RubyGems - oauth-plugin - Versions diffs - 0.3.9 → 0.3.10 - Mend

oauth-plugin 0.3.9 → 0.3.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

data/CHANGELOG +6 -0
data/VERSION +1 -1
data/generators/oauth_consumer/templates/index.html.erb +3 -1
data/lib/oauth/controllers/provider_controller.rb +6 -1
data/lib/oauth/models/consumers/services/agree2_token.rb +1 -1
data/oauth-plugin.gemspec +2 -2
metadata +2 -2

data/CHANGELOG CHANGED

@@ -1,3 +1,9 @@
+7/29/2009
+  0.3.10
+  - Closed blocks in erb template (jcrosby) while pelle is hiding under his desk
+  - Handled error case on authorize with non existent token
+  - Fixed Agree2 token
+  - Security Fix: Only skip verify_authenticity_token for specific oauth token requests in provider controller
 7/25/2009
   0.3.9
   - Added an Index to oauth consumers controller. Rerun generator to create index template

data/VERSION CHANGED

	@@ -1 +1 @@
1	- 0.3.9
1	+ 0.3.10

data/generators/oauth_consumer/templates/index.html.erb CHANGED

@@ -15,6 +15,7 @@
       </li>
     <%% end %>
   </ul>
+<%% end %>
 <%% unless @services.empty? %>
 <h3>You can connect to the following services:</h3>
@@ -24,4 +25,5 @@
       <%%= link_to service.to_s.humanize, oauth_consumer_path(service) %>
     </li>
   <%% end %>
-</ul>
+</ul>
+<%% end %>

data/lib/oauth/controllers/provider_controller.rb CHANGED

@@ -9,7 +9,7 @@ module OAuth
           before_filter :oauth_required, :only => [:invalidate,:capabilities]
           before_filter :verify_oauth_consumer_signature, :only => [:request_token]
           before_filter :verify_oauth_request_token, :only => [:access_token]
-          skip_before_filter :verify_authenticity_token
+          skip_before_filter :verify_authenticity_token, :only=>[:request_token, :access_token, :invalidate, :test_request]
         end
       end
@@ -37,6 +37,11 @@ module OAuth
       def authorize
         @token = ::RequestToken.find_by_token params[:oauth_token]
+        unless @token
+          render :action=>"authorize_failure"
+          return
+        end
         unless @token.invalidated?
           if request.post?
             if user_authorizes_token?

data/lib/oauth/models/consumers/services/agree2_token.rb CHANGED

@@ -10,6 +10,6 @@ class Agree2Token < ConsumerToken
   end
   def client
-    @client||=Agree2Token.agree2_client.user(:token=>token,:secret=>secret)
+    @client||=Agree2Token.agree2_client.user(token,secret)
   end
 end

data/oauth-plugin.gemspec CHANGED

@@ -2,11 +2,11 @@
 Gem::Specification.new do |s|
   s.name = %q{oauth-plugin}
-  s.version = "0.3.9"
+  s.version = "0.3.10"
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Pelle Braendgaard"]
-  s.date = %q{2009-07-26}
+  s.date = %q{2009-07-29}
   s.description = %q{Rails plugin for implementing an OAuth Provider or Consumer}
   s.email = %q{oauth-ruby@googlegroups.com}
   s.extra_rdoc_files = [

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: oauth-plugin
 version: !ruby/object:Gem::Version
-  version: 0.3.9
+  version: 0.3.10
 platform: ruby
 authors:
 - Pelle Braendgaard
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2009-07-26 00:00:00 -04:00
+date: 2009-07-29 00:00:00 -04:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency