oauth-plugin 0.3.9 → 0.3.10

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/CHANGELOG +6 -0
  2. data/VERSION +1 -1
  3. data/generators/oauth_consumer/templates/index.html.erb +3 -1
  4. data/lib/oauth/controllers/provider_controller.rb +6 -1
  5. data/lib/oauth/models/consumers/services/agree2_token.rb +1 -1
  6. data/oauth-plugin.gemspec +2 -2
  7. metadata +2 -2
data/CHANGELOG CHANGED
@@ -1,3 +1,9 @@
1
+ 7/29/2009
2
+ 0.3.10
3
+ - Closed blocks in erb template (jcrosby) while pelle is hiding under his desk
4
+ - Handled error case on authorize with non existent token
5
+ - Fixed Agree2 token
6
+ - Security Fix: Only skip verify_authenticity_token for specific oauth token requests in provider controller
1
7
  7/25/2009
2
8
  0.3.9
3
9
  - Added an Index to oauth consumers controller. Rerun generator to create index template
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.3.9
1
+ 0.3.10
data/generators/oauth_consumer/templates/index.html.erb CHANGED
@@ -15,6 +15,7 @@
15
15
  </li>
16
16
  <%% end %>
17
17
  </ul>
18
+ <%% end %>
18
19
 
19
20
  <%% unless @services.empty? %>
20
21
  <h3>You can connect to the following services:</h3>
@@ -24,4 +25,5 @@
24
25
  <%%= link_to service.to_s.humanize, oauth_consumer_path(service) %>
25
26
  </li>
26
27
  <%% end %>
27
- </ul>
28
+ </ul>
29
+ <%% end %>
data/lib/oauth/controllers/provider_controller.rb CHANGED
@@ -9,7 +9,7 @@ module OAuth
9
9
  before_filter :oauth_required, :only => [:invalidate,:capabilities]
10
10
  before_filter :verify_oauth_consumer_signature, :only => [:request_token]
11
11
  before_filter :verify_oauth_request_token, :only => [:access_token]
12
- skip_before_filter :verify_authenticity_token
12
+ skip_before_filter :verify_authenticity_token, :only=>[:request_token, :access_token, :invalidate, :test_request]
13
13
  end
14
14
  end
15
15
 
@@ -37,6 +37,11 @@ module OAuth
37
37
 
38
38
  def authorize
39
39
  @token = ::RequestToken.find_by_token params[:oauth_token]
40
+ unless @token
41
+ render :action=>"authorize_failure"
42
+ return
43
+ end
44
+
40
45
  unless @token.invalidated?
41
46
  if request.post?
42
47
  if user_authorizes_token?
data/lib/oauth/models/consumers/services/agree2_token.rb CHANGED
@@ -10,6 +10,6 @@ class Agree2Token < ConsumerToken
10
10
  end
11
11
 
12
12
  def client
13
- @client||=Agree2Token.agree2_client.user(:token=>token,:secret=>secret)
13
+ @client||=Agree2Token.agree2_client.user(token,secret)
14
14
  end
15
15
  end
data/oauth-plugin.gemspec CHANGED
@@ -2,11 +2,11 @@
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = %q{oauth-plugin}
5
- s.version = "0.3.9"
5
+ s.version = "0.3.10"
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Pelle Braendgaard"]
9
- s.date = %q{2009-07-26}
9
+ s.date = %q{2009-07-29}
10
10
  s.description = %q{Rails plugin for implementing an OAuth Provider or Consumer}
11
11
  s.email = %q{oauth-ruby@googlegroups.com}
12
12
  s.extra_rdoc_files = [
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oauth-plugin
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.9
4
+ version: 0.3.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pelle Braendgaard
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
11
 
12
- date: 2009-07-26 00:00:00 -04:00
12
+ date: 2009-07-29 00:00:00 -04:00
13
13
  default_executable:
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency