oauth 0.5.5 → 0.5.10

data/lib/oauth/request_proxy/net_http.rb

@@ -1,72 +1,81 @@
-require 'oauth/request_proxy/base'
-require 'net/http'
-require 'uri'
-require 'cgi'
+# frozen_string_literal: true
 
-module OAuth::RequestProxy::Net
-  module HTTP
-    class HTTPRequest < OAuth::RequestProxy::Base
-      proxies ::Net::HTTPGenericRequest
+require "oauth/request_proxy/base"
+require "net/http"
+require "uri"
+require "cgi"
 
-      def method
-        request.method
-      end
+module OAuth
+  module RequestProxy
+    module Net
+      module HTTP
+        class HTTPRequest < OAuth::RequestProxy::Base
+          proxies ::Net::HTTPGenericRequest
 
-      def uri
-        options[:uri].to_s
-      end
+          def method
+            request.method
+          end
 
-      def parameters
-        if options[:clobber_request]
-          options[:parameters]
-        else
-          all_parameters
-        end
-      end
+          def uri
+            options[:uri].to_s
+          end
 
-      def body
-        request.body
-      end
+          def parameters
+            if options[:clobber_request]
+              options[:parameters]
+            else
+              all_parameters
+            end
+          end
 
-    private
+          def body
+            request.body
+          end
 
-      def all_parameters
-        request_params = CGI.parse(query_string)
-        # request_params.each{|k,v| request_params[k] = [nil] if v == []}
+          private
 
-        if options[:parameters]
-          options[:parameters].each do |k,v|
-            if request_params.has_key?(k) && v
-              request_params[k] << v
-            else
-              request_params[k] = [v]
+          def all_parameters
+            request_params = CGI.parse(query_string)
+            # request_params.each{|k,v| request_params[k] = [nil] if v == []}
+
+            if options[:parameters]
+              options[:parameters].each do |k, v|
+                if request_params.key?(k) && v
+                  request_params[k] << v
+                else
+                  request_params[k] = [v]
+                end
+              end
             end
+            request_params
           end
-        end
-        request_params
-      end
 
-      def query_string
-        params = [ query_params, auth_header_params ]
-        params << post_params if (method.to_s.upcase == 'POST' || method.to_s.upcase == 'PUT') && form_url_encoded?
-        params.compact.join('&')
-      end
+          def query_string
+            params = [query_params, auth_header_params]
+            if (method.to_s.casecmp("POST").zero? || method.to_s.casecmp("PUT").zero?) && form_url_encoded?
+              params << post_params
+            end
+            params.compact.join("&")
+          end
 
-      def form_url_encoded?
-        request['Content-Type'] != nil && request['Content-Type'].to_s.downcase.start_with?('application/x-www-form-urlencoded')
-      end
+          def form_url_encoded?
+            !request["Content-Type"].nil? && request["Content-Type"].to_s.downcase.start_with?("application/x-www-form-urlencoded")
+          end
 
-      def query_params
-        URI.parse(request.path).query
-      end
+          def query_params
+            URI.parse(request.path).query
+          end
 
-      def post_params
-        request.body
-      end
+          def post_params
+            request.body
+          end
 
-      def auth_header_params
-        return nil unless request['Authorization'] && request['Authorization'][0,5] == 'OAuth'
-        request['Authorization']
+          def auth_header_params
+            return nil unless request["Authorization"] && request["Authorization"][0, 5] == "OAuth"
+
+            request["Authorization"]
+          end
+        end
       end
     end
   end

data/lib/oauth/request_proxy/rack_request.rb

@@ -1,43 +1,47 @@
-require 'oauth/request_proxy/base'
-require 'uri'
-require 'rack'
+# frozen_string_literal: true
 
-module OAuth::RequestProxy
-  class RackRequest < OAuth::RequestProxy::Base
-    proxies Rack::Request
+require "oauth/request_proxy/base"
+require "uri"
+require "rack"
 
-    def method
-      request.env["rack.methodoverride.original_method"] || request.request_method
-    end
+module OAuth
+  module RequestProxy
+    class RackRequest < OAuth::RequestProxy::Base
+      proxies ::Rack::Request
 
-    def uri
-      request.url
-    end
+      def method
+        request.env["rack.methodoverride.original_method"] || request.request_method
+      end
 
-    def parameters
-      if options[:clobber_request]
-        options[:parameters] || {}
-      else
-        params = request_params.merge(query_params).merge(header_params)
-        params.merge(options[:parameters] || {})
+      def uri
+        request.url
       end
-    end
 
-    def signature
-      parameters['oauth_signature']
-    end
+      def parameters
+        if options[:clobber_request]
+          options[:parameters] || {}
+        else
+          params = request_params.merge(query_params).merge(header_params)
+          params.merge(options[:parameters] || {})
+        end
+      end
 
-  protected
+      def signature
+        parameters["oauth_signature"]
+      end
 
-    def query_params
-      request.GET
-    end
+      protected
+
+      def query_params
+        request.GET
+      end
 
-    def request_params
-      if request.content_type and request.content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
-        request.POST
-      else
-        {}
+      def request_params
+        if request.content_type && request.content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
+          request.POST
+        else
+          {}
+        end
       end
     end
   end

data/lib/oauth/request_proxy/rest_client_request.rb

@@ -1,62 +1,65 @@
-require 'oauth/request_proxy/base'
-require 'rest-client'
-require 'uri'
-require 'cgi'
-
-module OAuth::RequestProxy::RestClient
-  class Request < OAuth::RequestProxy::Base
-    proxies RestClient::Request
-    
-      def method
-        request.method.to_s.upcase
-      end
+# frozen_string_literal: true
 
-      def uri
-        request.url
-      end
+require "oauth/request_proxy/base"
+require "rest-client"
+require "uri"
+require "cgi"
+
+module OAuth
+  module RequestProxy
+    module RestClient
+      class Request < OAuth::RequestProxy::Base
+        proxies ::RestClient::Request
 
-      def parameters
-        if options[:clobber_request]
-          options[:parameters] || {}
-        else
-          post_parameters.merge(query_params).merge(options[:parameters] || {})
+        def method
+          request.method.to_s.upcase
         end
-      end
 
-    protected
+        def uri
+          request.url
+        end
 
-      def query_params
-        query = URI.parse(request.url).query
-        query ? CGI.parse(query) : {}
-      end
+        def parameters
+          if options[:clobber_request]
+            options[:parameters] || {}
+          else
+            post_parameters.merge(query_params).merge(options[:parameters] || {})
+          end
+        end
 
-      def request_params
-      end
-      
-      def post_parameters
-        # Post params are only used if posting form data
-        if method == 'POST' || method == 'PUT'
-          OAuth::Helper.stringify_keys(query_string_to_hash(request.payload.to_s) || {})
-        else
-          {}
+        protected
+
+        def query_params
+          query = URI.parse(request.url).query
+          query ? CGI.parse(query) : {}
         end
-      end
-      
-   private
-      
-      def query_string_to_hash(query)
-        keyvals = query.split('&').inject({}) do |result, q| 
-          k,v = q.split('=')
-          if !v.nil?
-             result.merge({k => v})
-          elsif !result.key?(k)
-            result.merge({k => true})
+
+        def request_params; end
+
+        def post_parameters
+          # Post params are only used if posting form data
+          if method == "POST" || method == "PUT"
+            OAuth::Helper.stringify_keys(query_string_to_hash(request.payload.to_s) || {})
           else
-            result
+            {}
+          end
+        end
+
+        private
+
+        def query_string_to_hash(query)
+          query.split("&").inject({}) do |result, q|
+            k, v = q.split("=")
+            if !v.nil?
+              result.merge(k => v)
+            elsif !result.key?(k)
+              result.merge(k => true)
+            else
+              result
+            end
           end
         end
-        keyvals
       end
-      
+    end
   end
-end
+end

data/lib/oauth/request_proxy/typhoeus_request.rb

@@ -1,53 +1,59 @@
-require 'oauth/request_proxy/base'
-require 'typhoeus'
-require 'typhoeus/request'
-require 'uri'
-require 'cgi'
-
-module OAuth::RequestProxy::Typhoeus
-  class Request < OAuth::RequestProxy::Base
-    # Proxy for signing Typhoeus::Request requests
-    # Usage example:
-    # oauth_params = {:consumer => oauth_consumer, :token => access_token}
-    # req = Typhoeus::Request.new(uri, options)
-    # oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
-    # req.options[:headers].merge!({"Authorization" => oauth_helper.header})
-    # hydra = Typhoeus::Hydra.new()
-    # hydra.queue(req)
-    # hydra.run
-    # response = req.response
-    proxies Typhoeus::Request
-
-    def method
-      request_method = request.options[:method].to_s.upcase
-      request_method.empty? ? 'GET' : request_method
-    end
+# frozen_string_literal: true
 
-    def uri
-      options[:uri].to_s
-    end
+require "oauth/request_proxy/base"
+require "typhoeus"
+require "typhoeus/request"
+require "uri"
+require "cgi"
 
-    def parameters
-      if options[:clobber_request]
-        options[:parameters]
-      else
-        post_parameters.merge(query_parameters).merge(options[:parameters] || {})
-      end
-    end
+module OAuth
+  module RequestProxy
+    module Typhoeus
+      class Request < OAuth::RequestProxy::Base
+        # Proxy for signing Typhoeus::Request requests
+        # Usage example:
+        # oauth_params = {:consumer => oauth_consumer, :token => access_token}
+        # req = Typhoeus::Request.new(uri, options)
+        # oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
+        # req.options[:headers].merge!({"Authorization" => oauth_helper.header})
+        # hydra = Typhoeus::Hydra.new()
+        # hydra.queue(req)
+        # hydra.run
+        # response = req.response
+        proxies ::Typhoeus::Request
 
-    private
+        def method
+          request_method = request.options[:method].to_s.upcase
+          request_method.empty? ? "GET" : request_method
+        end
 
-    def query_parameters
-      query = URI.parse(request.url).query
-      query ? CGI.parse(query) : {}
-    end
+        def uri
+          options[:uri].to_s
+        end
+
+        def parameters
+          if options[:clobber_request]
+            options[:parameters]
+          else
+            post_parameters.merge(query_parameters).merge(options[:parameters] || {})
+          end
+        end
+
+        private
+
+        def query_parameters
+          query = URI.parse(request.url).query
+          query ? CGI.parse(query) : {}
+        end
 
-    def post_parameters
-      # Post params are only used if posting form data
-      if method == 'POST'
-        OAuth::Helper.stringify_keys(request.options[:params] || {})
-      else
-        {}
+        def post_parameters
+          # Post params are only used if posting form data
+          if method == "POST"
+            OAuth::Helper.stringify_keys(request.options[:params] || {})
+          else
+            {}
+          end
+        end
       end
     end
   end

data/lib/oauth/request_proxy.rb

@@ -5,13 +5,13 @@ module OAuth
     end
 
     def self.proxy(request, options = {})
-      return request if request.kind_of?(OAuth::RequestProxy::Base)
+      return request if request.is_a?(OAuth::RequestProxy::Base)
 
       klass = available_proxies[request.class]
 
       # Search for possible superclass matches.
       if klass.nil?
-        request_parent = available_proxies.keys.find { |rc| request.kind_of?(rc) }
+        request_parent = available_proxies.keys.find { |rc| request.is_a?(rc) }
         klass = available_proxies[request_parent]
       end
 
@@ -19,6 +19,6 @@ module OAuth
       klass.new(request, options)
     end
 
-    class UnknownRequestType < Exception; end
+    class UnknownRequestType < RuntimeError; end
   end
 end

data/lib/oauth/server.rb

@@ -1,5 +1,5 @@
-require 'oauth/helper'
-require 'oauth/consumer'
+require "oauth/helper"
+require "oauth/consumer"
 
 module OAuth
   # This is mainly used to create consumer credentials and can pretty much be ignored if you want to create your own
@@ -8,9 +8,9 @@ module OAuth
     attr_accessor :base_url
 
     @@server_paths = {
-      :request_token_path => "/oauth/request_token",
-      :authorize_path     => "/oauth/authorize",
-      :access_token_path  => "/oauth/access_token"
+      request_token_path: "/oauth/request_token",
+      authorize_path: "/oauth/authorize",
+      access_token_path: "/oauth/access_token"
     }
 
     # Create a new server instance
@@ -23,7 +23,7 @@ module OAuth
       [generate_key(16), generate_key]
     end
 
-    def generate_consumer_credentials(params = {})
+    def generate_consumer_credentials(_params = {})
       Consumer.new(*generate_credentials)
     end
 
@@ -31,12 +31,10 @@ module OAuth
     def create_consumer
       creds = generate_credentials
       Consumer.new(creds[0], creds[1],
-        {
-          :site               => base_url,
-          :request_token_path => request_token_path,
-          :authorize_path     => authorize_path,
-          :access_token_path  => access_token_path
-        })
+                   site: base_url,
+                   request_token_path: request_token_path,
+                   authorize_path: authorize_path,
+                   access_token_path: access_token_path)
     end
 
     def request_token_path

data/lib/oauth/signature/base.rb

@@ -1,7 +1,7 @@
-require 'oauth/signature'
-require 'oauth/helper'
-require 'oauth/request_proxy/base'
-require 'base64'
+require "oauth/signature"
+require "oauth/helper"
+require "oauth/request_proxy/base"
+require "base64"
 
 module OAuth::Signature
   class Base
@@ -17,7 +17,7 @@ module OAuth::Signature
     end
 
     def initialize(request, options = {}, &block)
-      raise TypeError unless request.kind_of?(OAuth::RequestProxy::Base)
+      raise TypeError unless request.is_a?(OAuth::RequestProxy::Base)
       @request = request
       @options = options
 
@@ -47,15 +47,17 @@ module OAuth::Signature
     end
 
     def signature
-      Base64.encode64(digest).chomp.gsub(/\n/,'')
+      Base64.encode64(digest).chomp.delete("\n")
     end
 
     def ==(cmp_signature)
-      signature == cmp_signature
+      check = signature.bytesize ^ cmp_signature.bytesize
+      signature.bytes.zip(cmp_signature.bytes) { |x, y| check |= x ^ y.to_i }
+      check.zero?
     end
 
     def verify
-      self == self.request.signature
+      self == request.signature
     end
 
     def signature_base_string
@@ -91,6 +93,5 @@ module OAuth::Signature
     def raise_instantiation_error
       raise NotImplementedError, "Cannot instantiate #{self.class.name} class directly."
     end
-
   end
 end

data/lib/oauth/signature/hmac/sha1.rb

@@ -1,17 +1,17 @@
-require 'oauth/signature/base'
+require "oauth/signature/base"
 
 module OAuth::Signature::HMAC
   class SHA1 < OAuth::Signature::Base
-    implements 'hmac-sha1'
+    implements "hmac-sha1"
 
     def body_hash
-      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || '')).chomp.gsub(/\n/,'')
+      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.delete("\n")
     end
 
     private
 
     def digest
-      OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), secret, signature_base_string)
+      OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha1"), secret, signature_base_string)
     end
   end
 end

data/lib/oauth/signature/hmac/sha256.rb

@@ -0,0 +1,17 @@
+require "oauth/signature/base"
+
+module OAuth::Signature::HMAC
+  class SHA256 < OAuth::Signature::Base
+    implements "hmac-sha256"
+
+    def body_hash
+      Base64.encode64(OpenSSL::Digest::SHA256.digest(request.body || "")).chomp.delete("\n")
+    end
+
+    private
+
+    def digest
+      OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha256"), secret, signature_base_string)
+    end
+  end
+end

data/lib/oauth/signature/plaintext.rb

@@ -1,8 +1,8 @@
-require 'oauth/signature/base'
+require "oauth/signature/base"
 
 module OAuth::Signature
   class PLAINTEXT < Base
-    implements 'plaintext'
+    implements "plaintext"
 
     def signature
       signature_base_string

data/lib/oauth/signature/rsa/sha1.rb

@@ -1,8 +1,8 @@
-require 'oauth/signature/base'
+require "oauth/signature/base"
 
 module OAuth::Signature::RSA
   class SHA1 < OAuth::Signature::Base
-    implements 'rsa-sha1'
+    implements "rsa-sha1"
 
     def ==(cmp_signature)
       public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(cmp_signature.is_a?(Array) ? cmp_signature.first : cmp_signature), signature_base_string)
@@ -19,7 +19,7 @@ module OAuth::Signature::RSA
     end
 
     def body_hash
-      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || '')).chomp.gsub(/\n/,'')
+      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.delete("\n")
     end
 
     private
@@ -27,9 +27,9 @@ module OAuth::Signature::RSA
     def decode_public_key
       case consumer_secret
       when /-----BEGIN CERTIFICATE-----/
-        OpenSSL::X509::Certificate.new( consumer_secret).public_key
+        OpenSSL::X509::Certificate.new(consumer_secret).public_key
       else
-        OpenSSL::PKey::RSA.new( consumer_secret)
+        OpenSSL::PKey::RSA.new(consumer_secret)
       end
     end
 

data/lib/oauth/signature.rb

@@ -20,26 +20,26 @@ module OAuth
 
     # Sign a +request+
     def self.sign(request, options = {}, &block)
-      self.build(request, options, &block).signature
+      build(request, options, &block).signature
     end
 
     # Verify the signature of +request+
     def self.verify(request, options = {}, &block)
-      self.build(request, options, &block).verify
+      build(request, options, &block).verify
     end
 
     # Create the signature base string for +request+. This string is the normalized parameter information.
     #
     # See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
     def self.signature_base_string(request, options = {}, &block)
-      self.build(request, options, &block).signature_base_string
+      build(request, options, &block).signature_base_string
     end
 
     # Create the body hash for a request
     def self.body_hash(request, options = {}, &block)
-      self.build(request, options, &block).body_hash
+      build(request, options, &block).body_hash
     end
 
-    class UnknownSignatureMethod < Exception; end
+    class UnknownSignatureMethod < RuntimeError; end
   end
 end