oauth 0.1.1 → 0.2.0

data/lib/oauth/{key.rb → helper.rb}

@@ -1,15 +1,14 @@
 require 'openssl'
 require 'base64'
 module OAuth
-  module Key
-    def generate_key(size=32)
-      Base64.encode64(OpenSSL::Random.random_bytes(size)).gsub(/\W/,'')
-    end
-    
-    # Based on Blaine's example from the Oauth mailing list
+  module Helper
     def escape(value)
-      CGI.escape(value.to_s).gsub("%7E", "~").gsub("+", "%20")
+      CGI.escape(value.to_s).gsub("%7E", '~').gsub("+", "%20")
     end
     
+    def generate_key(size=32)
+      Base64.encode64(OpenSSL::Random.random_bytes(size)).gsub(/\W/,'')
+    end    
+    
   end
 end

data/lib/oauth/request_proxy.rb

@@ -0,0 +1,24 @@
+module OAuth
+  module RequestProxy
+    def self.available_proxies #:nodoc:
+      @available_proxies ||= {}
+    end
+
+    def self.proxy(request, options = {})
+      return request if request.kind_of?(OAuth::RequestProxy::Base)
+
+      klass = available_proxies[request.class]
+
+      # Search for possible superclass matches.
+      if klass.nil?
+        request_parent = available_proxies.keys.find { |rc| request.kind_of?(rc) }
+        klass = available_proxies[request_parent]
+      end
+
+      raise UnknownRequestType, request.class.to_s unless klass
+      klass.new(request, options)
+    end
+
+    class UnknownRequestType < Exception; end
+  end
+end

data/lib/oauth/request_proxy/action_controller_request.rb

@@ -0,0 +1,65 @@
+require 'rubygems'
+require 'active_support'
+require 'action_controller/request'
+require 'oauth/request_proxy/base'
+require 'uri'
+
+module OAuth::RequestProxy
+  class ActionControllerRequest < OAuth::RequestProxy::Base
+    proxies ActionController::AbstractRequest
+
+    def method
+      request.method.to_s.upcase
+    end
+
+    def uri
+      uri = URI.parse(request.protocol + request.host + request.port_string + request.path)
+      uri.query = nil
+      uri.to_s
+    end
+
+    def parameters
+      if options[:clobber_request]
+        options[:parameters] || {}
+      else
+        params = request_params.merge(query_params).merge(header_params)
+        params.stringify_keys! if params.respond_to?(:stringify_keys!)
+        params.merge(options[:parameters] || {})
+      end
+    end
+
+    protected
+
+    def header_params
+      %w( X-HTTP_AUTHORIZATION Authorization HTTP_AUTHORIZATION ).each do |header|
+        next unless request.env.include?(header)
+
+        header = request.env[header]
+        next unless header[0,6] == 'OAuth '
+
+        oauth_param_string = header[6,header.length].split(/[,=]/)
+        oauth_param_string.map! { |v| unescape(v.strip) }
+        oauth_param_string.map! { |v| v =~ /^\".*\"$/ ? v[1..-2] : v }
+        oauth_params = Hash[*oauth_param_string.flatten]
+        oauth_params.reject! { |k,v| k !~ /^oauth_/ }
+
+        return oauth_params
+      end
+
+      return {}
+    end
+
+    def query_params
+      request.query_parameters
+    end
+
+    def request_params
+      request.request_parameters
+    end
+
+    def unescape(value)
+      URI.unescape(value.gsub('+', '%2B'))
+    end
+
+  end
+end

data/lib/oauth/request_proxy/base.rb

@@ -0,0 +1,50 @@
+require 'oauth/request_proxy'
+
+module OAuth::RequestProxy
+  class Base
+    def self.proxies(klass)
+      OAuth::RequestProxy.available_proxies[klass] = self
+    end
+
+    attr_accessor :request, :options
+
+    def initialize(request, options = {})
+      @request = request
+      @options = options
+    end
+
+    def token
+      parameters['oauth_token']
+    end
+
+    def consumer_key
+      parameters['oauth_consumer_key']
+    end
+
+    def parameters_for_signature
+      p = parameters.dup
+      p.delete("oauth_signature")
+      p
+    end
+
+    def nonce
+      parameters['oauth_nonce']
+    end
+
+    def timestamp
+      parameters['oauth_timestamp']
+    end
+
+    def signature_method
+      case parameters['oauth_signature_method']
+      when Array: parameters['oauth_signature_method'].first
+      else
+        parameters['oauth_signature_method']
+      end
+    end
+
+    def signature
+      parameters['oauth_signature'] || ""
+    end
+  end
+end

data/lib/oauth/request_proxy/net_http.rb

@@ -0,0 +1,64 @@
+require 'oauth/request_proxy/base'
+require 'net/http'
+require 'uri'
+require 'cgi'
+
+module OAuth::RequestProxy::Net
+  module HTTP
+    class HTTPRequest < OAuth::RequestProxy::Base
+      proxies ::Net::HTTPRequest
+
+      def method
+        request.method
+      end
+
+      def uri
+        uri = options[:uri]
+        uri = URI.parse(uri) unless uri.kind_of?(URI)
+        uri.query = nil
+        uri.to_s
+      end
+
+      def parameters
+        if options[:clobber_request]
+          options[:parameters]
+        else
+          all_parameters
+        end
+      end
+
+      private
+
+      def all_parameters
+        request_params = CGI.parse(query_string)
+        if options[:parameters]
+          options[:parameters].each do |k,v|
+            if request_params.has_key?(k)
+              request_params[k] << v
+            else
+              request_params[k] = [v].flatten
+            end
+          end
+        end
+        request_params
+      end
+
+      def query_string
+        [ query_params, post_params, auth_header_params ].compact.join('&')
+      end
+      
+      def query_params
+        URI.parse(request.path).query
+      end
+
+      def post_params
+        request.body
+      end
+
+      def auth_header_params
+        return nil unless request['Authorization'] && request['Authorization'][0,5] == 'OAuth'
+        auth_params = request['Authorization']
+      end
+    end
+  end
+end

data/lib/oauth/server.rb

@@ -1,7 +1,9 @@
+require 'oauth/helper'
+require 'oauth/consumer'
 module OAuth
   # This is mainly used to create consumer credentials and can pretty much be ignored if you want to create your own
   class Server
-    include OAuth::Key
+    include OAuth::Helper
     attr_accessor :base_url
     
     @@server_paths={
@@ -20,19 +22,20 @@ module OAuth
     end
     
     def generate_consumer_credentials(params={})
-      ConsumerCredentials.new( *generate_credentials)
+      Consumer.new( *generate_credentials)
     end
 
     # mainly for testing purposes
     def create_consumer
       credentials=generate_credentials
-      Consumer.new( {
-        :site=>base_url,
-        :consumer_key=>credentials[0],
-        :consumer_secret=>credentials[1],
-        :request_token_path=>request_token_path,
-        :authorize_path=>authorize_path,
-        :access_token_path=>access_token_path
+      Consumer.new( 
+        credentials[0],
+        credentials[1],
+        {
+          :site=>base_url,
+          :request_token_path=>request_token_path,
+          :authorize_path=>authorize_path,
+          :access_token_path=>access_token_path
       })
     end
         

data/lib/oauth/signature.rb

@@ -1,155 +1,28 @@
-require 'cgi'
-require 'hmac' # make sure to install: sudo gem install ruby-hmac
-require 'hmac-sha1'
-require 'hmac-md5'
-require 'hmac-sha2'
-require 'hmac-rmd160'
-
-require 'base64'
 module OAuth
-  # Much of this code has been blatantly stolen fron Blaine Cooke of Twitter and Larry Halff of ma.gnolia.com
-  # and lovingly hand modified with the utmost respect.
-  
-  # You should not need to use this directly as the request object encapsulates it in the sign and verify methods
   module Signature
-    def self.create(oauth_request,consumer_secret,token_secret=nil)
-      klass = case oauth_request.signature_method.downcase
-      when 'hmac-md5': OAuth::Signature::HashedMessageAuth::MD5
-      when 'hmac-sha1': OAuth::Signature::HashedMessageAuth::SHA1
-      when 'hmac-sha2': OAuth::Signature::HashedMessageAuth::SHA2
-      when 'hmac-rmd160': OAuth::Signature::HashedMessageAuth::RMD160
-      when 'plaintext': 
-        if oauth_request.uri.scheme=="https"
-          OAuth::Signature::PLAINTEXT
-        else
-          raise InsecureSignatureMethod
-        end
-      when 'rsa-sha1': OAuth::Signature::RSA::SHA1
-      when 'sha1': raise InsecureSignatureMethod, oauth_request.signature_method
-      when 'md5': raise InsecureSignatureMethod, oauth_request.signature_method
-      else
-        raise UnknownSignatureMethod, oauth_request.signature_method
-      end
-
-      klass.new(oauth_request,consumer_secret,token_secret)
+    def self.available_methods
+      @available_methods ||= {}
     end
 
-    class UnknownSignatureMethod < Exception; end
-
-    class InsecureSignatureMethod < Exception; end
-
-    class Base
-      include OAuth::Key
-      
-      attr_accessor :request
-
-      def initialize(request,consumer_secret,token_secret=nil)
-        @request=request
-        @consumer_secret=consumer_secret
-        @token_secret=token_secret
-      end
-    
-      def base_string
-        [@request.http_method,@request.normalized_url,@request.to_query_without_signature].collect{|p| @request.escape(p)}.join('&')
-      end
-    
-      def key
-        "#{@consumer_secret}&#{@token_secret}"
-      end
-    
-      def consumer_secret
-        @consumer_secret||=""
-      end
-
-      def token_secret
-        @token_secret||=""
-      end
-    
-      def sign
-        Base64.encode64(digest).chomp
-      end
-    
-      def sign!
-        @request.signature=sign
-      end
-    
-      def verify?
-        return false unless @request.signed?
-        @request.signature==sign
-      end
-      
-      protected
-      
-      def digest
-        digest_class.digest(base_string)
-      end
+    def self.build(request, options = {}, &block)
+      request = OAuth::RequestProxy.proxy(request, options)
+      klass = available_methods[(request.signature_method || "").downcase]
+      raise UnknownSignatureMethod, request.signature_method unless klass
+      klass.new(request, options, &block)
     end
-    
-    class PLAINTEXT < Base
-
-      def sign
-        base_string
-      end
-
-      def base_string
-        "#{escape(consumer_secret)}&#{escape(token_secret)}"
-      end
-
-      private
 
-      def digest; signature_base_string; end
+    def self.sign(request, options = {}, &block)
+      self.build(request, options, &block).signature
     end
-    
-    module HashedMessageAuth
-      class Base < OAuth::Signature::Base
 
-        private
-
-        def digest
-          hmac_class.digest(secret, base_string)
-        end
-
-        def secret
-          "#{escape(consumer_secret)}&#{escape(token_secret)}"
-        end
-      end
-
-      class MD5 < Base
-        private
-        def hmac_class; HMAC::MD5; end
-      end
-
-      class RMD160 < Base
-        private
-        def hmac_class; HMAC::RMD160; end
-      end
-
-      class SHA1 < Base
-        private
-        def hmac_class; HMAC::SHA1; end
-      end
-
-      class SHA2 < Base
-        private
-        def hmac_class; HMAC::SHA1; end
-      end
+    def self.verify(request, options = {}, &block)
+      self.build(request, options, &block).verify
     end
 
-    module RSA
-      class SHA1 < OAuth::Signature::Base
-        def ==(cmp_signature)
-          public_key = OpenSSL::PKey::RSA.new(consumer_secret)
-          public_key.verify(OpenSSL::Digest::SHA1.new, cmp_signature, base_string)
-        end
-
-        private
-
-        def digest
-          private_key = OpenSSL::PKey::RSA.new(consumer_secret)
-          private_key.sign(OpenSSL::Digest::SHA1.new, base_string)
-        end
-      end
+    def self.signature_base_string(request, options = {}, &block)
+      self.build(request, options, &block).signature_base_string
     end
-    
+
+    class UnknownSignatureMethod < Exception; end
   end
 end

data/lib/oauth/signature/base.rb

@@ -0,0 +1,69 @@
+require 'oauth/signature'
+require 'oauth/helper'
+require 'oauth/request_proxy/base'
+require 'base64'
+
+module OAuth::Signature
+  class Base
+    include OAuth::Helper
+    
+    def self.implements(signature_method)
+      OAuth::Signature.available_methods[signature_method] = self
+    end
+
+    def self.digest_class(digest_class = nil)
+      return @digest_class if digest_class.nil?
+      @digest_class = digest_class
+    end
+
+    attr_reader :token_secret, :consumer_secret, :request
+
+    def initialize(request, options = {}, &block)
+      raise TypeError unless request.kind_of?(OAuth::RequestProxy::Base)
+      @request = request
+      if block_given?
+        @token_secret, @consumer_secret = yield block.arity == 1 ? token : [token, consumer_key]
+      else
+        @consumer_secret = options[:consumer].secret
+        @token_secret = options[:token] ? options[:token].secret : ''
+      end
+    end
+
+    def signature
+      Base64.encode64(digest).chomp
+    end
+
+    def ==(cmp_signature)
+      Base64.decode64(signature) == Base64.decode64(cmp_signature)
+    end
+
+    def verify
+      self == self.request.signature
+    end
+
+    def signature_base_string
+      normalized_params = request.parameters_for_signature.sort.map { |k,v| [escape(k), escape(v)] * "=" }.join("&")
+      base = [request.method, request.uri, normalized_params]
+      sbs = base.map { |v| escape(v) }.join("&")
+    end
+
+    private
+
+    def token
+      request.token
+    end
+    
+    def consumer_key
+      request.consumer_key
+    end
+
+    def secret
+      "#{escape(consumer_secret)}&#{escape(token_secret)}"
+    end
+
+    def digest
+      self.class.digest_class.digest(signature_base_string)
+    end
+
+  end
+end