oauth 0.5.4 → 0.5.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/CHANGELOG.md +483 -0
- data/CODE_OF_CONDUCT.md +84 -0
- data/CONTRIBUTING.md +23 -0
- data/LICENSE +18 -17
- data/README.md +190 -0
- data/SECURITY.md +16 -0
- data/TODO +0 -0
- data/bin/oauth +2 -2
- data/lib/oauth/cli/authorize_command.rb +0 -0
- data/lib/oauth/cli/base_command.rb +1 -1
- data/lib/oauth/cli/help_command.rb +0 -0
- data/lib/oauth/cli/query_command.rb +0 -0
- data/lib/oauth/cli/sign_command.rb +0 -0
- data/lib/oauth/cli/version_command.rb +0 -0
- data/lib/oauth/cli.rb +18 -18
- data/lib/oauth/client/action_controller_request.rb +7 -7
- data/lib/oauth/client/em_http.rb +99 -99
- data/lib/oauth/client/helper.rb +29 -23
- data/lib/oauth/client/net_http.rb +5 -5
- data/lib/oauth/client.rb +0 -0
- data/lib/oauth/consumer.rb +88 -44
- data/lib/oauth/errors/error.rb +0 -0
- data/lib/oauth/errors/problem.rb +0 -0
- data/lib/oauth/errors/unauthorized.rb +3 -1
- data/lib/oauth/errors.rb +3 -3
- data/lib/oauth/helper.rb +11 -7
- data/lib/oauth/oauth.rb +0 -0
- data/lib/oauth/oauth_test_helper.rb +4 -4
- data/lib/oauth/request_proxy/action_controller_request.rb +56 -53
- data/lib/oauth/request_proxy/action_dispatch_request.rb +8 -4
- data/lib/oauth/request_proxy/base.rb +136 -132
- data/lib/oauth/request_proxy/curb_request.rb +49 -43
- data/lib/oauth/request_proxy/em_http_request.rb +59 -49
- data/lib/oauth/request_proxy/jabber_request.rb +12 -9
- data/lib/oauth/request_proxy/mock_request.rb +4 -2
- data/lib/oauth/request_proxy/net_http.rb +63 -54
- data/lib/oauth/request_proxy/rack_request.rb +35 -31
- data/lib/oauth/request_proxy/rest_client_request.rb +53 -50
- data/lib/oauth/request_proxy/typhoeus_request.rb +51 -45
- data/lib/oauth/request_proxy.rb +0 -0
- data/lib/oauth/server.rb +2 -2
- data/lib/oauth/signature/base.rb +8 -6
- data/lib/oauth/signature/hmac/sha1.rb +4 -4
- data/lib/oauth/signature/hmac/sha256.rb +17 -0
- data/lib/oauth/signature/plaintext.rb +2 -2
- data/lib/oauth/signature/rsa/sha1.rb +3 -3
- data/lib/oauth/signature.rb +0 -0
- data/lib/oauth/token.rb +5 -5
- data/lib/oauth/tokens/access_token.rb +3 -3
- data/lib/oauth/tokens/consumer_token.rb +0 -0
- data/lib/oauth/tokens/request_token.rb +10 -3
- data/lib/oauth/tokens/server_token.rb +0 -0
- data/lib/oauth/tokens/token.rb +0 -0
- data/lib/oauth/version.rb +1 -1
- data/lib/oauth.rb +8 -6
- metadata +53 -87
- data/README.rdoc +0 -86
data/README.md
ADDED
@@ -0,0 +1,190 @@
|
|
1
|
+
# Ruby OAuth
|
2
|
+
|
3
|
+
**NOTE**
|
4
|
+
|
5
|
+
This README, on branch `v0.5-maintenance`, targets 0.5.x series releases. For later releases please see the `msater` branch README.
|
6
|
+
|
7
|
+
## Status
|
8
|
+
|
9
|
+
| Project | Ruby Oauth |
|
10
|
+
|--------------------------- |--------------------------- |
|
11
|
+
| name, license, docs | [![RubyGems.org](https://img.shields.io/badge/name-oauth-brightgreen.svg?style=flat)][rubygems] [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)][license-ref] [![RubyDoc.info](https://img.shields.io/badge/documentation-rubydoc-brightgreen.svg?style=flat)][documentation] |
|
12
|
+
| version & downloads | [![Version](https://img.shields.io/gem/v/oauth.svg)][rubygems] [![Total Downloads](https://img.shields.io/gem/dt/oauth.svg)][rubygems] [![Downloads Today](https://img.shields.io/gem/rd/oauth.svg)][rubygems] [![Homepage](https://img.shields.io/badge/source-github-brightgreen.svg?style=flat)][source] |
|
13
|
+
| dependencies & linting | [![Depfu](https://badges.depfu.com/badges/d570491bac0ad3b0b65deb3c82028327/count.svg)][depfu] [![lint status](https://github.com/oauth-xx/oauth-ruby/actions/workflows/style.yml/badge.svg)][actions] |
|
14
|
+
| unit tests | [![supported rubies](https://github.com/oauth-xx/oauth-ruby/actions/workflows/supported.yml/badge.svg)][actions] [![unsupported status](https://github.com/oauth-xx/oauth-ruby/actions/workflows/unsupported.yml/badge.svg)][actions] |
|
15
|
+
| coverage & maintainability | [![Test Coverage](https://api.codeclimate.com/v1/badges/3cf23270c21e8791d788/test_coverage)][climate_coverage] [![codecov](https://codecov.io/gh/oauth-xx/oauth-ruby/branch/master/graph/badge.svg?token=4ZNAWNxrf9)][codecov_coverage] [![Maintainability](https://api.codeclimate.com/v1/badges/3cf23270c21e8791d788/maintainability)][climate_maintainability] [![Maintenance Policy](https://img.shields.io/badge/maintenance-policy-brightgreen.svg?style=flat)][security] |
|
16
|
+
| resources | [![Discussion](https://img.shields.io/badge/discussions-github-brightgreen.svg?style=flat)][gh_discussions] [![Mailing List](https://img.shields.io/badge/group-mailinglist.svg?style=social&logo=google)][mailinglist] [![Join the chat at https://gitter.im/oauth-xx/oauth-ruby](https://badges.gitter.im/Join%20Chat.svg)][chat] [![Blog](https://img.shields.io/badge/blog-railsbling-brightgreen.svg?style=flat)][blogpage] |
|
17
|
+
| Spread ~♡ⓛⓞⓥⓔ♡~ | [![Open Source Helpers](https://www.codetriage.com/oauth-xx/oauth-ruby/badges/users.svg)][code_triage] [![Liberapay Patrons](https://img.shields.io/liberapay/patrons/pboling.svg?logo=liberapay)][liberapay_donate] [![Sponsor Me](https://img.shields.io/badge/sponsor-pboling.svg?style=social&logo=github)][gh_sponsors] [🌏][aboutme] [👼][angelme] [💻][coderme] [🌹][politicme] [![Tweet @ Peter][followme-img]][tweetme] |
|
18
|
+
|
19
|
+
## What
|
20
|
+
|
21
|
+
This is a RubyGem for implementing both OAuth 1.0 clients and servers in Ruby
|
22
|
+
applications.
|
23
|
+
|
24
|
+
See the OAuth 1.0 spec http://oauth.net/core/1.0/
|
25
|
+
|
26
|
+
See the sibling gem [oauth2](https://github.com/oauth-xx/oauth2) for OAuth 2.0 implementations in Ruby.
|
27
|
+
|
28
|
+
## Installation
|
29
|
+
|
30
|
+
Add this line to your application's Gemfile:
|
31
|
+
|
32
|
+
```ruby
|
33
|
+
gem "oauth"
|
34
|
+
```
|
35
|
+
|
36
|
+
And then execute:
|
37
|
+
|
38
|
+
$ bundle install
|
39
|
+
|
40
|
+
Or install it yourself as:
|
41
|
+
|
42
|
+
$ gem install oauth
|
43
|
+
|
44
|
+
## Compatibility
|
45
|
+
|
46
|
+
Targeted ruby compatibility is non-EOL versions of Ruby, currently 2.6, 2.7, and
|
47
|
+
3.0. Ruby is limited to 2.0+ in the gemspec, and this may change while the gem is
|
48
|
+
still at version 0.x. The `master` branch currently targets 0.6.x releases.
|
49
|
+
|
50
|
+
| Ruby OAuth Version | Maintenance Branch | Officially Supported Rubies | Unofficially Supported Rubies |
|
51
|
+
|--------------------- | ------------------ | ------------------------------------------- | ----------------------------- |
|
52
|
+
| 0.7.x (hypothetical) | N/A | 2.7, 3.0, 3.1 | 2.6 |
|
53
|
+
| 0.6.x | `master` | 2.6, 2.7, 3.0 | 2.3, 2.4, 2.5 |
|
54
|
+
| 0.5.x | `v0.5-maintenance` | 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 3.0 | |
|
55
|
+
|
56
|
+
NOTE: 0.5.7 is anticipated as last release of the 0.5.x series.
|
57
|
+
|
58
|
+
## Basics
|
59
|
+
|
60
|
+
This is a ruby library which is intended to be used in creating Ruby Consumer
|
61
|
+
and Service Provider applications. It is NOT a Rails plugin, but could easily
|
62
|
+
be used for the foundation for such a Rails plugin.
|
63
|
+
|
64
|
+
As a matter of fact it has been pulled out from an OAuth Rails GEM
|
65
|
+
(https://rubygems.org/gems/oauth-plugin https://github.com/pelle/oauth-plugin)
|
66
|
+
which now uses this gem as a dependency.
|
67
|
+
|
68
|
+
## Usage
|
69
|
+
|
70
|
+
We need to specify the oauth_callback url explicitly, otherwise it defaults to
|
71
|
+
"oob" (Out of Band)
|
72
|
+
|
73
|
+
callback_url = "http://127.0.0.1:3000/oauth/callback"
|
74
|
+
|
75
|
+
Create a new `OAuth::Consumer` instance by passing it a configuration hash:
|
76
|
+
|
77
|
+
oauth_consumer = OAuth::Consumer.new("key", "secret", :site => "https://agree2")
|
78
|
+
|
79
|
+
Start the process by requesting a token
|
80
|
+
|
81
|
+
request_token = oauth_consumer.get_request_token(:oauth_callback => callback_url)
|
82
|
+
|
83
|
+
session[:token] = request_token.token
|
84
|
+
session[:token_secret] = request_token.secret
|
85
|
+
redirect_to request_token.authorize_url(:oauth_callback => callback_url)
|
86
|
+
|
87
|
+
When user returns create an access_token
|
88
|
+
|
89
|
+
hash = { oauth_token: session[:token], oauth_token_secret: session[:token_secret]}
|
90
|
+
request_token = OAuth::RequestToken.from_hash(oauth_consumer, hash)
|
91
|
+
access_token = request_token.get_access_token
|
92
|
+
# For 3-legged authorization, flow oauth_verifier is passed as param in callback
|
93
|
+
# access_token = request_token.get_access_token(oauth_verifier: params[:oauth_verifier])
|
94
|
+
@photos = access_token.get('/photos.xml')
|
95
|
+
|
96
|
+
Now that you have an access token, you can use Typhoeus to interact with the
|
97
|
+
OAuth provider if you choose.
|
98
|
+
|
99
|
+
require 'typhoeus'
|
100
|
+
require 'oauth/request_proxy/typhoeus_request'
|
101
|
+
oauth_params = {:consumer => oauth_consumer, :token => access_token}
|
102
|
+
hydra = Typhoeus::Hydra.new
|
103
|
+
req = Typhoeus::Request.new(uri, options) # :method needs to be specified in options
|
104
|
+
oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
|
105
|
+
req.options[:headers].merge!({"Authorization" => oauth_helper.header}) # Signs the request
|
106
|
+
hydra.queue(req)
|
107
|
+
hydra.run
|
108
|
+
@response = req.response
|
109
|
+
|
110
|
+
## More Information
|
111
|
+
|
112
|
+
* RubyDoc Documentation: [![RubyDoc.info](https://img.shields.io/badge/documentation-rubydoc-brightgreen.svg?style=flat)][documentation]
|
113
|
+
* Mailing List/Google Group: [![Mailing List](https://img.shields.io/badge/group-mailinglist-violet.svg?style=social&logo=google)][mailinglist]
|
114
|
+
* GitHub Discussions: [![Discussion](https://img.shields.io/badge/discussions-github-brightgreen.svg?style=flat)][gh_discussions]
|
115
|
+
* Live Chat on Gitter: [![Join the chat at https://gitter.im/oauth-xx/oauth-ruby](https://badges.gitter.im/Join%20Chat.svg)][chat]
|
116
|
+
* Maintainer's Blog: [![Blog](https://img.shields.io/badge/blog-railsbling-brightgreen.svg?style=flat)][blogpage]
|
117
|
+
|
118
|
+
## Contributing
|
119
|
+
|
120
|
+
See [CONTRIBUTING.md][contributing]
|
121
|
+
|
122
|
+
## Contributors
|
123
|
+
|
124
|
+
[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth-ruby)][contributors]
|
125
|
+
|
126
|
+
Made with [contributors-img][contrib-rocks].
|
127
|
+
|
128
|
+
## Versioning
|
129
|
+
|
130
|
+
This library aims to adhere to [Semantic Versioning 2.0.0][semver]. Violations of this scheme should be reported as
|
131
|
+
bugs. Specifically, if a minor or patch version is released that breaks backward compatibility, a new version should be
|
132
|
+
immediately released that restores compatibility. Breaking changes to the public API will only be introduced with new
|
133
|
+
major versions.
|
134
|
+
|
135
|
+
As a result of this policy, you can (and should) specify a dependency on this gem using
|
136
|
+
the [Pessimistic Version Constraint][pvc] with two digits of precision.
|
137
|
+
|
138
|
+
For example:
|
139
|
+
|
140
|
+
```ruby
|
141
|
+
spec.add_dependency "oauth", "~> 0.5"
|
142
|
+
```
|
143
|
+
|
144
|
+
## License
|
145
|
+
|
146
|
+
The gem is available as open source under the terms of
|
147
|
+
the [MIT License][license] [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)][license-ref].
|
148
|
+
See [LICENSE][license] for the [Copyright Notice][copyright-notice-explainer].
|
149
|
+
|
150
|
+
## Contact
|
151
|
+
|
152
|
+
OAuth Ruby has been created and maintained by a large number of talented
|
153
|
+
individuals. The current maintainer is Peter Boling ([@pboling][gh_sponsors]).
|
154
|
+
|
155
|
+
Comments are welcome. Contact the [OAuth Ruby mailing list (Google Group)][mailinglist] or [GitHub Discussions][gh_discussions].
|
156
|
+
|
157
|
+
[comment]: <> (Following links are used by README, CONTRIBUTING, Homepage)
|
158
|
+
|
159
|
+
[conduct]: https://github.com/oauth-xx/oauth-ruby/blob/master/CODE_OF_CONDUCT.md
|
160
|
+
[contributing]: https://github.com/oauth-xx/oauth-ruby/blob/master/CONTRIBUTING.md
|
161
|
+
[contributors]: https://github.com/oauth-xx/oauth-ruby/graphs/contributors
|
162
|
+
[mailinglist]: http://groups.google.com/group/oauth-ruby
|
163
|
+
[source]: https://github.com/oauth-xx/oauth-ruby/
|
164
|
+
|
165
|
+
[comment]: <> (Following links are used by README, Homepage)
|
166
|
+
|
167
|
+
[aboutme]: https://about.me/peter.boling
|
168
|
+
[actions]: https://github.com/oauth-xx/oauth-ruby/actions
|
169
|
+
[angelme]: https://angel.co/peter-boling
|
170
|
+
[blogpage]: http://www.railsbling.com/tags/oauth/
|
171
|
+
[chat]: https://gitter.im/oauth-xx/oauth-ruby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge
|
172
|
+
[climate_coverage]: https://codeclimate.com/github/oauth-xx/oauth-ruby/test_coverage
|
173
|
+
[climate_maintainability]: https://codeclimate.com/github/oauth-xx/oauth-ruby/maintainability
|
174
|
+
[code_triage]: https://www.codetriage.com/oauth-xx/oauth-ruby
|
175
|
+
[codecov_coverage]: https://codecov.io/gh/oauth-xx/oauth-ruby
|
176
|
+
[coderme]:http://coderwall.com/pboling
|
177
|
+
[depfu]: https://depfu.com/github/oauth-xx/oauth-ruby?project_id=22868
|
178
|
+
[documentation]: https://rubydoc.info/github/oauth-xx/oauth-ruby
|
179
|
+
[followme-img]: https://img.shields.io/twitter/follow/galtzo.svg?style=social&label=Follow
|
180
|
+
[gh_discussions]: https://github.com/oauth-xx/oauth-ruby/discussions
|
181
|
+
[gh_sponsors]: https://github.com/sponsors/pboling
|
182
|
+
[license]: https://github.com/oauth-xx/oauth-ruby/blob/master/LICENSE
|
183
|
+
[license-ref]: https://opensource.org/licenses/MIT
|
184
|
+
[liberapay_donate]: https://liberapay.com/pboling/donate
|
185
|
+
[politicme]: https://nationalprogressiveparty.org
|
186
|
+
[pvc]: http://guides.rubygems.org/patterns/#pessimistic-version-constraint
|
187
|
+
[rubygems]: https://rubygems.org/gems/oauth
|
188
|
+
[security]: https://github.com/oauth-xx/oauth-ruby/blob/master/SECURITY.md
|
189
|
+
[semver]: http://semver.org/
|
190
|
+
[tweetme]: http://twitter.com/galtzo
|
data/SECURITY.md
ADDED
@@ -0,0 +1,16 @@
|
|
1
|
+
# Security Policy
|
2
|
+
|
3
|
+
## Supported Versions
|
4
|
+
|
5
|
+
| Version | Supported |
|
6
|
+
| ------- | ------------------ |
|
7
|
+
| 0.7.x | :white_check_mark: |
|
8
|
+
| 0.6.x | :white_check_mark: |
|
9
|
+
| 0.5.x | :white_check_mark: |
|
10
|
+
| <= 0.5 | :x: |
|
11
|
+
|
12
|
+
## Reporting a Vulnerability
|
13
|
+
|
14
|
+
Peter Boling is the primary maintainer of the this gem. Please find a way to [contact him directly][contact] to report the issue. Include as much relevant information as possible.
|
15
|
+
|
16
|
+
[contact]: https://railsbling.com/contact
|
data/TODO
CHANGED
File without changes
|
data/bin/oauth
CHANGED
@@ -1,11 +1,11 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
|
3
3
|
require_relative "../lib/oauth"
|
4
|
-
require
|
4
|
+
require "oauth/cli"
|
5
5
|
|
6
6
|
Signal.trap("INT") { puts; exit(1) } # don't dump a backtrace on a ^C
|
7
7
|
|
8
|
-
ARGV <<
|
8
|
+
ARGV << "help" if ARGV.empty?
|
9
9
|
command = ARGV.shift
|
10
10
|
|
11
11
|
OAuth::CLI.new(STDOUT, STDIN, STDERR, command, ARGV).run
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
data/lib/oauth/cli.rb
CHANGED
@@ -1,11 +1,11 @@
|
|
1
|
-
require
|
2
|
-
require
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require
|
6
|
-
require
|
7
|
-
require
|
8
|
-
require
|
1
|
+
require "optparse"
|
2
|
+
require "oauth/cli/base_command"
|
3
|
+
require "oauth/cli/help_command"
|
4
|
+
require "oauth/cli/query_command"
|
5
|
+
require "oauth/cli/authorize_command"
|
6
|
+
require "oauth/cli/sign_command"
|
7
|
+
require "oauth/cli/version_command"
|
8
|
+
require "active_support/core_ext/string/inflections"
|
9
9
|
|
10
10
|
module OAuth
|
11
11
|
class CLI
|
@@ -14,11 +14,11 @@ module OAuth
|
|
14
14
|
end
|
15
15
|
|
16
16
|
ALIASES = {
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
17
|
+
"h" => "help",
|
18
|
+
"v" => "version",
|
19
|
+
"q" => "query",
|
20
|
+
"a" => "authorize",
|
21
|
+
"s" => "sign",
|
22
22
|
}
|
23
23
|
|
24
24
|
def initialize(stdout, stdin, stderr, command, arguments)
|
@@ -39,17 +39,17 @@ module OAuth
|
|
39
39
|
|
40
40
|
def parse_command(command)
|
41
41
|
case command = command.to_s.downcase
|
42
|
-
when
|
43
|
-
|
44
|
-
when
|
45
|
-
|
42
|
+
when "--version", "-v"
|
43
|
+
"version"
|
44
|
+
when "--help", "-h", nil, ""
|
45
|
+
"help"
|
46
46
|
when *ALIASES.keys
|
47
47
|
ALIASES[command]
|
48
48
|
when *ALIASES.values
|
49
49
|
command
|
50
50
|
else
|
51
51
|
OAuth::CLI.puts_red "Command '#{command}' not found"
|
52
|
-
|
52
|
+
"help"
|
53
53
|
end
|
54
54
|
end
|
55
55
|
end
|
@@ -1,10 +1,10 @@
|
|
1
1
|
if defined? ActionDispatch
|
2
|
-
require
|
3
|
-
require
|
4
|
-
require
|
2
|
+
require "oauth/request_proxy/rack_request"
|
3
|
+
require "oauth/request_proxy/action_dispatch_request"
|
4
|
+
require "action_dispatch/testing/test_process"
|
5
5
|
else
|
6
|
-
require
|
7
|
-
require
|
6
|
+
require "oauth/request_proxy/action_controller_request"
|
7
|
+
require "action_controller/test_process"
|
8
8
|
end
|
9
9
|
|
10
10
|
module ActionController
|
@@ -35,7 +35,7 @@ module ActionController
|
|
35
35
|
def configure_oauth(consumer = nil, token = nil, options = {})
|
36
36
|
@oauth_options = { :consumer => consumer,
|
37
37
|
:token => token,
|
38
|
-
:scheme =>
|
38
|
+
:scheme => "header",
|
39
39
|
:signature_method => nil,
|
40
40
|
:nonce => nil,
|
41
41
|
:timestamp => nil }.merge(options)
|
@@ -51,7 +51,7 @@ module ActionController
|
|
51
51
|
end
|
52
52
|
|
53
53
|
def set_oauth_header
|
54
|
-
env[
|
54
|
+
env["Authorization"] = @oauth_helper.header
|
55
55
|
end
|
56
56
|
|
57
57
|
def set_oauth_parameters
|
data/lib/oauth/client/em_http.rb
CHANGED
@@ -1,119 +1,119 @@
|
|
1
|
-
require
|
2
|
-
require
|
3
|
-
require
|
1
|
+
require "em-http"
|
2
|
+
require "oauth/helper"
|
3
|
+
require "oauth/request_proxy/em_http_request"
|
4
4
|
|
5
5
|
# Extensions for em-http so that we can use consumer.sign! with an EventMachine::HttpClient
|
6
6
|
# instance. This is purely syntactic sugar.
|
7
|
-
|
7
|
+
module EventMachine
|
8
|
+
class HttpClient
|
9
|
+
attr_reader :oauth_helper
|
8
10
|
|
9
|
-
|
11
|
+
# Add the OAuth information to an HTTP request. Depending on the <tt>options[:scheme]</tt> setting
|
12
|
+
# this may add a header, additional query string parameters, or additional POST body parameters.
|
13
|
+
# The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
|
14
|
+
# header.
|
15
|
+
#
|
16
|
+
# * http - Configured Net::HTTP instance, ignored in this scenario except for getting host.
|
17
|
+
# * consumer - OAuth::Consumer instance
|
18
|
+
# * token - OAuth::Token instance
|
19
|
+
# * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
|
20
|
+
# +signature_method+, +nonce+, +timestamp+)
|
21
|
+
#
|
22
|
+
# This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
|
23
|
+
#
|
24
|
+
# See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1]
|
25
|
+
def oauth!(http, consumer = nil, token = nil, options = {})
|
26
|
+
options = { :request_uri => normalized_oauth_uri(http),
|
27
|
+
:consumer => consumer,
|
28
|
+
:token => token,
|
29
|
+
:scheme => "header",
|
30
|
+
:signature_method => nil,
|
31
|
+
:nonce => nil,
|
32
|
+
:timestamp => nil }.merge(options)
|
10
33
|
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
# header.
|
15
|
-
#
|
16
|
-
# * http - Configured Net::HTTP instance, ignored in this scenario except for getting host.
|
17
|
-
# * consumer - OAuth::Consumer instance
|
18
|
-
# * token - OAuth::Token instance
|
19
|
-
# * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
|
20
|
-
# +signature_method+, +nonce+, +timestamp+)
|
21
|
-
#
|
22
|
-
# This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
|
23
|
-
#
|
24
|
-
# See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1]
|
25
|
-
def oauth!(http, consumer = nil, token = nil, options = {})
|
26
|
-
options = { :request_uri => normalized_oauth_uri(http),
|
27
|
-
:consumer => consumer,
|
28
|
-
:token => token,
|
29
|
-
:scheme => 'header',
|
30
|
-
:signature_method => nil,
|
31
|
-
:nonce => nil,
|
32
|
-
:timestamp => nil }.merge(options)
|
33
|
-
|
34
|
-
@oauth_helper = OAuth::Client::Helper.new(self, options)
|
35
|
-
self.__send__(:"set_oauth_#{options[:scheme]}")
|
36
|
-
end
|
34
|
+
@oauth_helper = OAuth::Client::Helper.new(self, options)
|
35
|
+
self.__send__(:"set_oauth_#{options[:scheme]}")
|
36
|
+
end
|
37
37
|
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
38
|
+
# Create a string suitable for signing for an HTTP request. This process involves parameter
|
39
|
+
# normalization as specified in the OAuth specification. The exact normalization also depends
|
40
|
+
# on the <tt>options[:scheme]</tt> being used so this must match what will be used for the request
|
41
|
+
# itself. The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
|
42
|
+
# header.
|
43
|
+
#
|
44
|
+
# * http - Configured Net::HTTP instance
|
45
|
+
# * consumer - OAuth::Consumer instance
|
46
|
+
# * token - OAuth::Token instance
|
47
|
+
# * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
|
48
|
+
# +signature_method+, +nonce+, +timestamp+)
|
49
|
+
#
|
50
|
+
# See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
|
51
|
+
def signature_base_string(http, consumer = nil, token = nil, options = {})
|
52
|
+
options = { :request_uri => normalized_oauth_uri(http),
|
53
|
+
:consumer => consumer,
|
54
|
+
:token => token,
|
55
|
+
:scheme => "header",
|
56
|
+
:signature_method => nil,
|
57
|
+
:nonce => nil,
|
58
|
+
:timestamp => nil }.merge(options)
|
59
59
|
|
60
|
-
|
61
|
-
|
60
|
+
OAuth::Client::Helper.new(self, options).signature_base_string
|
61
|
+
end
|
62
62
|
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
63
|
+
# This code was lifted from the em-http-request because it was removed from
|
64
|
+
# the gem June 19, 2010
|
65
|
+
# see: http://github.com/igrigorik/em-http-request/commit/d536fc17d56dbe55c487eab01e2ff9382a62598b
|
66
|
+
def normalize_uri
|
67
|
+
@normalized_uri ||= begin
|
68
|
+
uri = @conn.dup
|
69
|
+
encoded_query = encode_query(@conn, @req[:query])
|
70
|
+
path, query = encoded_query.split("?", 2)
|
71
|
+
uri.query = query unless encoded_query.empty?
|
72
|
+
uri.path = path
|
73
|
+
uri
|
74
|
+
end
|
74
75
|
end
|
75
|
-
end
|
76
76
|
|
77
|
-
|
77
|
+
protected
|
78
78
|
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
79
|
+
def combine_query(path, query, uri_query)
|
80
|
+
combined_query = if query.kind_of?(Hash)
|
81
|
+
query.map { |k, v| encode_param(k, v) }.join("&")
|
82
|
+
else
|
83
|
+
query.to_s
|
84
|
+
end
|
85
|
+
if !uri_query.to_s.empty?
|
86
|
+
combined_query = [combined_query, uri_query].reject {|part| part.empty?}.join("&")
|
87
|
+
end
|
88
|
+
combined_query.to_s.empty? ? path : "#{path}?#{combined_query}"
|
84
89
|
end
|
85
|
-
if !uri_query.to_s.empty?
|
86
|
-
combined_query = [combined_query, uri_query].reject {|part| part.empty?}.join("&")
|
87
|
-
end
|
88
|
-
combined_query.to_s.empty? ? path : "#{path}?#{combined_query}"
|
89
|
-
end
|
90
90
|
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
91
|
+
# Since we expect to get the host etc details from the http instance (...),
|
92
|
+
# we create a fake url here. Surely this is a horrible, horrible idea?
|
93
|
+
def normalized_oauth_uri(http)
|
94
|
+
uri = URI.parse(normalize_uri.path)
|
95
|
+
uri.host = http.address
|
96
|
+
uri.port = http.port
|
97
97
|
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
98
|
+
if http.respond_to?(:use_ssl?) && http.use_ssl?
|
99
|
+
uri.scheme = "https"
|
100
|
+
else
|
101
|
+
uri.scheme = "http"
|
102
|
+
end
|
103
|
+
uri.to_s
|
102
104
|
end
|
103
|
-
uri.to_s
|
104
|
-
end
|
105
105
|
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
106
|
+
def set_oauth_header
|
107
|
+
self.req[:head] ||= {}
|
108
|
+
self.req[:head].merge!("Authorization" => @oauth_helper.header)
|
109
|
+
end
|
110
110
|
|
111
|
-
|
112
|
-
|
113
|
-
|
111
|
+
def set_oauth_body
|
112
|
+
raise NotImplementedError, "please use the set_oauth_header method instead"
|
113
|
+
end
|
114
114
|
|
115
|
-
|
116
|
-
|
115
|
+
def set_oauth_query_string
|
116
|
+
raise NotImplementedError, "please use the set_oauth_header method instead"
|
117
|
+
end
|
117
118
|
end
|
118
|
-
|
119
119
|
end
|
data/lib/oauth/client/helper.rb
CHANGED
@@ -1,8 +1,8 @@
|
|
1
|
-
require
|
2
|
-
require
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require
|
1
|
+
require "oauth/client"
|
2
|
+
require "oauth/consumer"
|
3
|
+
require "oauth/helper"
|
4
|
+
require "oauth/token"
|
5
|
+
require "oauth/signature/hmac/sha1"
|
6
6
|
|
7
7
|
module OAuth::Client
|
8
8
|
class Helper
|
@@ -11,7 +11,7 @@ module OAuth::Client
|
|
11
11
|
def initialize(request, options = {})
|
12
12
|
@request = request
|
13
13
|
@options = options
|
14
|
-
@options[:signature_method] ||=
|
14
|
+
@options[:signature_method] ||= "HMAC-SHA1"
|
15
15
|
end
|
16
16
|
|
17
17
|
def options
|
@@ -27,18 +27,24 @@ module OAuth::Client
|
|
27
27
|
end
|
28
28
|
|
29
29
|
def oauth_parameters
|
30
|
-
{
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
}
|
30
|
+
out = {
|
31
|
+
"oauth_body_hash" => options[:body_hash],
|
32
|
+
"oauth_callback" => options[:oauth_callback],
|
33
|
+
"oauth_consumer_key" => options[:consumer].key,
|
34
|
+
"oauth_token" => options[:token] ? options[:token].token : "",
|
35
|
+
"oauth_signature_method" => options[:signature_method],
|
36
|
+
"oauth_timestamp" => timestamp,
|
37
|
+
"oauth_nonce" => nonce,
|
38
|
+
"oauth_verifier" => options[:oauth_verifier],
|
39
|
+
"oauth_version" => (options[:oauth_version] || "1.0"),
|
40
|
+
"oauth_session_handle" => options[:oauth_session_handle]
|
41
|
+
}
|
42
|
+
allowed_empty_params = options[:allow_empty_params]
|
43
|
+
if allowed_empty_params != true && !allowed_empty_params.kind_of?(Array)
|
44
|
+
allowed_empty_params = allowed_empty_params == false ? [] : [allowed_empty_params]
|
45
|
+
end
|
46
|
+
out.select! { |k,v| v.to_s != "" || allowed_empty_params == true || allowed_empty_params.include?(k) }
|
47
|
+
out
|
42
48
|
end
|
43
49
|
|
44
50
|
def signature(extra_options = {})
|
@@ -67,18 +73,18 @@ module OAuth::Client
|
|
67
73
|
def amend_user_agent_header(headers)
|
68
74
|
@oauth_ua_string ||= "OAuth gem v#{OAuth::VERSION}"
|
69
75
|
# Net::HTTP in 1.9 appends Ruby
|
70
|
-
if headers[
|
71
|
-
headers[
|
76
|
+
if headers["User-Agent"] && headers["User-Agent"] != "Ruby"
|
77
|
+
headers["User-Agent"] += " (#{@oauth_ua_string})"
|
72
78
|
else
|
73
|
-
headers[
|
79
|
+
headers["User-Agent"] = @oauth_ua_string
|
74
80
|
end
|
75
81
|
end
|
76
82
|
|
77
83
|
def header
|
78
84
|
parameters = oauth_parameters
|
79
|
-
parameters.merge!(
|
85
|
+
parameters.merge!("oauth_signature" => signature(options.merge(:parameters => parameters)))
|
80
86
|
|
81
|
-
header_params_str = parameters.sort.map { |k,v| "#{k}=\"#{escape(v)}\"" }.join(
|
87
|
+
header_params_str = parameters.sort.map { |k,v| "#{k}=\"#{escape(v)}\"" }.join(", ")
|
82
88
|
|
83
89
|
realm = "realm=\"#{options[:realm]}\", " if options[:realm]
|
84
90
|
"OAuth #{realm}#{header_params_str}"
|