RubyGems - oauth-plugin - Versions diffs - 0.4.0.pre4 → 0.4.0.pre5 - Mend

oauth-plugin 0.4.0.pre4 → 0.4.0.pre5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

data/lib/oauth/models/consumers/services/twitter_token.rb CHANGED Viewed

@@ -1,17 +1,24 @@
-require 'twitter'
 class TwitterToken < ConsumerToken
-  TWITTER_SETTINGS={:site=>"http://twitter.com"}
-  def self.consumer
-    @consumer||=OAuth::Consumer.new credentials[:key],credentials[:secret],TWITTER_SETTINGS
+  TWITTER_SETTINGS={
+    :site => "https://api.twitter.com",
+    :request_token_path => "/oauth/request_token",
+    :authorize_path => "/oauth/authorize",
+    :access_token_path => "/oauth/access_token",
+  }
+  def self.consumer(options={})
+    @consumer ||= OAuth::Consumer.new(credentials[:key], credentials[:secret], TWITTER_SETTINGS.merge(options))
   end
   def client
-    unless @client
-      @twitter_oauth=Twitter::OAuth.new TwitterToken.consumer.key,TwitterToken.consumer.secret
-      @twitter_oauth.authorize_from_access token,secret
-      @client=Twitter::Base.new(@twitter_oauth)
+    @client ||= begin
+      if credentials[:client].to_sym==:oauth_gem
+        super
+      else
+        require 'twitter'
+        Twitter::Client.new(:consumer_key => TwitterToken.consumer.key, :consumer_secret => TwitterToken.consumer.secret)
+      end
     end
-    @client
   end
-end
+end

data/lib/oauth/models/consumers/token.rb CHANGED Viewed

@@ -7,7 +7,7 @@ module Oauth
       module Token
         def self.included(model)
           model.class_eval do
-            validates_presence_of :user, :token, :secret
+            validates_presence_of :user, :token
           end
           model.send(:include, InstanceMethods)
@@ -26,7 +26,6 @@ module Oauth
           end
           def get_request_token(callback_url)
-            Rails.logger.info "OAUTH_CONSUMER #{consumer.inspect}"
             consumer.get_request_token(:oauth_callback=>callback_url)
           end
@@ -39,13 +38,18 @@ module Oauth
           end
           def find_or_create_from_access_token(user,access_token)
+            secret = access_token.respond_to?(:secret) ? access_token.secret : nil
             if user
-              user.consumer_tokens.first(:conditions=>{:type=>self.to_s,:token=>access_token.token}) ||
-                user.consumer_tokens.create!(:type=>self.to_s,:token=>access_token.token, :secret=>access_token.secret)
+              token = self.find_or_initialize_by_user_id_and_token(user.id, access_token.token)
             else
-              ConsumerToken.first( :conditions =>{ :token=>access_token.token,:type=>self.to_s}) ||
-                create(:type=>self.to_s,:token=>access_token.token, :secret=>access_token.secret)
+              token = self.find_or_initialize_by_token(access_token.token)
             end
+            # set or update the secret
+            token.secret = secret
+            token.save! if token.new_record? or token.changed?
+            token
           end
           def build_user_from_token

data/lib/oauth/rack/oauth_filter.rb CHANGED Viewed

@@ -1,6 +1,8 @@
 require "rack"
 require "rack/request"
-require "oauth/signature"
+require "oauth"
+require "oauth/request_proxy/rack_request"
 module OAuth
   module Rack
@@ -22,29 +24,72 @@ module OAuth
       def call(env)
         request = ::Rack::Request.new(env)
         env["oauth_plugin"]=true
-        if ClientApplication.verify_request(request) do |request_proxy|
+        strategies = []
+        if token_string = oauth2_token(request)
+          token = Oauth2Token.find_by_token(token_string) if token_string
+          if token
+            env["oauth.token"] = token
+            env["oauth.version"] = 2
+            strategies << :oauth20_token
+            strategies << :token
+          end
+        elsif oauth1_verify(request) do |request_proxy|
             client_application = ClientApplication.find_by_key(request_proxy.consumer_key)
             env["oauth.client_application_candidate"] = client_application
-            # Store this temporarily in client_application object for use in request token generation
+            # Store this temporarily in client_application object for use in request token generation
             client_application.token_callback_url=request_proxy.oauth_callback if request_proxy.oauth_callback
+            oauth_token = nil
-            oauth_token = client_application.tokens.first(:conditions=>{:token => request_proxy.token})
-            if oauth_token.respond_to?(:provided_oauth_verifier=)
-              oauth_token.provided_oauth_verifier=request_proxy.oauth_verifier
+            if request_proxy.token
+              oauth_token = client_application.tokens.first(:conditions=>{:token => request_proxy.token})
+              if oauth_token.respond_to?(:provided_oauth_verifier=)
+                oauth_token.provided_oauth_verifier=request_proxy.oauth_verifier
+              end
+              env["oauth.token_candidate"] = oauth_token
             end
-            env["oauth.token_candidate"] = oauth_token
             # return the token secret and the consumer secret
             [(oauth_token.nil? ? nil : oauth_token.secret), (client_application.nil? ? nil : client_application.secret)]
+        end
+          if env["oauth.token_candidate"]
+            env["oauth.token"] = env["oauth.token_candidate"]
+            strategies << :oauth10_token
+            if env["oauth.token"].is_a?(::RequestToken)
+              strategies << :oauth10_request_token
+            elsif env["oauth.token"].is_a?(::AccessToken)
+              strategies << :token
+              strategies << :oauth10_access_token
+            end
+          else
+            strategies << :two_legged
           end
-          env["oauth.token"] = env["oauth.token_candidate"]
           env["oauth.client_application"] = env["oauth.client_application_candidate"]
-#          Rails.logger.info "oauth.token = #{env["oauth.token"].inspect}"
+          env["oauth.version"] = 1
         end
+        env["oauth.strategies"] = strategies unless strategies.empty?
         env["oauth.client_application_candidate"] = nil
         env["oauth.token_candidate"] = nil
-        response = @app.call(env)
+        @app.call(env)
       end
-    end
+      def oauth1_verify(request, options = {}, &block)
+        begin
+          signature = OAuth::Signature.build(request, options, &block)
+          return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp)
+          value = signature.verify
+          value
+        rescue OAuth::Signature::UnknownSignatureMethod => e
+          false
+        end
+      end
+      def oauth2_token(request)
+        request.params["oauth_token"] ||
+          request.env["HTTP_AUTHORIZATION"] &&
+            request.env["HTTP_AUTHORIZATION"][/^(OAuth|Token) ([^\s]*)$/] && $2
+      end
+    end
   end
 end

data/oauth-plugin.gemspec CHANGED Viewed

@@ -23,9 +23,17 @@ Gem::Specification.new do |s|
   s.rubyforge_project = %q{oauth}
   s.rubygems_version = %q{1.3.7}
   s.summary = %q{Ruby on Rails Plugin for OAuth Provider and Consumer}
-  s.add_development_dependency "twitter"
   s.add_development_dependency "opentransact"
-  s.add_dependency(%q<oauth>, [">= 0.4.4"])
+  s.add_development_dependency "rspec", "~> 2.4.0"
+  s.add_development_dependency "fakeweb"
+  s.add_development_dependency "fuubar"
+  s.add_development_dependency "guard-rspec"
+  s.add_development_dependency "growl"
+  s.add_development_dependency "rack-test"
+  s.add_dependency "multi_json"
+  s.add_dependency("oauth", ["~> 0.4.4"])
+  s.add_dependency("rack")
+  s.add_dependency("oauth2")
 end

data/spec/rack/oauth_filter_spec.rb ADDED Viewed

@@ -0,0 +1,136 @@
+require 'spec_helper'
+require 'rack/test'
+require 'oauth/rack/oauth_filter'
+require 'multi_json'
+require 'forwardable'
+class OAuthEcho
+  def call(env)
+    response = {}
+    response[:oauth_token] = env["oauth.token"].token if env["oauth.token"]
+    response[:client_application] = env["oauth.client_application"].key if env["oauth.client_application"]
+    response[:oauth_version] = env["oauth.version"] if env["oauth.version"]
+    response[:strategies] = env["oauth.strategies"] if env["oauth.strategies"]
+     [200 ,{"Accept"=>"application/json"}, [MultiJson.encode(response)] ]
+  end
+end
+describe OAuth::Rack::OAuthFilter do
+  include Rack::Test::Methods
+  def app
+    @app ||= OAuth::Rack::OAuthFilter.new(OAuthEcho.new)
+  end
+  it "should pass through without oauth" do
+    get '/'
+    last_response.should be_ok
+    response = MultiJson.decode(last_response.body)
+    response.should == {}
+  end
+  it "should sign with consumer" do
+    get '/',{},{"HTTP_AUTHORIZATION"=>'OAuth oauth_consumer_key="my_consumer", oauth_nonce="amrLDyFE2AMztx5fOYDD1OEqWps6Mc2mAR5qyO44Rj8", oauth_signature="KCSg0RUfVFUcyhrgJo580H8ey0c%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1295039581", oauth_version="1.0"'}
+    last_response.should be_ok
+    response = MultiJson.decode(last_response.body)
+    response.should == {"client_application" => "my_consumer", "oauth_version"=>1, "strategies"=>["two_legged"]}
+  end
+  it "should sign with oauth 1 access token" do
+    client_application = ClientApplication.new "my_consumer"
+    ClientApplication.stub!(:find_by_key).and_return(client_application)
+    client_application.tokens.stub!(:first).and_return(AccessToken.new("my_token"))
+    get '/',{},{"HTTP_AUTHORIZATION"=>'OAuth oauth_consumer_key="my_consumer", oauth_nonce="oiFHXoN0172eigBBUfgaZLdQg7ycGekv8iTdfkCStY", oauth_signature="y35B2DqTWaNlzNX0p4wv%2FJAGzg8%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1295040394", oauth_token="my_token", oauth_version="1.0"'}
+    last_response.should be_ok
+    response = MultiJson.decode(last_response.body)
+    response.should == {"client_application" => "my_consumer", "oauth_token"=>"my_token","oauth_version"=>1, "strategies"=>["oauth10_token","token","oauth10_access_token"]}
+  end
+  it "should sign with oauth 1 request token" do
+    client_application = ClientApplication.new "my_consumer"
+    ClientApplication.stub!(:find_by_key).and_return(client_application)
+    client_application.tokens.stub!(:first).and_return(RequestToken.new("my_token"))
+    get '/',{},{"HTTP_AUTHORIZATION"=>'OAuth oauth_consumer_key="my_consumer", oauth_nonce="oiFHXoN0172eigBBUfgaZLdQg7ycGekv8iTdfkCStY", oauth_signature="y35B2DqTWaNlzNX0p4wv%2FJAGzg8%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1295040394", oauth_token="my_token", oauth_version="1.0"'}
+    last_response.should be_ok
+    response = MultiJson.decode(last_response.body)
+    response.should == {"client_application" => "my_consumer", "oauth_token"=>"my_token","oauth_version"=>1, "strategies"=>["oauth10_token","oauth10_request_token"]}
+  end
+  it "should authenticate with oauth2 auth header" do
+    get '/',{},{"HTTP_AUTHORIZATION"=>"OAuth my_token"}
+    last_response.should be_ok
+    response = MultiJson.decode(last_response.body)
+    response.should == {"oauth_token" => "my_token", "oauth_version"=>2, "strategies"=>["oauth20_token","token"]}
+  end
+  it "should authenticate with pre draft 10 oauth2 auth header" do
+    get '/',{},{"HTTP_AUTHORIZATION"=>"Token my_token"}
+    last_response.should be_ok
+    response = MultiJson.decode(last_response.body)
+    response.should == {"oauth_token" => "my_token", "oauth_version"=>2, "strategies"=>["oauth20_token","token"]}
+  end
+  it "should authenticate with oauth2 query parameter" do
+    get '/?oauth_token=my_token'
+    last_response.should be_ok
+    response = MultiJson.decode(last_response.body)
+    response.should == {"oauth_token" => "my_token", "oauth_version"=>2, "strategies"=>["oauth20_token","token"]}
+  end
+  it "should authenticate with oauth2 post parameter" do
+    post '/', :oauth_token=>'my_token'
+    last_response.should be_ok
+    response = MultiJson.decode(last_response.body)
+    response.should == {"oauth_token" => "my_token", "oauth_version"=>2, "strategies"=>["oauth20_token","token"]}
+  end
+  # Dummy implementation
+  class ClientApplication
+    attr_accessor :key
+    def self.find_by_key(key)
+      ClientApplication.new(key)
+    end
+    def initialize(key)
+      @key = key
+    end
+    def tokens
+      @tokens||=[]
+    end
+    def secret
+      "secret"
+    end
+  end
+  class OauthToken
+    attr_accessor :token
+    def self.find_by_token(token)
+      OauthToken.new(token)
+    end
+    def initialize(token)
+      @token = token
+    end
+    def secret
+      "secret"
+    end
+  end
+  class Oauth2Token < OauthToken ; end
+  class AccessToken < OauthToken ; end
+  class RequestToken < OauthToken ; end
+  class OauthNonce
+    # Always remember
+    def self.remember(nonce,timestamp)
+      true
+    end
+  end
+end

data/spec/spec_helper.rb ADDED Viewed

@@ -0,0 +1,3 @@
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+require 'rspec'

metadata CHANGED Viewed

@@ -1,13 +1,8 @@
 --- !ruby/object:Gem::Specification
 name: oauth-plugin
 version: !ruby/object:Gem::Version
-  prerelease: true
-  segments:
-  - 0
-  - 4
-  - 0
-  - pre4
-  version: 0.4.0.pre4
+  prerelease: 6
+  version: 0.4.0.pre5
 platform: ruby
 authors:
 - Pelle Braendgaard
@@ -19,46 +14,126 @@ date: 2010-12-08 00:00:00 -05:00
 default_executable:
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: twitter
+  name: opentransact
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        segments:
-        - 0
         version: "0"
   type: :development
   version_requirements: *id001
 - !ruby/object:Gem::Dependency
-  name: opentransact
+  name: rspec
   prerelease: false
   requirement: &id002 !ruby/object:Gem::Requirement
     none: false
     requirements:
-    - - ">="
+    - - ~>
       - !ruby/object:Gem::Version
-        segments:
-        - 0
-        version: "0"
+        version: 2.4.0
   type: :development
   version_requirements: *id002
 - !ruby/object:Gem::Dependency
-  name: oauth
+  name: fakeweb
   prerelease: false
   requirement: &id003 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        segments:
-        - 0
-        - 4
-        - 4
+        version: "0"
+  type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency
+  name: fuubar
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+  type: :development
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency
+  name: guard-rspec
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+  type: :development
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency
+  name: growl
+  prerelease: false
+  requirement: &id006 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+  type: :development
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  prerelease: false
+  requirement: &id007 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+  type: :development
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  prerelease: false
+  requirement: &id008 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+  type: :runtime
+  version_requirements: *id008
+- !ruby/object:Gem::Dependency
+  name: oauth
+  prerelease: false
+  requirement: &id009 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
         version: 0.4.4
   type: :runtime
-  version_requirements: *id003
+  version_requirements: *id009
+- !ruby/object:Gem::Dependency
+  name: rack
+  prerelease: false
+  requirement: &id010 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+  type: :runtime
+  version_requirements: *id010
+- !ruby/object:Gem::Dependency
+  name: oauth2
+  prerelease: false
+  requirement: &id011 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
+  type: :runtime
+  version_requirements: *id011
 description: Rails plugin for implementing an OAuth Provider or Consumer
 email: oauth-ruby@googlegroups.com
 executables: []
@@ -71,6 +146,8 @@ files:
 - .gitignore
 - CHANGELOG
 - Gemfile
+- Gemfile.lock
+- Guardfile
 - MIT-LICENSE
 - README.rdoc
 - Rakefile
@@ -105,10 +182,6 @@ files:
 - generators/oauth_provider/templates/clients_controller_spec.rb
 - generators/oauth_provider/templates/clients_controller_test.rb
 - generators/oauth_provider/templates/controller.rb
-- generators/oauth_provider/templates/controller_spec.rb
-- generators/oauth_provider/templates/controller_spec_helper.rb
-- generators/oauth_provider/templates/controller_test.rb
-- generators/oauth_provider/templates/controller_test_helper.rb
 - generators/oauth_provider/templates/edit.html.erb
 - generators/oauth_provider/templates/edit.html.haml
 - generators/oauth_provider/templates/index.html.erb
@@ -197,8 +270,6 @@ files:
 - lib/generators/rspec/templates/client_application_spec.rb
 - lib/generators/rspec/templates/client_applications.yml
 - lib/generators/rspec/templates/clients_controller_spec.rb
-- lib/generators/rspec/templates/controller_spec.rb
-- lib/generators/rspec/templates/controller_spec_helper.rb
 - lib/generators/rspec/templates/oauth2_token_spec.rb
 - lib/generators/rspec/templates/oauth2_verifier_spec.rb
 - lib/generators/rspec/templates/oauth_nonce_spec.rb
@@ -209,8 +280,6 @@ files:
 - lib/generators/test_unit/templates/client_application_test.rb
 - lib/generators/test_unit/templates/client_applications.yml
 - lib/generators/test_unit/templates/clients_controller_test.rb
-- lib/generators/test_unit/templates/controller_test.rb
-- lib/generators/test_unit/templates/controller_test_helper.rb
 - lib/generators/test_unit/templates/oauth_nonce_test.rb
 - lib/generators/test_unit/templates/oauth_nonces.yml
 - lib/generators/test_unit/templates/oauth_token_test.rb
@@ -224,6 +293,7 @@ files:
 - lib/oauth/models/consumers/services/agree2_token.rb
 - lib/oauth/models/consumers/services/fireeagle_token.rb
 - lib/oauth/models/consumers/services/google_token.rb
+- lib/oauth/models/consumers/services/oauth2_token.rb
 - lib/oauth/models/consumers/services/opentransact_token.rb
 - lib/oauth/models/consumers/services/picomoney_token.rb
 - lib/oauth/models/consumers/services/twitter_token.rb
@@ -232,6 +302,8 @@ files:
 - lib/oauth/rack/oauth_filter.rb
 - oauth-plugin.gemspec
 - rails/init.rb
+- spec/rack/oauth_filter_spec.rb
+- spec/spec_helper.rb
 - tasks/oauth_tasks.rake
 - uninstall.rb
 has_rdoc: true
@@ -248,25 +320,20 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      segments:
-      - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
   - - ">"
     - !ruby/object:Gem::Version
-      segments:
-      - 1
-      - 3
-      - 1
       version: 1.3.1
 requirements: []
 rubyforge_project: oauth
-rubygems_version: 1.3.7
+rubygems_version: 1.6.2
 signing_key:
 specification_version: 3
 summary: Ruby on Rails Plugin for OAuth Provider and Consumer
-test_files: []
+test_files:
+- spec/rack/oauth_filter_spec.rb
+- spec/spec_helper.rb