oauth 0.5.3 → 0.5.7.pre.pre1

data/README.md

@@ -0,0 +1,211 @@
+# Ruby OAuth
+
+## Status
+
+| Project                    |  Ruby Oauth                |
+|--------------------------- |--------------------------- |
+| name, license, docs        |  [![RubyGems.org](https://img.shields.io/badge/name-oauth-brightgreen.svg?style=flat)][rubygems] [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)][license-ref] [![RubyDoc.info](https://img.shields.io/badge/documentation-rubydoc-brightgreen.svg?style=flat)][documentation] |
+| version & downloads        |  [![Version](https://img.shields.io/gem/v/oauth.svg)][rubygems] [![Downloads Today](https://img.shields.io/gem/rd/oauth.svg)][rubygems] [![Homepage](https://img.shields.io/badge/source-github-brightgreen.svg?style=flat)][source] |
+| dependencies & linting     |  [![Depfu](https://badges.depfu.com/badges/d570491bac0ad3b0b65deb3c82028327/count.svg)][depfu] [![lint status](https://github.com/oauth-xx/oauth-ruby/actions/workflows/style.yml/badge.svg)][actions] |
+| unit tests                 |  [![supported rubies](https://github.com/oauth-xx/oauth-ruby/actions/workflows/supported.yml/badge.svg)][actions] [![unsupported status](https://github.com/oauth-xx/oauth-ruby/actions/workflows/unsupported.yml/badge.svg)][actions] |
+| coverage & maintainability |  [![Test Coverage](https://api.codeclimate.com/v1/badges/3cf23270c21e8791d788/test_coverage)][climate_coverage] [![codecov](https://codecov.io/gh/oauth-xx/oauth-ruby/branch/master/graph/badge.svg?token=4ZNAWNxrf9)][codecov_coverage] [![Maintainability](https://api.codeclimate.com/v1/badges/3cf23270c21e8791d788/maintainability)][climate_maintainability] |
+| resources                  |  [![Discussion](https://img.shields.io/badge/discussions-github-brightgreen.svg?style=flat)][gh_discussions] [![Mailing List](https://img.shields.io/badge/group-mailinglist-violet.svg?style=social&logo=google)][mailinglist] [![Join the chat at https://gitter.im/oauth-xx/oauth-ruby](https://badges.gitter.im/Join%20Chat.svg)][chat] [![Blog](https://img.shields.io/badge/blog-railsbling-brightgreen.svg?style=flat)][blogpage] |
+| Spread ~♡ⓛⓞⓥⓔ♡~         |  [![Open Source Helpers](https://www.codetriage.com/oauth-xx/oauth-ruby/badges/users.svg)][code_triage] [![Liberapay Patrons](https://img.shields.io/liberapay/patrons/pboling.svg?logo=liberapay)][liberapay_donate] [🌏][aboutme] [👼][angelme] [💻][coderme] [🌹][politicme] [![Tweet @ Peter][followme-img]][tweetme] |
+
+## What
+
+This is a RubyGem for implementing both OAuth 1.0 clients and servers in Ruby
+applications.
+
+See the OAuth 1.0 spec http://oauth.net/core/1.0/
+
+See the sibling gem [oauth2](https://github.com/oauth-xx/oauth2) for OAuth 2.0 implementations in Ruby.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem "oauth"
+```
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install oauth
+
+## Compatibility
+
+Targeted ruby compatibility is non-EOL versions of Ruby, currently 2.6, 2.7, and
+3.0. Ruby is limited to 2.0+ in the gemspec, and this may change while the gem is
+still at version 0.x.
+
+## Basics
+
+This is a ruby library which is intended to be used in creating Ruby Consumer
+and Service Provider applications. It is NOT a Rails plugin, but could easily
+be used for the foundation for such a Rails plugin.
+
+As a matter of fact it has been pulled out from an OAuth Rails GEM
+(https://rubygems.org/gems/oauth-plugin https://github.com/pelle/oauth-plugin)
+which now uses this gem as a dependency.
+
+## Usage
+
+We need to specify the oauth_callback url explicitly, otherwise it defaults to
+"oob" (Out of Band)
+
+    callback_url = "http://127.0.0.1:3000/oauth/callback"
+
+Create a new `OAuth::Consumer` instance by passing it a configuration hash:
+
+    oauth_consumer = OAuth::Consumer.new("key", "secret", :site => "https://agree2")
+
+Start the process by requesting a token
+
+    request_token = oauth_consumer.get_request_token(:oauth_callback => callback_url)
+
+    session[:token] = request_token.token
+    session[:token_secret] = request_token.secret
+    redirect_to request_token.authorize_url(:oauth_callback => callback_url)
+
+When user returns create an access_token
+
+    hash = { oauth_token: session[:token], oauth_token_secret: session[:token_secret]}
+    request_token  = OAuth::RequestToken.from_hash(oauth_consumer, hash)
+    access_token = request_token.get_access_token
+    # For 3-legged authorization, flow oauth_verifier is passed as param in callback
+    # access_token = request_token.get_access_token(oauth_verifier: params[:oauth_verifier])
+    @photos = access_token.get('/photos.xml')
+
+Now that you have an access token, you can use Typhoeus to interact with the
+OAuth provider if you choose.
+
+    require 'typhoeus'
+    require 'oauth/request_proxy/typhoeus_request'
+    oauth_params = {:consumer => oauth_consumer, :token => access_token}
+    hydra = Typhoeus::Hydra.new
+    req = Typhoeus::Request.new(uri, options) # :method needs to be specified in options
+    oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
+    req.options[:headers].merge!({"Authorization" => oauth_helper.header}) # Signs the request
+    hydra.queue(req)
+    hydra.run
+    @response = req.response
+
+## More Information
+
+* RubyDoc Documentation: [![RubyDoc.info](https://img.shields.io/badge/documentation-rubydoc-brightgreen.svg?style=flat)][documentation]
+* Mailing List/Google Group: [![Mailing List](https://img.shields.io/badge/group-mailinglist-violet.svg?style=social&logo=google)][mailinglist]
+* GitHub Discussions: [![Discussion](https://img.shields.io/badge/discussions-github-brightgreen.svg?style=flat)][gh_discussions]
+* Live Chat on Gitter: [![Join the chat at https://gitter.im/oauth-xx/oauth-ruby](https://badges.gitter.im/Join%20Chat.svg)][chat]
+* Maintainer's Blog: [![Blog](https://img.shields.io/badge/blog-railsbling-brightgreen.svg?style=flat)][blogpage]
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at [https://github.com/oauth-xx/oauth-ruby][source]. This project is
+intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to
+the [code of conduct][conduct].
+
+To submit a patch, please fork the oauth project and create a patch with
+tests. Once you're happy with it send a pull request and post a message to the
+[google group][mailinglist].
+
+## Contributors
+
+[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth-ruby)]("https://github.com/oauth-xx/oauth-ruby/graphs/contributors")
+
+Made with [contributors-img](https://contrib.rocks).
+
+## Versioning
+
+This library aims to adhere to [Semantic Versioning 2.0.0][semver]. Violations of this scheme should be reported as
+bugs. Specifically, if a minor or patch version is released that breaks backward compatibility, a new version should be
+immediately released that restores compatibility. Breaking changes to the public API will only be introduced with new
+major versions.
+
+As a result of this policy, you can (and should) specify a dependency on this gem using
+the [Pessimistic Version Constraint][pvc] with two digits of precision.
+
+For example:
+
+```ruby
+spec.add_dependency "oauth", "~> 0.5"
+```
+
+## License
+
+The gem is available as open source under the terms of
+the [MIT License][license] [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)][license-ref].
+See [LICENSE][license] for the [Copyright Notice][copyright-notice-explainer].
+
+## Contact
+
+OAuth Ruby has been created and maintained by a large number of talented
+individuals. The current maintainer is Peter Boling ([@pboling][gh_sponsors]).
+
+Comments are welcome. Contact the [OAuth Ruby mailing list (Google Group)][mailinglist] or [GitHub Discussions][gh_discussions].
+
+[copyright-notice-explainer]: https://opensource.stackexchange.com/questions/5778/why-do-licenses-such-as-the-mit-license-specify-a-single-year
+
+[gh_discussions]: https://github.com/oauth-xx/oauth-ruby/discussions
+
+[mailinglist]: http://groups.google.com/group/oauth-ruby
+
+[conduct]: https://github.com/oauth-xx/oauth-ruby/blob/master/CODE_OF_CONDUCT.md
+
+[license]: LICENSE
+
+[license-ref]: https://opensource.org/licenses/MIT
+
+[semver]: http://semver.org/
+
+[pvc]: http://guides.rubygems.org/patterns/#pessimistic-version-constraint
+
+[railsbling]: http://www.railsbling.com
+
+[peterboling]: http://www.peterboling.com
+
+[aboutme]: https://about.me/peter.boling
+
+[angelme]: https://angel.co/peter-boling
+
+[coderme]:http://coderwall.com/pboling
+
+[followme-img]: https://img.shields.io/twitter/follow/galtzo.svg?style=social&label=Follow
+
+[tweetme]: http://twitter.com/galtzo
+
+[politicme]: https://nationalprogressiveparty.org
+
+[documentation]: https://rubydoc.info/github/oauth-xx/oauth-ruby/main
+
+[source]: https://github.com/oauth-xx/oauth-ruby/
+
+[actions]: https://github.com/oauth-xx/oauth-ruby/actions
+
+[issues]: https://github.com/oauth-xx/oauth-ruby/issues
+
+[climate_maintainability]: https://codeclimate.com/github/oauth-xx/oauth-ruby/maintainability
+
+[climate_coverage]: https://codeclimate.com/github/oauth-xx/oauth-ruby/test_coverage
+
+[codecov_coverage]: https://codecov.io/gh/oauth-xx/oauth-ruby
+
+[code_triage]: https://www.codetriage.com/oauth-xx/oauth-ruby
+
+[depfu]: https://depfu.com/github/oauth-xx/oauth-ruby?project_id=22868
+
+[blogpage]: http://www.railsbling.com/tags/oauth/
+
+[rubygems]: https://rubygems.org/gems/oauth
+
+[chat]: https://gitter.im/oauth-xx/oauth-ruby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
+
+[maintenancee_policy]: https://guides.rubyonrails.org/maintenance_policy.html#security-issues
+
+[liberapay_donate]: https://liberapay.com/pboling/donate
+
+[gh_sponsors]: https://github.com/sponsors/pboling

data/bin/oauth

@@ -1,11 +1,11 @@
 #!/usr/bin/env ruby
 
 require_relative "../lib/oauth"
-require 'oauth/cli'
+require "oauth/cli"
 
 Signal.trap("INT") { puts; exit(1) } # don't dump a backtrace on a ^C
 
-ARGV << 'help' if ARGV.empty?
+ARGV << "help" if ARGV.empty?
 command = ARGV.shift
 
 OAuth::CLI.new(STDOUT, STDIN, STDERR, command, ARGV).run

data/lib/oauth/cli/base_command.rb

@@ -26,7 +26,7 @@ class OAuth::CLI
     attr_reader :options
 
     def show_missing(array)
-      array = array.map { |s| "--#{s}" }.join(' ')
+      array = array.map { |s| "--#{s}" }.join(" ")
       OAuth::CLI.puts_red "Options missing to OAuth CLI: #{array}"
     end
 
@@ -131,7 +131,7 @@ class OAuth::CLI
         options[:method] = v
       end
 
-      opts.on("--nonce NONCE", "Specifies the none to use.") do |v|
+      opts.on("--nonce NONCE", "Specifies the nonce to use.") do |v|
         options[:oauth_nonce] = v
       end
 

data/lib/oauth/cli.rb

@@ -1,11 +1,11 @@
-require 'optparse'
-require 'oauth/cli/base_command'
-require 'oauth/cli/help_command'
-require 'oauth/cli/query_command'
-require 'oauth/cli/authorize_command'
-require 'oauth/cli/sign_command'
-require 'oauth/cli/version_command'
-require 'active_support/core_ext/string/inflections'
+require "optparse"
+require "oauth/cli/base_command"
+require "oauth/cli/help_command"
+require "oauth/cli/query_command"
+require "oauth/cli/authorize_command"
+require "oauth/cli/sign_command"
+require "oauth/cli/version_command"
+require "active_support/core_ext/string/inflections"
 
 module OAuth
   class CLI
@@ -14,11 +14,11 @@ module OAuth
     end
 
     ALIASES = {
-      'h' => 'help',
-      'v' => 'version',
-      'q' => 'query',
-      'a' => 'authorize',
-      's' => 'sign',
+      "h" => "help",
+      "v" => "version",
+      "q" => "query",
+      "a" => "authorize",
+      "s" => "sign",
     }
 
     def initialize(stdout, stdin, stderr, command, arguments)
@@ -39,17 +39,17 @@ module OAuth
 
     def parse_command(command)
       case command = command.to_s.downcase
-      when '--version', '-v'
-        'version'
-      when '--help', '-h', nil, ''
-        'help'
+      when "--version", "-v"
+        "version"
+      when "--help", "-h", nil, ""
+        "help"
       when *ALIASES.keys
         ALIASES[command]
       when *ALIASES.values
         command
       else
         OAuth::CLI.puts_red "Command '#{command}' not found"
-        'help'
+        "help"
       end
     end
   end

data/lib/oauth/client/action_controller_request.rb

@@ -1,9 +1,10 @@
 if defined? ActionDispatch
-  require 'oauth/request_proxy/rack_request'
-  require 'action_dispatch/testing/test_process'
+  require "oauth/request_proxy/rack_request"
+  require "oauth/request_proxy/action_dispatch_request"
+  require "action_dispatch/testing/test_process"
 else
-  require 'oauth/request_proxy/action_controller_request'
-  require 'action_controller/test_process'
+  require "oauth/request_proxy/action_controller_request"
+  require "action_controller/test_process"
 end
 
 module ActionController
@@ -34,7 +35,7 @@ module ActionController
     def configure_oauth(consumer = nil, token = nil, options = {})
       @oauth_options = { :consumer  => consumer,
                          :token     => token,
-                         :scheme    => 'header',
+                         :scheme    => "header",
                          :signature_method => nil,
                          :nonce     => nil,
                          :timestamp => nil }.merge(options)
@@ -50,7 +51,7 @@ module ActionController
     end
 
     def set_oauth_header
-      env['Authorization'] = @oauth_helper.header
+      env["Authorization"] = @oauth_helper.header
     end
 
     def set_oauth_parameters

data/lib/oauth/client/em_http.rb

@@ -1,119 +1,119 @@
-require 'em-http'
-require 'oauth/helper'
-require 'oauth/request_proxy/em_http_request'
+require "em-http"
+require "oauth/helper"
+require "oauth/request_proxy/em_http_request"
 
 # Extensions for em-http so that we can use consumer.sign! with an EventMachine::HttpClient
 # instance. This is purely syntactic sugar.
-class EventMachine::HttpClient
+module EventMachine
+  class HttpClient
+    attr_reader :oauth_helper
 
-  attr_reader :oauth_helper
+    # Add the OAuth information to an HTTP request. Depending on the <tt>options[:scheme]</tt> setting
+    # this may add a header, additional query string parameters, or additional POST body parameters.
+    # The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
+    # header.
+    #
+    # * http - Configured Net::HTTP instance, ignored in this scenario except for getting host.
+    # * consumer - OAuth::Consumer instance
+    # * token - OAuth::Token instance
+    # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
+    #   +signature_method+, +nonce+, +timestamp+)
+    #
+    # This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
+    #
+    # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1]
+    def oauth!(http, consumer = nil, token = nil, options = {})
+      options = { :request_uri      => normalized_oauth_uri(http),
+                  :consumer         => consumer,
+                  :token            => token,
+                  :scheme           => "header",
+                  :signature_method => nil,
+                  :nonce            => nil,
+                  :timestamp        => nil }.merge(options)
 
-  # Add the OAuth information to an HTTP request. Depending on the <tt>options[:scheme]</tt> setting
-  # this may add a header, additional query string parameters, or additional POST body parameters.
-  # The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
-  # header.
-  #
-  # * http - Configured Net::HTTP instance, ignored in this scenario except for getting host.
-  # * consumer - OAuth::Consumer instance
-  # * token - OAuth::Token instance
-  # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
-  #   +signature_method+, +nonce+, +timestamp+)
-  #
-  # This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
-  #
-  # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1]
-  def oauth!(http, consumer = nil, token = nil, options = {})
-    options = { :request_uri      => normalized_oauth_uri(http),
-                :consumer         => consumer,
-                :token            => token,
-                :scheme           => 'header',
-                :signature_method => nil,
-                :nonce            => nil,
-                :timestamp        => nil }.merge(options)
-
-    @oauth_helper = OAuth::Client::Helper.new(self, options)
-    self.__send__(:"set_oauth_#{options[:scheme]}")
-  end
+      @oauth_helper = OAuth::Client::Helper.new(self, options)
+      self.__send__(:"set_oauth_#{options[:scheme]}")
+    end
 
-  # Create a string suitable for signing for an HTTP request. This process involves parameter
-  # normalization as specified in the OAuth specification. The exact normalization also depends
-  # on the <tt>options[:scheme]</tt> being used so this must match what will be used for the request
-  # itself. The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
-  # header.
-  #
-  # * http - Configured Net::HTTP instance
-  # * consumer - OAuth::Consumer instance
-  # * token - OAuth::Token instance
-  # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
-  #   +signature_method+, +nonce+, +timestamp+)
-  #
-  # See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
-  def signature_base_string(http, consumer = nil, token = nil, options = {})
-    options = { :request_uri      => normalized_oauth_uri(http),
-                :consumer         => consumer,
-                :token            => token,
-                :scheme           => 'header',
-                :signature_method => nil,
-                :nonce            => nil,
-                :timestamp        => nil }.merge(options)
+    # Create a string suitable for signing for an HTTP request. This process involves parameter
+    # normalization as specified in the OAuth specification. The exact normalization also depends
+    # on the <tt>options[:scheme]</tt> being used so this must match what will be used for the request
+    # itself. The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
+    # header.
+    #
+    # * http - Configured Net::HTTP instance
+    # * consumer - OAuth::Consumer instance
+    # * token - OAuth::Token instance
+    # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
+    #   +signature_method+, +nonce+, +timestamp+)
+    #
+    # See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
+    def signature_base_string(http, consumer = nil, token = nil, options = {})
+      options = { :request_uri      => normalized_oauth_uri(http),
+                  :consumer         => consumer,
+                  :token            => token,
+                  :scheme           => "header",
+                  :signature_method => nil,
+                  :nonce            => nil,
+                  :timestamp        => nil }.merge(options)
 
-    OAuth::Client::Helper.new(self, options).signature_base_string
-  end
+      OAuth::Client::Helper.new(self, options).signature_base_string
+    end
 
-  # This code was lifted from the em-http-request because it was removed from
-  # the gem June 19, 2010
-  # see: http://github.com/igrigorik/em-http-request/commit/d536fc17d56dbe55c487eab01e2ff9382a62598b
-  def normalize_uri
-    @normalized_uri ||= begin
-      uri = @uri.dup
-      encoded_query = encode_query(@uri, @options[:query])
-      path, query = encoded_query.split("?", 2)
-      uri.query = query unless encoded_query.empty?
-      uri.path  = path
-      uri
+    # This code was lifted from the em-http-request because it was removed from
+    # the gem June 19, 2010
+    # see: http://github.com/igrigorik/em-http-request/commit/d536fc17d56dbe55c487eab01e2ff9382a62598b
+    def normalize_uri
+      @normalized_uri ||= begin
+        uri = @conn.dup
+        encoded_query = encode_query(@conn, @req[:query])
+        path, query = encoded_query.split("?", 2)
+        uri.query = query unless encoded_query.empty?
+        uri.path  = path
+        uri
+      end
     end
-  end
 
-  protected
+    protected
 
-  def combine_query(path, query, uri_query)
-    combined_query = if query.kind_of?(Hash)
-      query.map { |k, v| encode_param(k, v) }.join('&')
-    else
-      query.to_s
+    def combine_query(path, query, uri_query)
+      combined_query = if query.kind_of?(Hash)
+        query.map { |k, v| encode_param(k, v) }.join("&")
+      else
+        query.to_s
+      end
+      if !uri_query.to_s.empty?
+        combined_query = [combined_query, uri_query].reject {|part| part.empty?}.join("&")
+      end
+      combined_query.to_s.empty? ? path : "#{path}?#{combined_query}"
     end
-    if !uri_query.to_s.empty?
-      combined_query = [combined_query, uri_query].reject {|part| part.empty?}.join("&")
-    end
-    combined_query.to_s.empty? ? path : "#{path}?#{combined_query}"
-  end
 
-  # Since we expect to get the host etc details from the http instance (...),
-  # we create a fake url here. Surely this is a horrible, horrible idea?
-  def normalized_oauth_uri(http)
-    uri = URI.parse(normalize_uri.path)
-    uri.host = http.address
-    uri.port = http.port
+    # Since we expect to get the host etc details from the http instance (...),
+    # we create a fake url here. Surely this is a horrible, horrible idea?
+    def normalized_oauth_uri(http)
+      uri = URI.parse(normalize_uri.path)
+      uri.host = http.address
+      uri.port = http.port
 
-    if http.respond_to?(:use_ssl?) && http.use_ssl?
-      uri.scheme = "https"
-    else
-      uri.scheme = "http"
+      if http.respond_to?(:use_ssl?) && http.use_ssl?
+        uri.scheme = "https"
+      else
+        uri.scheme = "http"
+      end
+      uri.to_s
     end
-    uri.to_s
-  end
 
-  def set_oauth_header
-    headers = (self.options[:head] ||= {})
-    headers['Authorization'] = @oauth_helper.header
-  end
+    def set_oauth_header
+      self.req[:head] ||= {}
+      self.req[:head].merge!("Authorization" => @oauth_helper.header)
+    end
 
-  def set_oauth_body
-    raise NotImplementedError, 'please use the set_oauth_header method instead'
-  end
+    def set_oauth_body
+      raise NotImplementedError, "please use the set_oauth_header method instead"
+    end
 
-  def set_oauth_query_string
-    raise NotImplementedError, 'please use the set_oauth_header method instead'
+    def set_oauth_query_string
+      raise NotImplementedError, "please use the set_oauth_header method instead"
+    end
   end
-
 end

data/lib/oauth/client/helper.rb

@@ -1,8 +1,8 @@
-require 'oauth/client'
-require 'oauth/consumer'
-require 'oauth/helper'
-require 'oauth/token'
-require 'oauth/signature/hmac/sha1'
+require "oauth/client"
+require "oauth/consumer"
+require "oauth/helper"
+require "oauth/token"
+require "oauth/signature/hmac/sha1"
 
 module OAuth::Client
   class Helper
@@ -11,7 +11,7 @@ module OAuth::Client
     def initialize(request, options = {})
       @request = request
       @options = options
-      @options[:signature_method] ||= 'HMAC-SHA1'
+      @options[:signature_method] ||= "HMAC-SHA1"
     end
 
     def options
@@ -27,18 +27,24 @@ module OAuth::Client
     end
 
     def oauth_parameters
-      {
-        'oauth_body_hash'        => options[:body_hash],
-        'oauth_callback'         => options[:oauth_callback],
-        'oauth_consumer_key'     => options[:consumer].key,
-        'oauth_token'            => options[:token] ? options[:token].token : '',
-        'oauth_signature_method' => options[:signature_method],
-        'oauth_timestamp'        => timestamp,
-        'oauth_nonce'            => nonce,
-        'oauth_verifier'         => options[:oauth_verifier],
-        'oauth_version'          => (options[:oauth_version] || '1.0'),
-        'oauth_session_handle'   => options[:oauth_session_handle]
-      }.reject { |k,v| v.to_s == "" }
+      out = {
+        "oauth_body_hash"        => options[:body_hash],
+        "oauth_callback"         => options[:oauth_callback],
+        "oauth_consumer_key"     => options[:consumer].key,
+        "oauth_token"            => options[:token] ? options[:token].token : "",
+        "oauth_signature_method" => options[:signature_method],
+        "oauth_timestamp"        => timestamp,
+        "oauth_nonce"            => nonce,
+        "oauth_verifier"         => options[:oauth_verifier],
+        "oauth_version"          => (options[:oauth_version] || "1.0"),
+        "oauth_session_handle"   => options[:oauth_session_handle]
+      }
+      allowed_empty_params = options[:allow_empty_params]
+      if allowed_empty_params != true && !allowed_empty_params.kind_of?(Array)
+        allowed_empty_params = allowed_empty_params == false ? [] : [allowed_empty_params]
+      end
+      out.select! { |k,v| v.to_s != "" || allowed_empty_params == true || allowed_empty_params.include?(k) }
+      out
     end
 
     def signature(extra_options = {})
@@ -67,18 +73,18 @@ module OAuth::Client
     def amend_user_agent_header(headers)
       @oauth_ua_string ||= "OAuth gem v#{OAuth::VERSION}"
       # Net::HTTP in 1.9 appends Ruby
-      if headers['User-Agent'] && headers['User-Agent'] != 'Ruby'
-        headers['User-Agent'] += " (#{@oauth_ua_string})"
+      if headers["User-Agent"] && headers["User-Agent"] != "Ruby"
+        headers["User-Agent"] += " (#{@oauth_ua_string})"
       else
-        headers['User-Agent'] = @oauth_ua_string
+        headers["User-Agent"] = @oauth_ua_string
       end
     end
 
     def header
       parameters = oauth_parameters
-      parameters.merge!('oauth_signature' => signature(options.merge(:parameters => parameters)))
+      parameters.merge!("oauth_signature" => signature(options.merge(:parameters => parameters)))
 
-      header_params_str = parameters.sort.map { |k,v| "#{k}=\"#{escape(v)}\"" }.join(', ')
+      header_params_str = parameters.sort.map { |k,v| "#{k}=\"#{escape(v)}\"" }.join(", ")
 
       realm = "realm=\"#{options[:realm]}\", " if options[:realm]
       "OAuth #{realm}#{header_params_str}"