monkeyhelper-oauth 0.3.1 → 0.3.5

data/History.txt

@@ -1,8 +1,50 @@
-== 0.3.1
+== 0.3.5 2009-06-03
 
-* Michael Wood identified a problem with relative and absolute token request paths. This should now be fixed and is tested for both cases.
+* `query` CLI command to access protected resources (Seth)
+* Added -H, -Q CLI options for specifying the authorization scheme (Seth)
+* Added -O CLI option for specifying a file containing options (Seth)
+* Support streamable body contents for large request bodies (Seth Cousins)
+* Support for OAuth 1.0a (Seth)
+* Added proxy support to OAuth::Consumer (Marshall Huss)
+* Added --scope CLI option for Google's 'scope' parameter (Seth)
 
-== 0.3.0
+== 0.3.4 2009-05-06
+
+* OAuth::Client::Helper uses OAuth::VERSION (chadisfaction)
+* Fix OAuth::RequestProxy::ActionControllerRequest's handling of params
+  (Tristan Groléat)
+
+== 0.3.3 2009-05-04
+
+* Corrected OAuth XMPP namespace (Seth)
+* Improved error handling for invalid Authorization headers (Matt Sanford)
+* Fixed signatures for non-ASCII under $KCODE other than 'u' (Matt Sanford)
+* Fixed edge cases in ActionControllerRequestProxy where params were being
+  incorrectly signed (Marcos Wright Kuhns)
+* Support for arguments in OAuth::Consumer#get_access_token (Matt Sanford)
+* Add gem version to user-agent header (Matt Sanford)
+* Handle input from aggressive form encoding libraries (Matt Wood)
+
+== 0.3.2 2009-03-23
+
+* 2xx statuses should be treated as success (Anders Conbere)
+* Support applications using the MethodOverride Rack middleware (László Bácsi)
+* `authorize` command for `oauth` CLI (Seth)
+* Initial support for Problem Reporting extension (Seth)
+* Verify SSL certificates if CA certificates are available (Seth)
+* Fixed ActionController parameter escaping behavior (Thiago Arrais, László
+  Bácsi, Brett Gibson, et al)
+* Fixed signature calculation when both options and a block were provided to
+  OAuth::Signature::Base#initialize (Seth)
+* Added help to the 'oauth' CLI (Seth)
+* Fixed a problem when attempting to normalize MockRequest URIs (Seth)
+
+== 0.3.1 2009-1-26
+
+* Fixed a problem with relative and absolute token request paths. (Michael
+  Wood)
+
+== 0.3.0 2009-1-25
 
 * Support ActionController::Request from Edge Rails (László Bácsi)
 * Correctly handle multi-valued parameters (Seth)
@@ -15,23 +57,25 @@
 * Improved test-cases and compatibility for encoding issues. (Pelle)
 
 == 0.2.7 2008-9-10 The lets fix the last release release
-Fix in plain text signatures to bug found by Andrew Arrow. Who contributed new new unit tests for plain text sigs.
 
-There was an error in the RSA requests using oauth tokens. Thanks to Philip Lipu Tsai for noticing this.
+* Fixed plain text signatures (Andrew Arrow)
+* Fixed RSA requests using OAuthTokens. (Philip Lipu Tsai)
 
 == 0.2.6 2008-9-9 The lets RSA release
 
-- Bill Kocik's fix for Ruby 1.8.7
-- Fixed rsa verification, so you can actually create an OAuth server yourself now using Ruby and RSA
-- Added better testing for RSA
-- Fixed issue where token was being included for rsa signatures
-- Chris Mear added support for a private_key_file option for rsa signatures 
-- Scott Hill fixed several edge cases where parameters were incorrectly being signed
-- Patch from choonkeat fixing a problem with rsa signing.
+* Improved support for Ruby 1.8.7 (Bill Kocik)
+* Fixed RSA verification to support RSA providers
+  now using Ruby and RSA
+* Improved RSA testing
+* Omit token when signing with RSA
+* Added support for 'private_key_file' option for RSA signatures (Chris Mear)
+* Fixed several edge cases where params were being incorrectly signed (Scott
+  Hill)
+* Fixed RSA signing (choonkeat)
 
 == 0.2.2 2008-2-22 Lets actually support SSL release
 
-It didn't actually use https when required.
+* Use HTTPS when required.
 
 == 0.2 2008-1-19 All together now release
 
@@ -39,10 +83,11 @@ This is a big release, where we have merged the efforts of various parties into
 
 == 0.1.2 2007-12-1
 
-* 1 Fixed a problem where incoming request didn't check whether oauth parameters where missing. While not giving unauthorized access it did cause extra processing where not necessary.
-* 2 Includes Pat's fix for getting the realm out.
+* Fixed checks for missing OAuth params to improve performance
+* Includes Pat's fix for getting the realm out.
 
 == 0.1.1 2007-11-26
 
-* 1 First release as a GEM
-  * Moved all non rails functions into this GEM from the Rails plugin http://code.google.com/p/oauth-plugin/
+* First release as a GEM
+* Moved all non-Rails functionality from the Rails plugin:
+  http://code.google.com/p/oauth-plugin/

data/Manifest.txt

@@ -5,13 +5,19 @@ README.rdoc
 Rakefile
 TODO
 bin/oauth
+examples/yql.rb
 lib/oauth.rb
+lib/oauth/oauth.rb
 lib/oauth/cli.rb
 lib/oauth/client.rb
 lib/oauth/client/action_controller_request.rb
 lib/oauth/client/helper.rb
 lib/oauth/client/net_http.rb
 lib/oauth/consumer.rb
+lib/oauth/errors.rb
+lib/oauth/errors/error.rb
+lib/oauth/errors/problem.rb
+lib/oauth/errors/unauthorized.rb
 lib/oauth/helper.rb
 lib/oauth/oauth_test_helper.rb
 lib/oauth/request_proxy.rb
@@ -34,13 +40,17 @@ lib/oauth/signature/plaintext.rb
 lib/oauth/signature/rsa/sha1.rb
 lib/oauth/signature/sha1.rb
 lib/oauth/token.rb
+lib/oauth/tokens/access_token.rb
+lib/oauth/tokens/consumer_token.rb
+lib/oauth/tokens/request_token.rb
+lib/oauth/tokens/server_token.rb
+lib/oauth/tokens/token.rb
 lib/oauth/version.rb
 oauth.gemspec
 script/destroy
 script/generate
 script/txt2html
 setup.rb
-specs.txt
 tasks/deployment.rake
 tasks/environment.rake
 tasks/website.rake
@@ -51,13 +61,16 @@ test/cases/spec/1_0-final/test_parameter_encodings.rb
 test/cases/spec/1_0-final/test_signature_base_strings.rb
 test/keys/rsa.cert
 test/keys/rsa.pem
+test/test_access_token.rb
 test/test_action_controller_request_proxy.rb
 test/test_consumer.rb
 test/test_helper.rb
 test/test_hmac_sha1.rb
 test/test_net_http_client.rb
 test/test_net_http_request_proxy.rb
+test/test_oauth_helper.rb
 test/test_rack_request_proxy.rb
+test/test_request_token.rb
 test/test_rsa_sha1.rb
 test/test_server.rb
 test/test_signature.rb

data/README.rdoc

@@ -12,7 +12,7 @@ See the OAuth specs http://oauth.net/core/1.0/
 
 You can also install it from the oauth rubyforge project http://rubyforge.org/projects/oauth/.
 
-The source code is now hosted on the OAuth GitHub Project http://github.com/pelle/oauth/tree/master
+The source code is now hosted on the OAuth GitHub Project http://github.com/mojodna/oauth
 
 == The basics
 
@@ -24,20 +24,18 @@ As a matter of fact it has been pulled out from an OAuth Rails Plugin http://cod
 
 Create a new consumer instance by passing it a configuration hash:
 
-  @consumer=OAuth::Consumer.new( "key","secret", {
-    :site=>"https://agree2"
-    })
+  @consumer = OAuth::Consumer.new("key","secret", :site => "https://agree2")
 
 Start the process by requesting a token
 
-  @request_token=@consumer.get_request_token
-  session[:request_token]=@request_token
+  @request_token = @consumer.get_request_token
+  session[:request_token] = @request_token
   redirect_to @request_token.authorize_url
 
 When user returns create an access_token
 
-  @access_token=@request_token.get_access_token
-  @photos=@access_token.get('/photos.xml')
+  @access_token = @request_token.get_access_token
+  @photos = @access_token.get('/photos.xml')
 
 For more detailed instructions I have written this OAuth Client Tutorial http://stakeventures.com/articles/2008/02/23/developing-oauth-clients-in-ruby and "How to turn your rails site into an OAuth Provider ":http://stakeventures.com/articles/2007/11/26/how-to-turn-your-rails-site-into-an-oauth-provider .
 
@@ -59,7 +57,7 @@ http://groups.google.com/group/oauth-ruby
 
 Read the "8 steps for fixing other people's code" http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/.
 
-The source code is now hosted on the OAuth GitHub Project http://github.com/pelle/oauth/tree/master
+The source code is now hosted on the OAuth GitHub Project http://github.com/mojodna/oauth
 
 To submit a patch, please fork the oauth project and create a patch with tests. Once you're happy with it send a pull request and post a message to the google group.
 

data/Rakefile

@@ -6,21 +6,23 @@ require 'oauth/version'
 # Generate all the Rake tasks
 # Run 'rake -T' to see list of generated tasks (from gem root directory)
 $hoe = Hoe.new('oauth', OAuth::VERSION) do |p|
-  p.author = ['Pelle Braendgaard','Blaine Cook','Larry Halff','Jesse Clark','Jon Crosby', 'Seth Fitzsimmons']  
-  p.email = "pelleb@gmail.com"
+  p.author = ['Pelle Braendgaard','Blaine Cook','Larry Halff','Jesse Clark','Jon Crosby', 'Seth Fitzsimmons']
+  p.email = "oauth-ruby@googlegroups.com"
   p.description = "OAuth Core Ruby implementation"
   p.summary = p.description
   p.changes              = p.paragraphs_of("History.txt", 0..1).join("\n\n")
   p.rubyforge_name       = p.name # TODO this is default value
   p.url = "http://oauth.rubyforge.org"
-  
+
   p.extra_deps         = [
     ['ruby-hmac','>= 0.3.1']
   ]
   p.extra_dev_deps = [
-    ['newgem', ">= #{::Newgem::VERSION}"]
+    ['newgem', ">= #{::Newgem::VERSION}"],
+    ['actionpack'],
+    ['rack']
   ]
-  
+
   p.clean_globs |= %w[**/.DS_Store tmp *.log **/.*.sw? *.gem .config **/.DS_Store]
   path = (p.rubyforge_name == p.name) ? p.rubyforge_name : "\#{p.rubyforge_name}/\#{p.name}"
   p.remote_rdoc_dir = File.join(path.gsub(/^#{p.rubyforge_name}\/?/,''), 'rdoc')

data/TODO

@@ -12,3 +12,20 @@ Common use-cases should be streamlined:
   errors, if available).
 * I want to host an OAuth-enabled web service.
 * I want to test my OAuth-enabled web service (i.e. test helpers)
+
+Example applications for:
+* Ning
+* Fire Eagle
+* Google (blogger, contacts)
+* Twitter
+* YOS / YQL
+* Netflix
+
+In addition to providing best practices of use, these can also be part of
+the pre-release checks to make sure that there have been no regressions.
+
+Random TODOs:
+* finish CLI
+* sensible Exception hierarchy
+* Tokens as Modules
+* don't tie to Net::HTTP

data/bin/oauth

@@ -1,5 +1,5 @@
-#!/usr/bin/env ruby
+#!/usr/bin/env ruby -w -rubygems
 
 require "oauth/cli"
 
-OAuth::CLI.execute(STDOUT, ARGV)
+OAuth::CLI.execute(STDOUT, STDIN, STDERR, ARGV)

data/examples/yql.rb

@@ -0,0 +1,44 @@
+#!/usr/bin/env ruby -rubygems
+
+# Sample queries:
+#  ./yql.rb --consumer-key <key> --consumer-secret <secret> "show tables"
+#  ./yql.rb --consumer-key <key> --consumer-secret <secret> "select * from flickr.photos.search where text='Cat' limit 10"
+
+require 'oauth'
+require 'optparse'
+require 'json'
+require 'pp'
+
+options = {}
+
+option_parser = OptionParser.new do |opts|
+  opts.banner = "Usage: #{$0} [options] <query>"
+
+  opts.on("--consumer-key KEY", "Specifies the consumer key to use.") do |v|
+    options[:consumer_key] = v
+  end
+
+  opts.on("--consumer-secret SECRET", "Specifies the consumer secret to use.") do |v|
+    options[:consumer_secret] = v
+  end
+end
+
+option_parser.parse!
+query = ARGV.pop
+query = STDIN.read if query == "-"
+
+if options[:consumer_key].nil? || options[:consumer_secret].nil? || query.nil?
+  puts option_parser.help
+  exit 1
+end
+
+consumer = OAuth::Consumer.new \
+  options[:consumer_key],
+  options[:consumer_secret],
+  :site => "http://query.yahooapis.com"
+
+access_token = OAuth::AccessToken.new(consumer)
+
+response = access_token.request(:get, "/v1/yql?q=#{OAuth::Helper.escape(query)}&format=json")
+rsp = JSON.parse(response.body)
+pp rsp