oauth 0.4.7 → 0.5.5

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 56561f5f687d933f2683b93c5d7a426c3202da9b6659cc69d8ef43c36766bb9b
+  data.tar.gz: 71d7d2890d9b2261b85752ba2844eb96d7538a5121b9b72bcef3d00347e91bcf
+SHA512:
+  metadata.gz: 4bbb7ec6242a2fdeadcae61c5279d42e00d9b29318511b80ea5a0215b8cdfba15c10be2ef0abb74bb21038acff22e27ef59125a8148ab28817f79d89b792707d
+  data.tar.gz: 3ad73ee2f52bf3507b274e923fe2352f7e5cda860e8765a9b062f33abfbc61909e5ff15ced0ce7d5aa66489f002f056f2fbb720f70b179c6eb729c52b7ce76e1

data/README.rdoc

@@ -1,5 +1,11 @@
 = Ruby OAuth
 
+== Status
+
+{<img src="https://travis-ci.org/oauth-xx/oauth-ruby.svg?branch=master" alt="Build Status" />}[https://travis-ci.org/oauth-xx/oauth-ruby]
+
+
+
 == What
 
 This is a RubyGem for implementing both OAuth clients and servers in Ruby applications.
@@ -10,43 +16,50 @@ See the OAuth specs http://oauth.net/core/1.0/
 
   sudo gem install oauth
 
-The source code is now hosted on the OAuth GitHub Project http://github.com/oauth/oauth-ruby
+The source code is now hosted on the OAuth GitHub Project http://github.com/oauth-xx/oauth-ruby
 
 == The basics
 
 This is a ruby library which is intended to be used in creating Ruby Consumer and Service Provider applications. It is NOT a Rails plugin, but could easily be used for the foundation for such a Rails plugin.
 
-As a matter of fact it has been pulled out from an OAuth Rails Plugin http://code.google.com/p/oauth-plugin/ which now requires this GEM.
+As a matter of fact it has been pulled out from an OAuth Rails GEM (https://rubygems.org/gems/oauth-plugin https://github.com/pelle/oauth-plugin) which now uses this gem as a dependency.
 
 == Demonstration of usage
 
 We need to specify the oauth_callback url explicitly, otherwise it defaults to "oob" (Out of Band)
 
-  @callback_url = "http://127.0.0.1:3000/oauth/callback"
+  callback_url = "http://127.0.0.1:3000/oauth/callback"
 
-Create a new consumer instance by passing it a configuration hash:
+Create a new `OAuth::Consumer` instance by passing it a configuration hash:
 
-  @consumer = OAuth::Consumer.new("key","secret", :site => "https://agree2")
+  oauth_consumer = OAuth::Consumer.new("key", "secret", :site => "https://agree2")
 
 Start the process by requesting a token
 
-  @request_token = @consumer.get_request_token(:oauth_callback => @callback_url)
-  session[:request_token] = @request_token
-  redirect_to @request_token.authorize_url(:oauth_callback => @callback_url)
+  request_token = oauth_consumer.get_request_token(:oauth_callback => callback_url)
+
+  session[:token] = request_token.token
+  session[:token_secret] = request_token.secret
+  redirect_to request_token.authorize_url(:oauth_callback => callback_url)
 
 When user returns create an access_token
 
-  @access_token = @request_token.get_access_token
-  @photos = @access_token.get('/photos.xml')
+  hash = { oauth_token: session[:token], oauth_token_secret: session[:token_secret]}
+  request_token  = OAuth::RequestToken.from_hash(oauth_consumer, hash)
+  access_token = request_token.get_access_token
+  # For 3-legged authorization, flow oauth_verifier is passed as param in callback
+  # access_token = request_token.get_access_token(oauth_verifier: params[:oauth_verifier]) 
+  @photos = access_token.get('/photos.xml')
 
 Now that you have an access token, you can use Typhoeus to interact with the OAuth provider if you choose.
 
+  require 'typhoeus'
   require 'oauth/request_proxy/typhoeus_request'
   oauth_params = {:consumer => oauth_consumer, :token => access_token}
   hydra = Typhoeus::Hydra.new
-  req = Typhoeus::Request.new(uri, options) 
+  req = Typhoeus::Request.new(uri, options) # :method needs to be specified in options
   oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
-  req.headers.merge!({"Authorization" => oauth_helper.header}) # Signs the request
+  req.options[:headers].merge!({"Authorization" => oauth_helper.header}) # Signs the request
   hydra.queue(req)
   hydra.run
   @response = req.response
@@ -54,22 +67,22 @@ Now that you have an access token, you can use Typhoeus to interact with the OAu
 
 == More Information
 
-* RDoc: http://rdoc.info/projects/oauth/oauth-ruby/
+* RDoc: http://rdoc.info/github/oauth-xx/oauth-ruby/master/frames
 * Mailing List/Google Group: http://groups.google.com/group/oauth-ruby
 
 == How to submit patches
 
-The source code is now hosted on the OAuth GitHub Project http://github.com/oauth/oauth-ruby
+The source code is now hosted on the OAuth GitHub Project http://github.com/oauth-xx/oauth-ruby
 
 To submit a patch, please fork the oauth project and create a patch with tests. Once you're happy with it send a pull request and post a message to the google group.
 
 == License
 
-This code is free to use under the terms of the MIT license. 
+This code is free to use under the terms of the MIT license.
 
 == Contact
 
-OAuth Ruby has been created and maintained by a large number of talented individuals. 
+OAuth Ruby has been created and maintained by a large number of talented individuals.
 The current maintainer is Aaron Quint (quirkey).
 
-Comments are welcome. Send an email to via the OAuth Ruby mailing list http://groups.google.com/group/oauth-ruby
+Comments are welcome. Send an email to via the OAuth Ruby mailing list http://groups.google.com/group/oauth-ruby

data/bin/oauth

@@ -1,5 +1,11 @@
 #!/usr/bin/env ruby
 
-require "oauth/cli"
+require_relative "../lib/oauth"
+require 'oauth/cli'
 
-OAuth::CLI.execute(STDOUT, STDIN, STDERR, ARGV)
+Signal.trap("INT") { puts; exit(1) } # don't dump a backtrace on a ^C
+
+ARGV << 'help' if ARGV.empty?
+command = ARGV.shift
+
+OAuth::CLI.new(STDOUT, STDIN, STDERR, command, ARGV).run

data/lib/oauth/cli/authorize_command.rb

@@ -0,0 +1,71 @@
+class OAuth::CLI
+  class AuthorizeCommand < BaseCommand
+
+    def required_options
+      [:uri]
+    end
+
+    def _run
+      request_token = get_request_token
+
+      if request_token.callback_confirmed?
+        puts "Server appears to support OAuth 1.0a; enabling support."
+        options[:version] = "1.0a"
+      end
+
+      puts "Please visit this url to authorize:"
+      puts request_token.authorize_url
+
+      # parameters for OAuth 1.0a
+      oauth_verifier = ask_user_for_verifier
+
+      verbosely_get_access_token(request_token, oauth_verifier)
+    end
+
+    def get_request_token
+      consumer = get_consumer
+      scope_options = options[:scope] ? { "scope" => options[:scope] } : {}
+      consumer.get_request_token({ :oauth_callback => options[:oauth_callback] }, scope_options)
+    rescue OAuth::Unauthorized => e
+      alert "A problem occurred while attempting to authorize:"
+      alert e
+      alert e.request.body
+    end
+
+    def get_consumer
+      OAuth::Consumer.new \
+        options[:oauth_consumer_key],
+        options[:oauth_consumer_secret],
+        :access_token_url  => options[:access_token_url],
+        :authorize_url     => options[:authorize_url],
+        :request_token_url => options[:request_token_url],
+        :scheme            => options[:scheme],
+        :http_method       => options[:method].to_s.downcase.to_sym
+    end
+
+
+    def ask_user_for_verifier
+      if options[:version] == "1.0a"
+        puts "Please enter the verification code provided by the SP (oauth_verifier):"
+        @stdin.gets.chomp
+      else
+        puts "Press return to continue..."
+        @stdin.gets
+        nil
+      end
+    end
+
+    def verbosely_get_access_token(request_token, oauth_verifier)
+      access_token = request_token.get_access_token(:oauth_verifier => oauth_verifier)
+
+      puts "Response:"
+      access_token.params.each do |k,v|
+        puts "  #{k}: #{v}" unless k.is_a?(Symbol)
+      end
+    rescue OAuth::Unauthorized => e
+      alert "A problem occurred while attempting to obtain an access token:"
+      alert e
+      alert e.request.body
+    end
+  end
+end

data/lib/oauth/cli/base_command.rb

@@ -0,0 +1,208 @@
+class OAuth::CLI
+  class BaseCommand
+    def initialize(stdout, stdin, stderr, arguments)
+      @stdout, @stdin, @stderr = stdout, stdin, stderr
+
+      @options = {}
+      option_parser.parse!(arguments)
+    end
+
+    def run
+      missing = required_options - options.keys
+      if missing.empty?
+        _run
+      else
+        show_missing(missing)
+        puts option_parser.help
+      end
+    end
+
+    def required_options
+      []
+    end
+
+    protected
+
+    attr_reader :options
+
+    def show_missing(array)
+      array = array.map { |s| "--#{s}" }.join(' ')
+      OAuth::CLI.puts_red "Options missing to OAuth CLI: #{array}"
+    end
+
+    def xmpp?
+      options[:xmpp]
+    end
+
+    def verbose?
+      options[:verbose]
+    end
+
+    def puts(string=nil)
+      @stdout.puts(string)
+    end
+
+    def alert(string=nil)
+      @stderr.puts(string)
+    end
+
+    def parameters
+      @parameters ||= begin
+        escaped_pairs = options[:params].collect do |pair|
+          if pair =~ /:/
+            Hash[*pair.split(":", 2)].collect do |k,v|
+              [CGI.escape(k.strip), CGI.escape(v.strip)] * "="
+            end
+          else
+            pair
+          end
+        end
+
+        querystring = escaped_pairs * "&"
+        cli_params = CGI.parse(querystring)
+
+        {
+          "oauth_consumer_key"     => options[:oauth_consumer_key],
+          "oauth_nonce"            => options[:oauth_nonce],
+          "oauth_timestamp"        => options[:oauth_timestamp],
+          "oauth_token"            => options[:oauth_token],
+          "oauth_signature_method" => options[:oauth_signature_method],
+          "oauth_version"          => options[:oauth_version]
+        }.reject { |_k,v| v.nil? || v == "" }.merge(cli_params)
+      end
+    end
+
+    def option_parser
+      @option_parser ||= OptionParser.new do |opts|
+        opts.banner = "Usage: oauth <command> [ARGS]"
+
+        _option_parser_defaults
+        _option_parser_common(opts)
+        _option_parser_sign_and_query(opts)
+        _option_parser_authorization(opts)
+      end
+    end
+
+    def _option_parser_defaults
+      options[:oauth_nonce] = OAuth::Helper.generate_key
+      options[:oauth_signature_method] = "HMAC-SHA1"
+      options[:oauth_timestamp] = OAuth::Helper.generate_timestamp
+      options[:oauth_version] = "1.0"
+      options[:method] = :post
+      options[:params] = []
+      options[:scheme] = :header
+      options[:version] = "1.0"
+    end
+
+    def _option_parser_common(opts)
+      ## Common Options
+
+      opts.on("-B", "--body", "Use the request body for OAuth parameters.") do
+        options[:scheme] = :body
+      end
+
+      opts.on("--consumer-key KEY", "Specifies the consumer key to use.") do |v|
+        options[:oauth_consumer_key] = v
+      end
+
+      opts.on("--consumer-secret SECRET", "Specifies the consumer secret to use.") do |v|
+        options[:oauth_consumer_secret] = v
+      end
+
+      opts.on("-H", "--header", "Use the 'Authorization' header for OAuth parameters (default).") do
+        options[:scheme] = :header
+      end
+
+      opts.on("-Q", "--query-string", "Use the query string for OAuth parameters.") do
+        options[:scheme] = :query_string
+      end
+
+      opts.on("-O", "--options FILE", "Read options from a file") do |v|
+        arguments = open(v).readlines.map { |l| l.chomp.split(" ") }.flatten
+        options2 = parse_options(arguments)
+        options.merge!(options2)
+      end
+    end
+
+    def _option_parser_sign_and_query(opts)
+      opts.separator("\n  options for signing and querying")
+
+      opts.on("--method METHOD", "Specifies the method (e.g. GET) to use when signing.") do |v|
+        options[:method] = v
+      end
+
+      opts.on("--nonce NONCE", "Specifies the nonce to use.") do |v|
+        options[:oauth_nonce] = v
+      end
+
+      opts.on("--parameters PARAMS", "Specifies the parameters to use when signing.") do |v|
+        options[:params] << v
+      end
+
+      opts.on("--signature-method METHOD", "Specifies the signature method to use; defaults to HMAC-SHA1.") do |v|
+        options[:oauth_signature_method] = v
+      end
+
+      opts.on("--token TOKEN", "Specifies the token to use.") do |v|
+        options[:oauth_token] = v
+      end
+
+      opts.on("--secret SECRET", "Specifies the token secret to use.") do |v|
+        options[:oauth_token_secret] = v
+      end
+
+      opts.on("--timestamp TIMESTAMP", "Specifies the timestamp to use.") do |v|
+        options[:oauth_timestamp] = v
+      end
+
+      opts.on("--realm REALM", "Specifies the realm to use.") do |v|
+        options[:realm] = v
+      end
+
+      opts.on("--uri URI", "Specifies the URI to use when signing.") do |v|
+        options[:uri] = v
+      end
+
+      opts.on("--version [VERSION]", "Specifies the OAuth version to use.") do |v|
+        options[:oauth_version] = v
+      end
+
+      opts.on("--no-version", "Omit oauth_version.") do
+        options[:oauth_version] = nil
+      end
+
+      opts.on("--xmpp", "Generate XMPP stanzas.") do
+        options[:xmpp] = true
+        options[:method] ||= "iq"
+      end
+
+      opts.on("-v", "--verbose", "Be verbose.") do
+        options[:verbose] = true
+      end
+    end
+
+    def _option_parser_authorization(opts)
+      opts.separator("\n  options for authorization")
+
+      opts.on("--access-token-url URL", "Specifies the access token URL.") do |v|
+        options[:access_token_url] = v
+      end
+
+      opts.on("--authorize-url URL", "Specifies the authorization URL.") do |v|
+        options[:authorize_url] = v
+      end
+
+      opts.on("--callback-url URL", "Specifies a callback URL.") do |v|
+        options[:oauth_callback] = v
+      end
+
+      opts.on("--request-token-url URL", "Specifies the request token URL.") do |v|
+        options[:request_token_url] = v
+      end
+
+      opts.on("--scope SCOPE", "Specifies the scope (Google-specific).") do |v|
+        options[:scope] = v
+      end
+    end
+  end
+end

data/lib/oauth/cli/help_command.rb

@@ -0,0 +1,22 @@
+class OAuth::CLI
+  class HelpCommand < BaseCommand
+    def run
+      puts <<-EOT
+  Usage: oauth COMMAND [ARGS]
+
+  Available oauth commands are:
+    a, authorize  Obtain an access token and secret for a user
+    q, query      Query a protected resource
+    s, sign       Generate an OAuth signature
+
+  In addition to those, there are:
+    v, version    Displays the current version of the library (or --version, -v)
+    h, help       Displays this help (or --help, -h)
+
+  Tip: All commands can be run without args for specific help.
+
+
+      EOT
+    end
+  end
+end

data/lib/oauth/cli/query_command.rb

@@ -0,0 +1,25 @@
+class OAuth::CLI
+  class QueryCommand < BaseCommand
+    extend OAuth::Helper
+
+    def required_options
+      [:oauth_consumer_key, :oauth_consumer_secret, :oauth_token, :oauth_token_secret]
+    end
+
+    def _run
+      consumer = OAuth::Consumer.new(options[:oauth_consumer_key], options[:oauth_consumer_secret], scheme: options[:scheme])
+
+      access_token = OAuth::AccessToken.new(consumer, options[:oauth_token], options[:oauth_token_secret])
+
+      # append params to the URL
+      uri = URI.parse(options[:uri])
+      params = parameters.map { |k,v| Array(v).map { |v2| "#{OAuth::Helper.escape(k)}=#{OAuth::Helper.escape(v2)}" } * "&" }
+      uri.query = [uri.query, *params].reject { |x| x.nil? } * "&"
+      puts uri.to_s
+
+      response = access_token.request(options[:method].to_s.downcase.to_sym, uri.to_s)
+      puts "#{response.code} #{response.message}"
+      puts response.body
+    end
+  end
+end

data/lib/oauth/cli/sign_command.rb

@@ -0,0 +1,81 @@
+class OAuth::CLI
+  class SignCommand < BaseCommand
+
+    def required_options
+      [:oauth_consumer_key, :oauth_consumer_secret, :oauth_token, :oauth_token_secret]
+    end
+
+    def _run
+      request = OAuth::RequestProxy.proxy \
+         "method"     => options[:method],
+         "uri"        => options[:uri],
+         "parameters" => parameters
+
+      if verbose?
+        puts_verbose_parameters(request)
+      end
+
+      request.sign! \
+        :consumer_secret => options[:oauth_consumer_secret],
+        :token_secret    => options[:oauth_token_secret]
+
+      if verbose?
+        puts_verbose_request(request)
+      else
+        puts request.oauth_signature
+      end
+    end
+
+    def puts_verbose_parameters(request)
+      puts "OAuth parameters:"
+      request.oauth_parameters.each do |k,v|
+        puts "  " + [k, v] * ": "
+      end
+      puts
+
+      if request.non_oauth_parameters.any?
+        puts "Parameters:"
+        request.non_oauth_parameters.each do |k,v|
+          puts "  " + [k, v] * ": "
+        end
+        puts
+      end
+    end
+
+    def puts_verbose_request(request)
+      puts "Method: #{request.method}"
+      puts "URI: #{request.uri}"
+      puts "Normalized params: #{request.normalized_parameters}" unless options[:xmpp]
+      puts "Signature base string: #{request.signature_base_string}"
+
+      if xmpp?
+        puts
+        puts "XMPP Stanza:"
+        puts xmpp_output(request)
+        puts
+        puts "Note: You may want to use bare JIDs in your URI."
+        puts
+      else
+        puts "OAuth Request URI: #{request.signed_uri}"
+        puts "Request URI: #{request.signed_uri(false)}"
+        puts "Authorization header: #{request.oauth_header(:realm => options[:realm])}"
+      end
+      puts "Signature:         #{request.oauth_signature}"
+      puts "Escaped signature: #{OAuth::Helper.escape(request.oauth_signature)}"
+    end
+
+    def xmpp_output(request)
+      <<-EOS
+  <oauth xmlns='urn:xmpp:oauth:0'>
+    <oauth_consumer_key>#{request.oauth_consumer_key}</oauth_consumer_key>
+    <oauth_token>#{request.oauth_token}</oauth_token>
+    <oauth_signature_method>#{request.oauth_signature_method}</oauth_signature_method>
+    <oauth_signature>#{request.oauth_signature}</oauth_signature>
+    <oauth_timestamp>#{request.oauth_timestamp}</oauth_timestamp>
+    <oauth_nonce>#{request.oauth_nonce}</oauth_nonce>
+    <oauth_version>#{request.oauth_version}</oauth_version>
+  </oauth>
+      EOS
+    end
+  end
+end

data/lib/oauth/cli/version_command.rb

@@ -0,0 +1,7 @@
+class OAuth::CLI
+  class VersionCommand < BaseCommand
+    def run
+      puts "OAuth Gem #{OAuth::VERSION}"
+    end
+  end
+end