motionbox-oauth 0.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (88) hide show
  1. data/.gemtest +0 -0
  2. data/Gemfile +16 -0
  3. data/Gemfile.lock +46 -0
  4. data/HISTORY +160 -0
  5. data/LICENSE +20 -0
  6. data/README.rdoc +75 -0
  7. data/Rakefile +37 -0
  8. data/TODO +32 -0
  9. data/bin/oauth +5 -0
  10. data/examples/yql.rb +44 -0
  11. data/lib/digest/hmac.rb +104 -0
  12. data/lib/oauth.rb +13 -0
  13. data/lib/oauth/cli.rb +378 -0
  14. data/lib/oauth/client.rb +4 -0
  15. data/lib/oauth/client/action_controller_request.rb +65 -0
  16. data/lib/oauth/client/em_http.rb +124 -0
  17. data/lib/oauth/client/helper.rb +91 -0
  18. data/lib/oauth/client/net_http.rb +120 -0
  19. data/lib/oauth/consumer.rb +382 -0
  20. data/lib/oauth/core_ext.rb +31 -0
  21. data/lib/oauth/errors.rb +3 -0
  22. data/lib/oauth/errors/error.rb +4 -0
  23. data/lib/oauth/errors/problem.rb +14 -0
  24. data/lib/oauth/errors/unauthorized.rb +12 -0
  25. data/lib/oauth/helper.rb +88 -0
  26. data/lib/oauth/oauth.rb +13 -0
  27. data/lib/oauth/oauth_test_helper.rb +25 -0
  28. data/lib/oauth/request_proxy.rb +24 -0
  29. data/lib/oauth/request_proxy/action_controller_request.rb +62 -0
  30. data/lib/oauth/request_proxy/base.rb +174 -0
  31. data/lib/oauth/request_proxy/curb_request.rb +55 -0
  32. data/lib/oauth/request_proxy/em_http_request.rb +74 -0
  33. data/lib/oauth/request_proxy/jabber_request.rb +41 -0
  34. data/lib/oauth/request_proxy/mock_request.rb +44 -0
  35. data/lib/oauth/request_proxy/net_http.rb +72 -0
  36. data/lib/oauth/request_proxy/rack_request.rb +44 -0
  37. data/lib/oauth/request_proxy/typhoeus_request.rb +53 -0
  38. data/lib/oauth/server.rb +66 -0
  39. data/lib/oauth/signature.rb +45 -0
  40. data/lib/oauth/signature/base.rb +110 -0
  41. data/lib/oauth/signature/hmac/base.rb +15 -0
  42. data/lib/oauth/signature/hmac/md5.rb +8 -0
  43. data/lib/oauth/signature/hmac/rmd160.rb +8 -0
  44. data/lib/oauth/signature/hmac/sha1.rb +9 -0
  45. data/lib/oauth/signature/hmac/sha2.rb +8 -0
  46. data/lib/oauth/signature/md5.rb +13 -0
  47. data/lib/oauth/signature/plaintext.rb +23 -0
  48. data/lib/oauth/signature/rsa/sha1.rb +46 -0
  49. data/lib/oauth/signature/sha1.rb +13 -0
  50. data/lib/oauth/token.rb +7 -0
  51. data/lib/oauth/tokens/access_token.rb +71 -0
  52. data/lib/oauth/tokens/consumer_token.rb +33 -0
  53. data/lib/oauth/tokens/request_token.rb +32 -0
  54. data/lib/oauth/tokens/server_token.rb +9 -0
  55. data/lib/oauth/tokens/token.rb +17 -0
  56. data/oauth.gemspec +150 -0
  57. data/tasks/deployment.rake +34 -0
  58. data/tasks/environment.rake +7 -0
  59. data/tasks/website.rake +17 -0
  60. data/test/cases/oauth_case.rb +19 -0
  61. data/test/cases/spec/1_0-final/test_construct_request_url.rb +62 -0
  62. data/test/cases/spec/1_0-final/test_normalize_request_parameters.rb +88 -0
  63. data/test/cases/spec/1_0-final/test_parameter_encodings.rb +86 -0
  64. data/test/cases/spec/1_0-final/test_signature_base_strings.rb +77 -0
  65. data/test/integration/consumer_test.rb +307 -0
  66. data/test/keys/rsa.cert +11 -0
  67. data/test/keys/rsa.pem +16 -0
  68. data/test/test_access_token.rb +26 -0
  69. data/test/test_action_controller_request_proxy.rb +133 -0
  70. data/test/test_consumer.rb +171 -0
  71. data/test/test_curb_request_proxy.rb +77 -0
  72. data/test/test_em_http_client.rb +80 -0
  73. data/test/test_em_http_request_proxy.rb +115 -0
  74. data/test/test_helper.rb +26 -0
  75. data/test/test_hmac_sha1.rb +20 -0
  76. data/test/test_net_http_client.rb +280 -0
  77. data/test/test_net_http_request_proxy.rb +72 -0
  78. data/test/test_oauth_helper.rb +71 -0
  79. data/test/test_rack_request_proxy.rb +40 -0
  80. data/test/test_request_token.rb +51 -0
  81. data/test/test_rsa_sha1.rb +59 -0
  82. data/test/test_server.rb +40 -0
  83. data/test/test_signature.rb +22 -0
  84. data/test/test_signature_base.rb +32 -0
  85. data/test/test_signature_plain_text.rb +31 -0
  86. data/test/test_token.rb +14 -0
  87. data/test/test_typhoeus_request_proxy.rb +80 -0
  88. metadata +284 -0
@@ -0,0 +1,104 @@
1
+ # = digest/hmac.rb
2
+ #
3
+ # An implementation of HMAC keyed-hashing algorithm
4
+ #
5
+ # == Overview
6
+ #
7
+ # This library adds a method named hmac() to Digest classes, which
8
+ # creates a Digest class for calculating HMAC digests.
9
+ #
10
+ # == Examples
11
+ #
12
+ # require 'digest/hmac'
13
+ #
14
+ # # one-liner example
15
+ # puts Digest::HMAC.hexdigest("data", "hash key", Digest::SHA1)
16
+ #
17
+ # # rather longer one
18
+ # hmac = Digest::HMAC.new("foo", Digest::RMD160)
19
+ #
20
+ # buf = ""
21
+ # while stream.read(16384, buf)
22
+ # hmac.update(buf)
23
+ # end
24
+ #
25
+ # puts hmac.bubblebabble
26
+ #
27
+ # == License
28
+ #
29
+ # Copyright (c) 2006 Akinori MUSHA <knu@iDaemons.org>
30
+ #
31
+ # Documentation by Akinori MUSHA
32
+ #
33
+ # All rights reserved. You can redistribute and/or modify it under
34
+ # the same terms as Ruby.
35
+ #
36
+ # $Id: hmac.rb 14881 2008-01-04 07:26:14Z akr $
37
+ #
38
+
39
+ require 'digest'
40
+
41
+ unless defined?(Digest::HMAC)
42
+ module Digest
43
+ class HMAC < Digest::Class
44
+ def initialize(key, digester)
45
+ @md = digester.new
46
+
47
+ block_len = @md.block_length
48
+
49
+ if key.bytesize > block_len
50
+ key = @md.digest(key)
51
+ end
52
+
53
+ ipad = Array.new(block_len).fill(0x36)
54
+ opad = Array.new(block_len).fill(0x5c)
55
+
56
+ key.bytes.each_with_index { |c, i|
57
+ ipad[i] ^= c
58
+ opad[i] ^= c
59
+ }
60
+
61
+ @key = key.freeze
62
+ @ipad = ipad.inject('') { |s, c| s << c.chr }.freeze
63
+ @opad = opad.inject('') { |s, c| s << c.chr }.freeze
64
+ @md.update(@ipad)
65
+ end
66
+
67
+ def initialize_copy(other)
68
+ @md = other.instance_eval { @md.clone }
69
+ end
70
+
71
+ def update(text)
72
+ @md.update(text)
73
+ self
74
+ end
75
+ alias << update
76
+
77
+ def reset
78
+ @md.reset
79
+ @md.update(@ipad)
80
+ self
81
+ end
82
+
83
+ def finish
84
+ d = @md.digest!
85
+ @md.update(@opad)
86
+ @md.update(d)
87
+ @md.digest!
88
+ end
89
+ private :finish
90
+
91
+ def digest_length
92
+ @md.digest_length
93
+ end
94
+
95
+ def block_length
96
+ @md.block_length
97
+ end
98
+
99
+ def inspect
100
+ sprintf('#<%s: key=%s, digest=%s>', self.class.name, @key.inspect, @md.inspect.sub(/^\#<(.*)>$/) { $1 });
101
+ end
102
+ end
103
+ end
104
+ end
@@ -0,0 +1,13 @@
1
+ $LOAD_PATH << File.dirname(__FILE__) unless $LOAD_PATH.include?(File.dirname(__FILE__))
2
+
3
+ module OAuth
4
+ VERSION = "0.4.5"
5
+ end
6
+
7
+ require 'oauth/oauth'
8
+ require 'oauth/core_ext'
9
+
10
+ require 'oauth/client/helper'
11
+ require 'oauth/signature/hmac/sha1'
12
+ require 'oauth/signature/rsa/sha1'
13
+ require 'oauth/request_proxy/mock_request'
@@ -0,0 +1,378 @@
1
+ require 'optparse'
2
+ require 'oauth'
3
+
4
+ module OAuth
5
+ class CLI
6
+ SUPPORTED_COMMANDS = {
7
+ "authorize" => "Obtain an access token and secret for a user",
8
+ "debug" => "Verbosely generate an OAuth signature",
9
+ "query" => "Query a protected resource",
10
+ "sign" => "Generate an OAuth signature",
11
+ "version" => "Display the current version of the library"
12
+ }
13
+
14
+ attr_reader :command
15
+ attr_reader :options
16
+ attr_reader :stdout, :stdin
17
+
18
+ def self.execute(stdout, stdin, stderr, arguments = [])
19
+ self.new.execute(stdout, stdin, stderr, arguments)
20
+ end
21
+
22
+ def initialize
23
+ @options = {}
24
+
25
+ # don't dump a backtrace on a ^C
26
+ trap(:INT) {
27
+ exit
28
+ }
29
+ end
30
+
31
+ def execute(stdout, stdin, stderr, arguments = [])
32
+ @stdout = stdout
33
+ @stdin = stdin
34
+ @stderr = stderr
35
+ extract_command_and_parse_options(arguments)
36
+
37
+ if sufficient_options? && valid_command?
38
+ if command == "debug"
39
+ @command = "sign"
40
+ @options[:verbose] = true
41
+ end
42
+
43
+ case command
44
+ # TODO move command logic elsewhere
45
+ when "authorize"
46
+ begin
47
+ consumer = OAuth::Consumer.new \
48
+ options[:oauth_consumer_key],
49
+ options[:oauth_consumer_secret],
50
+ :access_token_url => options[:access_token_url],
51
+ :authorize_url => options[:authorize_url],
52
+ :request_token_url => options[:request_token_url],
53
+ :scheme => options[:scheme],
54
+ :http_method => options[:method].to_s.downcase.to_sym
55
+
56
+ # parameters for OAuth 1.0a
57
+ oauth_verifier = nil
58
+
59
+ # get a request token
60
+ request_token = consumer.get_request_token({ :oauth_callback => options[:oauth_callback] }, { "scope" => options[:scope] })
61
+
62
+ if request_token.callback_confirmed?
63
+ stdout.puts "Server appears to support OAuth 1.0a; enabling support."
64
+ options[:version] = "1.0a"
65
+ end
66
+
67
+ stdout.puts "Please visit this url to authorize:"
68
+ stdout.puts request_token.authorize_url
69
+
70
+ if options[:version] == "1.0a"
71
+ stdout.puts "Please enter the verification code provided by the SP (oauth_verifier):"
72
+ oauth_verifier = stdin.gets.chomp
73
+ else
74
+ stdout.puts "Press return to continue..."
75
+ stdin.gets
76
+ end
77
+
78
+ begin
79
+ # get an access token
80
+ access_token = request_token.get_access_token(:oauth_verifier => oauth_verifier)
81
+
82
+ stdout.puts "Response:"
83
+ access_token.params.each do |k,v|
84
+ stdout.puts " #{k}: #{v}" unless k.is_a?(Symbol)
85
+ end
86
+ rescue OAuth::Unauthorized => e
87
+ stderr.puts "A problem occurred while attempting to obtain an access token:"
88
+ stderr.puts e
89
+ stderr.puts e.request.body
90
+ end
91
+ rescue OAuth::Unauthorized => e
92
+ stderr.puts "A problem occurred while attempting to authorize:"
93
+ stderr.puts e
94
+ stderr.puts e.request.body
95
+ end
96
+ when "query"
97
+ consumer = OAuth::Consumer.new \
98
+ options[:oauth_consumer_key],
99
+ options[:oauth_consumer_secret],
100
+ :scheme => options[:scheme]
101
+
102
+ access_token = OAuth::AccessToken.new(consumer, options[:oauth_token], options[:oauth_token_secret])
103
+
104
+ # append params to the URL
105
+ uri = URI.parse(options[:uri])
106
+ params = prepare_parameters.map { |k,v| v.map { |v2| "#{URI.encode(k)}=#{URI.encode(v2)}" } * "&" }
107
+ uri.query = [uri.query, *params].reject { |x| x.nil? } * "&"
108
+ p uri.to_s
109
+
110
+ response = access_token.request(options[:method].downcase.to_sym, uri.to_s)
111
+ puts "#{response.code} #{response.message}"
112
+ puts response.body
113
+ when "sign"
114
+ parameters = prepare_parameters
115
+
116
+ request = OAuth::RequestProxy.proxy \
117
+ "method" => options[:method],
118
+ "uri" => options[:uri],
119
+ "parameters" => parameters
120
+
121
+ if verbose?
122
+ stdout.puts "OAuth parameters:"
123
+ request.oauth_parameters.each do |k,v|
124
+ stdout.puts " " + [k, v] * ": "
125
+ end
126
+ stdout.puts
127
+
128
+ if request.non_oauth_parameters.any?
129
+ stdout.puts "Parameters:"
130
+ request.non_oauth_parameters.each do |k,v|
131
+ stdout.puts " " + [k, v] * ": "
132
+ end
133
+ stdout.puts
134
+ end
135
+ end
136
+
137
+ request.sign! \
138
+ :consumer_secret => options[:oauth_consumer_secret],
139
+ :token_secret => options[:oauth_token_secret]
140
+
141
+ if verbose?
142
+ stdout.puts "Method: #{request.method}"
143
+ stdout.puts "URI: #{request.uri}"
144
+ stdout.puts "Normalized params: #{request.normalized_parameters}" unless options[:xmpp]
145
+ stdout.puts "Signature base string: #{request.signature_base_string}"
146
+
147
+ if options[:xmpp]
148
+ stdout.puts
149
+ stdout.puts "XMPP Stanza:"
150
+ stdout.puts <<-EOS
151
+ <oauth xmlns='urn:xmpp:oauth:0'>
152
+ <oauth_consumer_key>#{request.oauth_consumer_key}</oauth_consumer_key>
153
+ <oauth_token>#{request.oauth_token}</oauth_token>
154
+ <oauth_signature_method>#{request.oauth_signature_method}</oauth_signature_method>
155
+ <oauth_signature>#{request.oauth_signature}</oauth_signature>
156
+ <oauth_timestamp>#{request.oauth_timestamp}</oauth_timestamp>
157
+ <oauth_nonce>#{request.oauth_nonce}</oauth_nonce>
158
+ <oauth_version>#{request.oauth_version}</oauth_version>
159
+ </oauth>
160
+ EOS
161
+ stdout.puts
162
+ stdout.puts "Note: You may want to use bare JIDs in your URI."
163
+ stdout.puts
164
+ else
165
+ stdout.puts "OAuth Request URI: #{request.signed_uri}"
166
+ stdout.puts "Request URI: #{request.signed_uri(false)}"
167
+ stdout.puts "Authorization header: #{request.oauth_header(:realm => options[:realm])}"
168
+ end
169
+ stdout.puts "Signature: #{request.oauth_signature}"
170
+ stdout.puts "Escaped signature: #{OAuth::Helper.escape(request.oauth_signature)}"
171
+ else
172
+ stdout.puts request.oauth_signature
173
+ end
174
+ when "version"
175
+ puts "OAuth for Ruby #{OAuth::VERSION}"
176
+ end
177
+ else
178
+ usage
179
+ end
180
+ end
181
+
182
+ protected
183
+
184
+ def extract_command_and_parse_options(arguments)
185
+ @command = arguments[-1]
186
+ parse_options(arguments[0..-1])
187
+ end
188
+
189
+ def option_parser(arguments = "")
190
+ # TODO add realm parameter
191
+ # TODO add user-agent parameter
192
+ option_parser = OptionParser.new do |opts|
193
+ opts.banner = "Usage: #{$0} [options] <command>"
194
+
195
+ # defaults
196
+ options[:oauth_nonce] = OAuth::Helper.generate_key
197
+ options[:oauth_signature_method] = "HMAC-SHA1"
198
+ options[:oauth_timestamp] = OAuth::Helper.generate_timestamp
199
+ options[:oauth_version] = "1.0"
200
+ options[:method] = :post
201
+ options[:params] = []
202
+ options[:scheme] = :header
203
+ options[:version] = "1.0"
204
+
205
+ ## Common Options
206
+
207
+ opts.on("-B", "--body", "Use the request body for OAuth parameters.") do
208
+ options[:scheme] = :body
209
+ end
210
+
211
+ opts.on("--consumer-key KEY", "Specifies the consumer key to use.") do |v|
212
+ options[:oauth_consumer_key] = v
213
+ end
214
+
215
+ opts.on("--consumer-secret SECRET", "Specifies the consumer secret to use.") do |v|
216
+ options[:oauth_consumer_secret] = v
217
+ end
218
+
219
+ opts.on("-H", "--header", "Use the 'Authorization' header for OAuth parameters (default).") do
220
+ options[:scheme] = :header
221
+ end
222
+
223
+ opts.on("-Q", "--query-string", "Use the query string for OAuth parameters.") do
224
+ options[:scheme] = :query_string
225
+ end
226
+
227
+ opts.on("-O", "--options FILE", "Read options from a file") do |v|
228
+ arguments.unshift(*open(v).readlines.map { |l| l.chomp.split(" ") }.flatten)
229
+ end
230
+
231
+ ## Options for signing and making requests
232
+
233
+ opts.separator("\n options for signing and querying")
234
+
235
+ opts.on("--method METHOD", "Specifies the method (e.g. GET) to use when signing.") do |v|
236
+ options[:method] = v
237
+ end
238
+
239
+ opts.on("--nonce NONCE", "Specifies the none to use.") do |v|
240
+ options[:oauth_nonce] = v
241
+ end
242
+
243
+ opts.on("--parameters PARAMS", "Specifies the parameters to use when signing.") do |v|
244
+ options[:params] << v
245
+ end
246
+
247
+ opts.on("--signature-method METHOD", "Specifies the signature method to use; defaults to HMAC-SHA1.") do |v|
248
+ options[:oauth_signature_method] = v
249
+ end
250
+
251
+ opts.on("--secret SECRET", "Specifies the token secret to use.") do |v|
252
+ options[:oauth_token_secret] = v
253
+ end
254
+
255
+ opts.on("--timestamp TIMESTAMP", "Specifies the timestamp to use.") do |v|
256
+ options[:oauth_timestamp] = v
257
+ end
258
+
259
+ opts.on("--token TOKEN", "Specifies the token to use.") do |v|
260
+ options[:oauth_token] = v
261
+ end
262
+
263
+ opts.on("--realm REALM", "Specifies the realm to use.") do |v|
264
+ options[:realm] = v
265
+ end
266
+
267
+ opts.on("--uri URI", "Specifies the URI to use when signing.") do |v|
268
+ options[:uri] = v
269
+ end
270
+
271
+ opts.on(:OPTIONAL, "--version VERSION", "Specifies the OAuth version to use.") do |v|
272
+ if v
273
+ options[:oauth_version] = v
274
+ else
275
+ @command = "version"
276
+ end
277
+ end
278
+
279
+ opts.on("--no-version", "Omit oauth_version.") do
280
+ options[:oauth_version] = nil
281
+ end
282
+
283
+ opts.on("--xmpp", "Generate XMPP stanzas.") do
284
+ options[:xmpp] = true
285
+ options[:method] ||= "iq"
286
+ end
287
+
288
+ opts.on("-v", "--verbose", "Be verbose.") do
289
+ options[:verbose] = true
290
+ end
291
+
292
+ ## Options for authorization
293
+
294
+ opts.separator("\n options for authorization")
295
+
296
+ opts.on("--access-token-url URL", "Specifies the access token URL.") do |v|
297
+ options[:access_token_url] = v
298
+ end
299
+
300
+ opts.on("--authorize-url URL", "Specifies the authorization URL.") do |v|
301
+ options[:authorize_url] = v
302
+ end
303
+
304
+ opts.on("--callback-url URL", "Specifies a callback URL.") do |v|
305
+ options[:oauth_callback] = v
306
+ end
307
+
308
+ opts.on("--request-token-url URL", "Specifies the request token URL.") do |v|
309
+ options[:request_token_url] = v
310
+ end
311
+
312
+ opts.on("--scope SCOPE", "Specifies the scope (Google-specific).") do |v|
313
+ options[:scope] = v
314
+ end
315
+ end
316
+ end
317
+
318
+ def parse_options(arguments)
319
+ option_parser(arguments).parse!(arguments)
320
+ end
321
+
322
+ def prepare_parameters
323
+ escaped_pairs = options[:params].collect do |pair|
324
+ if pair =~ /:/
325
+ Hash[*pair.split(":", 2)].collect do |k,v|
326
+ [CGI.escape(k.strip), CGI.escape(v.strip)] * "="
327
+ end
328
+ else
329
+ pair
330
+ end
331
+ end
332
+
333
+ querystring = escaped_pairs * "&"
334
+ cli_params = CGI.parse(querystring)
335
+
336
+ {
337
+ "oauth_consumer_key" => options[:oauth_consumer_key],
338
+ "oauth_nonce" => options[:oauth_nonce],
339
+ "oauth_timestamp" => options[:oauth_timestamp],
340
+ "oauth_token" => options[:oauth_token],
341
+ "oauth_signature_method" => options[:oauth_signature_method],
342
+ "oauth_version" => options[:oauth_version]
343
+ }.reject { |k,v| v.nil? || v == "" }.merge(cli_params)
344
+ end
345
+
346
+ def sufficient_options?
347
+ case command
348
+ # TODO move command logic elsewhere
349
+ when "authorize"
350
+ options[:oauth_consumer_key] && options[:oauth_consumer_secret] &&
351
+ options[:access_token_url] && options[:authorize_url] &&
352
+ options[:request_token_url]
353
+ when "version"
354
+ true
355
+ else
356
+ options[:oauth_consumer_key] && options[:oauth_consumer_secret] &&
357
+ options[:method] && options[:uri]
358
+ end
359
+ end
360
+
361
+ def usage
362
+ stdout.puts option_parser.help
363
+ stdout.puts
364
+ stdout.puts "Available commands:"
365
+ SUPPORTED_COMMANDS.each do |command, desc|
366
+ puts " #{command.ljust(15)}#{desc}"
367
+ end
368
+ end
369
+
370
+ def valid_command?
371
+ SUPPORTED_COMMANDS.keys.include?(command)
372
+ end
373
+
374
+ def verbose?
375
+ options[:verbose]
376
+ end
377
+ end
378
+ end