oauth 0.5.12 → 0.6.1

data/lib/oauth/client/helper.rb

@@ -1,98 +1,102 @@
+# frozen_string_literal: true
+
 require "oauth/client"
 require "oauth/consumer"
 require "oauth/helper"
 require "oauth/token"
 require "oauth/signature/hmac/sha1"
 
-module OAuth::Client
-  class Helper
-    include OAuth::Helper
+module OAuth
+  module Client
+    class Helper
+      include OAuth::Helper
 
-    def initialize(request, options = {})
-      @request = request
-      @options = options
-      @options[:signature_method] ||= "HMAC-SHA1"
-    end
+      def initialize(request, options = {})
+        @request = request
+        @options = options
+        @options[:signature_method] ||= "HMAC-SHA1"
+      end
 
-    attr_reader :options
+      attr_reader :options
 
-    def nonce
-      options[:nonce] ||= generate_key
-    end
+      def nonce
+        options[:nonce] ||= generate_key
+      end
 
-    def timestamp
-      options[:timestamp] ||= generate_timestamp
-    end
+      def timestamp
+        options[:timestamp] ||= generate_timestamp
+      end
 
-    def oauth_parameters
-      out = {
-        "oauth_body_hash"        => options[:body_hash],
-        "oauth_callback"         => options[:oauth_callback],
-        "oauth_consumer_key"     => options[:consumer].key,
-        "oauth_token"            => options[:token] ? options[:token].token : "",
-        "oauth_signature_method" => options[:signature_method],
-        "oauth_timestamp"        => timestamp,
-        "oauth_nonce"            => nonce,
-        "oauth_verifier"         => options[:oauth_verifier],
-        "oauth_version"          => (options[:oauth_version] || "1.0"),
-        "oauth_session_handle"   => options[:oauth_session_handle]
-      }
-      allowed_empty_params = options[:allow_empty_params]
-      if allowed_empty_params != true && !allowed_empty_params.is_a?(Array)
-        allowed_empty_params = allowed_empty_params == false ? [] : [allowed_empty_params]
+      def oauth_parameters
+        out = {
+          "oauth_body_hash" => options[:body_hash],
+          "oauth_callback" => options[:oauth_callback],
+          "oauth_consumer_key" => options[:consumer].key,
+          "oauth_token" => options[:token] ? options[:token].token : "",
+          "oauth_signature_method" => options[:signature_method],
+          "oauth_timestamp" => timestamp,
+          "oauth_nonce" => nonce,
+          "oauth_verifier" => options[:oauth_verifier],
+          "oauth_version" => (options[:oauth_version] || "1.0"),
+          "oauth_session_handle" => options[:oauth_session_handle]
+        }
+        allowed_empty_params = options[:allow_empty_params]
+        if allowed_empty_params != true && !allowed_empty_params.is_a?(Array)
+          allowed_empty_params = allowed_empty_params == false ? [] : [allowed_empty_params]
+        end
+        out.select! { |k, v| v.to_s != "" || allowed_empty_params == true || allowed_empty_params.include?(k) }
+        out
       end
-      out.select! { |k, v| v.to_s != "" || allowed_empty_params == true || allowed_empty_params.include?(k) }
-      out
-    end
 
-    def signature(extra_options = {})
-      OAuth::Signature.sign(@request, { uri: options[:request_uri],
-                                        consumer: options[:consumer],
-                                        token: options[:token],
-                                        unsigned_parameters: options[:unsigned_parameters] }.merge(extra_options))
-    end
+      def signature(extra_options = {})
+        OAuth::Signature.sign(@request, { uri: options[:request_uri],
+                                          consumer: options[:consumer],
+                                          token: options[:token],
+                                          unsigned_parameters: options[:unsigned_parameters] }.merge(extra_options))
+      end
 
-    def signature_base_string(extra_options = {})
-      OAuth::Signature.signature_base_string(@request, { uri: options[:request_uri],
-                                                         consumer: options[:consumer],
-                                                         token: options[:token],
-                                                         parameters: oauth_parameters }.merge(extra_options))
-    end
+      def signature_base_string(extra_options = {})
+        OAuth::Signature.signature_base_string(@request, { uri: options[:request_uri],
+                                                           consumer: options[:consumer],
+                                                           token: options[:token],
+                                                           parameters: oauth_parameters }.merge(extra_options))
+      end
 
-    def token_request?
-      @options[:token_request].eql?(true)
-    end
+      def token_request?
+        @options[:token_request].eql?(true)
+      end
 
-    def hash_body
-      @options[:body_hash] = OAuth::Signature.body_hash(@request, parameters: oauth_parameters)
-    end
+      def hash_body
+        @options[:body_hash] = OAuth::Signature.body_hash(@request, parameters: oauth_parameters)
+      end
 
-    def amend_user_agent_header(headers)
-      @oauth_ua_string ||= "OAuth gem v#{OAuth::VERSION}"
-      # Net::HTTP in 1.9 appends Ruby
-      if headers["User-Agent"] && headers["User-Agent"] != "Ruby"
-        headers["User-Agent"] += " (#{@oauth_ua_string})"
-      else
-        headers["User-Agent"] = @oauth_ua_string
+      def amend_user_agent_header(headers)
+        @oauth_ua_string ||= "OAuth gem v#{OAuth::Version::VERSION}"
+        # Net::HTTP in 1.9 appends Ruby
+        if headers["User-Agent"] && headers["User-Agent"] != "Ruby"
+          headers["User-Agent"] += " (#{@oauth_ua_string})"
+        else
+          headers["User-Agent"] = @oauth_ua_string
+        end
       end
-    end
 
-    def header
-      parameters = oauth_parameters
-      parameters["oauth_signature"] = signature(options.merge(parameters: parameters))
+      def header
+        parameters = oauth_parameters
+        parameters["oauth_signature"] = signature(options.merge(parameters: parameters))
 
-      header_params_str = parameters.sort.map { |k, v| "#{k}=\"#{escape(v)}\"" }.join(", ")
+        header_params_str = parameters.sort.map { |k, v| "#{k}=\"#{escape(v)}\"" }.join(", ")
 
-      realm = "realm=\"#{options[:realm]}\", " if options[:realm]
-      "OAuth #{realm}#{header_params_str}"
-    end
+        realm = "realm=\"#{options[:realm]}\", " if options[:realm]
+        "OAuth #{realm}#{header_params_str}"
+      end
 
-    def parameters
-      OAuth::RequestProxy.proxy(@request).parameters
-    end
+      def parameters
+        OAuth::RequestProxy.proxy(@request).parameters
+      end
 
-    def parameters_with_oauth
-      oauth_parameters.merge(parameters)
+      def parameters_with_oauth
+        oauth_parameters.merge(parameters)
+      end
     end
   end
 end

data/lib/oauth/client/net_http.rb

@@ -1,121 +1,128 @@
+# frozen_string_literal: true
+
 require "oauth/helper"
 require "oauth/request_proxy/net_http"
 
-class Net::HTTPGenericRequest
-  include OAuth::Helper
-
-  attr_reader :oauth_helper
-
-  # Add the OAuth information to an HTTP request. Depending on the <tt>options[:scheme]</tt> setting
-  # this may add a header, additional query string parameters, or additional POST body parameters.
-  # The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
-  # header.
-  #
-  # * http - Configured Net::HTTP instance
-  # * consumer - OAuth::Consumer instance
-  # * token - OAuth::Token instance
-  # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
-  #   +signature_method+, +nonce+, +timestamp+)
-  #
-  # This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
-  #
-  # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1],
-  #           {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
-  #                                                 http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
-  def oauth!(http, consumer = nil, token = nil, options = {})
-    helper_options = oauth_helper_options(http, consumer, token, options)
-    @oauth_helper = OAuth::Client::Helper.new(self, helper_options)
-    @oauth_helper.amend_user_agent_header(self)
-    @oauth_helper.hash_body if oauth_body_hash_required?
-    send("set_oauth_#{helper_options[:scheme]}")
-  end
-
-  # Create a string suitable for signing for an HTTP request. This process involves parameter
-  # normalization as specified in the OAuth specification. The exact normalization also depends
-  # on the <tt>options[:scheme]</tt> being used so this must match what will be used for the request
-  # itself. The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
-  # header.
-  #
-  # * http - Configured Net::HTTP instance
-  # * consumer - OAuth::Consumer instance
-  # * token - OAuth::Token instance
-  # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
-  #   +signature_method+, +nonce+, +timestamp+)
-  #
-  # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1],
-  #           {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
-  #                                                 http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
-  def signature_base_string(http, consumer = nil, token = nil, options = {})
-    helper_options = oauth_helper_options(http, consumer, token, options)
-    @oauth_helper = OAuth::Client::Helper.new(self, helper_options)
-    @oauth_helper.hash_body if oauth_body_hash_required?
-    @oauth_helper.signature_base_string
-  end
+module Net
+  class HTTPGenericRequest
+    include OAuth::Helper
+
+    attr_reader :oauth_helper
+
+    # Add the OAuth information to an HTTP request. Depending on the <tt>options[:scheme]</tt> setting
+    # this may add a header, additional query string parameters, or additional POST body parameters.
+    # The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
+    # header.
+    #
+    # * http - Configured Net::HTTP instance
+    # * consumer - OAuth::Consumer instance
+    # * token - OAuth::Token instance
+    # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
+    #   +signature_method+, +nonce+, +timestamp+, +body_hash+)
+    #
+    # This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
+    #
+    # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1],
+    #           {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
+    #                                                 http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
+    def oauth!(http, consumer = nil, token = nil, options = {})
+      helper_options = oauth_helper_options(http, consumer, token, options)
+      @oauth_helper = OAuth::Client::Helper.new(self, helper_options)
+      @oauth_helper.amend_user_agent_header(self)
+      @oauth_helper.hash_body if oauth_body_hash_required?(helper_options)
+      send("set_oauth_#{helper_options[:scheme]}")
+    end
 
-  private
+    # Create a string suitable for signing for an HTTP request. This process involves parameter
+    # normalization as specified in the OAuth specification. The exact normalization also depends
+    # on the <tt>options[:scheme]</tt> being used so this must match what will be used for the request
+    # itself. The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
+    # header.
+    #
+    # * http - Configured Net::HTTP instance
+    # * consumer - OAuth::Consumer instance
+    # * token - OAuth::Token instance
+    # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
+    #   +signature_method+, +nonce+, +timestamp+)
+    #
+    # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1],
+    #           {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
+    #                                                 http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
+    def signature_base_string(http, consumer = nil, token = nil, options = {})
+      helper_options = oauth_helper_options(http, consumer, token, options)
+      @oauth_helper = OAuth::Client::Helper.new(self, helper_options)
+      @oauth_helper.hash_body if oauth_body_hash_required?(helper_options)
+      @oauth_helper.signature_base_string
+    end
 
-  def oauth_helper_options(http, consumer, token, options)
-    { request_uri: oauth_full_request_uri(http, options),
-      consumer: consumer,
-      token: token,
-      scheme: "header",
-      signature_method: nil,
-      nonce: nil,
-      timestamp: nil }.merge(options)
-  end
+    private
+
+    def oauth_helper_options(http, consumer, token, options)
+      { request_uri: oauth_full_request_uri(http, options),
+        consumer: consumer,
+        token: token,
+        scheme: "header",
+        signature_method: nil,
+        nonce: nil,
+        timestamp: nil,
+        body_hash_enabled: true }.merge(options)
+    end
 
-  def oauth_full_request_uri(http, options)
-    uri = URI.parse(path)
-    uri.host = http.address
-    uri.port = http.port
+    def oauth_full_request_uri(http, options)
+      uri = URI.parse(path)
+      uri.host = http.address
+      uri.port = http.port
 
-    if options[:request_endpoint] && options[:site]
-      is_https = options[:site].match(%r{^https://})
-      uri.host = options[:site].gsub(%r{^https?://}, "")
-      uri.port ||= is_https ? 443 : 80
-    end
+      if options[:request_endpoint] && options[:site]
+        is_https = options[:site].match(%r{^https://})
+        uri.host = options[:site].gsub(%r{^https?://}, "")
+        uri.port ||= is_https ? 443 : 80
+      end
 
-    uri.scheme = if http.respond_to?(:use_ssl?) && http.use_ssl?
-                   "https"
-                 else
-                   "http"
-                 end
+      uri.scheme = if http.respond_to?(:use_ssl?) && http.use_ssl?
+                     "https"
+                   else
+                     "http"
+                   end
 
-    uri.to_s
-  end
+      uri.to_s
+    end
 
-  def oauth_body_hash_required?
-    !@oauth_helper.token_request? && request_body_permitted? && !content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
-  end
+    def oauth_body_hash_required?(options)
+      !@oauth_helper.token_request? && request_body_permitted? && !content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded") && options[:body_hash_enabled]
+    end
 
-  def set_oauth_header
-    self["Authorization"] = @oauth_helper.header
-  end
+    def set_oauth_header
+      self["Authorization"] = @oauth_helper.header
+    end
 
-  # FIXME: if you're using a POST body and query string parameters, this method
-  # will move query string parameters into the body unexpectedly. This may
-  # cause problems with non-x-www-form-urlencoded bodies submitted to URLs
-  # containing query string params. If duplicate parameters are present in both
-  # places, all instances should be included when calculating the signature
-  # base string.
-
-  def set_oauth_body
-    set_form_data(@oauth_helper.stringify_keys(@oauth_helper.parameters_with_oauth))
-    params_with_sig = @oauth_helper.parameters.merge(oauth_signature: @oauth_helper.signature)
-    set_form_data(@oauth_helper.stringify_keys(params_with_sig))
-  end
+    # FIXME: if you're using a POST body and query string parameters, this method
+    # will move query string parameters into the body unexpectedly. This may
+    # cause problems with non-x-www-form-urlencoded bodies submitted to URLs
+    # containing query string params. If duplicate parameters are present in both
+    # places, all instances should be included when calculating the signature
+    # base string.
+
+    def set_oauth_body
+      # NOTE: OAuth::Helper and @oauth_helper are not the same, despite sharing all methods defined in OAuth::Helper
+      #       see: https://stackoverflow.com/a/53447775/213191
+      set_form_data(OAuth::Helper.stringify_keys(@oauth_helper.parameters_with_oauth))
+      params_with_sig = @oauth_helper.parameters.merge(oauth_signature: @oauth_helper.signature)
+      set_form_data(OAuth::Helper.stringify_keys(params_with_sig))
+    end
 
-  def set_oauth_query_string
-    oauth_params_str = @oauth_helper.oauth_parameters.map { |k, v| [escape(k), escape(v)].join("=") }.join("&")
-    uri = URI.parse(path)
-    uri.query = if uri.query.to_s == ""
-                  oauth_params_str
-                else
-                  uri.query + "&" + oauth_params_str
-                end
+    def set_oauth_query_string
+      oauth_params_str = @oauth_helper.oauth_parameters.map { |k, v| [escape(k), escape(v)].join("=") }.join("&")
+      uri = URI.parse(path)
+      uri.query = if uri.query.to_s == ""
+                    oauth_params_str
+                  else
+                    "#{uri.query}&#{oauth_params_str}"
+                  end
 
-    @path = uri.to_s
+      @path = uri.to_s
 
-    @path << "&oauth_signature=#{escape(oauth_helper.signature)}"
+      @path << "&oauth_signature=#{escape(oauth_helper.signature)}"
+    end
   end
 end

data/lib/oauth/client.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module OAuth
   module Client
   end

data/lib/oauth/consumer.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "net/http"
 require "net/https"
 require "oauth/oauth"
@@ -17,7 +19,8 @@ module OAuth
     end
 
     unless defined?(CA_FILE)
-      CA_FILES = %w[/etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt /usr/share/curl/curl-ca-bundle.crt].freeze
+      CA_FILES = %w[/etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt
+                    /usr/share/curl/curl-ca-bundle.crt].freeze
       CA_FILES.each do |ca_file|
         if File.exist?(ca_file)
           CA_FILE = ca_file
@@ -61,6 +64,11 @@ module OAuth
       # some_value - uses some_value
       debug_output: nil,
 
+      # Defaults to producing a body_hash as part of the signature but
+      # can be disabled since it's not officially part of the OAuth 1.0
+      # spec. Possible values are true and false
+      body_hash_enabled: true,
+
       oauth_version: "1.0"
     }
 
@@ -75,7 +83,8 @@ module OAuth
     #     :http_method        => :post,
     #     :request_token_path => "/oauth/example/request_token.php",
     #     :access_token_path  => "/oauth/example/access_token.php",
-    #     :authorize_path     => "/oauth/example/authorize.php"
+    #     :authorize_path     => "/oauth/example/authorize.php",
+    #     :body_hash_enabled  => false
     #    })
     #
     # Start the process by requesting a token
@@ -94,9 +103,7 @@ module OAuth
       @secret = consumer_secret
 
       # ensure that keys are symbols
-      @options = @@default_options.merge(options.each_with_object({}) do |(key, value), opts|
-        opts[key.to_sym] = value
-      end)
+      @options = @@default_options.merge(options.transform_keys(&:to_sym))
     end
 
     # The default http method
@@ -105,15 +112,13 @@ module OAuth
     end
 
     def debug_output
-      @debug_output ||= begin
-        case @options[:debug_output]
-        when nil, false
-        when true
-          $stdout
-        else
-          @options[:debug_output]
-        end
-      end
+      @debug_output ||= case @options[:debug_output]
+                        when nil, false
+                        when true
+                          $stdout
+                        else
+                          @options[:debug_output]
+                        end
     end
 
     # The HTTP object for the site. The HTTP Object is what you get when you do Net::HTTP.new
@@ -132,7 +137,8 @@ module OAuth
     end
 
     def get_access_token(request_token, request_options = {}, *arguments, &block)
-      response = token_request(http_method, (access_token_url? ? access_token_url : access_token_path), request_token, request_options, *arguments, &block)
+      response = token_request(http_method, (access_token_url? ? access_token_url : access_token_path), request_token,
+                               request_options, *arguments, &block)
       OAuth::AccessToken.from_hash(self, response)
     end
 
@@ -153,9 +159,11 @@ module OAuth
     def get_request_token(request_options = {}, *arguments, &block)
       # if oauth_callback wasn't provided, it is assumed that oauth_verifiers
       # will be exchanged out of band
-      request_options[:oauth_callback] ||= OAuth::OUT_OF_BAND unless request_options[:exclude_callback]
+      unless request_options[:exclude_callback]
+        request_options[:oauth_callback] ||= OAuth::OUT_OF_BAND
+      end
 
-      response = if block_given?
+      response = if block
                    token_request(
                      http_method,
                      (request_token_url? ? request_token_url : request_token_path),
@@ -165,7 +173,8 @@ module OAuth
                      &block
                    )
                  else
-                   token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, request_options, *arguments)
+                   token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil,
+                                 request_options, *arguments)
                  end
       OAuth::RequestToken.from_hash(self, response)
     end
@@ -181,7 +190,7 @@ module OAuth
     #   @consumer.request(:post, '/people', @token, {}, @person.to_xml, { 'Content-Type' => 'application/xml' })
     #
     def request(http_method, path, token = nil, request_options = {}, *arguments)
-      if path !~ /^\//
+      unless %r{^/}.match?(path)
         @http = create_http(path)
         _uri = URI.parse(path)
         path = "#{_uri.path}#{_uri.query ? "?#{_uri.query}" : ""}"
@@ -190,13 +199,14 @@ module OAuth
       # override the request with your own, this is useful for file uploads which Net::HTTP does not do
       req = create_signed_request(http_method, path, token, request_options, *arguments)
       return nil if block_given? && (yield(req) == :done)
+
       rsp = http.request(req)
       # check for an error reported by the Problem Reporting extension
       # (https://wiki.oauth.net/ProblemReporting)
       # note: a 200 may actually be an error; check for an oauth_problem key to be sure
       if !(headers = rsp.to_hash["www-authenticate"]).nil? &&
-         (h = headers.select { |hdr| hdr =~ /^OAuth / }).any? &&
-         h.first =~ /oauth_problem/
+         (h = headers.grep(/^OAuth /)).any? &&
+         h.first.include?("oauth_problem")
 
         # puts "Header: #{h.first}"
 
@@ -276,6 +286,7 @@ module OAuth
 
     def request_endpoint
       return nil if @options[:request_endpoint].nil?
+
       @options[:request_endpoint].to_s
     end
 
@@ -301,7 +312,7 @@ module OAuth
 
     # TODO: this is ugly, rewrite
     def request_token_url
-      @options[:request_token_url] || site + request_token_path
+      @options[:request_token_url] || (site + request_token_path)
     end
 
     def request_token_url?
@@ -309,7 +320,7 @@ module OAuth
     end
 
     def authenticate_url
-      @options[:authenticate_url] || site + authenticate_path
+      @options[:authenticate_url] || (site + authenticate_path)
     end
 
     def authenticate_url?
@@ -317,7 +328,7 @@ module OAuth
     end
 
     def authorize_url
-      @options[:authorize_url] || site + authorize_path
+      @options[:authorize_url] || (site + authorize_path)
     end
 
     def authorize_url?
@@ -325,7 +336,7 @@ module OAuth
     end
 
     def access_token_url
-      @options[:access_token_url] || site + access_token_path
+      @options[:access_token_url] || (site + access_token_path)
     end
 
     def access_token_url?
@@ -342,7 +353,7 @@ module OAuth
     def create_http(_url = nil)
       _url = request_endpoint unless request_endpoint.nil?
 
-      our_uri = if _url.nil? || _url[0] =~ /^\//
+      our_uri = if _url.nil? || _url[0] =~ %r{^/}
                   URI.parse(site)
                 else
                   your_uri = URI.parse(_url)
@@ -359,7 +370,8 @@ module OAuth
         http_object = Net::HTTP.new(our_uri.host, our_uri.port)
       else
         proxy_uri = proxy.is_a?(URI) ? proxy : URI.parse(proxy)
-        http_object = Net::HTTP.new(our_uri.host, our_uri.port, proxy_uri.host, proxy_uri.port, proxy_uri.user, proxy_uri.password)
+        http_object = Net::HTTP.new(our_uri.host, our_uri.port, proxy_uri.host, proxy_uri.port, proxy_uri.user,
+                                    proxy_uri.password)
       end
 
       http_object.use_ssl = (our_uri.scheme == "https")
@@ -374,10 +386,14 @@ module OAuth
       end
 
       http_object.read_timeout = http_object.open_timeout = @options[:timeout] || 60
-      http_object.open_timeout = @options[:open_timeout] if @options[:open_timeout]
+      if @options[:open_timeout]
+        http_object.open_timeout = @options[:open_timeout]
+      end
       http_object.ssl_version = @options[:ssl_version] if @options[:ssl_version]
-      http_object.cert = @options[:ssl_client_cert] if @options[:ssl_client_cert]
-      http_object.key  = @options[:ssl_client_key] if @options[:ssl_client_key]
+      if @options[:ssl_client_cert]
+        http_object.cert = @options[:ssl_client_cert]
+      end
+      http_object.key = @options[:ssl_client_key] if @options[:ssl_client_key]
       http_object.set_debug_output(debug_output) if debug_output
 
       http_object
@@ -392,8 +408,10 @@ module OAuth
       # if the base site contains a path, add it now
       # only add if the site host matches the current http object's host
       # (in case we've specified a full url for token requests)
-      uri  = URI.parse(site)
-      path = uri.path + path if uri.path && uri.path != "/" && uri.host == http.address
+      uri = URI.parse(site)
+      if uri.path && uri.path != "/" && uri.host == http.address
+        path = uri.path + path
+      end
 
       headers = arguments.first.is_a?(Hash) ? arguments.shift : {}
 

data/lib/oauth/errors/error.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module OAuth
   class Error < StandardError
   end

data/lib/oauth/errors/problem.rb

@@ -1,6 +1,9 @@
+# frozen_string_literal: true
+
 module OAuth
   class Problem < OAuth::Unauthorized
     attr_reader :problem, :params
+
     def initialize(problem, request = nil, params = {})
       super(request)
       @problem = problem