oauth-instructure 0.4.8

data/lib/oauth/core_ext.rb

@@ -0,0 +1,31 @@
+# these are to backport methods from 1.8.7/1.9.1 to 1.8.6
+
+class Object
+
+  unless method_defined?(:tap)
+    def tap
+      yield self
+      self
+    end
+  end
+
+end
+
+class String
+
+
+
+  unless method_defined?(:bytesize)
+    def bytesize
+      self.size
+    end
+  end
+
+  unless method_defined?(:bytes)
+    def bytes
+      require 'enumerator'
+      Enumerable::Enumerator.new(self, :each_byte)
+    end
+  end
+
+end

data/lib/oauth/errors.rb

@@ -0,0 +1,3 @@
+require 'oauth/errors/error'
+require 'oauth/errors/unauthorized'
+require 'oauth/errors/problem'

data/lib/oauth/errors/error.rb

@@ -0,0 +1,4 @@
+module OAuth
+  class Error < StandardError
+  end
+end

data/lib/oauth/errors/problem.rb

@@ -0,0 +1,14 @@
+module OAuth
+  class Problem < OAuth::Unauthorized
+    attr_reader :problem, :params
+    def initialize(problem, request = nil, params = {})
+      super(request)
+      @problem = problem
+      @params  = params
+    end
+
+    def to_s
+      problem
+    end
+  end
+end

data/lib/oauth/errors/unauthorized.rb

@@ -0,0 +1,12 @@
+module OAuth
+  class Unauthorized < OAuth::Error
+    attr_reader :request
+    def initialize(request = nil)
+      @request = request
+    end
+
+    def to_s
+      [request.code, request.message] * " "
+    end
+  end
+end

data/lib/oauth/helper.rb

@@ -0,0 +1,109 @@
+require 'openssl'
+require 'base64'
+
+module OAuth
+  module Helper
+    extend self
+
+    # Escape +value+ by URL encoding all non-reserved character.
+    #
+    # See Also: {OAuth core spec version 1.0, section 5.1}[http://oauth.net/core/1.0#rfc.section.5.1]
+    def escape(value)
+      URI::escape(value.to_s, OAuth::RESERVED_CHARACTERS)
+    rescue ArgumentError
+      URI::escape(value.to_s.force_encoding(Encoding::UTF_8), OAuth::RESERVED_CHARACTERS)
+    end
+
+    # Generate a random key of up to +size+ bytes. The value returned is Base64 encoded with non-word
+    # characters removed.
+    def generate_key(size=32)
+      Base64.encode64(OpenSSL::Random.random_bytes(size)).gsub(/\W/, '')
+    end
+
+    alias_method :generate_nonce, :generate_key
+
+    def generate_timestamp #:nodoc:
+      Time.now.to_i.to_s
+    end
+
+    # Normalize a +Hash+ of parameter values. Parameters are sorted by name, using lexicographical
+    # byte value ordering. If two or more parameters share the same name, they are sorted by their value.
+    # Parameters are concatenated in their sorted order into a single string. For each parameter, the name
+    # is separated from the corresponding value by an "=" character, even if the value is empty. Each
+    # name-value pair is separated by an "&" character.
+    #
+    # See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
+    def normalize(params)
+      params.sort.map do |k, values|
+        if values.is_a?(Array)
+          # make sure the array has an element so we don't lose the key
+          values << nil if values.empty?
+          # multiple values were provided for a single key
+          values.sort.collect do |v|
+            [escape(k),escape(v)] * "="
+          end
+        elsif values.is_a?(Hash)
+          normalize_nested_query(values, k)
+        else
+          [escape(k),escape(values)] * "="
+        end
+      end * "&"
+    end
+    
+    #Returns a string representation of the Hash like in URL query string
+    # build_nested_query({:level_1 => {:level_2 => ['value_1','value_2']}}, 'prefix'))
+    #   #=> ["prefix%5Blevel_1%5D%5Blevel_2%5D%5B%5D=value_1", "prefix%5Blevel_1%5D%5Blevel_2%5D%5B%5D=value_2"]
+    def normalize_nested_query(value, prefix = nil)
+      case value
+      when Array
+        value.map do |v|
+          normalize_nested_query(v, "#{prefix}[]")
+        end.flatten.sort
+      when Hash
+        value.map do |k, v|
+          normalize_nested_query(v, prefix ? "#{prefix}[#{k}]" : k)
+        end.flatten.sort
+      else
+        [escape(prefix), escape(value)] * "="
+      end
+    end
+
+    # Parse an Authorization / WWW-Authenticate header into a hash. Takes care of unescaping and
+    # removing surrounding quotes. Raises a OAuth::Problem if the header is not parsable into a
+    # valid hash. Does not validate the keys or values.
+    #
+    #   hash = parse_header(headers['Authorization'] || headers['WWW-Authenticate'])
+    #   hash['oauth_timestamp']
+    #     #=>"1234567890"
+    #
+    def parse_header(header)
+      # decompose
+      params = header[6,header.length].split(/[,=&]/)
+
+      # odd number of arguments - must be a malformed header.
+      raise OAuth::Problem.new("Invalid authorization header") if params.size % 2 != 0
+
+      params.map! do |v|
+        # strip and unescape
+        val = unescape(v.strip)
+        # strip quotes
+        val.sub(/^\"(.*)\"$/, '\1')
+      end
+
+      # convert into a Hash
+      Hash[*params.flatten]
+    end
+
+    def unescape(value)
+      URI.unescape(value.gsub('+', '%2B'))
+    end
+
+    def stringify_keys(hash)
+      new_h = {}
+      hash.each do |k, v|
+        new_h[k.to_s] = v.is_a?(Hash) ? stringify_keys(v) : v
+      end
+      new_h
+    end
+  end
+end

data/lib/oauth/oauth.rb

@@ -0,0 +1,13 @@
+module OAuth
+  # request tokens are passed between the consumer and the provider out of
+  # band (i.e. callbacks cannot be used), per section 6.1.1
+  OUT_OF_BAND = "oob"
+
+  # required parameters, per sections 6.1.1, 6.3.1, and 7
+  PARAMETERS = %w(oauth_callback oauth_consumer_key oauth_token
+    oauth_signature_method oauth_timestamp oauth_nonce oauth_verifier
+    oauth_version oauth_signature oauth_body_hash)
+
+  # reserved character regexp, per section 5.1
+  RESERVED_CHARACTERS = /[^a-zA-Z0-9\-\.\_\~]/
+end

data/lib/oauth/oauth_test_helper.rb

@@ -0,0 +1,25 @@
+require 'action_controller'
+require 'action_controller/test_process'
+
+module OAuth
+  module OAuthTestHelper
+    def mock_incoming_request_with_query(request)
+      incoming = ActionController::TestRequest.new(request.to_hash)
+      incoming.request_uri = request.path
+      incoming.host = request.uri.host
+      incoming.env["SERVER_PORT"] = request.uri.port
+      incoming.env['REQUEST_METHOD'] = request.http_method
+      incoming
+    end
+
+    def mock_incoming_request_with_authorize_header(request)
+      incoming = ActionController::TestRequest.new
+      incoming.request_uri = request.path
+      incoming.host = request.uri.host
+      incoming.env["HTTP_AUTHORIZATION"] = request.to_auth_string
+      incoming.env["SERVER_PORT"] = request.uri.port
+      incoming.env['REQUEST_METHOD'] = request.http_method
+      incoming
+    end
+  end
+end

data/lib/oauth/request_proxy.rb

@@ -0,0 +1,24 @@
+module OAuth
+  module RequestProxy
+    def self.available_proxies #:nodoc:
+      @available_proxies ||= {}
+    end
+
+    def self.proxy(request, options = {})
+      return request if request.kind_of?(OAuth::RequestProxy::Base)
+
+      klass = available_proxies[request.class]
+
+      # Search for possible superclass matches.
+      if klass.nil?
+        request_parent = available_proxies.keys.find { |rc| request.kind_of?(rc) }
+        klass = available_proxies[request_parent]
+      end
+
+      raise UnknownRequestType, request.class.to_s unless klass
+      klass.new(request, options)
+    end
+
+    class UnknownRequestType < Exception; end
+  end
+end

data/lib/oauth/request_proxy/action_controller_request.rb

@@ -0,0 +1,116 @@
+require 'active_support'
+require 'action_controller'
+if Rails.version < "3.0"
+  require 'action_controller/request'
+else
+  require 'action_controller/test_case'
+end
+require 'uri'
+
+module OAuth::RequestProxy
+  class ActionControllerRequest < OAuth::RequestProxy::Base
+    proxies(defined?(ActionController::AbstractRequest) ? ActionController::AbstractRequest : ActionController::Request)
+
+    def method
+      request.method.to_s.upcase
+    end
+
+    def uri
+      request.url
+    end
+
+    def parameters
+      if options[:clobber_request]
+        options[:parameters] || {}
+      else
+        params = request_params.merge(query_params).merge(header_params)
+        params.stringify_keys! if params.respond_to?(:stringify_keys!)
+        params.merge(options[:parameters] || {})
+      end
+    end
+
+    # Override from OAuth::RequestProxy::Base to avoid roundtrip
+    # conversion to Hash or Array and thus preserve the original
+    # parameter names
+    def parameters_for_signature
+      params = []
+      params << options[:parameters].to_query if options[:parameters]
+
+      unless options[:clobber_request]
+        params << header_params.to_query
+        params << request.query_string unless query_string_blank?
+
+        if request.post? && request.content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
+          params << request.raw_post
+        end
+      end
+
+      params.
+        join('&').split('&').
+        reject(&:blank?).
+        map { |p| p.split('=').map{|esc| CGI.unescape(esc)} }.
+        reject { |kv| kv[0] == 'oauth_signature'}
+    end
+
+  protected
+
+    def query_params
+      request.query_parameters
+    end
+
+    def request_params
+      request.request_parameters
+    end
+
+  end
+end
+
+module ActionController
+  class Base
+    def process_with_oauth(request, response=nil)
+      request.apply_oauth! if request.respond_to?(:apply_oauth!)
+      process_without_oauth(request, response)
+    end
+    alias_method_chain :process, :oauth
+  end
+
+  class TestRequest
+    def self.use_oauth=(bool)
+      @use_oauth = bool
+    end
+
+    def self.use_oauth?
+      @use_oauth
+    end
+
+    def configure_oauth(consumer = nil, token = nil, options = {})
+      @oauth_options = { :consumer  => consumer,
+                         :token     => token,
+                         :scheme    => 'header',
+                         :signature_method => nil,
+                         :nonce     => nil,
+                         :timestamp => nil }.merge(options)
+    end
+
+    def apply_oauth!
+      return unless ActionController::TestRequest.use_oauth? && @oauth_options
+
+      @oauth_helper = OAuth::Client::Helper.new(self, @oauth_options.merge(:request_uri => (respond_to?(:fullpath) ? fullpath : request_uri)))
+      @oauth_helper.amend_user_agent_header(env)
+
+      self.send("set_oauth_#{@oauth_options[:scheme]}")
+    end
+
+    def set_oauth_header
+      env['Authorization'] = @oauth_helper.header
+    end
+
+    def set_oauth_parameters
+      @query_parameters = @oauth_helper.parameters_with_oauth
+      @query_parameters.merge!(:oauth_signature => @oauth_helper.signature)
+    end
+
+    def set_oauth_query_string
+    end
+  end
+end

data/lib/oauth/request_proxy/action_dispatch_request.rb

@@ -0,0 +1,113 @@
+require 'active_support'
+require 'action_controller'
+require 'uri'
+
+module OAuth::RequestProxy
+  class ActionDispatchRequest < OAuth::RequestProxy::Base
+    proxies ActionDispatch::Request
+
+    def method
+      request.method.to_s.upcase
+    end
+
+    def uri
+      request.url
+    end
+
+    def parameters
+      if options[:clobber_request]
+        options[:parameters] || {}
+      else
+        params = request_params.merge(query_params).merge(header_params)
+        params.stringify_keys! if params.respond_to?(:stringify_keys!)
+        params.merge(options[:parameters] || {})
+      end
+    end
+
+    # Override from OAuth::RequestProxy::Base to avoid roundtrip
+    # conversion to Hash or Array and thus preserve the original
+    # parameter names
+    def parameters_for_signature
+      params = []
+      params << options[:parameters].to_query if options[:parameters]
+
+      unless options[:clobber_request]
+        params << header_params.to_query
+        params << request.query_string unless request.query_string.blank?
+
+        if request.post? && request.content_type == Mime::Type.lookup("application/x-www-form-urlencoded")
+          params << request.raw_post
+        end
+      end
+
+      params.
+        join('&').split('&').
+        reject(&:blank?).
+        map { |p| p.split('=').map{|esc| CGI.unescape(esc)} }.
+        reject { |kv| kv[0] == 'oauth_signature'}
+    end
+  
+  protected
+
+    def query_params
+      request.query_parameters
+    end
+
+    def request_params
+      request.request_parameters
+    end
+
+  end
+
+end
+
+module ActionController
+  class Base
+    def process_with_new_base_test(request, response=nil)
+      request.apply_oauth! if request.respond_to?(:apply_oauth!)
+      super(request, response)
+    end
+  end
+end
+
+module ActionDispatch
+  class TestRequest
+    def self.use_oauth=(bool)
+      @use_oauth = bool
+    end
+
+    def self.use_oauth?
+      @use_oauth
+    end
+
+    def configure_oauth(consumer = nil, token = nil, options = {})
+      @oauth_options = { :consumer  => consumer,
+                         :token     => token,
+                         :scheme    => 'header',
+                         :signature_method => nil,
+                         :nonce     => nil,
+                         :timestamp => nil }.merge(options)
+    end
+
+    def apply_oauth!
+      return unless ActionDispatch::TestRequest.use_oauth? && @oauth_options
+
+      @oauth_helper = OAuth::Client::Helper.new(self, @oauth_options.merge(:request_uri => (respond_to?(:fullpath) ? fullpath : request_uri)))
+      @oauth_helper.amend_user_agent_header(env)
+
+      self.send("set_oauth_#{@oauth_options[:scheme]}")
+    end
+
+    def set_oauth_header
+      env['Authorization'] = @oauth_helper.header
+    end
+
+    def set_oauth_parameters
+      @query_parameters = @oauth_helper.parameters_with_oauth
+      @query_parameters.merge!(:oauth_signature => @oauth_helper.signature)
+    end
+
+    def set_oauth_query_string
+    end
+  end
+end