oauth 0.5.14 → 0.6.2

data/lib/oauth/signature/base.rb

@@ -1,97 +1,105 @@
+# frozen_string_literal: true
+
 require "oauth/signature"
 require "oauth/helper"
 require "oauth/request_proxy/base"
 require "base64"
 
-module OAuth::Signature
-  class Base
-    include OAuth::Helper
+module OAuth
+  module Signature
+    class Base
+      include OAuth::Helper
 
-    attr_accessor :options
-    attr_reader :token_secret, :consumer_secret, :request
+      attr_accessor :options
+      attr_reader :token_secret, :consumer_secret, :request
 
-    def self.implements(signature_method = nil)
-      return @implements if signature_method.nil?
-      @implements = signature_method
-      OAuth::Signature.available_methods[@implements] = self
-    end
+      def self.implements(signature_method = nil)
+        return @implements if signature_method.nil?
 
-    def initialize(request, options = {}, &block)
-      raise TypeError unless request.is_a?(OAuth::RequestProxy::Base)
-      @request = request
-      @options = options
+        @implements = signature_method
+        OAuth::Signature.available_methods[@implements] = self
+      end
 
-      ## consumer secret was determined beforehand
+      def initialize(request, options = {}, &block)
+        raise TypeError unless request.is_a?(OAuth::RequestProxy::Base)
 
-      @consumer_secret = options[:consumer].secret if options[:consumer]
+        @request = request
+        @options = options
 
-      # presence of :consumer_secret option will override any Consumer that's provided
-      @consumer_secret = options[:consumer_secret] if options[:consumer_secret]
+        ## consumer secret was determined beforehand
 
-      ## token secret was determined beforehand
+        @consumer_secret = options[:consumer].secret if options[:consumer]
 
-      @token_secret = options[:token].secret if options[:token]
+        # presence of :consumer_secret option will override any Consumer that's provided
+        if options[:consumer_secret]
+          @consumer_secret = options[:consumer_secret]
+        end
 
-      # presence of :token_secret option will override any Token that's provided
-      @token_secret = options[:token_secret] if options[:token_secret]
+        ## token secret was determined beforehand
 
-      # override secrets based on the values returned from the block (if any)
-      if block_given?
-        # consumer secret and token secret need to be looked up based on pieces of the request
-        secrets = yield block.arity == 1 ? request : [token, consumer_key, nonce, request.timestamp]
-        if secrets.is_a?(Array) && secrets.size == 2
-          @token_secret = secrets[0]
-          @consumer_secret = secrets[1]
+        @token_secret = options[:token].secret if options[:token]
+
+        # presence of :token_secret option will override any Token that's provided
+        @token_secret = options[:token_secret] if options[:token_secret]
+
+        # override secrets based on the values returned from the block (if any)
+        if block
+          # consumer secret and token secret need to be looked up based on pieces of the request
+          secrets = yield block.arity == 1 ? request : [token, consumer_key, nonce, request.timestamp]
+          if secrets.is_a?(Array) && secrets.size == 2
+            @token_secret = secrets[0]
+            @consumer_secret = secrets[1]
+          end
         end
       end
-    end
 
-    def signature
-      Base64.encode64(digest).chomp.delete("\n")
-    end
+      def signature
+        Base64.encode64(digest).chomp.delete("\n")
+      end
 
-    def ==(cmp_signature)
-      check = signature.bytesize ^ cmp_signature.bytesize
-      signature.bytes.zip(cmp_signature.bytes) { |x, y| check |= x ^ y.to_i }
-      check.zero?
-    end
+      def ==(other)
+        check = signature.bytesize ^ other.bytesize
+        signature.bytes.zip(other.bytes) { |x, y| check |= x ^ y.to_i }
+        check.zero?
+      end
 
-    def verify
-      self == request.signature
-    end
+      def verify
+        self == request.signature
+      end
 
-    def signature_base_string
-      request.signature_base_string
-    end
+      def signature_base_string
+        request.signature_base_string
+      end
 
-    def body_hash
-      raise_instantiation_error
-    end
+      def body_hash
+        raise_instantiation_error
+      end
 
-    private
+      private
 
-    def token
-      request.token
-    end
+      def token
+        request.token
+      end
 
-    def consumer_key
-      request.consumer_key
-    end
+      def consumer_key
+        request.consumer_key
+      end
 
-    def nonce
-      request.nonce
-    end
+      def nonce
+        request.nonce
+      end
 
-    def secret
-      "#{escape(consumer_secret)}&#{escape(token_secret)}"
-    end
+      def secret
+        "#{escape(consumer_secret)}&#{escape(token_secret)}"
+      end
 
-    def digest
-      raise_instantiation_error
-    end
+      def digest
+        raise_instantiation_error
+      end
 
-    def raise_instantiation_error
-      raise NotImplementedError, "Cannot instantiate #{self.class.name} class directly."
+      def raise_instantiation_error
+        raise NotImplementedError, "Cannot instantiate #{self.class.name} class directly."
+      end
     end
   end
 end

data/lib/oauth/signature/hmac/sha1.rb

@@ -1,17 +1,23 @@
+# frozen_string_literal: true
+
 require "oauth/signature/base"
 
-module OAuth::Signature::HMAC
-  class SHA1 < OAuth::Signature::Base
-    implements "hmac-sha1"
+module OAuth
+  module Signature
+    module HMAC
+      class SHA1 < OAuth::Signature::Base
+        implements "hmac-sha1"
 
-    def body_hash
-      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.delete("\n")
-    end
+        def body_hash
+          Base64.encode64(OpenSSL::Digest.digest("SHA1", request.body || "")).chomp.delete("\n")
+        end
 
-    private
+        private
 
-    def digest
-      OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha1"), secret, signature_base_string)
+        def digest
+          OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha1"), secret, signature_base_string)
+        end
+      end
     end
   end
 end

data/lib/oauth/signature/hmac/sha256.rb

@@ -1,17 +1,23 @@
+# frozen_string_literal: true
+
 require "oauth/signature/base"
 
-module OAuth::Signature::HMAC
-  class SHA256 < OAuth::Signature::Base
-    implements "hmac-sha256"
+module OAuth
+  module Signature
+    module HMAC
+      class SHA256 < OAuth::Signature::Base
+        implements "hmac-sha256"
 
-    def body_hash
-      Base64.encode64(OpenSSL::Digest::SHA256.digest(request.body || "")).chomp.delete("\n")
-    end
+        def body_hash
+          Base64.encode64(OpenSSL::Digest.digest("SHA256", request.body || "")).chomp.delete("\n")
+        end
 
-    private
+        private
 
-    def digest
-      OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha256"), secret, signature_base_string)
+        def digest
+          OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha256"), secret, signature_base_string)
+        end
+      end
     end
   end
 end

data/lib/oauth/signature/plaintext.rb

@@ -1,29 +1,27 @@
-require "oauth/signature/base"
+# frozen_string_literal: true
 
-module OAuth::Signature
-  class PLAINTEXT < Base
-    implements "plaintext"
+require "oauth/signature/base"
 
-    def signature
-      signature_base_string
-    end
+module OAuth
+  module Signature
+    class PLAINTEXT < Base
+      implements "plaintext"
 
-    def ==(cmp_signature)
-      signature.to_s == cmp_signature.to_s
-    end
+      def signature
+        signature_base_string
+      end
 
-    def signature_base_string
-      secret
-    end
-
-    def body_hash
-      nil
-    end
+      def ==(other)
+        signature.to_s == other.to_s
+      end
 
-    private
+      def signature_base_string
+        secret
+      end
 
-    def secret
-      super
+      def body_hash
+        nil
+      end
     end
   end
 end

data/lib/oauth/signature/rsa/sha1.rb

@@ -1,50 +1,58 @@
-require "oauth/signature/base"
+# frozen_string_literal: true
 
-module OAuth::Signature::RSA
-  class SHA1 < OAuth::Signature::Base
-    implements "rsa-sha1"
+require "oauth/signature/base"
 
-    def ==(cmp_signature)
-      public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(cmp_signature.is_a?(Array) ? cmp_signature.first : cmp_signature), signature_base_string)
-    end
+module OAuth
+  module Signature
+    module RSA
+      class SHA1 < OAuth::Signature::Base
+        implements "rsa-sha1"
 
-    def public_key
-      if consumer_secret.is_a?(String)
-        decode_public_key
-      elsif consumer_secret.is_a?(OpenSSL::X509::Certificate)
-        consumer_secret.public_key
-      else
-        consumer_secret
-      end
-    end
+        def ==(other)
+          public_key.verify(OpenSSL::Digest.new("SHA1"),
+                            Base64.decode64(other.is_a?(Array) ? other.first : other), signature_base_string)
+        end
 
-    def body_hash
-      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.delete("\n")
-    end
+        def public_key
+          case consumer_secret
+          when String
+            decode_public_key
+          when OpenSSL::X509::Certificate
+            consumer_secret.public_key
+          else
+            consumer_secret
+          end
+        end
 
-    private
+        def body_hash
+          Base64.encode64(OpenSSL::Digest.digest("SHA1", request.body || "")).chomp.delete("\n")
+        end
 
-    def decode_public_key
-      case consumer_secret
-      when /-----BEGIN CERTIFICATE-----/
-        OpenSSL::X509::Certificate.new(consumer_secret).public_key
-      else
-        OpenSSL::PKey::RSA.new(consumer_secret)
-      end
-    end
+        private
 
-    def digest
-      private_key = OpenSSL::PKey::RSA.new(
-        if options[:private_key_file]
-          IO.read(options[:private_key_file])
-        elsif options[:private_key]
-          options[:private_key]
-        else
-          consumer_secret
+        def decode_public_key
+          case consumer_secret
+          when /-----BEGIN CERTIFICATE-----/
+            OpenSSL::X509::Certificate.new(consumer_secret).public_key
+          else
+            OpenSSL::PKey::RSA.new(consumer_secret)
+          end
         end
-      )
 
-      private_key.sign(OpenSSL::Digest::SHA1.new, signature_base_string)
+        def digest
+          private_key = OpenSSL::PKey::RSA.new(
+            if options[:private_key_file]
+              File.read(options[:private_key_file])
+            elsif options[:private_key]
+              options[:private_key]
+            else
+              consumer_secret
+            end
+          )
+
+          private_key.sign(OpenSSL::Digest.new("SHA1"), signature_base_string)
+        end
+      end
     end
   end
 end

data/lib/oauth/signature.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module OAuth
   module Signature
     # Returns a list of available signature methods
@@ -15,6 +17,7 @@ module OAuth
         ((c = request.options[:consumer]) && c.options[:signature_method]) ||
         "").downcase]
       raise UnknownSignatureMethod, request.signature_method unless klass
+
       klass.new(request, options, &block)
     end
 

data/lib/oauth/token.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # this exists for backwards-compatibility
 
 require "oauth/tokens/token"

data/lib/oauth/tokens/access_token.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module OAuth
   # The Access Token is used for the actual "real" web service calls that you perform against the server
   class AccessToken < ConsumerToken

data/lib/oauth/tokens/consumer_token.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module OAuth
   # Superclass for tokens used by OAuth Clients
   class ConsumerToken < Token

data/lib/oauth/tokens/request_token.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module OAuth
   # The RequestToken is used for the initial Request.
   # This is normally created by the Consumer object.
@@ -23,7 +25,8 @@ module OAuth
 
     # exchange for AccessToken on server
     def get_access_token(options = {}, *arguments)
-      response = consumer.token_request(consumer.http_method, (consumer.access_token_url? ? consumer.access_token_url : consumer.access_token_path), self, options, *arguments)
+      response = consumer.token_request(consumer.http_method,
+                                        (consumer.access_token_url? ? consumer.access_token_url : consumer.access_token_path), self, options, *arguments)
       OAuth::AccessToken.from_hash(consumer, response)
     end
 
@@ -33,7 +36,7 @@ module OAuth
     def build_url(base_url, params)
       uri = URI.parse(base_url.to_s)
       queries = {}
-      queries = Hash[URI.decode_www_form(uri.query)] if uri.query
+      queries = URI.decode_www_form(uri.query).to_h if uri.query
       # TODO: doesn't handle array values correctly
       queries.merge!(params) if params
       uri.query = URI.encode_www_form(queries) unless queries.empty?

data/lib/oauth/tokens/server_token.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module OAuth
   # Used on the server for generating tokens
   class ServerToken < Token

data/lib/oauth/tokens/token.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module OAuth
   # Superclass for the various tokens used by OAuth
   class Token

data/lib/oauth/version.rb

@@ -1,3 +1,7 @@
+# frozen_string_literal: true
+
 module OAuth
-  VERSION = "0.5.14".freeze
+  module Version
+    VERSION = "0.6.2"
+  end
 end

data/lib/oauth.rb

@@ -1,5 +1,8 @@
-root = File.dirname(__FILE__)
-$LOAD_PATH << root unless $LOAD_PATH.include?(root)
+# frozen_string_literal: true
+
+# third party gems
+require "snaky_hash"
+require "version_gem"
 
 require "oauth/version"
 
@@ -11,3 +14,7 @@ require "oauth/signature/hmac/sha1"
 require "oauth/signature/hmac/sha256"
 require "oauth/signature/rsa/sha1"
 require "oauth/request_proxy/mock_request"
+
+OAuth::Version.class_eval do
+  extend VersionGem::Basic
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: oauth
 version: !ruby/object:Gem::Version
-  version: 0.5.14
+  version: 0.6.2
 platform: ruby
 authors:
 - Pelle Braendgaard
@@ -19,19 +19,33 @@ cert_chain: []
 date: 2022-08-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: curb
+  name: snaky_hash
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
+        version: '2.0'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: version_gem
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: em-http-request
   requirement: !ruby/object:Gem::Requirement
@@ -64,16 +78,16 @@ dependencies:
   name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.16'
+        version: 5.15.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.16'
+        version: 5.15.0
 - !ruby/object:Gem::Dependency
   name: mocha
   requirement: !ruby/object:Gem::Requirement
@@ -92,16 +106,16 @@ dependencies:
   name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
@@ -120,16 +134,16 @@ dependencies:
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '13.0'
 - !ruby/object:Gem::Dependency
   name: rest-client
   requirement: !ruby/object:Gem::Requirement
@@ -150,14 +164,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '12.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '12.0'
 - !ruby/object:Gem::Dependency
   name: typhoeus
   requirement: !ruby/object:Gem::Requirement
@@ -254,19 +268,18 @@ licenses:
 - MIT
 metadata:
   homepage_uri: https://github.com/oauth-xx/oauth-ruby
-  source_code_uri: https://github.com/oauth-xx/oauth-ruby/tree/v0.5.14
-  changelog_uri: https://github.com/oauth-xx/oauth-ruby/blob/v0.5.14/CHANGELOG.md
+  source_code_uri: https://github.com/oauth-xx/oauth-ruby/tree/v0.6.2
+  changelog_uri: https://github.com/oauth-xx/oauth-ruby/blob/v0.6.2/CHANGELOG.md
   bug_tracker_uri: https://github.com/oauth-xx/oauth-ruby/issues
-  documentation_uri: https://www.rubydoc.info/gems/oauth/0.5.14
+  documentation_uri: https://www.rubydoc.info/gems/oauth/0.6.2
   wiki_uri: https://github.com/oauth-xx/oauth-ruby/wiki
   rubygems_mfa_required: 'true'
-post_install_message: |2+
+post_install_message: |2
 
-  You have installed oauth version 0.5.14, congratulations!
+  You have installed oauth version 0.6.2, congratulations!
 
-  Support for the 0.5.x series will end by April, 2023. Please upgrade to 0.6.x or 1.x as soon as possible!
-  For 0.6.x the only breaking change will be dropped support for Ruby 2.0, 2.1, 2.2, and 2.3.
-  For 1.x the only breaking change will be dropped support for Ruby 2.4, 2.5, and 2.6.
+  Non-commercial support for the 0.6.x series will end by April, 2024. Please upgrade to 1.0.x as soon as possible!
+  The only breaking change will be dropped support for Ruby 2.4, 2.5, and 2.6.
 
   Please see:
   • https://github.com/oauth-xx/oauth-ruby/blob/main/SECURITY.md
@@ -287,7 +300,6 @@ post_install_message: |2+
   Please report issues, and support the project!
 
   Thanks, |7eter l-|. l3oling
-
 rdoc_options: []
 require_paths:
 - lib
@@ -295,7 +307,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.0'
+      version: '2.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -307,4 +319,3 @@ signing_key:
 specification_version: 4
 summary: OAuth Core Ruby implementation
 test_files: []
-...