mzsanford-oauth 0.3.2.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (84) hide show
  1. data/History.txt +91 -0
  2. data/License.txt +20 -0
  3. data/Manifest.txt +84 -0
  4. data/README.rdoc +71 -0
  5. data/Rakefile +36 -0
  6. data/TODO +31 -0
  7. data/bin/oauth +5 -0
  8. data/examples/yql.rb +44 -0
  9. data/lib/oauth.rb +4 -0
  10. data/lib/oauth/cli.rb +342 -0
  11. data/lib/oauth/client.rb +4 -0
  12. data/lib/oauth/client/action_controller_request.rb +54 -0
  13. data/lib/oauth/client/helper.rb +83 -0
  14. data/lib/oauth/client/net_http.rb +106 -0
  15. data/lib/oauth/consumer.rb +337 -0
  16. data/lib/oauth/errors.rb +3 -0
  17. data/lib/oauth/errors/error.rb +4 -0
  18. data/lib/oauth/errors/problem.rb +14 -0
  19. data/lib/oauth/errors/unauthorized.rb +12 -0
  20. data/lib/oauth/helper.rb +78 -0
  21. data/lib/oauth/oauth.rb +11 -0
  22. data/lib/oauth/oauth_test_helper.rb +25 -0
  23. data/lib/oauth/request_proxy.rb +24 -0
  24. data/lib/oauth/request_proxy/action_controller_request.rb +61 -0
  25. data/lib/oauth/request_proxy/base.rb +165 -0
  26. data/lib/oauth/request_proxy/jabber_request.rb +41 -0
  27. data/lib/oauth/request_proxy/mock_request.rb +44 -0
  28. data/lib/oauth/request_proxy/net_http.rb +65 -0
  29. data/lib/oauth/request_proxy/rack_request.rb +40 -0
  30. data/lib/oauth/server.rb +66 -0
  31. data/lib/oauth/signature.rb +37 -0
  32. data/lib/oauth/signature/base.rb +91 -0
  33. data/lib/oauth/signature/hmac/base.rb +12 -0
  34. data/lib/oauth/signature/hmac/md5.rb +9 -0
  35. data/lib/oauth/signature/hmac/rmd160.rb +9 -0
  36. data/lib/oauth/signature/hmac/sha1.rb +9 -0
  37. data/lib/oauth/signature/hmac/sha2.rb +9 -0
  38. data/lib/oauth/signature/md5.rb +13 -0
  39. data/lib/oauth/signature/plaintext.rb +23 -0
  40. data/lib/oauth/signature/rsa/sha1.rb +45 -0
  41. data/lib/oauth/signature/sha1.rb +13 -0
  42. data/lib/oauth/token.rb +7 -0
  43. data/lib/oauth/tokens/access_token.rb +68 -0
  44. data/lib/oauth/tokens/consumer_token.rb +33 -0
  45. data/lib/oauth/tokens/request_token.rb +32 -0
  46. data/lib/oauth/tokens/server_token.rb +9 -0
  47. data/lib/oauth/tokens/token.rb +17 -0
  48. data/lib/oauth/version.rb +3 -0
  49. data/oauth.gemspec +49 -0
  50. data/script/destroy +14 -0
  51. data/script/generate +14 -0
  52. data/script/txt2html +74 -0
  53. data/setup.rb +1585 -0
  54. data/tasks/deployment.rake +34 -0
  55. data/tasks/environment.rake +7 -0
  56. data/tasks/website.rake +17 -0
  57. data/test/cases/oauth_case.rb +19 -0
  58. data/test/cases/spec/1_0-final/test_construct_request_url.rb +62 -0
  59. data/test/cases/spec/1_0-final/test_normalize_request_parameters.rb +88 -0
  60. data/test/cases/spec/1_0-final/test_parameter_encodings.rb +86 -0
  61. data/test/cases/spec/1_0-final/test_signature_base_strings.rb +77 -0
  62. data/test/keys/rsa.cert +11 -0
  63. data/test/keys/rsa.pem +16 -0
  64. data/test/test_access_token.rb +28 -0
  65. data/test/test_action_controller_request_proxy.rb +127 -0
  66. data/test/test_consumer.rb +361 -0
  67. data/test/test_helper.rb +10 -0
  68. data/test/test_hmac_sha1.rb +21 -0
  69. data/test/test_net_http_client.rb +204 -0
  70. data/test/test_net_http_request_proxy.rb +73 -0
  71. data/test/test_rack_request_proxy.rb +40 -0
  72. data/test/test_request_token.rb +53 -0
  73. data/test/test_rsa_sha1.rb +59 -0
  74. data/test/test_server.rb +40 -0
  75. data/test/test_signature.rb +19 -0
  76. data/test/test_signature_base.rb +32 -0
  77. data/test/test_signature_plain_text.rb +31 -0
  78. data/test/test_token.rb +14 -0
  79. data/website/index.html +87 -0
  80. data/website/index.txt +73 -0
  81. data/website/javascripts/rounded_corners_lite.inc.js +285 -0
  82. data/website/stylesheets/screen.css +138 -0
  83. data/website/template.rhtml +48 -0
  84. metadata +212 -0
@@ -0,0 +1,44 @@
1
+ require 'oauth/request_proxy/base'
2
+
3
+ module OAuth
4
+ module RequestProxy
5
+ # RequestProxy for Hashes to facilitate simpler signature creation.
6
+ # Usage:
7
+ # request = OAuth::RequestProxy.proxy \
8
+ # "method" => "iq",
9
+ # "uri" => [from, to] * "&",
10
+ # "parameters" => {
11
+ # "oauth_consumer_key" => oauth_consumer_key,
12
+ # "oauth_token" => oauth_token,
13
+ # "oauth_signature_method" => "HMAC-SHA1"
14
+ # }
15
+ #
16
+ # signature = OAuth::Signature.sign \
17
+ # request,
18
+ # :consumer_secret => oauth_consumer_secret,
19
+ # :token_secret => oauth_token_secret,
20
+ class MockRequest < OAuth::RequestProxy::Base
21
+ proxies Hash
22
+
23
+ def parameters
24
+ @request["parameters"]
25
+ end
26
+
27
+ def method
28
+ @request["method"]
29
+ end
30
+
31
+ def normalized_uri
32
+ super
33
+ rescue
34
+ # if this is a non-standard URI, it may not parse properly
35
+ # in that case, assume that it's already been normalized
36
+ uri
37
+ end
38
+
39
+ def uri
40
+ @request["uri"]
41
+ end
42
+ end
43
+ end
44
+ end
@@ -0,0 +1,65 @@
1
+ require 'oauth/request_proxy/base'
2
+ require 'net/http'
3
+ require 'uri'
4
+ require 'cgi'
5
+
6
+ module OAuth::RequestProxy::Net
7
+ module HTTP
8
+ class HTTPRequest < OAuth::RequestProxy::Base
9
+ proxies ::Net::HTTPRequest
10
+
11
+ def method
12
+ request.method
13
+ end
14
+
15
+ def uri
16
+ uri = options[:uri]
17
+ uri.to_s
18
+ end
19
+
20
+ def parameters
21
+ if options[:clobber_request]
22
+ options[:parameters]
23
+ else
24
+ all_parameters
25
+ end
26
+ end
27
+
28
+ private
29
+
30
+ def all_parameters
31
+ request_params = CGI.parse(query_string)
32
+ if options[:parameters]
33
+ options[:parameters].each do |k,v|
34
+ if request_params.has_key?(k)
35
+ request_params[k] << v
36
+ else
37
+ request_params[k] = [v].flatten
38
+ end
39
+ end
40
+ end
41
+ request_params
42
+ end
43
+
44
+ def query_string
45
+ params = [ query_params, auth_header_params ]
46
+ is_form_urlencoded = request['Content-Type'] != nil && request['Content-Type'].downcase == 'application/x-www-form-urlencoded'
47
+ params << post_params if method.to_s.upcase == 'POST' && is_form_urlencoded
48
+ params.compact.join('&')
49
+ end
50
+
51
+ def query_params
52
+ URI.parse(request.path).query
53
+ end
54
+
55
+ def post_params
56
+ request.body
57
+ end
58
+
59
+ def auth_header_params
60
+ return nil unless request['Authorization'] && request['Authorization'][0,5] == 'OAuth'
61
+ auth_params = request['Authorization']
62
+ end
63
+ end
64
+ end
65
+ end
@@ -0,0 +1,40 @@
1
+ require 'oauth/request_proxy/base'
2
+ require 'uri'
3
+ require 'rack'
4
+
5
+ module OAuth::RequestProxy
6
+ class RackRequest < OAuth::RequestProxy::Base
7
+ proxies Rack::Request
8
+
9
+ def method
10
+ request.env["rack.methodoverride.original_method"] || request.request_method
11
+ end
12
+
13
+ def uri
14
+ request.url
15
+ end
16
+
17
+ def parameters
18
+ if options[:clobber_request]
19
+ options[:parameters] || {}
20
+ else
21
+ params = request_params.merge(query_params).merge(header_params)
22
+ params.merge(options[:parameters] || {})
23
+ end
24
+ end
25
+
26
+ def signature
27
+ parameters['oauth_signature']
28
+ end
29
+
30
+ protected
31
+
32
+ def query_params
33
+ request.GET
34
+ end
35
+
36
+ def request_params
37
+ request.params
38
+ end
39
+ end
40
+ end
@@ -0,0 +1,66 @@
1
+ require 'oauth/helper'
2
+ require 'oauth/consumer'
3
+
4
+ module OAuth
5
+ # This is mainly used to create consumer credentials and can pretty much be ignored if you want to create your own
6
+ class Server
7
+ include OAuth::Helper
8
+ attr_accessor :base_url
9
+
10
+ @@server_paths = {
11
+ :request_token_path => "/oauth/request_token",
12
+ :authorize_path => "/oauth/authorize",
13
+ :access_token_path => "/oauth/access_token"
14
+ }
15
+
16
+ # Create a new server instance
17
+ def initialize(base_url, paths = {})
18
+ @base_url = base_url
19
+ @paths = @@server_paths.merge(paths)
20
+ end
21
+
22
+ def generate_credentials
23
+ [generate_key(16), generate_key]
24
+ end
25
+
26
+ def generate_consumer_credentials(params = {})
27
+ Consumer.new(*generate_credentials)
28
+ end
29
+
30
+ # mainly for testing purposes
31
+ def create_consumer
32
+ creds = generate_credentials
33
+ Consumer.new(creds[0], creds[1],
34
+ {
35
+ :site => base_url,
36
+ :request_token_path => request_token_path,
37
+ :authorize_path => authorize_path,
38
+ :access_token_path => access_token_path
39
+ })
40
+ end
41
+
42
+ def request_token_path
43
+ @paths[:request_token_path]
44
+ end
45
+
46
+ def request_token_url
47
+ base_url + request_token_path
48
+ end
49
+
50
+ def authorize_path
51
+ @paths[:authorize_path]
52
+ end
53
+
54
+ def authorize_url
55
+ base_url + authorize_path
56
+ end
57
+
58
+ def access_token_path
59
+ @paths[:access_token_path]
60
+ end
61
+
62
+ def access_token_url
63
+ base_url + access_token_path
64
+ end
65
+ end
66
+ end
@@ -0,0 +1,37 @@
1
+ module OAuth
2
+ module Signature
3
+ # Returns a list of available signature methods
4
+ def self.available_methods
5
+ @available_methods ||= {}
6
+ end
7
+
8
+ # Build a signature from a +request+.
9
+ #
10
+ # Raises UnknownSignatureMethod exception if the signature method is unknown.
11
+ def self.build(request, options = {}, &block)
12
+ request = OAuth::RequestProxy.proxy(request, options)
13
+ klass = available_methods[(request.signature_method || "").downcase]
14
+ raise UnknownSignatureMethod, request.signature_method unless klass
15
+ klass.new(request, options, &block)
16
+ end
17
+
18
+ # Sign a +request+
19
+ def self.sign(request, options = {}, &block)
20
+ self.build(request, options, &block).signature
21
+ end
22
+
23
+ # Verify the signature of +request+
24
+ def self.verify(request, options = {}, &block)
25
+ self.build(request, options, &block).verify
26
+ end
27
+
28
+ # Create the signature base string for +request+. This string is the normalized parameter information.
29
+ #
30
+ # See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
31
+ def self.signature_base_string(request, options = {}, &block)
32
+ self.build(request, options, &block).signature_base_string
33
+ end
34
+
35
+ class UnknownSignatureMethod < Exception; end
36
+ end
37
+ end
@@ -0,0 +1,91 @@
1
+ require 'oauth/signature'
2
+ require 'oauth/helper'
3
+ require 'oauth/request_proxy/base'
4
+ require 'base64'
5
+
6
+ module OAuth::Signature
7
+ class Base
8
+ include OAuth::Helper
9
+
10
+ attr_accessor :options
11
+ attr_reader :token_secret, :consumer_secret, :request
12
+
13
+ def self.implements(signature_method)
14
+ OAuth::Signature.available_methods[signature_method] = self
15
+ end
16
+
17
+ def self.digest_class(digest_class = nil)
18
+ return @digest_class if digest_class.nil?
19
+ @digest_class = digest_class
20
+ end
21
+
22
+ def initialize(request, options = {}, &block)
23
+ raise TypeError unless request.kind_of?(OAuth::RequestProxy::Base)
24
+ @request = request
25
+ @options = options
26
+
27
+ ## consumer secret was determined beforehand
28
+
29
+ @consumer_secret = options[:consumer].secret if options[:consumer]
30
+
31
+ # presence of :consumer_secret option will override any Consumer that's provided
32
+ @consumer_secret = options[:consumer_secret] if options[:consumer_secret]
33
+
34
+ ## token secret was determined beforehand
35
+
36
+ @token_secret = options[:token].secret if options[:token]
37
+
38
+ # presence of :token_secret option will override any Token that's provided
39
+ @token_secret = options[:token_secret] if options[:token_secret]
40
+
41
+
42
+ # override secrets based on the values returned from the block (if any)
43
+ if block_given?
44
+ # consumer secret and token secret need to be looked up based on pieces of the request
45
+ secrets = yield block.arity == 1 ? request : [token, consumer_key, nonce, request.timestamp]
46
+ if secrets.is_a?(Array) && secrets.size == 2
47
+ @token_secret = secrets[0]
48
+ @consumer_secret = secrets[1]
49
+ end
50
+ end
51
+ end
52
+
53
+ def signature
54
+ Base64.encode64(digest).chomp.gsub(/\n/,'')
55
+ end
56
+
57
+ def ==(cmp_signature)
58
+ Base64.decode64(signature) == Base64.decode64(cmp_signature)
59
+ end
60
+
61
+ def verify
62
+ self == self.request.signature
63
+ end
64
+
65
+ def signature_base_string
66
+ request.signature_base_string
67
+ end
68
+
69
+ private
70
+
71
+ def token
72
+ request.token
73
+ end
74
+
75
+ def consumer_key
76
+ request.consumer_key
77
+ end
78
+
79
+ def nonce
80
+ request.nonce
81
+ end
82
+
83
+ def secret
84
+ "#{escape(consumer_secret)}&#{escape(token_secret)}"
85
+ end
86
+
87
+ def digest
88
+ self.class.digest_class.digest(signature_base_string)
89
+ end
90
+ end
91
+ end
@@ -0,0 +1,12 @@
1
+ require 'oauth/signature/base'
2
+
3
+ module OAuth::Signature::HMAC
4
+ class Base < OAuth::Signature::Base
5
+
6
+ private
7
+
8
+ def digest
9
+ self.class.digest_class.digest(secret, signature_base_string)
10
+ end
11
+ end
12
+ end
@@ -0,0 +1,9 @@
1
+ require 'oauth/signature/hmac/base'
2
+ require 'hmac-md5'
3
+
4
+ module OAuth::Signature::HMAC
5
+ class MD5 < Base
6
+ implements 'hmac-md5'
7
+ digest_class ::HMAC::MD5
8
+ end
9
+ end
@@ -0,0 +1,9 @@
1
+ require 'oauth/signature/hmac/base'
2
+ require 'hmac-rmd160'
3
+
4
+ module OAuth::Signature::HMAC
5
+ class RMD160 < Base
6
+ implements 'hmac-rmd160'
7
+ digest_class ::HMAC::RMD160
8
+ end
9
+ end
@@ -0,0 +1,9 @@
1
+ require 'oauth/signature/hmac/base'
2
+ require 'hmac-sha1'
3
+
4
+ module OAuth::Signature::HMAC
5
+ class SHA1 < Base
6
+ implements 'hmac-sha1'
7
+ digest_class ::HMAC::SHA1
8
+ end
9
+ end
@@ -0,0 +1,9 @@
1
+ require 'oauth/signature/hmac/base'
2
+ require 'hmac-sha2'
3
+
4
+ module OAuth::Signature::HMAC
5
+ class SHA2 < Base
6
+ implements 'hmac-sha2'
7
+ digest_class ::HMAC::SHA2
8
+ end
9
+ end
@@ -0,0 +1,13 @@
1
+ require 'oauth/signature/base'
2
+ require 'digest/md5'
3
+
4
+ module OAuth::Signature
5
+ class MD5 < Base
6
+ implements 'md5'
7
+ digest_class Digest::MD5
8
+
9
+ def signature_base_string
10
+ secret + super
11
+ end
12
+ end
13
+ end
@@ -0,0 +1,23 @@
1
+ require 'oauth/signature/base'
2
+
3
+ module OAuth::Signature
4
+ class PLAINTEXT < Base
5
+ implements 'plaintext'
6
+
7
+ def signature
8
+ signature_base_string
9
+ end
10
+
11
+ def ==(cmp_signature)
12
+ signature == escape(cmp_signature)
13
+ end
14
+
15
+ def signature_base_string
16
+ secret
17
+ end
18
+
19
+ def secret
20
+ escape(super)
21
+ end
22
+ end
23
+ end
@@ -0,0 +1,45 @@
1
+ require 'oauth/signature/base'
2
+ require 'openssl'
3
+
4
+ module OAuth::Signature::RSA
5
+ class SHA1 < OAuth::Signature::Base
6
+ implements 'rsa-sha1'
7
+
8
+ def ==(cmp_signature)
9
+ public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(cmp_signature.is_a?(Array) ? cmp_signature.first : cmp_signature), signature_base_string)
10
+ end
11
+
12
+ def public_key
13
+ if consumer_secret.is_a?(String)
14
+ decode_public_key
15
+ elsif consumer_secret.is_a?(OpenSSL::X509::Certificate)
16
+ consumer_secret.public_key
17
+ else
18
+ consumer_secret
19
+ end
20
+ end
21
+
22
+ private
23
+
24
+ def decode_public_key
25
+ case consumer_secret
26
+ when /-----BEGIN CERTIFICATE-----/
27
+ OpenSSL::X509::Certificate.new( consumer_secret).public_key
28
+ else
29
+ OpenSSL::PKey::RSA.new( consumer_secret)
30
+ end
31
+ end
32
+
33
+ def digest
34
+ private_key = OpenSSL::PKey::RSA.new(
35
+ if options[:private_key_file]
36
+ IO.read(options[:private_key_file])
37
+ else
38
+ consumer_secret
39
+ end
40
+ )
41
+
42
+ private_key.sign(OpenSSL::Digest::SHA1.new, signature_base_string)
43
+ end
44
+ end
45
+ end