motionauth-oauth2 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 33ca9a665850734bf3aac09d9f7ad5012fa46e07
+  data.tar.gz: 6d20804fc4e3fe933d710b4c53c6a239784e12e3
+SHA512:
+  metadata.gz: 626b2c6d29b18a64cc1df408dc3d3257918b22d4501eb41a8aee016bff09303822227b4261aa10cc46515af759ddc0af2226e437e51354d9ab50da207ec70e18
+  data.tar.gz: df77baee7c62d81b5e2a700aa830493e7657fb9d7b80cbf8f13eaa4154662a2dc835bd39fedd4323a9c16fc16fafe3ccf57be58d0c244a4111175565e1a88699

data/README.md

@@ -0,0 +1,53 @@
+# MotionAuth-OAuth2
+
+[![Build Status](https://travis-ci.org/motionauth/oauth2.svg)](https://travis-ci.org/motionauth/oauth2)
+[![Code Climate](https://codeclimate.com/github/motionauth/oauth2/badges/gpa.svg)](https://codeclimate.com/github/motionauth/oauth2)
+
+A [RubyMotion](http://www.rubymotion.com) fork of the existing
+[OAuth2](https://github.com/intridea/oauth2) RubyGem that works for iOS and OS X.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem "motionauth-oauth2"
+```
+
+And then execute:
+
+```bash
+$ bundle
+```
+
+Or install it yourself as:
+
+```bash
+$ gem install motionauth-oauth2
+```
+
+## Usage Examples
+
+```ruby
+client = OAuth2::Client.new("client_id", "client_secret", site: "https://example.org")
+
+client.auth_code.authorize_url(redirect_uri: "http://localhost:8080/oauth2/callback")
+# => "https://example.org/oauth/authorization?response_type=code&client_id=client_id&redirect_uri=http://localhost:8080/oauth2/callback"
+
+token = client.auth_code.get_token(
+  "authorization_code_value",
+  redirect_uri: "http://localhost:8080/oauth2/callback",
+  headers:      { "Authorization" => "Basic some_password" }
+)
+response = token.get("/api/resource", params: { "query_foo" => "bar" })
+response.class.name
+# => OAuth2::Response
+```
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am "Add some feature"`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/lib/oauth2-cocoa/connection.rb

@@ -0,0 +1,158 @@
+module OAuth2
+  class Connection
+    class ConnectionError < StandardError; end
+
+    # Public: Initializes a new Faraday::Connection.
+    #
+    # url     - NSURL or String base URL to use as a prefix for all
+    #           requests (optional).
+    # options - Hash
+    #           :url     - NSURL or String base URL (default: "http:/").
+    #           :params  - Hash of URI query unencoded key/value pairs.
+    #           :headers - Hash of unencoded HTTP header key/value pairs.
+    #           :request - Hash of request options.
+    #           :ssl     - Hash of SSL options.
+    def initialize(url = nil, options = {})
+      if url.is_a?(Hash)
+        options = url.with_indifferent_access
+        url = options[:url]
+      else
+        options = options.with_indifferent_access
+      end
+
+      @headers = {}.with_indifferent_access
+      @options = {}.with_indifferent_access
+      @params  = {}.with_indifferent_access
+      @ssl     = {}.with_indifferent_access
+
+      url = NSURL.URLWithString(url) if url.is_a?(String)
+      self.url_prefix = url || NSURL.URLWithString("http:/")
+
+      @headers.update(options[:headers]) if options[:headers]
+      @options.update(options[:request]) if options[:request]
+      @params.update(options[:params])   if options[:params]
+      @ssl.update(options[:ssl])         if options[:ssl]
+
+      @headers[:user_agent] ||= "Motion-OAuth2 v#{Version}"
+    end
+
+    # Public: Takes a relative url for a request and combines it with the defaults
+    # set on the connection instance.
+    #
+    #   conn = OAuth2::Connection.new { ... }
+    #   conn.url_prefix = "https://sushi.com/api?token=abc"
+    #   conn.scheme      # => https
+    #   conn.path_prefix # => "/api"
+    #
+    #   conn.build_url("nigiri?page=2")      # => https://sushi.com/api/nigiri?token=abc&page=2
+    #   conn.build_url("nigiri", :page => 2) # => https://sushi.com/api/nigiri?token=abc&page=2
+    #
+    def build_url(url = nil, extra_params = nil)
+      url = url.absoluteString if url.is_a?(NSURL)
+      nsurl = NSURL.URLWithString(url, relativeToURL: self.url_prefix)
+      base_url = nsurl.absoluteString.gsub("?#{nsurl.query}", "")
+
+      url_params = Utils.params_from_query(nsurl.query)
+      query_values = params.dup.merge(url_params)
+      query_values.update(extra_params) if extra_params
+
+      if query_values.length > 0
+        query_string = Utils.query_from_params(query_values)
+        "#{base_url}?#{query_string}"
+      else
+        base_url
+      end
+    end
+
+    # The host of the URL
+    # @return [String]
+    def host
+      self.url_prefix.host
+    end
+
+    # Builds and runs the NSURLRequest.
+    #
+    # method  - The Symbol HTTP method.
+    # url     - The String or NSURL to access.
+    # body    - The String body
+    # headers - Hash of unencoded HTTP header key/value pairs.
+    # parse   - Response parse options @see Response::initialize
+    #
+    # Returns a OAuth2::Response.
+    def run_request(method, url, body, headers, parse)
+      unless METHODS.include?(method)
+        fail ArgumentError, "unknown http method: #{method}"
+      end
+
+      url = NSURL.URLWithString(url) if url.is_a?(String)
+      request = NSMutableURLRequest.requestWithURL(url)
+      request.setHTTPMethod(method)
+
+      if body
+        body = Utils.query_from_params(body) if body.is_a?(Hash)
+        request.setHTTPBody(body)
+      end
+
+      if headers
+        headers.each do |key, value|
+          request.addValue(value, forHTTPHeaderField: key)
+        end
+      end
+
+      response = Pointer.new(:object)
+      error = Pointer.new(:object)
+      data = NSURLConnection.sendSynchronousRequest(request, returningResponse: response, error: error)
+
+      if error[0]
+        if error[0].code == NSURLErrorUserCancelledAuthentication
+          return Response.new({
+            data:     nil,
+            error:    error[0],
+            headers:  {},
+            response: nil,
+            status:   401
+          }, {
+            parse: parse
+          })
+        else
+          fail ConnectionError, error[0].localizedDescription
+        end
+      end
+
+      Response.new({
+        data:     data,
+        headers:  response[0].allHeaderFields,
+        response: response[0],
+        status:   response[0].statusCode
+      }, {
+        parse: parse
+      })
+    end
+
+    # Public: Parses the giving url with URI and stores the individual
+    # components in this connection.  These components serve as defaults for
+    # requests made by this connection.
+    #
+    # url - A String or NSURL.
+    #
+    # Examples
+    #
+    #   conn = Faraday::Connection.new { ... }
+    #   conn.url_prefix = "https://sushi.com/api"
+    #   conn.scheme      # => https
+    #   conn.path_prefix # => "/api"
+    #
+    #   conn.get("nigiri?page=2") # accesses https://sushi.com/api/nigiri
+    #
+    # Returns the parsed URI from teh given input..
+    def url_prefix=(url)
+      url = NSURL.URLWithString(url) if url.is_a?(String)
+      @url_prefix = url
+
+      url_params = Utils.params_from_query(@url_prefix.query)
+      self.params = self.params.merge(url_params)
+
+      @url_prefix = NSURL.URLWithString(@url_prefix.absoluteString.gsub("?#{@url_prefix.query}", ""))
+    end
+  end
+end

data/lib/oauth2-cocoa/mac_token.rb

@@ -0,0 +1,58 @@
+module OAuth2
+  class MACToken < AccessToken
+    # Set the HMAC algorithm
+    #
+    # @param [String] alg the algorithm to use (one of 'hmac-sha-1', 'hmac-sha-256')
+    def algorithm=(alg)
+      @algorithm = begin
+        case alg.to_s
+        when "hmac-sha-1"
+          "hmacSha1:hmacKey"
+        when "hmac-sha-256"
+          "hmacSha256:hmacKey"
+        else
+          fail(ArgumentError, "Unsupported algorithm")
+        end
+      end
+    end
+
+    # Generate the Base64-encoded HMAC digest signature
+    #
+    # @param [Fixnum] timestamp the timestamp of the request in seconds since epoch
+    # @param [String] nonce the MAC header nonce
+    # @param [Symbol] verb the HTTP request method
+    # @param [String] url the HTTP URL path of the request
+    def signature(timestamp, nonce, verb, url)
+      nsurl = NSURL.URLWithString(url.to_s)
+      fail(ArgumentError, "could not parse \"#{url}\" into NSURL") unless nsurl.host
+
+      path = nsurl.path
+      path = "/" if path == ""
+
+      port = nsurl.port
+      port = nsurl.scheme == "https" ? 443 : 80 unless port
+
+      signature = [
+        timestamp,
+        nonce,
+        verb.to_s.upcase,
+        path,
+        nsurl.host,
+        port,
+        "", nil
+      ].join("\n")
+
+      digest = CocoaSecurity.send(algorithm, signature, secret)
+      digest.base64
+    end
+
+  private
+
+    def generate_nonce
+      timestamp = Time.now.utc.to_i
+      uuid = CFUUIDCreate(nil)
+      string = CFUUIDCreateString(nil, uuid)
+      CocoaSecurity.md5([timestamp, string].join(":")).hex
+    end
+  end
+end

data/lib/oauth2-cocoa/response.rb

@@ -0,0 +1,34 @@
+module OAuth2
+  class Response
+    attr_reader :body
+    attr_accessor :data, :headers, :response, :status
+
+    # Initializes a Response instance
+    #
+    # @param params [Hash]
+    # @option params [NSData] :data
+    # @option params [Hash] :headers
+    # @option params [Integer] :status
+    # @param data [NSData]
+    # @param opts [Hash] options in which to initialize the instance
+    # @option opts [Symbol] :parse (:automatic) how to parse the response body.  one of :query (for x-www-form-urlencoded),
+    #   :json, or :automatic (determined by Content-Type response header)
+    def initialize(params = {}, opts = {})
+      params.each do |key, value|
+        self.send("#{key}=", value)
+      end
+      @options = { parse: :automatic }.merge(opts)
+    end
+
+    # The HTTP response body
+    def body
+      return "" unless data.is_a?(NSData)
+      NSString.alloc.initWithData(data, encoding: NSUTF8StringEncoding)
+    end
+
+    # Attempts to determine the content type of the response.
+    def content_type
+      ((self.headers.values_at("content-type", "Content-Type").compact.first || "").split(";").first || "").strip
+    end
+  end
+end

data/lib/oauth2-cocoa/strategy/assertion.rb

@@ -0,0 +1,37 @@
+module OAuth2
+  module Strategy
+    # The Client Assertion Strategy
+    #
+    # @see http://tools.ietf.org/html/draft-ietf-oauth-v2-10#section-4.1.3
+    #
+    # Sample usage:
+    #   client = OAuth2::Client.new(client_id, client_secret,
+    #                               :site => 'http://localhost:8080')
+    #
+    #   params = {:hmac_secret => "some secret",
+    #             # or :private_key => "private key string",
+    #             :iss => "http://localhost:3001",
+    #             :prn => "me@here.com",
+    #             :exp => Time.now.utc.to_i + 3600}
+    #
+    #   access = client.assertion.get_token(params)
+    #   access.token                 # actual access_token string
+    #   access.get("/api/stuff")     # making api calls with access token in header
+    #
+    class Assertion < Base
+      def build_assertion(params)
+        claims = {
+          iss: params[:iss],
+          aud: params[:aud],
+          prn: params[:prn],
+          exp: params[:exp]
+        }
+        if params[:hmac_secret]
+          CocoaSecurity.hmacSha256(claims.to_s, hmacKey: params[:hmac_secret]).hex
+        elsif params[:private_key]
+          CocoaSecurity.hmacSha256(claims.to_s, hmacKey: params[:private_key]).hex
+        end
+      end
+    end
+  end
+end

data/lib/oauth2-cocoa/strategy/client_credentials.rb

@@ -0,0 +1,18 @@
+module OAuth2
+  module Strategy
+    # The Client Credentials Strategy
+    #
+    # @see http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.4
+    class ClientCredentials < Base
+      # Returns the Authorization header value for Basic Authentication
+      #
+      # @param [String] The client ID
+      # @param [String] the client secret
+      def authorization(client_id, client_secret)
+        encoder = CocoaSecurityEncoder.new
+        authorization = encoder.base64("#{client_id}:#{client_secret}".to_data).gsub("\n", "")
+        "Basic #{authorization}"
+      end
+    end
+  end
+end

data/lib/oauth2-cocoa/utils.rb

@@ -0,0 +1,63 @@
+module OAuth2
+  class Utils
+    class ParserError < StandardError; end
+
+    # Serialize a JSON object
+    # @return [String]
+    def self.serialize_json(obj)
+      NSJSONSerialization.dataWithJSONObject(obj, options: 0, error: nil).to_str
+    end
+
+    # Returns a Hash from a URL query string
+    # @param query [String]
+    # @return [Hash]
+    def self.params_from_query(query)
+      query ||= ""
+      key_values = query.split("&")
+      hash = {}
+
+      key_values.each do |key_value|
+        key_value = key_value.split("=")
+        hash[key_value[0].to_sym] = key_value[1]
+      end
+
+      hash.with_indifferent_access
+    end
+
+    # Parses a string or data object and converts it in data structure.
+    #
+    # @param [String, NSData] str_data the string or data to serialize.
+    # @raise [ParserError] If the parsing of the passed string/data isn't valid.
+    # @return [Hash, Array, NilClass] the converted data structure, nil if the incoming string isn't valid.
+    def self.parse_json(str_data, &block)
+      return nil unless str_data
+      data = str_data.respond_to?("dataUsingEncoding:") ? str_data.dataUsingEncoding(NSUTF8StringEncoding) : str_data
+      opts = NSJSONReadingMutableContainers | NSJSONReadingMutableLeaves | NSJSONReadingAllowFragments
+      error = Pointer.new(:id)
+      obj = NSJSONSerialization.JSONObjectWithData(data, options: opts, error: error)
+      fail ParserError, error[0].description if error[0]
+      if block_given?
+        yield obj
+      else
+        obj
+      end
+    end
+
+    # Returns a URL query string from a params Hash
+    # @param params [Hash]
+    # @return [String]
+    def self.query_from_params(params)
+      key_values = []
+      params.each do |key, value|
+        value = value.to_s.stringByAddingPercentEscapesUsingEncoding(NSUTF8StringEncoding)
+        key_values << "#{key}=#{value}"
+      end
+
+      if key_values.length > 0
+        "#{key_values.join('&')}"
+      else
+        ""
+      end
+    end
+  end
+end

data/lib/oauth2.rb

@@ -0,0 +1,23 @@
+# encoding: utf-8
+require "motion-cocoapods"
+require "motion-support/core_ext/hash"
+
+unless defined?(Motion::Project::Config)
+  fail "This file must be required within a RubyMotion project Rakefile."
+end
+
+lib_dir_path = File.dirname(File.expand_path(__FILE__))
+Motion::Project::App.setup do |app|
+  # Load shared files
+  app.files.unshift(Dir.glob(File.join(lib_dir_path, "oauth2/**/*.rb")))
+
+  # Load files shared by Cocoa platforms
+  case app.template
+  when :ios, :osx
+    app.files.unshift(Dir.glob(File.join(lib_dir_path, "oauth2-cocoa/**/*.rb")))
+  end
+
+  app.pods do
+    pod "CocoaSecurity", "~> 1.2"
+  end
+end