oauth 0.5.3 → 0.5.7.pre.pre1

data/lib/oauth/client/net_http.rb

@@ -1,5 +1,5 @@
-require 'oauth/helper'
-require 'oauth/request_proxy/net_http'
+require "oauth/helper"
+require "oauth/request_proxy/net_http"
 
 class Net::HTTPGenericRequest
   include OAuth::Helper
@@ -58,7 +58,7 @@ private
     { :request_uri      => oauth_full_request_uri(http,options),
       :consumer         => consumer,
       :token            => token,
-      :scheme           => 'header',
+      :scheme           => "header",
       :signature_method => nil,
       :nonce            => nil,
       :timestamp        => nil }.merge(options)
@@ -71,7 +71,7 @@ private
 
     if options[:request_endpoint] && options[:site]
       is_https = options[:site].match(%r(^https://))
-      uri.host = options[:site].gsub(%r(^https?://), '')
+      uri.host = options[:site].gsub(%r(^https?://), "")
       uri.port ||= is_https ? 443 : 80
     end
 
@@ -89,7 +89,7 @@ private
   end
 
   def set_oauth_header
-    self['Authorization'] = @oauth_helper.header
+    self["Authorization"] = @oauth_helper.header
   end
 
   # FIXME: if you're using a POST body and query string parameters, this method

data/lib/oauth/consumer.rb

@@ -1,34 +1,45 @@
-require 'net/http'
-require 'net/https'
-require 'oauth/oauth'
-require 'oauth/client/net_http'
-require 'oauth/errors'
-require 'cgi'
+require "net/http"
+require "net/https"
+require "oauth/oauth"
+require "oauth/client/net_http"
+require "oauth/errors"
+require "cgi"
 
 module OAuth
   class Consumer
     # determine the certificate authority path to verify SSL certs
-    CA_FILES = %W(#{ENV['SSL_CERT_FILE']} /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt /usr/share/curl/curl-ca-bundle.crt)
-    CA_FILES.each do |ca_file|
-      if File.exist?(ca_file)
-        CA_FILE = ca_file
-        break
+    if ENV["SSL_CERT_FILE"]
+      if File.exist?(ENV["SSL_CERT_FILE"])
+        CA_FILE = ENV["SSL_CERT_FILE"]
+      else
+        raise "The SSL CERT provided does not exist."
+      end
+    end
+
+    if !defined?(CA_FILE)
+      CA_FILES = %W(/etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt /usr/share/curl/curl-ca-bundle.crt)
+      CA_FILES.each do |ca_file|
+        if File.exist?(ca_file)
+          CA_FILE = ca_file
+          break
+        end
       end
     end
     CA_FILE = nil unless defined?(CA_FILE)
 
     @@default_options = {
       # Signature method used by server. Defaults to HMAC-SHA1
-      :signature_method   => 'HMAC-SHA1',
+      :signature_method   => "HMAC-SHA1",
 
       # default paths on site. These are the same as the defaults set up by the generators
-      :request_token_path => '/oauth/request_token',
-      :authorize_path     => '/oauth/authorize',
-      :access_token_path  => '/oauth/access_token',
+      :request_token_path => "/oauth/request_token",
+      :authenticate_path  => "/oauth/authenticate",
+      :authorize_path     => "/oauth/authorize",
+      :access_token_path  => "/oauth/access_token",
 
       :proxy              => nil,
       # How do we send the oauth values to the server see
-      # http://oauth.net/core/1.0/#consumer_req_param for more info
+      # https://oauth.net/core/1.0/#consumer_req_param for more info
       #
       # Possible values:
       #
@@ -146,11 +157,14 @@ module OAuth
       request_options[:oauth_callback] ||= OAuth::OUT_OF_BAND unless request_options[:exclude_callback]
 
       if block_given?
-        response = token_request(http_method,
-        (request_token_url? ? request_token_url : request_token_path),
-        nil,
-        request_options,
-        *arguments, &block)
+        response = token_request(
+          http_method,
+          (request_token_url? ? request_token_url : request_token_path),
+          nil,
+          request_options,
+          *arguments,
+          &block
+        )
       else
         response = token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, request_options, *arguments)
       end
@@ -179,7 +193,7 @@ module OAuth
       return nil if block_given? and yield(req) == :done
       rsp = http.request(req)
       # check for an error reported by the Problem Reporting extension
-      # (http://wiki.oauth.net/ProblemReporting)
+      # (https://wiki.oauth.net/ProblemReporting)
       # note: a 200 may actually be an error; check for an oauth_problem key to be sure
       if !(headers = rsp.to_hash["www-authenticate"]).nil? &&
         (h = headers.select { |hdr| hdr =~ /^OAuth / }).any? &&
@@ -228,9 +242,18 @@ module OAuth
           end
         end
       when (300..399)
-        # this is a redirect
-        uri = URI.parse(response['location'])
-        response.error! if uri.path == path # careful of those infinite redirects
+        # Parse redirect to follow
+        uri = URI.parse(response["location"])
+        our_uri = URI.parse(site)
+
+        # Guard against infinite redirects
+        response.error! if uri.path == path && our_uri.host == uri.host
+
+        if uri.path == path && our_uri.host != uri.host
+            options[:site] = "#{uri.scheme}://#{uri.host}"
+            @http = create_http
+        end
+
         self.token_request(http_method, uri.path, token, request_options, arguments)
       when (400..499)
         raise OAuth::Unauthorized, response
@@ -266,6 +289,10 @@ module OAuth
       @options[:request_token_path]
     end
 
+    def authenticate_path
+      @options[:authenticate_path]
+    end
+
     def authorize_path
       @options[:authorize_path]
     end
@@ -283,6 +310,14 @@ module OAuth
       @options.has_key?(:request_token_url)
     end
 
+    def authenticate_url
+      @options[:authenticate_url] || site + authenticate_path
+    end
+
+    def authenticate_url?
+      @options.has_key?(:authenticate_url)
+    end
+
     def authorize_url
       @options[:authorize_url] || site + authorize_path
     end
@@ -308,18 +343,22 @@ module OAuth
     # Instantiates the http object
     def create_http(_url = nil)
 
-
       if !request_endpoint.nil?
        _url = request_endpoint
       end
 
-
-      if _url.nil? || _url[0] =~ /^\//
-        our_uri = URI.parse(site)
-      else
-        our_uri = URI.parse(_url)
-      end
-
+      our_uri = if _url.nil? || _url[0] =~ /^\//
+                  URI.parse(site)
+                else
+                  your_uri = URI.parse(_url)
+                  if your_uri.host.nil?
+                    # If the _url is a path, missing the leading slash, then it won't have a host,
+                    # and our_uri *must* have a host, so we parse site instead.
+                    URI.parse(site)
+                  else
+                    your_uri
+                  end
+                end
 
       if proxy.nil?
         http_object = Net::HTTP.new(our_uri.host, our_uri.port)
@@ -328,19 +367,24 @@ module OAuth
         http_object = Net::HTTP.new(our_uri.host, our_uri.port, proxy_uri.host, proxy_uri.port, proxy_uri.user, proxy_uri.password)
       end
 
-      http_object.use_ssl = (our_uri.scheme == 'https')
+      http_object.use_ssl = (our_uri.scheme == "https")
 
-      if @options[:ca_file] || CA_FILE
-        http_object.ca_file = @options[:ca_file] || CA_FILE
+      if @options[:no_verify]
+        http_object.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      else
+        ca_file =  @options[:ca_file] || CA_FILE
+        if ca_file
+          http_object.ca_file = ca_file
+        end
         http_object.verify_mode = OpenSSL::SSL::VERIFY_PEER
         http_object.verify_depth = 5
-      else
-        http_object.verify_mode = OpenSSL::SSL::VERIFY_NONE
       end
 
-      http_object.read_timeout = http_object.open_timeout = @options[:timeout] || 30
+      http_object.read_timeout = http_object.open_timeout = @options[:timeout] || 60
       http_object.open_timeout = @options[:open_timeout] if @options[:open_timeout]
       http_object.ssl_version = @options[:ssl_version] if @options[:ssl_version]
+      http_object.cert = @options[:ssl_client_cert] if @options[:ssl_client_cert]
+      http_object.key  = @options[:ssl_client_key] if @options[:ssl_client_key]
       http_object.set_debug_output(debug_output) if debug_output
 
       http_object
@@ -358,20 +402,20 @@ module OAuth
       # only add if the site host matches the current http object's host
       # (in case we've specified a full url for token requests)
       uri  = URI.parse(site)
-      path = uri.path + path if uri.path && uri.path != '/' && uri.host == http.address
+      path = uri.path + path if uri.path && uri.path != "/" && uri.host == http.address
 
       headers = arguments.first.is_a?(Hash) ? arguments.shift : {}
 
       case http_method
       when :post
         request = Net::HTTP::Post.new(path,headers)
-        request["Content-Length"] = '0' # Default to 0
+        request["Content-Length"] = "0" # Default to 0
       when :put
         request = Net::HTTP::Put.new(path,headers)
-        request["Content-Length"] = '0' # Default to 0
+        request["Content-Length"] = "0" # Default to 0
       when :patch
         request = Net::HTTP::Patch.new(path,headers)
-        request["Content-Length"] = '0' # Default to 0
+        request["Content-Length"] = "0" # Default to 0
       when :get
         request = Net::HTTP::Get.new(path,headers)
       when :delete
@@ -384,7 +428,7 @@ module OAuth
 
       if data.is_a?(Hash)
         request.body = OAuth::Helper.normalize(data)
-        request.content_type = 'application/x-www-form-urlencoded'
+        request.content_type = "application/x-www-form-urlencoded"
       elsif data
         if data.respond_to?(:read)
           request.body_stream = data

data/lib/oauth/errors/unauthorized.rb

@@ -6,7 +6,9 @@ module OAuth
     end
 
     def to_s
-      [request.code, request.message] * " "
+      return "401 Unauthorized" if request.nil?
+
+      "#{request.code} #{request.message}"
     end
   end
 end

data/lib/oauth/errors.rb

@@ -1,3 +1,3 @@
-require 'oauth/errors/error'
-require 'oauth/errors/unauthorized'
-require 'oauth/errors/problem'
+require "oauth/errors/error"
+require "oauth/errors/unauthorized"
+require "oauth/errors/problem"

data/lib/oauth/helper.rb

@@ -1,5 +1,5 @@
-require 'openssl'
-require 'base64'
+require "openssl"
+require "base64"
 
 module OAuth
   module Helper
@@ -15,17 +15,17 @@ module OAuth
     end
 
     def _escape(string)
-      URI.escape(string, OAuth::RESERVED_CHARACTERS)
+      URI::DEFAULT_PARSER.escape(string, OAuth::RESERVED_CHARACTERS)
     end
 
     def unescape(value)
-      URI.unescape(value.gsub('+', '%2B'))
+      URI::DEFAULT_PARSER.unescape(value.gsub("+", "%2B"))
     end
 
     # Generate a random key of up to +size+ bytes. The value returned is Base64 encoded with non-word
     # characters removed.
     def generate_key(size=32)
-      Base64.encode64(OpenSSL::Random.random_bytes(size)).gsub(/\W/, '')
+      Base64.encode64(OpenSSL::Random.random_bytes(size)).gsub(/\W/, "")
     end
 
     alias_method :generate_nonce, :generate_key
@@ -47,8 +47,12 @@ module OAuth
           # make sure the array has an element so we don't lose the key
           values << nil if values.empty?
           # multiple values were provided for a single key
-          values.sort.collect do |v|
-            [escape(k),escape(v)] * "="
+          if values[0].is_a?(Hash)
+            normalize_nested_query(values, k)
+          else
+            values.sort.collect do |v|
+              [escape(k),escape(v)] * "="
+            end
           end
         elsif values.is_a?(Hash)
           normalize_nested_query(values, k)
@@ -58,7 +62,7 @@ module OAuth
       end * "&"
     end
 
-    #Returns a string representation of the Hash like in URL query string
+    # Returns a string representation of the Hash like in URL query string
     # build_nested_query({:level_1 => {:level_2 => ['value_1','value_2']}}, 'prefix'))
     #   #=> ["prefix%5Blevel_1%5D%5Blevel_2%5D%5B%5D=value_1", "prefix%5Blevel_1%5D%5Blevel_2%5D%5B%5D=value_2"]
     def normalize_nested_query(value, prefix = nil)

data/lib/oauth/oauth_test_helper.rb

@@ -1,5 +1,5 @@
-require 'action_controller'
-require 'action_controller/test_process'
+require "action_controller"
+require "action_controller/test_process"
 
 module OAuth
   module OAuthTestHelper
@@ -8,7 +8,7 @@ module OAuth
       incoming.request_uri = request.path
       incoming.host = request.uri.host
       incoming.env["SERVER_PORT"] = request.uri.port
-      incoming.env['REQUEST_METHOD'] = request.http_method
+      incoming.env["REQUEST_METHOD"] = request.http_method
       incoming
     end
 
@@ -18,7 +18,7 @@ module OAuth
       incoming.host = request.uri.host
       incoming.env["HTTP_AUTHORIZATION"] = request.to_auth_string
       incoming.env["SERVER_PORT"] = request.uri.port
-      incoming.env['REQUEST_METHOD'] = request.http_method
+      incoming.env["REQUEST_METHOD"] = request.http_method
       incoming
     end
   end

data/lib/oauth/request_proxy/action_controller_request.rb

@@ -1,12 +1,12 @@
-require 'active_support'
+require "active_support"
 require "active_support/version"
-require 'action_controller'
-require 'uri'
+require "action_controller"
+require "uri"
 
 if
   Gem::Version.new(ActiveSupport::VERSION::STRING) < Gem::Version.new("3")
 then # rails 2.x
-  require 'action_controller/request'
+  require "action_controller/request"
   unless ActionController::Request::HTTP_METHODS.include?("patch")
     ActionController::Request::HTTP_METHODS << "patch"
     ActionController::Request::HTTP_METHOD_LOOKUP["PATCH"] = :patch
@@ -16,15 +16,15 @@ then # rails 2.x
 elsif
   Gem::Version.new(ActiveSupport::VERSION::STRING) < Gem::Version.new("4")
 then # rails 3.x
-  require 'action_dispatch/http/request'
+  require "action_dispatch/http/request"
   unless ActionDispatch::Request::HTTP_METHODS.include?("patch")
     ActionDispatch::Request::HTTP_METHODS << "patch"
     ActionDispatch::Request::HTTP_METHOD_LOOKUP["PATCH"] = :patch
     ActionDispatch::Request::HTTP_METHOD_LOOKUP["patch"] = :patch
   end
 
-else # rails 4.x - already has patch
-  require 'action_dispatch/http/request'
+else # rails 4.x and later - already has patch
+  require "action_dispatch/http/request"
 end
 
 module OAuth::RequestProxy
@@ -60,16 +60,20 @@ module OAuth::RequestProxy
         params << header_params.to_query
         params << request.query_string unless query_string_blank?
 
-        if request.post? && request.content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
+        if raw_post_signature?
           params << request.raw_post
         end
       end
 
       params.
-        join('&').split('&').
+        join("&").split("&").
         reject { |s| s.match(/\A\s*\z/) }.
-        map { |p| p.split('=').map{|esc| CGI.unescape(esc)} }.
-        reject { |kv| kv[0] == 'oauth_signature'}
+        map { |p| p.split("=").map{|esc| CGI.unescape(esc)} }.
+        reject { |kv| kv[0] == "oauth_signature"}
+    end
+
+    def raw_post_signature?
+      (request.post? || request.put?) && request.content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
     end
 
   protected

data/lib/oauth/request_proxy/action_dispatch_request.rb

@@ -0,0 +1,7 @@
+require "oauth/request_proxy/rack_request"
+
+module OAuth::RequestProxy
+  class ActionDispatchRequest < OAuth::RequestProxy::RackRequest
+    proxies ActionDispatch::Request
+  end
+end

data/lib/oauth/request_proxy/base.rb

@@ -1,5 +1,5 @@
-require 'oauth/request_proxy'
-require 'oauth/helper'
+require "oauth/request_proxy"
+require "oauth/helper"
 
 module OAuth::RequestProxy
   class Base
@@ -20,41 +20,41 @@ module OAuth::RequestProxy
     ## OAuth parameters
 
     def oauth_callback
-      parameters['oauth_callback']
+      parameters["oauth_callback"]
     end
 
     def oauth_consumer_key
-      parameters['oauth_consumer_key']
+      parameters["oauth_consumer_key"]
     end
 
     def oauth_nonce
-      parameters['oauth_nonce']
+      parameters["oauth_nonce"]
     end
 
     def oauth_signature
       # TODO can this be nil?
-      [parameters['oauth_signature']].flatten.first || ""
+      [parameters["oauth_signature"]].flatten.first || ""
     end
 
     def oauth_signature_method
-      case parameters['oauth_signature_method']
+      case parameters["oauth_signature_method"]
       when Array
-        parameters['oauth_signature_method'].first
+        parameters["oauth_signature_method"].first
       else
-        parameters['oauth_signature_method']
+        parameters["oauth_signature_method"]
       end
     end
 
     def oauth_timestamp
-      parameters['oauth_timestamp']
+      parameters["oauth_timestamp"]
     end
 
     def oauth_token
-      parameters['oauth_token']
+      parameters["oauth_token"]
     end
 
     def oauth_verifier
-      parameters['oauth_verifier']
+      parameters["oauth_verifier"]
     end
 
     def oauth_version
@@ -140,15 +140,15 @@ module OAuth::RequestProxy
 
     # Authorization header for OAuth
     def oauth_header(options = {})
-      header_params_str = oauth_parameters.map { |k,v| "#{k}=\"#{escape(v)}\"" }.join(', ')
+      header_params_str = oauth_parameters.map { |k,v| "#{k}=\"#{escape(v)}\"" }.join(", ")
 
       realm = "realm=\"#{options[:realm]}\", " if options[:realm]
       "OAuth #{realm}#{header_params_str}"
     end
 
     def query_string_blank?
-      if uri = request.env['REQUEST_URI']
-        uri.split('?', 2)[1].nil?
+      if uri = request.env["REQUEST_URI"]
+        uri.split("?", 2)[1].nil?
       else
         request.query_string.match(/\A\s*\z/)
       end
@@ -161,7 +161,7 @@ module OAuth::RequestProxy
         next unless request.env.include?(header)
 
         header = request.env[header]
-        next unless header[0,6] == 'OAuth '
+        next unless header[0,6] == "OAuth "
 
         # parse the header into a Hash
         oauth_params = OAuth::Helper.parse_header(header)

data/lib/oauth/request_proxy/curb_request.rb

@@ -1,7 +1,7 @@
-  require 'oauth/request_proxy/base'
-require 'curb'
-require 'uri'
-require 'cgi'
+  require "oauth/request_proxy/base"
+require "curb"
+require "uri"
+require "cgi"
 
 module OAuth::RequestProxy::Curl
   class Easy < OAuth::RequestProxy::Base
@@ -42,7 +42,7 @@ module OAuth::RequestProxy::Curl
       post_body = {}
 
       # Post params are only used if posting form data
-      if (request.headers['Content-Type'] && request.headers['Content-Type'].to_s.downcase.start_with?("application/x-www-form-urlencoded"))
+      if (request.headers["Content-Type"] && request.headers["Content-Type"].to_s.downcase.start_with?("application/x-www-form-urlencoded"))
 
         request.post_body.split("&").each do |str|
           param = str.split("=")

data/lib/oauth/request_proxy/em_http_request.rb

@@ -1,7 +1,7 @@
-require 'oauth/request_proxy/base'
+require "oauth/request_proxy/base"
 # em-http also uses adddressable so there is no need to require uri.
-require 'em-http'
-require 'cgi'
+require "em-http"
+require "cgi"
 
 module OAuth::RequestProxy::EventMachine
   class HttpRequest < OAuth::RequestProxy::Base
@@ -14,11 +14,11 @@ module OAuth::RequestProxy::EventMachine
     # Request in this con
 
     def method
-      request.method
+      request.req[:method]
     end
 
     def uri
-      request.normalize_uri.to_s
+      request.conn.normalize.to_s
     end
 
     def parameters
@@ -36,14 +36,20 @@ module OAuth::RequestProxy::EventMachine
     end
 
     def query_parameters
-      CGI.parse(request.normalize_uri.query.to_s)
+      quer = request.req[:query]
+      hash_quer = if quer.respond_to?(:merge)
+                    quer
+                  else
+                    CGI.parse(quer.to_s)
+                  end
+      CGI.parse(request.conn.query.to_s).merge(hash_quer)
     end
 
     def post_parameters
-      headers = request.options[:head] || {}
-      form_encoded = headers['Content-Type'].to_s.downcase.start_with?("application/x-www-form-urlencoded")
-      if ['POST', 'PUT'].include?(method) && form_encoded
-        CGI.parse(request.normalize_body.to_s)
+      headers = request.req[:head] || {}
+      form_encoded = headers["Content-Type"].to_s.downcase.start_with?("application/x-www-form-urlencoded")
+      if ["POST", "PUT"].include?(method) && form_encoded
+        CGI.parse(request.normalize_body(request.req[:body]).to_s)
       else
         {}
       end
@@ -53,9 +59,9 @@ module OAuth::RequestProxy::EventMachine
       extra_params.compact.each do |params_pairs|
         params_pairs.each_pair do |key, value|
           if params.has_key?(key)
-            params[key] += value
+            params[key.to_s] += value
           else
-            params[key] = [value].flatten
+            params[key.to_s] = [value].flatten
           end
         end
       end

data/lib/oauth/request_proxy/jabber_request.rb

@@ -1,5 +1,5 @@
-require 'xmpp4r'
-require 'oauth/request_proxy/base'
+require "xmpp4r"
+require "oauth/request_proxy/base"
 
 module OAuth
   module RequestProxy
@@ -13,7 +13,7 @@ module OAuth
 
         @params = {}
 
-        oauth = @request.get_elements('//oauth').first
+        oauth = @request.get_elements("//oauth").first
         return @params unless oauth
 
         %w( oauth_token oauth_consumer_key oauth_signature_method oauth_signature

data/lib/oauth/request_proxy/mock_request.rb

@@ -1,4 +1,4 @@
-require 'oauth/request_proxy/base'
+require "oauth/request_proxy/base"
 
 module OAuth
   module RequestProxy