oauth 0.5.10 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +17 -2
- data/README.md +60 -55
- data/SECURITY.md +7 -9
- data/bin/oauth +8 -4
- data/lib/oauth/cli/authorize_command.rb +58 -54
- data/lib/oauth/cli/base_command.rb +163 -159
- data/lib/oauth/cli/help_command.rb +9 -5
- data/lib/oauth/cli/query_command.rb +26 -17
- data/lib/oauth/cli/sign_command.rb +58 -52
- data/lib/oauth/cli/version_command.rb +8 -4
- data/lib/oauth/cli.rb +2 -0
- data/lib/oauth/client/action_controller_request.rb +4 -1
- data/lib/oauth/client/em_http.rb +3 -1
- data/lib/oauth/client/helper.rb +76 -72
- data/lib/oauth/client/net_http.rb +111 -104
- data/lib/oauth/client.rb +2 -0
- data/lib/oauth/consumer.rb +50 -32
- data/lib/oauth/errors/error.rb +2 -0
- data/lib/oauth/errors/problem.rb +3 -0
- data/lib/oauth/errors/unauthorized.rb +4 -0
- data/lib/oauth/errors.rb +2 -0
- data/lib/oauth/helper.rb +9 -5
- data/lib/oauth/oauth.rb +4 -2
- data/lib/oauth/oauth_test_helper.rb +2 -0
- data/lib/oauth/request_proxy/base.rb +4 -4
- data/lib/oauth/request_proxy/mock_request.rb +1 -1
- data/lib/oauth/request_proxy/net_http.rb +8 -8
- data/lib/oauth/request_proxy/rest_client_request.rb +4 -3
- data/lib/oauth/request_proxy.rb +4 -1
- data/lib/oauth/server.rb +8 -4
- data/lib/oauth/signature/base.rb +73 -65
- data/lib/oauth/signature/hmac/sha1.rb +15 -9
- data/lib/oauth/signature/hmac/sha256.rb +15 -9
- data/lib/oauth/signature/plaintext.rb +18 -20
- data/lib/oauth/signature/rsa/sha1.rb +46 -38
- data/lib/oauth/signature.rb +3 -0
- data/lib/oauth/token.rb +2 -0
- data/lib/oauth/tokens/access_token.rb +2 -0
- data/lib/oauth/tokens/consumer_token.rb +2 -0
- data/lib/oauth/tokens/request_token.rb +5 -2
- data/lib/oauth/tokens/server_token.rb +2 -0
- data/lib/oauth/tokens/token.rb +2 -0
- data/lib/oauth/version.rb +5 -1
- data/lib/oauth.rb +8 -2
- metadata +45 -30
data/lib/oauth/client/helper.rb
CHANGED
@@ -1,98 +1,102 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "oauth/client"
|
2
4
|
require "oauth/consumer"
|
3
5
|
require "oauth/helper"
|
4
6
|
require "oauth/token"
|
5
7
|
require "oauth/signature/hmac/sha1"
|
6
8
|
|
7
|
-
module OAuth
|
8
|
-
|
9
|
-
|
9
|
+
module OAuth
|
10
|
+
module Client
|
11
|
+
class Helper
|
12
|
+
include OAuth::Helper
|
10
13
|
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
14
|
+
def initialize(request, options = {})
|
15
|
+
@request = request
|
16
|
+
@options = options
|
17
|
+
@options[:signature_method] ||= "HMAC-SHA1"
|
18
|
+
end
|
16
19
|
|
17
|
-
|
20
|
+
attr_reader :options
|
18
21
|
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
+
def nonce
|
23
|
+
options[:nonce] ||= generate_key
|
24
|
+
end
|
22
25
|
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
+
def timestamp
|
27
|
+
options[:timestamp] ||= generate_timestamp
|
28
|
+
end
|
26
29
|
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
30
|
+
def oauth_parameters
|
31
|
+
out = {
|
32
|
+
"oauth_body_hash" => options[:body_hash],
|
33
|
+
"oauth_callback" => options[:oauth_callback],
|
34
|
+
"oauth_consumer_key" => options[:consumer].key,
|
35
|
+
"oauth_token" => options[:token] ? options[:token].token : "",
|
36
|
+
"oauth_signature_method" => options[:signature_method],
|
37
|
+
"oauth_timestamp" => timestamp,
|
38
|
+
"oauth_nonce" => nonce,
|
39
|
+
"oauth_verifier" => options[:oauth_verifier],
|
40
|
+
"oauth_version" => (options[:oauth_version] || "1.0"),
|
41
|
+
"oauth_session_handle" => options[:oauth_session_handle]
|
42
|
+
}
|
43
|
+
allowed_empty_params = options[:allow_empty_params]
|
44
|
+
if allowed_empty_params != true && !allowed_empty_params.is_a?(Array)
|
45
|
+
allowed_empty_params = allowed_empty_params == false ? [] : [allowed_empty_params]
|
46
|
+
end
|
47
|
+
out.select! { |k, v| v.to_s != "" || allowed_empty_params == true || allowed_empty_params.include?(k) }
|
48
|
+
out
|
43
49
|
end
|
44
|
-
out.select! { |k, v| v.to_s != "" || allowed_empty_params == true || allowed_empty_params.include?(k) }
|
45
|
-
out
|
46
|
-
end
|
47
50
|
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
51
|
+
def signature(extra_options = {})
|
52
|
+
OAuth::Signature.sign(@request, { uri: options[:request_uri],
|
53
|
+
consumer: options[:consumer],
|
54
|
+
token: options[:token],
|
55
|
+
unsigned_parameters: options[:unsigned_parameters] }.merge(extra_options))
|
56
|
+
end
|
54
57
|
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
58
|
+
def signature_base_string(extra_options = {})
|
59
|
+
OAuth::Signature.signature_base_string(@request, { uri: options[:request_uri],
|
60
|
+
consumer: options[:consumer],
|
61
|
+
token: options[:token],
|
62
|
+
parameters: oauth_parameters }.merge(extra_options))
|
63
|
+
end
|
61
64
|
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
+
def token_request?
|
66
|
+
@options[:token_request].eql?(true)
|
67
|
+
end
|
65
68
|
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
+
def hash_body
|
70
|
+
@options[:body_hash] = OAuth::Signature.body_hash(@request, parameters: oauth_parameters)
|
71
|
+
end
|
69
72
|
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
73
|
+
def amend_user_agent_header(headers)
|
74
|
+
@oauth_ua_string ||= "OAuth gem v#{OAuth::Version::VERSION}"
|
75
|
+
# Net::HTTP in 1.9 appends Ruby
|
76
|
+
if headers["User-Agent"] && headers["User-Agent"] != "Ruby"
|
77
|
+
headers["User-Agent"] += " (#{@oauth_ua_string})"
|
78
|
+
else
|
79
|
+
headers["User-Agent"] = @oauth_ua_string
|
80
|
+
end
|
77
81
|
end
|
78
|
-
end
|
79
82
|
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
+
def header
|
84
|
+
parameters = oauth_parameters
|
85
|
+
parameters["oauth_signature"] = signature(options.merge(parameters: parameters))
|
83
86
|
|
84
|
-
|
87
|
+
header_params_str = parameters.sort.map { |k, v| "#{k}=\"#{escape(v)}\"" }.join(", ")
|
85
88
|
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
+
realm = "realm=\"#{options[:realm]}\", " if options[:realm]
|
90
|
+
"OAuth #{realm}#{header_params_str}"
|
91
|
+
end
|
89
92
|
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
+
def parameters
|
94
|
+
OAuth::RequestProxy.proxy(@request).parameters
|
95
|
+
end
|
93
96
|
|
94
|
-
|
95
|
-
|
97
|
+
def parameters_with_oauth
|
98
|
+
oauth_parameters.merge(parameters)
|
99
|
+
end
|
96
100
|
end
|
97
101
|
end
|
98
102
|
end
|
@@ -1,121 +1,128 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "oauth/helper"
|
2
4
|
require "oauth/request_proxy/net_http"
|
3
5
|
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
# Create a string suitable for signing for an HTTP request. This process involves parameter
|
34
|
-
# normalization as specified in the OAuth specification. The exact normalization also depends
|
35
|
-
# on the <tt>options[:scheme]</tt> being used so this must match what will be used for the request
|
36
|
-
# itself. The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
|
37
|
-
# header.
|
38
|
-
#
|
39
|
-
# * http - Configured Net::HTTP instance
|
40
|
-
# * consumer - OAuth::Consumer instance
|
41
|
-
# * token - OAuth::Token instance
|
42
|
-
# * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
|
43
|
-
# +signature_method+, +nonce+, +timestamp+)
|
44
|
-
#
|
45
|
-
# See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1],
|
46
|
-
# {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
|
47
|
-
# http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
|
48
|
-
def signature_base_string(http, consumer = nil, token = nil, options = {})
|
49
|
-
helper_options = oauth_helper_options(http, consumer, token, options)
|
50
|
-
@oauth_helper = OAuth::Client::Helper.new(self, helper_options)
|
51
|
-
@oauth_helper.hash_body if oauth_body_hash_required?
|
52
|
-
@oauth_helper.signature_base_string
|
53
|
-
end
|
6
|
+
module Net
|
7
|
+
class HTTPGenericRequest
|
8
|
+
include OAuth::Helper
|
9
|
+
|
10
|
+
attr_reader :oauth_helper
|
11
|
+
|
12
|
+
# Add the OAuth information to an HTTP request. Depending on the <tt>options[:scheme]</tt> setting
|
13
|
+
# this may add a header, additional query string parameters, or additional POST body parameters.
|
14
|
+
# The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
|
15
|
+
# header.
|
16
|
+
#
|
17
|
+
# * http - Configured Net::HTTP instance
|
18
|
+
# * consumer - OAuth::Consumer instance
|
19
|
+
# * token - OAuth::Token instance
|
20
|
+
# * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
|
21
|
+
# +signature_method+, +nonce+, +timestamp+, +body_hash+)
|
22
|
+
#
|
23
|
+
# This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
|
24
|
+
#
|
25
|
+
# See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1],
|
26
|
+
# {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
|
27
|
+
# http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
|
28
|
+
def oauth!(http, consumer = nil, token = nil, options = {})
|
29
|
+
helper_options = oauth_helper_options(http, consumer, token, options)
|
30
|
+
@oauth_helper = OAuth::Client::Helper.new(self, helper_options)
|
31
|
+
@oauth_helper.amend_user_agent_header(self)
|
32
|
+
@oauth_helper.hash_body if oauth_body_hash_required?(helper_options)
|
33
|
+
send("set_oauth_#{helper_options[:scheme]}")
|
34
|
+
end
|
54
35
|
|
55
|
-
|
36
|
+
# Create a string suitable for signing for an HTTP request. This process involves parameter
|
37
|
+
# normalization as specified in the OAuth specification. The exact normalization also depends
|
38
|
+
# on the <tt>options[:scheme]</tt> being used so this must match what will be used for the request
|
39
|
+
# itself. The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
|
40
|
+
# header.
|
41
|
+
#
|
42
|
+
# * http - Configured Net::HTTP instance
|
43
|
+
# * consumer - OAuth::Consumer instance
|
44
|
+
# * token - OAuth::Token instance
|
45
|
+
# * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
|
46
|
+
# +signature_method+, +nonce+, +timestamp+)
|
47
|
+
#
|
48
|
+
# See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1],
|
49
|
+
# {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
|
50
|
+
# http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
|
51
|
+
def signature_base_string(http, consumer = nil, token = nil, options = {})
|
52
|
+
helper_options = oauth_helper_options(http, consumer, token, options)
|
53
|
+
@oauth_helper = OAuth::Client::Helper.new(self, helper_options)
|
54
|
+
@oauth_helper.hash_body if oauth_body_hash_required?(helper_options)
|
55
|
+
@oauth_helper.signature_base_string
|
56
|
+
end
|
56
57
|
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
58
|
+
private
|
59
|
+
|
60
|
+
def oauth_helper_options(http, consumer, token, options)
|
61
|
+
{ request_uri: oauth_full_request_uri(http, options),
|
62
|
+
consumer: consumer,
|
63
|
+
token: token,
|
64
|
+
scheme: "header",
|
65
|
+
signature_method: nil,
|
66
|
+
nonce: nil,
|
67
|
+
timestamp: nil,
|
68
|
+
body_hash_enabled: true }.merge(options)
|
69
|
+
end
|
66
70
|
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
+
def oauth_full_request_uri(http, options)
|
72
|
+
uri = URI.parse(path)
|
73
|
+
uri.host = http.address
|
74
|
+
uri.port = http.port
|
71
75
|
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
76
|
+
if options[:request_endpoint] && options[:site]
|
77
|
+
is_https = options[:site].match(%r{^https://})
|
78
|
+
uri.host = options[:site].gsub(%r{^https?://}, "")
|
79
|
+
uri.port ||= is_https ? 443 : 80
|
80
|
+
end
|
77
81
|
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
82
|
+
uri.scheme = if http.respond_to?(:use_ssl?) && http.use_ssl?
|
83
|
+
"https"
|
84
|
+
else
|
85
|
+
"http"
|
86
|
+
end
|
83
87
|
|
84
|
-
|
85
|
-
|
88
|
+
uri.to_s
|
89
|
+
end
|
86
90
|
|
87
|
-
|
88
|
-
|
89
|
-
|
91
|
+
def oauth_body_hash_required?(options)
|
92
|
+
!@oauth_helper.token_request? && request_body_permitted? && !content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded") && options[:body_hash_enabled]
|
93
|
+
end
|
90
94
|
|
91
|
-
|
92
|
-
|
93
|
-
|
95
|
+
def set_oauth_header
|
96
|
+
self["Authorization"] = @oauth_helper.header
|
97
|
+
end
|
94
98
|
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
99
|
+
# FIXME: if you're using a POST body and query string parameters, this method
|
100
|
+
# will move query string parameters into the body unexpectedly. This may
|
101
|
+
# cause problems with non-x-www-form-urlencoded bodies submitted to URLs
|
102
|
+
# containing query string params. If duplicate parameters are present in both
|
103
|
+
# places, all instances should be included when calculating the signature
|
104
|
+
# base string.
|
105
|
+
|
106
|
+
def set_oauth_body
|
107
|
+
# NOTE: OAuth::Helper and @oauth_helper are not the same, despite sharing all methods defined in OAuth::Helper
|
108
|
+
# see: https://stackoverflow.com/a/53447775/213191
|
109
|
+
set_form_data(OAuth::Helper.stringify_keys(@oauth_helper.parameters_with_oauth))
|
110
|
+
params_with_sig = @oauth_helper.parameters.merge(oauth_signature: @oauth_helper.signature)
|
111
|
+
set_form_data(OAuth::Helper.stringify_keys(params_with_sig))
|
112
|
+
end
|
107
113
|
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
114
|
+
def set_oauth_query_string
|
115
|
+
oauth_params_str = @oauth_helper.oauth_parameters.map { |k, v| [escape(k), escape(v)].join("=") }.join("&")
|
116
|
+
uri = URI.parse(path)
|
117
|
+
uri.query = if uri.query.to_s == ""
|
118
|
+
oauth_params_str
|
119
|
+
else
|
120
|
+
"#{uri.query}&#{oauth_params_str}"
|
121
|
+
end
|
116
122
|
|
117
|
-
|
123
|
+
@path = uri.to_s
|
118
124
|
|
119
|
-
|
125
|
+
@path << "&oauth_signature=#{escape(oauth_helper.signature)}"
|
126
|
+
end
|
120
127
|
end
|
121
128
|
end
|
data/lib/oauth/client.rb
CHANGED
data/lib/oauth/consumer.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "net/http"
|
2
4
|
require "net/https"
|
3
5
|
require "oauth/oauth"
|
@@ -17,7 +19,8 @@ module OAuth
|
|
17
19
|
end
|
18
20
|
|
19
21
|
unless defined?(CA_FILE)
|
20
|
-
CA_FILES = %w[/etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt
|
22
|
+
CA_FILES = %w[/etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt
|
23
|
+
/usr/share/curl/curl-ca-bundle.crt].freeze
|
21
24
|
CA_FILES.each do |ca_file|
|
22
25
|
if File.exist?(ca_file)
|
23
26
|
CA_FILE = ca_file
|
@@ -61,6 +64,11 @@ module OAuth
|
|
61
64
|
# some_value - uses some_value
|
62
65
|
debug_output: nil,
|
63
66
|
|
67
|
+
# Defaults to producing a body_hash as part of the signature but
|
68
|
+
# can be disabled since it's not officially part of the OAuth 1.0
|
69
|
+
# spec. Possible values are true and false
|
70
|
+
body_hash_enabled: true,
|
71
|
+
|
64
72
|
oauth_version: "1.0"
|
65
73
|
}
|
66
74
|
|
@@ -75,7 +83,8 @@ module OAuth
|
|
75
83
|
# :http_method => :post,
|
76
84
|
# :request_token_path => "/oauth/example/request_token.php",
|
77
85
|
# :access_token_path => "/oauth/example/access_token.php",
|
78
|
-
# :authorize_path => "/oauth/example/authorize.php"
|
86
|
+
# :authorize_path => "/oauth/example/authorize.php",
|
87
|
+
# :body_hash_enabled => false
|
79
88
|
# })
|
80
89
|
#
|
81
90
|
# Start the process by requesting a token
|
@@ -94,9 +103,7 @@ module OAuth
|
|
94
103
|
@secret = consumer_secret
|
95
104
|
|
96
105
|
# ensure that keys are symbols
|
97
|
-
@options = @@default_options.merge(options.
|
98
|
-
opts[key.to_sym] = value
|
99
|
-
end)
|
106
|
+
@options = @@default_options.merge(options.transform_keys(&:to_sym))
|
100
107
|
end
|
101
108
|
|
102
109
|
# The default http method
|
@@ -105,15 +112,13 @@ module OAuth
|
|
105
112
|
end
|
106
113
|
|
107
114
|
def debug_output
|
108
|
-
@debug_output ||=
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
end
|
116
|
-
end
|
115
|
+
@debug_output ||= case @options[:debug_output]
|
116
|
+
when nil, false
|
117
|
+
when true
|
118
|
+
$stdout
|
119
|
+
else
|
120
|
+
@options[:debug_output]
|
121
|
+
end
|
117
122
|
end
|
118
123
|
|
119
124
|
# The HTTP object for the site. The HTTP Object is what you get when you do Net::HTTP.new
|
@@ -132,7 +137,8 @@ module OAuth
|
|
132
137
|
end
|
133
138
|
|
134
139
|
def get_access_token(request_token, request_options = {}, *arguments, &block)
|
135
|
-
response = token_request(http_method, (access_token_url? ? access_token_url : access_token_path), request_token,
|
140
|
+
response = token_request(http_method, (access_token_url? ? access_token_url : access_token_path), request_token,
|
141
|
+
request_options, *arguments, &block)
|
136
142
|
OAuth::AccessToken.from_hash(self, response)
|
137
143
|
end
|
138
144
|
|
@@ -153,9 +159,11 @@ module OAuth
|
|
153
159
|
def get_request_token(request_options = {}, *arguments, &block)
|
154
160
|
# if oauth_callback wasn't provided, it is assumed that oauth_verifiers
|
155
161
|
# will be exchanged out of band
|
156
|
-
|
162
|
+
unless request_options[:exclude_callback]
|
163
|
+
request_options[:oauth_callback] ||= OAuth::OUT_OF_BAND
|
164
|
+
end
|
157
165
|
|
158
|
-
response = if
|
166
|
+
response = if block
|
159
167
|
token_request(
|
160
168
|
http_method,
|
161
169
|
(request_token_url? ? request_token_url : request_token_path),
|
@@ -165,7 +173,8 @@ module OAuth
|
|
165
173
|
&block
|
166
174
|
)
|
167
175
|
else
|
168
|
-
token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil,
|
176
|
+
token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil,
|
177
|
+
request_options, *arguments)
|
169
178
|
end
|
170
179
|
OAuth::RequestToken.from_hash(self, response)
|
171
180
|
end
|
@@ -181,7 +190,7 @@ module OAuth
|
|
181
190
|
# @consumer.request(:post, '/people', @token, {}, @person.to_xml, { 'Content-Type' => 'application/xml' })
|
182
191
|
#
|
183
192
|
def request(http_method, path, token = nil, request_options = {}, *arguments)
|
184
|
-
|
193
|
+
unless %r{^/}.match?(path)
|
185
194
|
@http = create_http(path)
|
186
195
|
_uri = URI.parse(path)
|
187
196
|
path = "#{_uri.path}#{_uri.query ? "?#{_uri.query}" : ""}"
|
@@ -190,13 +199,14 @@ module OAuth
|
|
190
199
|
# override the request with your own, this is useful for file uploads which Net::HTTP does not do
|
191
200
|
req = create_signed_request(http_method, path, token, request_options, *arguments)
|
192
201
|
return nil if block_given? && (yield(req) == :done)
|
202
|
+
|
193
203
|
rsp = http.request(req)
|
194
204
|
# check for an error reported by the Problem Reporting extension
|
195
205
|
# (https://wiki.oauth.net/ProblemReporting)
|
196
206
|
# note: a 200 may actually be an error; check for an oauth_problem key to be sure
|
197
207
|
if !(headers = rsp.to_hash["www-authenticate"]).nil? &&
|
198
|
-
(h = headers.
|
199
|
-
h.first
|
208
|
+
(h = headers.grep(/^OAuth /)).any? &&
|
209
|
+
h.first.include?("oauth_problem")
|
200
210
|
|
201
211
|
# puts "Header: #{h.first}"
|
202
212
|
|
@@ -276,6 +286,7 @@ module OAuth
|
|
276
286
|
|
277
287
|
def request_endpoint
|
278
288
|
return nil if @options[:request_endpoint].nil?
|
289
|
+
|
279
290
|
@options[:request_endpoint].to_s
|
280
291
|
end
|
281
292
|
|
@@ -301,7 +312,7 @@ module OAuth
|
|
301
312
|
|
302
313
|
# TODO: this is ugly, rewrite
|
303
314
|
def request_token_url
|
304
|
-
@options[:request_token_url] || site + request_token_path
|
315
|
+
@options[:request_token_url] || (site + request_token_path)
|
305
316
|
end
|
306
317
|
|
307
318
|
def request_token_url?
|
@@ -309,7 +320,7 @@ module OAuth
|
|
309
320
|
end
|
310
321
|
|
311
322
|
def authenticate_url
|
312
|
-
@options[:authenticate_url] || site + authenticate_path
|
323
|
+
@options[:authenticate_url] || (site + authenticate_path)
|
313
324
|
end
|
314
325
|
|
315
326
|
def authenticate_url?
|
@@ -317,7 +328,7 @@ module OAuth
|
|
317
328
|
end
|
318
329
|
|
319
330
|
def authorize_url
|
320
|
-
@options[:authorize_url] || site + authorize_path
|
331
|
+
@options[:authorize_url] || (site + authorize_path)
|
321
332
|
end
|
322
333
|
|
323
334
|
def authorize_url?
|
@@ -325,7 +336,7 @@ module OAuth
|
|
325
336
|
end
|
326
337
|
|
327
338
|
def access_token_url
|
328
|
-
@options[:access_token_url] || site + access_token_path
|
339
|
+
@options[:access_token_url] || (site + access_token_path)
|
329
340
|
end
|
330
341
|
|
331
342
|
def access_token_url?
|
@@ -342,7 +353,7 @@ module OAuth
|
|
342
353
|
def create_http(_url = nil)
|
343
354
|
_url = request_endpoint unless request_endpoint.nil?
|
344
355
|
|
345
|
-
our_uri = if _url.nil? || _url[0] =~
|
356
|
+
our_uri = if _url.nil? || _url[0] =~ %r{^/}
|
346
357
|
URI.parse(site)
|
347
358
|
else
|
348
359
|
your_uri = URI.parse(_url)
|
@@ -359,7 +370,8 @@ module OAuth
|
|
359
370
|
http_object = Net::HTTP.new(our_uri.host, our_uri.port)
|
360
371
|
else
|
361
372
|
proxy_uri = proxy.is_a?(URI) ? proxy : URI.parse(proxy)
|
362
|
-
http_object = Net::HTTP.new(our_uri.host, our_uri.port, proxy_uri.host, proxy_uri.port, proxy_uri.user,
|
373
|
+
http_object = Net::HTTP.new(our_uri.host, our_uri.port, proxy_uri.host, proxy_uri.port, proxy_uri.user,
|
374
|
+
proxy_uri.password)
|
363
375
|
end
|
364
376
|
|
365
377
|
http_object.use_ssl = (our_uri.scheme == "https")
|
@@ -374,10 +386,14 @@ module OAuth
|
|
374
386
|
end
|
375
387
|
|
376
388
|
http_object.read_timeout = http_object.open_timeout = @options[:timeout] || 60
|
377
|
-
|
389
|
+
if @options[:open_timeout]
|
390
|
+
http_object.open_timeout = @options[:open_timeout]
|
391
|
+
end
|
378
392
|
http_object.ssl_version = @options[:ssl_version] if @options[:ssl_version]
|
379
|
-
|
380
|
-
|
393
|
+
if @options[:ssl_client_cert]
|
394
|
+
http_object.cert = @options[:ssl_client_cert]
|
395
|
+
end
|
396
|
+
http_object.key = @options[:ssl_client_key] if @options[:ssl_client_key]
|
381
397
|
http_object.set_debug_output(debug_output) if debug_output
|
382
398
|
|
383
399
|
http_object
|
@@ -392,8 +408,10 @@ module OAuth
|
|
392
408
|
# if the base site contains a path, add it now
|
393
409
|
# only add if the site host matches the current http object's host
|
394
410
|
# (in case we've specified a full url for token requests)
|
395
|
-
uri
|
396
|
-
|
411
|
+
uri = URI.parse(site)
|
412
|
+
if uri.path && uri.path != "/" && uri.host == http.address
|
413
|
+
path = uri.path + path
|
414
|
+
end
|
397
415
|
|
398
416
|
headers = arguments.first.is_a?(Hash) ? arguments.shift : {}
|
399
417
|
|
data/lib/oauth/errors/error.rb
CHANGED