oauth 0.5.3 → 0.5.7.pre.pre1

data/lib/oauth/request_proxy/net_http.rb

@@ -1,7 +1,7 @@
-require 'oauth/request_proxy/base'
-require 'net/http'
-require 'uri'
-require 'cgi'
+require "oauth/request_proxy/base"
+require "net/http"
+require "uri"
+require "cgi"
 
 module OAuth::RequestProxy::Net
   module HTTP
@@ -48,12 +48,12 @@ module OAuth::RequestProxy::Net
 
       def query_string
         params = [ query_params, auth_header_params ]
-        params << post_params if (method.to_s.upcase == 'POST' || method.to_s.upcase == 'PUT') && form_url_encoded?
-        params.compact.join('&')
+        params << post_params if (method.to_s.upcase == "POST" || method.to_s.upcase == "PUT") && form_url_encoded?
+        params.compact.join("&")
       end
 
       def form_url_encoded?
-        request['Content-Type'] != nil && request['Content-Type'].to_s.downcase.start_with?('application/x-www-form-urlencoded')
+        request["Content-Type"] != nil && request["Content-Type"].to_s.downcase.start_with?("application/x-www-form-urlencoded")
       end
 
       def query_params
@@ -65,8 +65,8 @@ module OAuth::RequestProxy::Net
       end
 
       def auth_header_params
-        return nil unless request['Authorization'] && request['Authorization'][0,5] == 'OAuth'
-        request['Authorization']
+        return nil unless request["Authorization"] && request["Authorization"][0,5] == "OAuth"
+        request["Authorization"]
       end
     end
   end

data/lib/oauth/request_proxy/rack_request.rb

@@ -1,6 +1,6 @@
-require 'oauth/request_proxy/base'
-require 'uri'
-require 'rack'
+require "oauth/request_proxy/base"
+require "uri"
+require "rack"
 
 module OAuth::RequestProxy
   class RackRequest < OAuth::RequestProxy::Base
@@ -24,7 +24,7 @@ module OAuth::RequestProxy
     end
 
     def signature
-      parameters['oauth_signature']
+      parameters["oauth_signature"]
     end
 
   protected

data/lib/oauth/request_proxy/rest_client_request.rb

@@ -1,7 +1,7 @@
-require 'oauth/request_proxy/base'
-require 'rest-client'
-require 'uri'
-require 'cgi'
+require "oauth/request_proxy/base"
+require "rest-client"
+require "uri"
+require "cgi"
 
 module OAuth::RequestProxy::RestClient
   class Request < OAuth::RequestProxy::Base
@@ -35,7 +35,7 @@ module OAuth::RequestProxy::RestClient
       
       def post_parameters
         # Post params are only used if posting form data
-        if method == 'POST' || method == 'PUT'
+        if method == "POST" || method == "PUT"
           OAuth::Helper.stringify_keys(query_string_to_hash(request.payload.to_s) || {})
         else
           {}
@@ -45,8 +45,8 @@ module OAuth::RequestProxy::RestClient
    private
       
       def query_string_to_hash(query)
-        keyvals = query.split('&').inject({}) do |result, q| 
-          k,v = q.split('=')
+        keyvals = query.split("&").inject({}) do |result, q| 
+          k,v = q.split("=")
           if !v.nil?
              result.merge({k => v})
           elsif !result.key?(k)

data/lib/oauth/request_proxy/typhoeus_request.rb

@@ -1,8 +1,8 @@
-require 'oauth/request_proxy/base'
-require 'typhoeus'
-require 'typhoeus/request'
-require 'uri'
-require 'cgi'
+require "oauth/request_proxy/base"
+require "typhoeus"
+require "typhoeus/request"
+require "uri"
+require "cgi"
 
 module OAuth::RequestProxy::Typhoeus
   class Request < OAuth::RequestProxy::Base
@@ -20,7 +20,7 @@ module OAuth::RequestProxy::Typhoeus
 
     def method
       request_method = request.options[:method].to_s.upcase
-      request_method.empty? ? 'GET' : request_method
+      request_method.empty? ? "GET" : request_method
     end
 
     def uri
@@ -44,7 +44,7 @@ module OAuth::RequestProxy::Typhoeus
 
     def post_parameters
       # Post params are only used if posting form data
-      if method == 'POST'
+      if method == "POST"
         OAuth::Helper.stringify_keys(request.options[:params] || {})
       else
         {}

data/lib/oauth/server.rb

@@ -1,5 +1,5 @@
-require 'oauth/helper'
-require 'oauth/consumer'
+require "oauth/helper"
+require "oauth/consumer"
 
 module OAuth
   # This is mainly used to create consumer credentials and can pretty much be ignored if you want to create your own

data/lib/oauth/signature/base.rb

@@ -1,7 +1,7 @@
-require 'oauth/signature'
-require 'oauth/helper'
-require 'oauth/request_proxy/base'
-require 'base64'
+require "oauth/signature"
+require "oauth/helper"
+require "oauth/request_proxy/base"
+require "base64"
 
 module OAuth::Signature
   class Base
@@ -47,11 +47,13 @@ module OAuth::Signature
     end
 
     def signature
-      Base64.encode64(digest).chomp.gsub(/\n/,'')
+      Base64.encode64(digest).chomp.gsub(/\n/,"")
     end
 
     def ==(cmp_signature)
-      signature == cmp_signature
+      check = signature.bytesize ^ cmp_signature.bytesize
+      signature.bytes.zip(cmp_signature.bytes) { |x, y| check |= x ^ y.to_i }
+      check.zero?
     end
 
     def verify

data/lib/oauth/signature/hmac/sha1.rb

@@ -1,17 +1,17 @@
-require 'oauth/signature/base'
+require "oauth/signature/base"
 
 module OAuth::Signature::HMAC
   class SHA1 < OAuth::Signature::Base
-    implements 'hmac-sha1'
+    implements "hmac-sha1"
 
     def body_hash
-      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || '')).chomp.gsub(/\n/,'')
+      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.gsub(/\n/,"")
     end
 
     private
 
     def digest
-      OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), secret, signature_base_string)
+      OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha1"), secret, signature_base_string)
     end
   end
 end

data/lib/oauth/signature/hmac/sha256.rb

@@ -0,0 +1,17 @@
+require "oauth/signature/base"
+
+module OAuth::Signature::HMAC
+  class SHA256 < OAuth::Signature::Base
+    implements "hmac-sha256"
+
+    def body_hash
+      Base64.encode64(OpenSSL::Digest::SHA256.digest(request.body || "")).chomp.gsub(/\n/,"")
+    end
+
+    private
+
+    def digest
+      OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha256"), secret, signature_base_string)
+    end
+  end
+end

data/lib/oauth/signature/plaintext.rb

@@ -1,8 +1,8 @@
-require 'oauth/signature/base'
+require "oauth/signature/base"
 
 module OAuth::Signature
   class PLAINTEXT < Base
-    implements 'plaintext'
+    implements "plaintext"
 
     def signature
       signature_base_string

data/lib/oauth/signature/rsa/sha1.rb

@@ -1,8 +1,8 @@
-require 'oauth/signature/base'
+require "oauth/signature/base"
 
 module OAuth::Signature::RSA
   class SHA1 < OAuth::Signature::Base
-    implements 'rsa-sha1'
+    implements "rsa-sha1"
 
     def ==(cmp_signature)
       public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(cmp_signature.is_a?(Array) ? cmp_signature.first : cmp_signature), signature_base_string)
@@ -19,7 +19,7 @@ module OAuth::Signature::RSA
     end
 
     def body_hash
-      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || '')).chomp.gsub(/\n/,'')
+      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.gsub(/\n/,"")
     end
 
     private

data/lib/oauth/token.rb

@@ -1,7 +1,7 @@
 # this exists for backwards-compatibility
 
-require 'oauth/tokens/token'
-require 'oauth/tokens/server_token'
-require 'oauth/tokens/consumer_token'
-require 'oauth/tokens/request_token'
-require 'oauth/tokens/access_token'
+require "oauth/tokens/token"
+require "oauth/tokens/server_token"
+require "oauth/tokens/consumer_token"
+require "oauth/tokens/request_token"
+require "oauth/tokens/access_token"

data/lib/oauth/tokens/access_token.rb

@@ -43,7 +43,7 @@ module OAuth
     #   @response = @token.post('/people', nil, {'Accept' => 'application/xml' })
     #   @response = @token.post('/people', @person.to_xml, { 'Accept'=>'application/xml', 'Content-Type' => 'application/xml' })
     #
-    def post(path, body = '', headers = {})
+    def post(path, body = "", headers = {})
       request(:post, path, body, headers)
     end
 
@@ -55,7 +55,7 @@ module OAuth
     #   @response = @token.put('/people/123', nil, { 'Accept' => 'application/xml' })
     #   @response = @token.put('/people/123', @person.to_xml, { 'Accept' => 'application/xml', 'Content-Type' => 'application/xml' })
     #
-    def put(path, body = '', headers = {})
+    def put(path, body = "", headers = {})
       request(:put, path, body, headers)
     end
 
@@ -67,7 +67,7 @@ module OAuth
     #   @response = @token.patch('/people/123', nil, { 'Accept' => 'application/xml' })
     #   @response = @token.patch('/people/123', @person.to_xml, { 'Accept' => 'application/xml', 'Content-Type' => 'application/xml' })
     #
-    def patch(path, body = '', headers = {})
+    def patch(path, body = "", headers = {})
       request(:patch, path, body, headers)
     end
 

data/lib/oauth/tokens/request_token.rb

@@ -8,7 +8,14 @@ module OAuth
       return nil if self.token.nil?
 
       params = (params || {}).merge(:oauth_token => self.token)
-      build_authorize_url(consumer.authorize_url, params)
+      build_url(consumer.authorize_url, params)
+    end
+
+    def authenticate_url(params = nil)
+      return nil if self.token.nil?
+
+      params = (params || {}).merge(:oauth_token => self.token)
+      build_url(consumer.authenticate_url, params)
     end
 
     def callback_confirmed?
@@ -23,8 +30,8 @@ module OAuth
 
   protected
 
-    # construct an authorization url
-    def build_authorize_url(base_url, params)
+    # construct an authorization or authentication url
+    def build_url(base_url, params)
       uri = URI.parse(base_url.to_s)
       queries = {}
       queries = Hash[URI.decode_www_form(uri.query)] if uri.query

data/lib/oauth/version.rb

@@ -1,3 +1,3 @@
 module OAuth
-  VERSION = "0.5.3"
+  VERSION = "0.5.7-pre1"
 end

data/lib/oauth.rb

@@ -1,12 +1,13 @@
 root = File.dirname(__FILE__)
 $LOAD_PATH << root unless $LOAD_PATH.include?(root)
 
-require 'oauth/version'
+require "oauth/version"
 
-require 'oauth/oauth'
-require 'oauth/core_ext'
+require "oauth/oauth"
 
-require 'oauth/client/helper'
-require 'oauth/signature/hmac/sha1'
-require 'oauth/signature/rsa/sha1'
-require 'oauth/request_proxy/mock_request'
+require "oauth/client/helper"
+require "oauth/signature/plaintext"
+require "oauth/signature/hmac/sha1"
+require "oauth/signature/hmac/sha256"
+require "oauth/signature/rsa/sha1"
+require "oauth/request_proxy/mock_request"