oauth 0.5.5 → 0.5.10
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +415 -0
- data/CODE_OF_CONDUCT.md +84 -0
- data/CONTRIBUTING.md +23 -0
- data/LICENSE +18 -17
- data/README.md +372 -0
- data/SECURITY.md +16 -0
- data/bin/oauth +2 -2
- data/lib/oauth/cli/authorize_command.rb +8 -10
- data/lib/oauth/cli/base_command.rb +9 -7
- data/lib/oauth/cli/query_command.rb +3 -3
- data/lib/oauth/cli/sign_command.rb +12 -15
- data/lib/oauth/cli.rb +19 -19
- data/lib/oauth/client/action_controller_request.rb +20 -21
- data/lib/oauth/client/em_http.rb +99 -99
- data/lib/oauth/client/helper.rb +33 -36
- data/lib/oauth/client/net_http.rb +30 -30
- data/lib/oauth/consumer.rb +90 -89
- data/lib/oauth/errors/unauthorized.rb +3 -1
- data/lib/oauth/errors.rb +3 -3
- data/lib/oauth/helper.rb +17 -13
- data/lib/oauth/oauth.rb +4 -4
- data/lib/oauth/oauth_test_helper.rb +4 -4
- data/lib/oauth/request_proxy/action_controller_request.rb +56 -53
- data/lib/oauth/request_proxy/action_dispatch_request.rb +8 -4
- data/lib/oauth/request_proxy/base.rb +136 -132
- data/lib/oauth/request_proxy/curb_request.rb +49 -43
- data/lib/oauth/request_proxy/em_http_request.rb +59 -49
- data/lib/oauth/request_proxy/jabber_request.rb +12 -9
- data/lib/oauth/request_proxy/mock_request.rb +4 -2
- data/lib/oauth/request_proxy/net_http.rb +63 -54
- data/lib/oauth/request_proxy/rack_request.rb +35 -31
- data/lib/oauth/request_proxy/rest_client_request.rb +53 -50
- data/lib/oauth/request_proxy/typhoeus_request.rb +51 -45
- data/lib/oauth/request_proxy.rb +3 -3
- data/lib/oauth/server.rb +10 -12
- data/lib/oauth/signature/base.rb +10 -9
- data/lib/oauth/signature/hmac/sha1.rb +4 -4
- data/lib/oauth/signature/hmac/sha256.rb +17 -0
- data/lib/oauth/signature/plaintext.rb +2 -2
- data/lib/oauth/signature/rsa/sha1.rb +5 -5
- data/lib/oauth/signature.rb +5 -5
- data/lib/oauth/token.rb +5 -5
- data/lib/oauth/tokens/access_token.rb +3 -3
- data/lib/oauth/tokens/consumer_token.rb +2 -2
- data/lib/oauth/tokens/request_token.rb +7 -8
- data/lib/oauth/tokens/server_token.rb +0 -1
- data/lib/oauth/version.rb +1 -1
- data/lib/oauth.rb +8 -6
- metadata +47 -99
- data/README.rdoc +0 -88
@@ -1,72 +1,81 @@
|
|
1
|
-
|
2
|
-
require 'net/http'
|
3
|
-
require 'uri'
|
4
|
-
require 'cgi'
|
1
|
+
# frozen_string_literal: true
|
5
2
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
3
|
+
require "oauth/request_proxy/base"
|
4
|
+
require "net/http"
|
5
|
+
require "uri"
|
6
|
+
require "cgi"
|
10
7
|
|
11
|
-
|
12
|
-
|
13
|
-
|
8
|
+
module OAuth
|
9
|
+
module RequestProxy
|
10
|
+
module Net
|
11
|
+
module HTTP
|
12
|
+
class HTTPRequest < OAuth::RequestProxy::Base
|
13
|
+
proxies ::Net::HTTPGenericRequest
|
14
14
|
|
15
|
-
|
16
|
-
|
17
|
-
|
15
|
+
def method
|
16
|
+
request.method
|
17
|
+
end
|
18
18
|
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
else
|
23
|
-
all_parameters
|
24
|
-
end
|
25
|
-
end
|
19
|
+
def uri
|
20
|
+
options[:uri].to_s
|
21
|
+
end
|
26
22
|
|
27
|
-
|
28
|
-
|
29
|
-
|
23
|
+
def parameters
|
24
|
+
if options[:clobber_request]
|
25
|
+
options[:parameters]
|
26
|
+
else
|
27
|
+
all_parameters
|
28
|
+
end
|
29
|
+
end
|
30
30
|
|
31
|
-
|
31
|
+
def body
|
32
|
+
request.body
|
33
|
+
end
|
32
34
|
|
33
|
-
|
34
|
-
request_params = CGI.parse(query_string)
|
35
|
-
# request_params.each{|k,v| request_params[k] = [nil] if v == []}
|
35
|
+
private
|
36
36
|
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
37
|
+
def all_parameters
|
38
|
+
request_params = CGI.parse(query_string)
|
39
|
+
# request_params.each{|k,v| request_params[k] = [nil] if v == []}
|
40
|
+
|
41
|
+
if options[:parameters]
|
42
|
+
options[:parameters].each do |k, v|
|
43
|
+
if request_params.key?(k) && v
|
44
|
+
request_params[k] << v
|
45
|
+
else
|
46
|
+
request_params[k] = [v]
|
47
|
+
end
|
48
|
+
end
|
43
49
|
end
|
50
|
+
request_params
|
44
51
|
end
|
45
|
-
end
|
46
|
-
request_params
|
47
|
-
end
|
48
52
|
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
53
|
+
def query_string
|
54
|
+
params = [query_params, auth_header_params]
|
55
|
+
if (method.to_s.casecmp("POST").zero? || method.to_s.casecmp("PUT").zero?) && form_url_encoded?
|
56
|
+
params << post_params
|
57
|
+
end
|
58
|
+
params.compact.join("&")
|
59
|
+
end
|
54
60
|
|
55
|
-
|
56
|
-
|
57
|
-
|
61
|
+
def form_url_encoded?
|
62
|
+
!request["Content-Type"].nil? && request["Content-Type"].to_s.downcase.start_with?("application/x-www-form-urlencoded")
|
63
|
+
end
|
58
64
|
|
59
|
-
|
60
|
-
|
61
|
-
|
65
|
+
def query_params
|
66
|
+
URI.parse(request.path).query
|
67
|
+
end
|
62
68
|
|
63
|
-
|
64
|
-
|
65
|
-
|
69
|
+
def post_params
|
70
|
+
request.body
|
71
|
+
end
|
66
72
|
|
67
|
-
|
68
|
-
|
69
|
-
|
73
|
+
def auth_header_params
|
74
|
+
return nil unless request["Authorization"] && request["Authorization"][0, 5] == "OAuth"
|
75
|
+
|
76
|
+
request["Authorization"]
|
77
|
+
end
|
78
|
+
end
|
70
79
|
end
|
71
80
|
end
|
72
81
|
end
|
@@ -1,43 +1,47 @@
|
|
1
|
-
|
2
|
-
require 'uri'
|
3
|
-
require 'rack'
|
1
|
+
# frozen_string_literal: true
|
4
2
|
|
5
|
-
|
6
|
-
|
7
|
-
|
3
|
+
require "oauth/request_proxy/base"
|
4
|
+
require "uri"
|
5
|
+
require "rack"
|
8
6
|
|
9
|
-
|
10
|
-
|
11
|
-
|
7
|
+
module OAuth
|
8
|
+
module RequestProxy
|
9
|
+
class RackRequest < OAuth::RequestProxy::Base
|
10
|
+
proxies ::Rack::Request
|
12
11
|
|
13
|
-
|
14
|
-
|
15
|
-
|
12
|
+
def method
|
13
|
+
request.env["rack.methodoverride.original_method"] || request.request_method
|
14
|
+
end
|
16
15
|
|
17
|
-
|
18
|
-
|
19
|
-
options[:parameters] || {}
|
20
|
-
else
|
21
|
-
params = request_params.merge(query_params).merge(header_params)
|
22
|
-
params.merge(options[:parameters] || {})
|
16
|
+
def uri
|
17
|
+
request.url
|
23
18
|
end
|
24
|
-
end
|
25
19
|
|
26
|
-
|
27
|
-
|
28
|
-
|
20
|
+
def parameters
|
21
|
+
if options[:clobber_request]
|
22
|
+
options[:parameters] || {}
|
23
|
+
else
|
24
|
+
params = request_params.merge(query_params).merge(header_params)
|
25
|
+
params.merge(options[:parameters] || {})
|
26
|
+
end
|
27
|
+
end
|
29
28
|
|
30
|
-
|
29
|
+
def signature
|
30
|
+
parameters["oauth_signature"]
|
31
|
+
end
|
31
32
|
|
32
|
-
|
33
|
-
|
34
|
-
|
33
|
+
protected
|
34
|
+
|
35
|
+
def query_params
|
36
|
+
request.GET
|
37
|
+
end
|
35
38
|
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
39
|
+
def request_params
|
40
|
+
if request.content_type && request.content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
|
41
|
+
request.POST
|
42
|
+
else
|
43
|
+
{}
|
44
|
+
end
|
41
45
|
end
|
42
46
|
end
|
43
47
|
end
|
@@ -1,62 +1,65 @@
|
|
1
|
-
|
2
|
-
require 'rest-client'
|
3
|
-
require 'uri'
|
4
|
-
require 'cgi'
|
5
|
-
|
6
|
-
module OAuth::RequestProxy::RestClient
|
7
|
-
class Request < OAuth::RequestProxy::Base
|
8
|
-
proxies RestClient::Request
|
9
|
-
|
10
|
-
def method
|
11
|
-
request.method.to_s.upcase
|
12
|
-
end
|
1
|
+
# frozen_string_literal: true
|
13
2
|
|
14
|
-
|
15
|
-
|
16
|
-
|
3
|
+
require "oauth/request_proxy/base"
|
4
|
+
require "rest-client"
|
5
|
+
require "uri"
|
6
|
+
require "cgi"
|
7
|
+
|
8
|
+
module OAuth
|
9
|
+
module RequestProxy
|
10
|
+
module RestClient
|
11
|
+
class Request < OAuth::RequestProxy::Base
|
12
|
+
proxies ::RestClient::Request
|
17
13
|
|
18
|
-
|
19
|
-
|
20
|
-
options[:parameters] || {}
|
21
|
-
else
|
22
|
-
post_parameters.merge(query_params).merge(options[:parameters] || {})
|
14
|
+
def method
|
15
|
+
request.method.to_s.upcase
|
23
16
|
end
|
24
|
-
end
|
25
17
|
|
26
|
-
|
18
|
+
def uri
|
19
|
+
request.url
|
20
|
+
end
|
27
21
|
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
22
|
+
def parameters
|
23
|
+
if options[:clobber_request]
|
24
|
+
options[:parameters] || {}
|
25
|
+
else
|
26
|
+
post_parameters.merge(query_params).merge(options[:parameters] || {})
|
27
|
+
end
|
28
|
+
end
|
32
29
|
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
if method == 'POST' || method == 'PUT'
|
39
|
-
OAuth::Helper.stringify_keys(query_string_to_hash(request.payload.to_s) || {})
|
40
|
-
else
|
41
|
-
{}
|
30
|
+
protected
|
31
|
+
|
32
|
+
def query_params
|
33
|
+
query = URI.parse(request.url).query
|
34
|
+
query ? CGI.parse(query) : {}
|
42
35
|
end
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
if !v.nil?
|
51
|
-
result.merge({k => v})
|
52
|
-
elsif !result.key?(k)
|
53
|
-
result.merge({k => true})
|
36
|
+
|
37
|
+
def request_params; end
|
38
|
+
|
39
|
+
def post_parameters
|
40
|
+
# Post params are only used if posting form data
|
41
|
+
if method == "POST" || method == "PUT"
|
42
|
+
OAuth::Helper.stringify_keys(query_string_to_hash(request.payload.to_s) || {})
|
54
43
|
else
|
55
|
-
|
44
|
+
{}
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
private
|
49
|
+
|
50
|
+
def query_string_to_hash(query)
|
51
|
+
query.split("&").inject({}) do |result, q|
|
52
|
+
k, v = q.split("=")
|
53
|
+
if !v.nil?
|
54
|
+
result.merge(k => v)
|
55
|
+
elsif !result.key?(k)
|
56
|
+
result.merge(k => true)
|
57
|
+
else
|
58
|
+
result
|
59
|
+
end
|
56
60
|
end
|
57
61
|
end
|
58
|
-
keyvals
|
59
62
|
end
|
60
|
-
|
63
|
+
end
|
61
64
|
end
|
62
|
-
end
|
65
|
+
end
|
@@ -1,53 +1,59 @@
|
|
1
|
-
|
2
|
-
require 'typhoeus'
|
3
|
-
require 'typhoeus/request'
|
4
|
-
require 'uri'
|
5
|
-
require 'cgi'
|
6
|
-
|
7
|
-
module OAuth::RequestProxy::Typhoeus
|
8
|
-
class Request < OAuth::RequestProxy::Base
|
9
|
-
# Proxy for signing Typhoeus::Request requests
|
10
|
-
# Usage example:
|
11
|
-
# oauth_params = {:consumer => oauth_consumer, :token => access_token}
|
12
|
-
# req = Typhoeus::Request.new(uri, options)
|
13
|
-
# oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
|
14
|
-
# req.options[:headers].merge!({"Authorization" => oauth_helper.header})
|
15
|
-
# hydra = Typhoeus::Hydra.new()
|
16
|
-
# hydra.queue(req)
|
17
|
-
# hydra.run
|
18
|
-
# response = req.response
|
19
|
-
proxies Typhoeus::Request
|
20
|
-
|
21
|
-
def method
|
22
|
-
request_method = request.options[:method].to_s.upcase
|
23
|
-
request_method.empty? ? 'GET' : request_method
|
24
|
-
end
|
1
|
+
# frozen_string_literal: true
|
25
2
|
|
26
|
-
|
27
|
-
|
28
|
-
|
3
|
+
require "oauth/request_proxy/base"
|
4
|
+
require "typhoeus"
|
5
|
+
require "typhoeus/request"
|
6
|
+
require "uri"
|
7
|
+
require "cgi"
|
29
8
|
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
9
|
+
module OAuth
|
10
|
+
module RequestProxy
|
11
|
+
module Typhoeus
|
12
|
+
class Request < OAuth::RequestProxy::Base
|
13
|
+
# Proxy for signing Typhoeus::Request requests
|
14
|
+
# Usage example:
|
15
|
+
# oauth_params = {:consumer => oauth_consumer, :token => access_token}
|
16
|
+
# req = Typhoeus::Request.new(uri, options)
|
17
|
+
# oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
|
18
|
+
# req.options[:headers].merge!({"Authorization" => oauth_helper.header})
|
19
|
+
# hydra = Typhoeus::Hydra.new()
|
20
|
+
# hydra.queue(req)
|
21
|
+
# hydra.run
|
22
|
+
# response = req.response
|
23
|
+
proxies ::Typhoeus::Request
|
37
24
|
|
38
|
-
|
25
|
+
def method
|
26
|
+
request_method = request.options[:method].to_s.upcase
|
27
|
+
request_method.empty? ? "GET" : request_method
|
28
|
+
end
|
39
29
|
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
30
|
+
def uri
|
31
|
+
options[:uri].to_s
|
32
|
+
end
|
33
|
+
|
34
|
+
def parameters
|
35
|
+
if options[:clobber_request]
|
36
|
+
options[:parameters]
|
37
|
+
else
|
38
|
+
post_parameters.merge(query_parameters).merge(options[:parameters] || {})
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
private
|
43
|
+
|
44
|
+
def query_parameters
|
45
|
+
query = URI.parse(request.url).query
|
46
|
+
query ? CGI.parse(query) : {}
|
47
|
+
end
|
44
48
|
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
49
|
+
def post_parameters
|
50
|
+
# Post params are only used if posting form data
|
51
|
+
if method == "POST"
|
52
|
+
OAuth::Helper.stringify_keys(request.options[:params] || {})
|
53
|
+
else
|
54
|
+
{}
|
55
|
+
end
|
56
|
+
end
|
51
57
|
end
|
52
58
|
end
|
53
59
|
end
|
data/lib/oauth/request_proxy.rb
CHANGED
@@ -5,13 +5,13 @@ module OAuth
|
|
5
5
|
end
|
6
6
|
|
7
7
|
def self.proxy(request, options = {})
|
8
|
-
return request if request.
|
8
|
+
return request if request.is_a?(OAuth::RequestProxy::Base)
|
9
9
|
|
10
10
|
klass = available_proxies[request.class]
|
11
11
|
|
12
12
|
# Search for possible superclass matches.
|
13
13
|
if klass.nil?
|
14
|
-
request_parent = available_proxies.keys.find { |rc| request.
|
14
|
+
request_parent = available_proxies.keys.find { |rc| request.is_a?(rc) }
|
15
15
|
klass = available_proxies[request_parent]
|
16
16
|
end
|
17
17
|
|
@@ -19,6 +19,6 @@ module OAuth
|
|
19
19
|
klass.new(request, options)
|
20
20
|
end
|
21
21
|
|
22
|
-
class UnknownRequestType <
|
22
|
+
class UnknownRequestType < RuntimeError; end
|
23
23
|
end
|
24
24
|
end
|
data/lib/oauth/server.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
|
-
require
|
2
|
-
require
|
1
|
+
require "oauth/helper"
|
2
|
+
require "oauth/consumer"
|
3
3
|
|
4
4
|
module OAuth
|
5
5
|
# This is mainly used to create consumer credentials and can pretty much be ignored if you want to create your own
|
@@ -8,9 +8,9 @@ module OAuth
|
|
8
8
|
attr_accessor :base_url
|
9
9
|
|
10
10
|
@@server_paths = {
|
11
|
-
:
|
12
|
-
:
|
13
|
-
:
|
11
|
+
request_token_path: "/oauth/request_token",
|
12
|
+
authorize_path: "/oauth/authorize",
|
13
|
+
access_token_path: "/oauth/access_token"
|
14
14
|
}
|
15
15
|
|
16
16
|
# Create a new server instance
|
@@ -23,7 +23,7 @@ module OAuth
|
|
23
23
|
[generate_key(16), generate_key]
|
24
24
|
end
|
25
25
|
|
26
|
-
def generate_consumer_credentials(
|
26
|
+
def generate_consumer_credentials(_params = {})
|
27
27
|
Consumer.new(*generate_credentials)
|
28
28
|
end
|
29
29
|
|
@@ -31,12 +31,10 @@ module OAuth
|
|
31
31
|
def create_consumer
|
32
32
|
creds = generate_credentials
|
33
33
|
Consumer.new(creds[0], creds[1],
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
:access_token_path => access_token_path
|
39
|
-
})
|
34
|
+
site: base_url,
|
35
|
+
request_token_path: request_token_path,
|
36
|
+
authorize_path: authorize_path,
|
37
|
+
access_token_path: access_token_path)
|
40
38
|
end
|
41
39
|
|
42
40
|
def request_token_path
|
data/lib/oauth/signature/base.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
|
-
require
|
2
|
-
require
|
3
|
-
require
|
4
|
-
require
|
1
|
+
require "oauth/signature"
|
2
|
+
require "oauth/helper"
|
3
|
+
require "oauth/request_proxy/base"
|
4
|
+
require "base64"
|
5
5
|
|
6
6
|
module OAuth::Signature
|
7
7
|
class Base
|
@@ -17,7 +17,7 @@ module OAuth::Signature
|
|
17
17
|
end
|
18
18
|
|
19
19
|
def initialize(request, options = {}, &block)
|
20
|
-
raise TypeError unless request.
|
20
|
+
raise TypeError unless request.is_a?(OAuth::RequestProxy::Base)
|
21
21
|
@request = request
|
22
22
|
@options = options
|
23
23
|
|
@@ -47,15 +47,17 @@ module OAuth::Signature
|
|
47
47
|
end
|
48
48
|
|
49
49
|
def signature
|
50
|
-
Base64.encode64(digest).chomp.
|
50
|
+
Base64.encode64(digest).chomp.delete("\n")
|
51
51
|
end
|
52
52
|
|
53
53
|
def ==(cmp_signature)
|
54
|
-
signature
|
54
|
+
check = signature.bytesize ^ cmp_signature.bytesize
|
55
|
+
signature.bytes.zip(cmp_signature.bytes) { |x, y| check |= x ^ y.to_i }
|
56
|
+
check.zero?
|
55
57
|
end
|
56
58
|
|
57
59
|
def verify
|
58
|
-
self ==
|
60
|
+
self == request.signature
|
59
61
|
end
|
60
62
|
|
61
63
|
def signature_base_string
|
@@ -91,6 +93,5 @@ module OAuth::Signature
|
|
91
93
|
def raise_instantiation_error
|
92
94
|
raise NotImplementedError, "Cannot instantiate #{self.class.name} class directly."
|
93
95
|
end
|
94
|
-
|
95
96
|
end
|
96
97
|
end
|
@@ -1,17 +1,17 @@
|
|
1
|
-
require
|
1
|
+
require "oauth/signature/base"
|
2
2
|
|
3
3
|
module OAuth::Signature::HMAC
|
4
4
|
class SHA1 < OAuth::Signature::Base
|
5
|
-
implements
|
5
|
+
implements "hmac-sha1"
|
6
6
|
|
7
7
|
def body_hash
|
8
|
-
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body ||
|
8
|
+
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.delete("\n")
|
9
9
|
end
|
10
10
|
|
11
11
|
private
|
12
12
|
|
13
13
|
def digest
|
14
|
-
OpenSSL::HMAC.digest(OpenSSL::Digest.new(
|
14
|
+
OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha1"), secret, signature_base_string)
|
15
15
|
end
|
16
16
|
end
|
17
17
|
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require "oauth/signature/base"
|
2
|
+
|
3
|
+
module OAuth::Signature::HMAC
|
4
|
+
class SHA256 < OAuth::Signature::Base
|
5
|
+
implements "hmac-sha256"
|
6
|
+
|
7
|
+
def body_hash
|
8
|
+
Base64.encode64(OpenSSL::Digest::SHA256.digest(request.body || "")).chomp.delete("\n")
|
9
|
+
end
|
10
|
+
|
11
|
+
private
|
12
|
+
|
13
|
+
def digest
|
14
|
+
OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha256"), secret, signature_base_string)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -1,8 +1,8 @@
|
|
1
|
-
require
|
1
|
+
require "oauth/signature/base"
|
2
2
|
|
3
3
|
module OAuth::Signature::RSA
|
4
4
|
class SHA1 < OAuth::Signature::Base
|
5
|
-
implements
|
5
|
+
implements "rsa-sha1"
|
6
6
|
|
7
7
|
def ==(cmp_signature)
|
8
8
|
public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(cmp_signature.is_a?(Array) ? cmp_signature.first : cmp_signature), signature_base_string)
|
@@ -19,7 +19,7 @@ module OAuth::Signature::RSA
|
|
19
19
|
end
|
20
20
|
|
21
21
|
def body_hash
|
22
|
-
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body ||
|
22
|
+
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.delete("\n")
|
23
23
|
end
|
24
24
|
|
25
25
|
private
|
@@ -27,9 +27,9 @@ module OAuth::Signature::RSA
|
|
27
27
|
def decode_public_key
|
28
28
|
case consumer_secret
|
29
29
|
when /-----BEGIN CERTIFICATE-----/
|
30
|
-
OpenSSL::X509::Certificate.new(
|
30
|
+
OpenSSL::X509::Certificate.new(consumer_secret).public_key
|
31
31
|
else
|
32
|
-
OpenSSL::PKey::RSA.new(
|
32
|
+
OpenSSL::PKey::RSA.new(consumer_secret)
|
33
33
|
end
|
34
34
|
end
|
35
35
|
|
data/lib/oauth/signature.rb
CHANGED
@@ -20,26 +20,26 @@ module OAuth
|
|
20
20
|
|
21
21
|
# Sign a +request+
|
22
22
|
def self.sign(request, options = {}, &block)
|
23
|
-
|
23
|
+
build(request, options, &block).signature
|
24
24
|
end
|
25
25
|
|
26
26
|
# Verify the signature of +request+
|
27
27
|
def self.verify(request, options = {}, &block)
|
28
|
-
|
28
|
+
build(request, options, &block).verify
|
29
29
|
end
|
30
30
|
|
31
31
|
# Create the signature base string for +request+. This string is the normalized parameter information.
|
32
32
|
#
|
33
33
|
# See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
|
34
34
|
def self.signature_base_string(request, options = {}, &block)
|
35
|
-
|
35
|
+
build(request, options, &block).signature_base_string
|
36
36
|
end
|
37
37
|
|
38
38
|
# Create the body hash for a request
|
39
39
|
def self.body_hash(request, options = {}, &block)
|
40
|
-
|
40
|
+
build(request, options, &block).body_hash
|
41
41
|
end
|
42
42
|
|
43
|
-
class UnknownSignatureMethod <
|
43
|
+
class UnknownSignatureMethod < RuntimeError; end
|
44
44
|
end
|
45
45
|
end
|