request_proxy.method
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def test_that_proxy_simple_put_request_works_with_mixed_params
|
|
74
|
+
request_proxy = request_proxy(:get, {'key'=>'value'}, {'key2'=>'value2'})
|
|
75
|
+
|
|
76
|
+
expected_parameters = [["key", "value"]]
|
|
77
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
|
78
|
+
assert_equal 'GET', request_proxy.method
|
|
79
|
+
end
|
|
80
|
+
|
|
81
|
+
def test_that_proxy_simple_post_request_works_with_mixed_params
|
|
82
|
+
request_proxy = request_proxy(:post, {'key'=>'value'}, {'key2'=>'value2'})
|
|
83
|
+
|
|
84
|
+
expected_parameters = [["key", "value"],["key2", "value2"]]
|
|
85
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
|
86
|
+
assert_equal 'POST', request_proxy.method
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
def test_that_proxy_simple_put_request_works_with_mixed_params
|
|
90
|
+
request_proxy = request_proxy(:put, {'key'=>'value'}, {'key2'=>'value2'})
|
|
91
|
+
|
|
92
|
+
expected_parameters = [["key", "value"]]
|
|
93
|
+
assert_equal expected_parameters, request_proxy.parameters_for_signature
|
|
94
|
+
assert_equal 'PUT', request_proxy.method
|
|
95
|
+
end
|
|
96
|
+
|
|
15
97
|
def test_parameter_keys_should_preserve_brackets_from_hash
|
|
16
98
|
assert_equal(
|
|
17
99
|
[["message[body]", "This is a test"]],
|
|
18
|
-
request_proxy({ :message => { :body => 'This is a test' }}).parameters_for_signature
|
|
100
|
+
request_proxy(:post, { :message => { :body => 'This is a test' }}).parameters_for_signature
|
|
101
|
+
)
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
def test_parameter_values_with_amps_should_not_break_parameter_parsing
|
|
105
|
+
assert_equal(
|
|
106
|
+
[['message[body]', 'http://foo.com/?a=b&c=d']],
|
|
107
|
+
request_proxy(:post, { :message => { :body => 'http://foo.com/?a=b&c=d'}}).parameters_for_signature
|
|
19
108
|
)
|
|
20
109
|
end
|
|
21
110
|
|
|
22
111
|
def test_parameter_keys_should_preserve_brackets_from_array
|
|
23
112
|
assert_equal(
|
|
24
113
|
[["foo[]", "123"], ["foo[]", "456"]],
|
|
25
|
-
request_proxy({ :foo => [123, 456] }).parameters_for_signature.sort
|
|
114
|
+
request_proxy(:post, { :foo => [123, 456] }).parameters_for_signature.sort
|
|
115
|
+
)
|
|
116
|
+
end
|
|
117
|
+
|
|
118
|
+
def test_query_string_parameter_values_should_be_cgi_unescaped
|
|
119
|
+
request = request_proxy do |r|
|
|
120
|
+
r.env['QUERY_STRING'] = 'url=http%3A%2F%2Ffoo.com%2F%3Fa%3Db%26c%3Dd'
|
|
121
|
+
end
|
|
122
|
+
assert_equal(
|
|
123
|
+
[['url', 'http://foo.com/?a=b&c=d']],
|
|
124
|
+
request.parameters_for_signature.sort
|
|
26
125
|
)
|
|
27
126
|
end
|
|
28
127
|
end
|
data/test/test_consumer.rb
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
require '
|
|
2
|
-
require 'test/unit'
|
|
1
|
+
require File.dirname(__FILE__) + '/test_helper'
|
|
3
2
|
require 'oauth/consumer'
|
|
4
3
|
require 'oauth/signature/rsa/sha1'
|
|
4
|
+
require 'stringio'
|
|
5
5
|
|
|
6
6
|
|
|
7
7
|
# This performs testing against Andy Smith's test server http://term.ie/oauth/example/
|
|
@@ -13,6 +13,7 @@ class ConsumerTest < Test::Unit::TestCase
|
|
|
13
13
|
'consumer_key_86cad9', '5888bf0345e5d237',
|
|
14
14
|
{
|
|
15
15
|
:site=>"http://blabla.bla",
|
|
16
|
+
:proxy=>"http://user:password@proxy.bla:8080",
|
|
16
17
|
:request_token_path=>"/oauth/example/request_token.php",
|
|
17
18
|
:access_token_path=>"/oauth/example/access_token.php",
|
|
18
19
|
:authorize_path=>"/oauth/example/authorize.php",
|
|
@@ -31,6 +32,7 @@ class ConsumerTest < Test::Unit::TestCase
|
|
|
31
32
|
assert_equal "consumer_key_86cad9",@consumer.key
|
|
32
33
|
assert_equal "5888bf0345e5d237",@consumer.secret
|
|
33
34
|
assert_equal "http://blabla.bla",@consumer.site
|
|
35
|
+
assert_equal "http://user:password@proxy.bla:8080",@consumer.proxy
|
|
34
36
|
assert_equal "/oauth/example/request_token.php",@consumer.request_token_path
|
|
35
37
|
assert_equal "/oauth/example/access_token.php",@consumer.access_token_path
|
|
36
38
|
assert_equal "http://blabla.bla/oauth/example/request_token.php",@consumer.request_token_url
|
|
@@ -50,6 +52,7 @@ class ConsumerTest < Test::Unit::TestCase
|
|
|
50
52
|
assert_equal "key",@consumer.key
|
|
51
53
|
assert_equal "secret",@consumer.secret
|
|
52
54
|
assert_equal "http://twitter.com",@consumer.site
|
|
55
|
+
assert_nil @consumer.proxy
|
|
53
56
|
assert_equal "/oauth/request_token",@consumer.request_token_path
|
|
54
57
|
assert_equal "/oauth/access_token",@consumer.access_token_path
|
|
55
58
|
assert_equal "http://twitter.com/oauth/request_token",@consumer.request_token_url
|
|
@@ -144,7 +147,7 @@ class ConsumerTest < Test::Unit::TestCase
|
|
|
144
147
|
|
|
145
148
|
assert_equal 'POST', request.method
|
|
146
149
|
assert_equal '/test', request.path
|
|
147
|
-
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=
|
|
150
|
+
assert_equal "key=value&oauth_consumer_key=consumer_key_86cad9&oauth_nonce=225579211881198842005988698334675835446&oauth_signature=26g7wHTtNO6ZWJaLltcueppHYiI%3d&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1199645624&oauth_token=token_411a7f&oauth_version=1.0", request.body.split("&").sort.join("&")
|
|
148
151
|
assert_equal nil, request['authorization']
|
|
149
152
|
end
|
|
150
153
|
|
|
@@ -164,7 +167,7 @@ class ConsumerTest < Test::Unit::TestCase
|
|
|
164
167
|
assert_equal "OAuth oauth_nonce=\"225579211881198842005988698334675835446\", oauth_signature_method=\"HMAC-SHA1\", oauth_token=\"token_411a7f\", oauth_timestamp=\"1199645624\", oauth_consumer_key=\"consumer_key_86cad9\", oauth_signature=\"26g7wHTtNO6ZWJaLltcueppHYiI%3D\", oauth_version=\"1.0\"".split(', ').sort, request['authorization'].split(', ').sort
|
|
165
168
|
end
|
|
166
169
|
|
|
167
|
-
def
|
|
170
|
+
def test_that_signing_post_params_works_2
|
|
168
171
|
request=@consumer.create_signed_request(:post,@request_uri.path,@token,{:scheme => 'body', :nonce => @nonce, :timestamp => @timestamp},@request_parameters,{})
|
|
169
172
|
|
|
170
173
|
assert_equal 'POST', request.method
|
|
@@ -319,10 +322,43 @@ class ConsumerTest < Test::Unit::TestCase
|
|
|
319
322
|
debug)
|
|
320
323
|
end
|
|
321
324
|
|
|
325
|
+
def test_post_with_body_stream
|
|
326
|
+
@consumer=OAuth::Consumer.new(
|
|
327
|
+
"key",
|
|
328
|
+
"secret",
|
|
329
|
+
{
|
|
330
|
+
:site=>"http://term.ie",
|
|
331
|
+
:request_token_path=>"/oauth/example/request_token.php",
|
|
332
|
+
:access_token_path=>"/oauth/example/access_token.php",
|
|
333
|
+
:authorize_path=>"/oauth/example/authorize.php"
|
|
334
|
+
})
|
|
335
|
+
|
|
336
|
+
|
|
337
|
+
@request_token=@consumer.get_request_token
|
|
338
|
+
@access_token=@request_token.get_access_token
|
|
339
|
+
|
|
340
|
+
request_body_string = "Hello, hello, hello"
|
|
341
|
+
request_body_stream = StringIO.new( request_body_string )
|
|
342
|
+
|
|
343
|
+
@response=@access_token.post("/oauth/example/echo_api.php",request_body_stream)
|
|
344
|
+
assert_not_nil @response
|
|
345
|
+
assert_equal "200",@response.code
|
|
346
|
+
|
|
347
|
+
request_body_file = File.open(__FILE__)
|
|
348
|
+
|
|
349
|
+
@response=@access_token.post("/oauth/example/echo_api.php",request_body_file)
|
|
350
|
+
assert_not_nil @response
|
|
351
|
+
assert_equal "200",@response.code
|
|
352
|
+
|
|
353
|
+
# unfortunately I don't know of a way to test that the body data was received correctly since the test server at http://term.ie
|
|
354
|
+
# echos back any non-oauth parameters but not the body. However, this does test that the request is still correctly signed
|
|
355
|
+
# (including the Content-Length header) and that the server received Content-Length bytes of body since it won't process the
|
|
356
|
+
# request & respond until the full body length is received.
|
|
357
|
+
end
|
|
358
|
+
|
|
322
359
|
protected
|
|
323
360
|
|
|
324
361
|
def request_parameters_to_s
|
|
325
362
|
@request_parameters.map { |k,v| "#{k}=#{v}" }.join("&")
|
|
326
363
|
end
|
|
327
|
-
|
|
328
364
|
end
|