oauth 0.5.1 → 0.5.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 4e52bba31bed6b4a6bb18b934ce067a3e5a5f9c0
-  data.tar.gz: 0c64d7eec3f2ff1e1d257b9762b93fe30512032b
+SHA256:
+  metadata.gz: 9bd785e08f2a318da373f07b79fe6583ed3e8c26bcc92c5e1513ee615ea0f037
+  data.tar.gz: 3e9f81feb37166f4fec398d20e8b4de882b6e1e2304f893c033b920ab737616a
 SHA512:
-  metadata.gz: ab1329b4b6a666b9eb80b46337727beeb1b2825f3358fc9647e5dda57c3a1c3fe2f6e9a427f8672dca7ae36d11b6aabb6278891f56b6a13ff4fa2f26aee3d023
-  data.tar.gz: 2c871f1404d9c02457ac3a08becf5a6e8e56c9e68f3a15b3bfbd9841a23a9f7d6ce2d808a921f68ffb51454861e990305998c430c3c197b2233e5fd17cc4d65d
+  metadata.gz: 6bc060045ecb7ca1c47263f4bab7fde62c3a173ccf7ea6e1dacc5ac4e814ecea88e4b2f594f6bd2a7d80f9393e1295b1a5cbc85f3eb74c35cbb348da6f32cfe6
+  data.tar.gz: c96c9abd68f71cca8d33db21e3d68f1c7fe98898dba924fd440bf882280d99d39beb7a0751be913bb0f18872875ca8098792733f1717ff8d127156a99a69f039

data/README.rdoc

@@ -1,5 +1,11 @@
 = Ruby OAuth
 
+== Status
+
+{<img src="https://travis-ci.org/oauth-xx/oauth-ruby.svg?branch=master" alt="Build Status" />}[https://travis-ci.com/github/oauth-xx/oauth-ruby]
+
+
+
 == What
 
 This is a RubyGem for implementing both OAuth clients and servers in Ruby applications.
@@ -16,31 +22,38 @@ The source code is now hosted on the OAuth GitHub Project http://github.com/oaut
 
 This is a ruby library which is intended to be used in creating Ruby Consumer and Service Provider applications. It is NOT a Rails plugin, but could easily be used for the foundation for such a Rails plugin.
 
-As a matter of fact it has been pulled out from an OAuth Rails Plugin http://code.google.com/p/oauth-plugin/ which now requires this GEM.
+As a matter of fact it has been pulled out from an OAuth Rails GEM (https://rubygems.org/gems/oauth-plugin https://github.com/pelle/oauth-plugin) which now uses this gem as a dependency.
 
 == Demonstration of usage
 
 We need to specify the oauth_callback url explicitly, otherwise it defaults to "oob" (Out of Band)
 
-  @callback_url = "http://127.0.0.1:3000/oauth/callback"
+  callback_url = "http://127.0.0.1:3000/oauth/callback"
 
-Create a new consumer instance by passing it a configuration hash:
+Create a new `OAuth::Consumer` instance by passing it a configuration hash:
 
-  @consumer = OAuth::Consumer.new("key","secret", :site => "https://agree2")
+  oauth_consumer = OAuth::Consumer.new("key", "secret", :site => "https://agree2")
 
 Start the process by requesting a token
 
-  @request_token = @consumer.get_request_token(:oauth_callback => @callback_url)
-  session[:request_token] = @request_token
-  redirect_to @request_token.authorize_url(:oauth_callback => @callback_url)
+  request_token = oauth_consumer.get_request_token(:oauth_callback => callback_url)
+
+  session[:token] = request_token.token
+  session[:token_secret] = request_token.secret
+  redirect_to request_token.authorize_url(:oauth_callback => callback_url)
 
 When user returns create an access_token
 
-  @access_token = @request_token.get_access_token
-  @photos = @access_token.get('/photos.xml')
+  hash = { oauth_token: session[:token], oauth_token_secret: session[:token_secret]}
+  request_token  = OAuth::RequestToken.from_hash(oauth_consumer, hash)
+  access_token = request_token.get_access_token
+  # For 3-legged authorization, flow oauth_verifier is passed as param in callback
+  # access_token = request_token.get_access_token(oauth_verifier: params[:oauth_verifier])
+  @photos = access_token.get('/photos.xml')
 
 Now that you have an access token, you can use Typhoeus to interact with the OAuth provider if you choose.
 
+  require 'typhoeus'
   require 'oauth/request_proxy/typhoeus_request'
   oauth_params = {:consumer => oauth_consumer, :token => access_token}
   hydra = Typhoeus::Hydra.new

data/bin/oauth

@@ -1,5 +1,11 @@
 #!/usr/bin/env ruby
 
-require "oauth/cli"
+require_relative "../lib/oauth"
+require 'oauth/cli'
 
-OAuth::CLI.execute(STDOUT, STDIN, STDERR, ARGV)
+Signal.trap("INT") { puts; exit(1) } # don't dump a backtrace on a ^C
+
+ARGV << 'help' if ARGV.empty?
+command = ARGV.shift
+
+OAuth::CLI.new(STDOUT, STDIN, STDERR, command, ARGV).run

data/lib/oauth.rb

@@ -1,11 +1,12 @@
-$LOAD_PATH << File.dirname(__FILE__) unless $LOAD_PATH.include?(File.dirname(__FILE__))
+root = File.dirname(__FILE__)
+$LOAD_PATH << root unless $LOAD_PATH.include?(root)
 
 require 'oauth/version'
 
 require 'oauth/oauth'
-require 'oauth/core_ext'
 
 require 'oauth/client/helper'
 require 'oauth/signature/hmac/sha1'
+require 'oauth/signature/hmac/sha256'
 require 'oauth/signature/rsa/sha1'
 require 'oauth/request_proxy/mock_request'

data/lib/oauth/cli.rb

@@ -1,378 +1,56 @@
 require 'optparse'
-require 'oauth'
+require 'oauth/cli/base_command'
+require 'oauth/cli/help_command'
+require 'oauth/cli/query_command'
+require 'oauth/cli/authorize_command'
+require 'oauth/cli/sign_command'
+require 'oauth/cli/version_command'
+require 'active_support/core_ext/string/inflections'
 
 module OAuth
   class CLI
-    SUPPORTED_COMMANDS = {
-      "authorize" => "Obtain an access token and secret for a user",
-      "debug"     => "Verbosely generate an OAuth signature",
-      "query"     => "Query a protected resource",
-      "sign"      => "Generate an OAuth signature",
-      "version"   => "Display the current version of the library"
-    }
-
-    attr_reader :command
-    attr_reader :options
-    attr_reader :stdout, :stdin
-
-    def self.execute(stdout, stdin, stderr, arguments = [])
-      self.new.execute(stdout, stdin, stderr, arguments)
-    end
-
-    def initialize
-      @options = {}
-
-      # don't dump a backtrace on a ^C
-      trap(:INT) {
-        exit
-      }
-    end
-
-    def execute(stdout, stdin, stderr, arguments = [])
-      @stdout = stdout
-      @stdin  = stdin
-      @stderr = stderr
-      extract_command_and_parse_options(arguments)
-
-      if sufficient_options? && valid_command?
-        if command == "debug"
-          @command = "sign"
-          @options[:verbose] = true
-        end
-
-        case command
-        # TODO move command logic elsewhere
-        when "authorize"
-          begin
-            consumer = OAuth::Consumer.new \
-              options[:oauth_consumer_key],
-              options[:oauth_consumer_secret],
-              :access_token_url  => options[:access_token_url],
-              :authorize_url     => options[:authorize_url],
-              :request_token_url => options[:request_token_url],
-              :scheme            => options[:scheme],
-              :http_method       => options[:method].to_s.downcase.to_sym
-
-            # parameters for OAuth 1.0a
-            oauth_verifier = nil
-
-            # get a request token
-            request_token = consumer.get_request_token({ :oauth_callback => options[:oauth_callback] }, options[:scope] ? { "scope" => options[:scope] } : {})
-
-            if request_token.callback_confirmed?
-              stdout.puts "Server appears to support OAuth 1.0a; enabling support."
-              options[:version] = "1.0a"
-            end
-
-            stdout.puts "Please visit this url to authorize:"
-            stdout.puts request_token.authorize_url
-
-            if options[:version] == "1.0a"
-              stdout.puts "Please enter the verification code provided by the SP (oauth_verifier):"
-              oauth_verifier = stdin.gets.chomp
-            else
-              stdout.puts "Press return to continue..."
-              stdin.gets
-            end
-
-            begin
-              # get an access token
-              access_token = request_token.get_access_token(:oauth_verifier => oauth_verifier)
-
-              stdout.puts "Response:"
-              access_token.params.each do |k,v|
-                stdout.puts "  #{k}: #{v}" unless k.is_a?(Symbol)
-              end
-            rescue OAuth::Unauthorized => e
-              stderr.puts "A problem occurred while attempting to obtain an access token:"
-              stderr.puts e
-              stderr.puts e.request.body
-            end
-          rescue OAuth::Unauthorized => e
-            stderr.puts "A problem occurred while attempting to authorize:"
-            stderr.puts e
-            stderr.puts e.request.body
-          end
-        when "query"
-          consumer = OAuth::Consumer.new \
-            options[:oauth_consumer_key],
-            options[:oauth_consumer_secret],
-            :scheme => options[:scheme]
-
-          access_token = OAuth::AccessToken.new(consumer, options[:oauth_token], options[:oauth_token_secret])
-
-          # append params to the URL
-          uri = URI.parse(options[:uri])
-          params = prepare_parameters.map { |k,v| v.map { |v2| "#{URI.encode(k)}=#{URI.encode(v2)}" } * "&" }
-          uri.query = [uri.query, *params].reject { |x| x.nil? } * "&"
-          p uri.to_s
-
-          response = access_token.request(options[:method].to_s.downcase.to_sym, uri.to_s)
-          puts "#{response.code} #{response.message}"
-          puts response.body
-        when "sign"
-          parameters = prepare_parameters
-
-          request = OAuth::RequestProxy.proxy \
-             "method"     => options[:method],
-             "uri"        => options[:uri],
-             "parameters" => parameters
-
-          if verbose?
-            stdout.puts "OAuth parameters:"
-            request.oauth_parameters.each do |k,v|
-              stdout.puts "  " + [k, v] * ": "
-            end
-            stdout.puts
-
-            if request.non_oauth_parameters.any?
-              stdout.puts "Parameters:"
-              request.non_oauth_parameters.each do |k,v|
-                stdout.puts "  " + [k, v] * ": "
-              end
-              stdout.puts
-            end
-          end
-
-          request.sign! \
-            :consumer_secret => options[:oauth_consumer_secret],
-            :token_secret    => options[:oauth_token_secret]
-
-          if verbose?
-            stdout.puts "Method: #{request.method}"
-            stdout.puts "URI: #{request.uri}"
-            stdout.puts "Normalized params: #{request.normalized_parameters}" unless options[:xmpp]
-            stdout.puts "Signature base string: #{request.signature_base_string}"
-
-            if options[:xmpp]
-              stdout.puts
-              stdout.puts "XMPP Stanza:"
-              stdout.puts <<-EOS
-  <oauth xmlns='urn:xmpp:oauth:0'>
-    <oauth_consumer_key>#{request.oauth_consumer_key}</oauth_consumer_key>
-    <oauth_token>#{request.oauth_token}</oauth_token>
-    <oauth_signature_method>#{request.oauth_signature_method}</oauth_signature_method>
-    <oauth_signature>#{request.oauth_signature}</oauth_signature>
-    <oauth_timestamp>#{request.oauth_timestamp}</oauth_timestamp>
-    <oauth_nonce>#{request.oauth_nonce}</oauth_nonce>
-    <oauth_version>#{request.oauth_version}</oauth_version>
-  </oauth>
-              EOS
-              stdout.puts
-              stdout.puts "Note: You may want to use bare JIDs in your URI."
-              stdout.puts
-            else
-              stdout.puts "OAuth Request URI: #{request.signed_uri}"
-              stdout.puts "Request URI: #{request.signed_uri(false)}"
-              stdout.puts "Authorization header: #{request.oauth_header(:realm => options[:realm])}"
-            end
-            stdout.puts "Signature:         #{request.oauth_signature}"
-            stdout.puts "Escaped signature: #{OAuth::Helper.escape(request.oauth_signature)}"
-          else
-            stdout.puts request.oauth_signature
-          end
-        when "version"
-          puts "OAuth for Ruby #{OAuth::VERSION}"
-        end
-      else
-        usage
-      end
+    def self.puts_red(string)
+      puts "\033[0;91m#{string}\033[0m"
     end
 
-  protected
-
-    def extract_command_and_parse_options(arguments)
-      @command = arguments[-1]
-      parse_options(arguments[0..-1])
-    end
-
-    def option_parser(arguments = "")
-      # TODO add realm parameter
-      # TODO add user-agent parameter
-      option_parser = OptionParser.new do |opts|
-        opts.banner = "Usage: #{$0} [options] <command>"
-
-        # defaults
-        options[:oauth_nonce] = OAuth::Helper.generate_key
-        options[:oauth_signature_method] = "HMAC-SHA1"
-        options[:oauth_timestamp] = OAuth::Helper.generate_timestamp
-        options[:oauth_version] = "1.0"
-        options[:method] = :post
-        options[:params] = []
-        options[:scheme] = :header
-        options[:version] = "1.0"
-
-        ## Common Options
-
-        opts.on("-B", "--body", "Use the request body for OAuth parameters.") do
-          options[:scheme] = :body
-        end
-
-        opts.on("--consumer-key KEY", "Specifies the consumer key to use.") do |v|
-          options[:oauth_consumer_key] = v
-        end
-
-        opts.on("--consumer-secret SECRET", "Specifies the consumer secret to use.") do |v|
-          options[:oauth_consumer_secret] = v
-        end
-
-        opts.on("-H", "--header", "Use the 'Authorization' header for OAuth parameters (default).") do
-          options[:scheme] = :header
-        end
-
-        opts.on("-Q", "--query-string", "Use the query string for OAuth parameters.") do
-          options[:scheme] = :query_string
-        end
-
-        opts.on("-O", "--options FILE", "Read options from a file") do |v|
-          arguments.unshift(*open(v).readlines.map { |l| l.chomp.split(" ") }.flatten)
-        end
-
-        ## Options for signing and making requests
-
-        opts.separator("\n  options for signing and querying")
-
-        opts.on("--method METHOD", "Specifies the method (e.g. GET) to use when signing.") do |v|
-          options[:method] = v
-        end
-
-        opts.on("--nonce NONCE", "Specifies the none to use.") do |v|
-          options[:oauth_nonce] = v
-        end
-
-        opts.on("--parameters PARAMS", "Specifies the parameters to use when signing.") do |v|
-          options[:params] << v
-        end
-
-        opts.on("--signature-method METHOD", "Specifies the signature method to use; defaults to HMAC-SHA1.") do |v|
-          options[:oauth_signature_method] = v
-        end
-
-        opts.on("--secret SECRET", "Specifies the token secret to use.") do |v|
-          options[:oauth_token_secret] = v
-        end
-
-        opts.on("--timestamp TIMESTAMP", "Specifies the timestamp to use.") do |v|
-          options[:oauth_timestamp] = v
-        end
-
-        opts.on("--token TOKEN", "Specifies the token to use.") do |v|
-          options[:oauth_token] = v
-        end
-
-        opts.on("--realm REALM", "Specifies the realm to use.") do |v|
-          options[:realm] = v
-        end
-
-        opts.on("--uri URI", "Specifies the URI to use when signing.") do |v|
-          options[:uri] = v
-        end
-
-        opts.on("--version [VERSION]", "Specifies the OAuth version to use.") do |v|
-          if v
-            options[:oauth_version] = v
-          else
-            @command = "version"
-          end
-        end
-
-        opts.on("--no-version", "Omit oauth_version.") do
-          options[:oauth_version] = nil
-        end
-
-        opts.on("--xmpp", "Generate XMPP stanzas.") do
-          options[:xmpp] = true
-          options[:method] ||= "iq"
-        end
-
-        opts.on("-v", "--verbose", "Be verbose.") do
-          options[:verbose] = true
-        end
-
-        ## Options for authorization
-
-        opts.separator("\n  options for authorization")
-
-        opts.on("--access-token-url URL", "Specifies the access token URL.") do |v|
-          options[:access_token_url] = v
-        end
-
-        opts.on("--authorize-url URL", "Specifies the authorization URL.") do |v|
-          options[:authorize_url] = v
-        end
-
-        opts.on("--callback-url URL", "Specifies a callback URL.") do |v|
-          options[:oauth_callback] = v
-        end
-
-        opts.on("--request-token-url URL", "Specifies the request token URL.") do |v|
-          options[:request_token_url] = v
-        end
+    ALIASES = {
+      'h' => 'help',
+      'v' => 'version',
+      'q' => 'query',
+      'a' => 'authorize',
+      's' => 'sign',
+    }
 
-        opts.on("--scope SCOPE", "Specifies the scope (Google-specific).") do |v|
-          options[:scope] = v
-        end
-      end
+    def initialize(stdout, stdin, stderr, command, arguments)
+      klass = get_command_class(parse_command(command))
+      @command = klass.new(stdout, stdin, stderr, arguments)
+      @help_command = HelpCommand.new(stdout, stdin, stderr, [])
     end
 
-    def parse_options(arguments)
-      option_parser(arguments).parse!(arguments)
+    def run
+      @command.run
     end
 
-    def prepare_parameters
-      escaped_pairs = options[:params].collect do |pair|
-        if pair =~ /:/
-          Hash[*pair.split(":", 2)].collect do |k,v|
-            [CGI.escape(k.strip), CGI.escape(v.strip)] * "="
-          end
-        else
-          pair
-        end
-      end
+    private
 
-      querystring = escaped_pairs * "&"
-      cli_params = CGI.parse(querystring)
-
-      {
-        "oauth_consumer_key"     => options[:oauth_consumer_key],
-        "oauth_nonce"            => options[:oauth_nonce],
-        "oauth_timestamp"        => options[:oauth_timestamp],
-        "oauth_token"            => options[:oauth_token],
-        "oauth_signature_method" => options[:oauth_signature_method],
-        "oauth_version"          => options[:oauth_version]
-      }.reject { |k,v| v.nil? || v == "" }.merge(cli_params)
+    def get_command_class(command)
+      Object.const_get("OAuth::CLI::#{command.camelize}Command")
     end
 
-    def sufficient_options?
-      case command
-      # TODO move command logic elsewhere
-      when "authorize"
-        options[:oauth_consumer_key] && options[:oauth_consumer_secret] &&
-          options[:access_token_url] && options[:authorize_url] &&
-          options[:request_token_url]
-      when "version"
-        true
+    def parse_command(command)
+      case command = command.to_s.downcase
+      when '--version', '-v'
+        'version'
+      when '--help', '-h', nil, ''
+        'help'
+      when *ALIASES.keys
+        ALIASES[command]
+      when *ALIASES.values
+        command
       else
-        options[:oauth_consumer_key] && options[:oauth_consumer_secret] &&
-          options[:method] && options[:uri]
-      end
-    end
-
-    def usage
-      stdout.puts option_parser.help
-      stdout.puts
-      stdout.puts "Available commands:"
-      SUPPORTED_COMMANDS.each do |command, desc|
-        puts "   #{command.ljust(15)}#{desc}"
+        OAuth::CLI.puts_red "Command '#{command}' not found"
+        'help'
       end
     end
-
-    def valid_command?
-      SUPPORTED_COMMANDS.keys.include?(command)
-    end
-
-    def verbose?
-      options[:verbose]
-    end
   end
 end