oauth 0.5.5 → 0.5.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +415 -0
- data/CODE_OF_CONDUCT.md +84 -0
- data/CONTRIBUTING.md +23 -0
- data/LICENSE +18 -17
- data/README.md +372 -0
- data/SECURITY.md +16 -0
- data/bin/oauth +2 -2
- data/lib/oauth/cli/authorize_command.rb +8 -10
- data/lib/oauth/cli/base_command.rb +9 -7
- data/lib/oauth/cli/query_command.rb +3 -3
- data/lib/oauth/cli/sign_command.rb +12 -15
- data/lib/oauth/cli.rb +19 -19
- data/lib/oauth/client/action_controller_request.rb +20 -21
- data/lib/oauth/client/em_http.rb +99 -99
- data/lib/oauth/client/helper.rb +33 -36
- data/lib/oauth/client/net_http.rb +30 -30
- data/lib/oauth/consumer.rb +90 -89
- data/lib/oauth/errors/unauthorized.rb +3 -1
- data/lib/oauth/errors.rb +3 -3
- data/lib/oauth/helper.rb +17 -13
- data/lib/oauth/oauth.rb +4 -4
- data/lib/oauth/oauth_test_helper.rb +4 -4
- data/lib/oauth/request_proxy/action_controller_request.rb +56 -53
- data/lib/oauth/request_proxy/action_dispatch_request.rb +8 -4
- data/lib/oauth/request_proxy/base.rb +136 -132
- data/lib/oauth/request_proxy/curb_request.rb +49 -43
- data/lib/oauth/request_proxy/em_http_request.rb +59 -49
- data/lib/oauth/request_proxy/jabber_request.rb +12 -9
- data/lib/oauth/request_proxy/mock_request.rb +4 -2
- data/lib/oauth/request_proxy/net_http.rb +63 -54
- data/lib/oauth/request_proxy/rack_request.rb +35 -31
- data/lib/oauth/request_proxy/rest_client_request.rb +53 -50
- data/lib/oauth/request_proxy/typhoeus_request.rb +51 -45
- data/lib/oauth/request_proxy.rb +3 -3
- data/lib/oauth/server.rb +10 -12
- data/lib/oauth/signature/base.rb +10 -9
- data/lib/oauth/signature/hmac/sha1.rb +4 -4
- data/lib/oauth/signature/hmac/sha256.rb +17 -0
- data/lib/oauth/signature/plaintext.rb +2 -2
- data/lib/oauth/signature/rsa/sha1.rb +5 -5
- data/lib/oauth/signature.rb +5 -5
- data/lib/oauth/token.rb +5 -5
- data/lib/oauth/tokens/access_token.rb +3 -3
- data/lib/oauth/tokens/consumer_token.rb +2 -2
- data/lib/oauth/tokens/request_token.rb +7 -8
- data/lib/oauth/tokens/server_token.rb +0 -1
- data/lib/oauth/version.rb +1 -1
- data/lib/oauth.rb +8 -6
- metadata +47 -99
- data/README.rdoc +0 -88
@@ -1,72 +1,81 @@
|
|
1
|
-
|
2
|
-
require 'net/http'
|
3
|
-
require 'uri'
|
4
|
-
require 'cgi'
|
1
|
+
# frozen_string_literal: true
|
5
2
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
3
|
+
require "oauth/request_proxy/base"
|
4
|
+
require "net/http"
|
5
|
+
require "uri"
|
6
|
+
require "cgi"
|
10
7
|
|
11
|
-
|
12
|
-
|
13
|
-
|
8
|
+
module OAuth
|
9
|
+
module RequestProxy
|
10
|
+
module Net
|
11
|
+
module HTTP
|
12
|
+
class HTTPRequest < OAuth::RequestProxy::Base
|
13
|
+
proxies ::Net::HTTPGenericRequest
|
14
14
|
|
15
|
-
|
16
|
-
|
17
|
-
|
15
|
+
def method
|
16
|
+
request.method
|
17
|
+
end
|
18
18
|
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
else
|
23
|
-
all_parameters
|
24
|
-
end
|
25
|
-
end
|
19
|
+
def uri
|
20
|
+
options[:uri].to_s
|
21
|
+
end
|
26
22
|
|
27
|
-
|
28
|
-
|
29
|
-
|
23
|
+
def parameters
|
24
|
+
if options[:clobber_request]
|
25
|
+
options[:parameters]
|
26
|
+
else
|
27
|
+
all_parameters
|
28
|
+
end
|
29
|
+
end
|
30
30
|
|
31
|
-
|
31
|
+
def body
|
32
|
+
request.body
|
33
|
+
end
|
32
34
|
|
33
|
-
|
34
|
-
request_params = CGI.parse(query_string)
|
35
|
-
# request_params.each{|k,v| request_params[k] = [nil] if v == []}
|
35
|
+
private
|
36
36
|
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
37
|
+
def all_parameters
|
38
|
+
request_params = CGI.parse(query_string)
|
39
|
+
# request_params.each{|k,v| request_params[k] = [nil] if v == []}
|
40
|
+
|
41
|
+
if options[:parameters]
|
42
|
+
options[:parameters].each do |k, v|
|
43
|
+
if request_params.key?(k) && v
|
44
|
+
request_params[k] << v
|
45
|
+
else
|
46
|
+
request_params[k] = [v]
|
47
|
+
end
|
48
|
+
end
|
43
49
|
end
|
50
|
+
request_params
|
44
51
|
end
|
45
|
-
end
|
46
|
-
request_params
|
47
|
-
end
|
48
52
|
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
53
|
+
def query_string
|
54
|
+
params = [query_params, auth_header_params]
|
55
|
+
if (method.to_s.casecmp("POST").zero? || method.to_s.casecmp("PUT").zero?) && form_url_encoded?
|
56
|
+
params << post_params
|
57
|
+
end
|
58
|
+
params.compact.join("&")
|
59
|
+
end
|
54
60
|
|
55
|
-
|
56
|
-
|
57
|
-
|
61
|
+
def form_url_encoded?
|
62
|
+
!request["Content-Type"].nil? && request["Content-Type"].to_s.downcase.start_with?("application/x-www-form-urlencoded")
|
63
|
+
end
|
58
64
|
|
59
|
-
|
60
|
-
|
61
|
-
|
65
|
+
def query_params
|
66
|
+
URI.parse(request.path).query
|
67
|
+
end
|
62
68
|
|
63
|
-
|
64
|
-
|
65
|
-
|
69
|
+
def post_params
|
70
|
+
request.body
|
71
|
+
end
|
66
72
|
|
67
|
-
|
68
|
-
|
69
|
-
|
73
|
+
def auth_header_params
|
74
|
+
return nil unless request["Authorization"] && request["Authorization"][0, 5] == "OAuth"
|
75
|
+
|
76
|
+
request["Authorization"]
|
77
|
+
end
|
78
|
+
end
|
70
79
|
end
|
71
80
|
end
|
72
81
|
end
|
@@ -1,43 +1,47 @@
|
|
1
|
-
|
2
|
-
require 'uri'
|
3
|
-
require 'rack'
|
1
|
+
# frozen_string_literal: true
|
4
2
|
|
5
|
-
|
6
|
-
|
7
|
-
|
3
|
+
require "oauth/request_proxy/base"
|
4
|
+
require "uri"
|
5
|
+
require "rack"
|
8
6
|
|
9
|
-
|
10
|
-
|
11
|
-
|
7
|
+
module OAuth
|
8
|
+
module RequestProxy
|
9
|
+
class RackRequest < OAuth::RequestProxy::Base
|
10
|
+
proxies ::Rack::Request
|
12
11
|
|
13
|
-
|
14
|
-
|
15
|
-
|
12
|
+
def method
|
13
|
+
request.env["rack.methodoverride.original_method"] || request.request_method
|
14
|
+
end
|
16
15
|
|
17
|
-
|
18
|
-
|
19
|
-
options[:parameters] || {}
|
20
|
-
else
|
21
|
-
params = request_params.merge(query_params).merge(header_params)
|
22
|
-
params.merge(options[:parameters] || {})
|
16
|
+
def uri
|
17
|
+
request.url
|
23
18
|
end
|
24
|
-
end
|
25
19
|
|
26
|
-
|
27
|
-
|
28
|
-
|
20
|
+
def parameters
|
21
|
+
if options[:clobber_request]
|
22
|
+
options[:parameters] || {}
|
23
|
+
else
|
24
|
+
params = request_params.merge(query_params).merge(header_params)
|
25
|
+
params.merge(options[:parameters] || {})
|
26
|
+
end
|
27
|
+
end
|
29
28
|
|
30
|
-
|
29
|
+
def signature
|
30
|
+
parameters["oauth_signature"]
|
31
|
+
end
|
31
32
|
|
32
|
-
|
33
|
-
|
34
|
-
|
33
|
+
protected
|
34
|
+
|
35
|
+
def query_params
|
36
|
+
request.GET
|
37
|
+
end
|
35
38
|
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
39
|
+
def request_params
|
40
|
+
if request.content_type && request.content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
|
41
|
+
request.POST
|
42
|
+
else
|
43
|
+
{}
|
44
|
+
end
|
41
45
|
end
|
42
46
|
end
|
43
47
|
end
|
@@ -1,62 +1,65 @@
|
|
1
|
-
|
2
|
-
require 'rest-client'
|
3
|
-
require 'uri'
|
4
|
-
require 'cgi'
|
5
|
-
|
6
|
-
module OAuth::RequestProxy::RestClient
|
7
|
-
class Request < OAuth::RequestProxy::Base
|
8
|
-
proxies RestClient::Request
|
9
|
-
|
10
|
-
def method
|
11
|
-
request.method.to_s.upcase
|
12
|
-
end
|
1
|
+
# frozen_string_literal: true
|
13
2
|
|
14
|
-
|
15
|
-
|
16
|
-
|
3
|
+
require "oauth/request_proxy/base"
|
4
|
+
require "rest-client"
|
5
|
+
require "uri"
|
6
|
+
require "cgi"
|
7
|
+
|
8
|
+
module OAuth
|
9
|
+
module RequestProxy
|
10
|
+
module RestClient
|
11
|
+
class Request < OAuth::RequestProxy::Base
|
12
|
+
proxies ::RestClient::Request
|
17
13
|
|
18
|
-
|
19
|
-
|
20
|
-
options[:parameters] || {}
|
21
|
-
else
|
22
|
-
post_parameters.merge(query_params).merge(options[:parameters] || {})
|
14
|
+
def method
|
15
|
+
request.method.to_s.upcase
|
23
16
|
end
|
24
|
-
end
|
25
17
|
|
26
|
-
|
18
|
+
def uri
|
19
|
+
request.url
|
20
|
+
end
|
27
21
|
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
22
|
+
def parameters
|
23
|
+
if options[:clobber_request]
|
24
|
+
options[:parameters] || {}
|
25
|
+
else
|
26
|
+
post_parameters.merge(query_params).merge(options[:parameters] || {})
|
27
|
+
end
|
28
|
+
end
|
32
29
|
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
if method == 'POST' || method == 'PUT'
|
39
|
-
OAuth::Helper.stringify_keys(query_string_to_hash(request.payload.to_s) || {})
|
40
|
-
else
|
41
|
-
{}
|
30
|
+
protected
|
31
|
+
|
32
|
+
def query_params
|
33
|
+
query = URI.parse(request.url).query
|
34
|
+
query ? CGI.parse(query) : {}
|
42
35
|
end
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
if !v.nil?
|
51
|
-
result.merge({k => v})
|
52
|
-
elsif !result.key?(k)
|
53
|
-
result.merge({k => true})
|
36
|
+
|
37
|
+
def request_params; end
|
38
|
+
|
39
|
+
def post_parameters
|
40
|
+
# Post params are only used if posting form data
|
41
|
+
if method == "POST" || method == "PUT"
|
42
|
+
OAuth::Helper.stringify_keys(query_string_to_hash(request.payload.to_s) || {})
|
54
43
|
else
|
55
|
-
|
44
|
+
{}
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
private
|
49
|
+
|
50
|
+
def query_string_to_hash(query)
|
51
|
+
query.split("&").inject({}) do |result, q|
|
52
|
+
k, v = q.split("=")
|
53
|
+
if !v.nil?
|
54
|
+
result.merge(k => v)
|
55
|
+
elsif !result.key?(k)
|
56
|
+
result.merge(k => true)
|
57
|
+
else
|
58
|
+
result
|
59
|
+
end
|
56
60
|
end
|
57
61
|
end
|
58
|
-
keyvals
|
59
62
|
end
|
60
|
-
|
63
|
+
end
|
61
64
|
end
|
62
|
-
end
|
65
|
+
end
|
@@ -1,53 +1,59 @@
|
|
1
|
-
|
2
|
-
require 'typhoeus'
|
3
|
-
require 'typhoeus/request'
|
4
|
-
require 'uri'
|
5
|
-
require 'cgi'
|
6
|
-
|
7
|
-
module OAuth::RequestProxy::Typhoeus
|
8
|
-
class Request < OAuth::RequestProxy::Base
|
9
|
-
# Proxy for signing Typhoeus::Request requests
|
10
|
-
# Usage example:
|
11
|
-
# oauth_params = {:consumer => oauth_consumer, :token => access_token}
|
12
|
-
# req = Typhoeus::Request.new(uri, options)
|
13
|
-
# oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
|
14
|
-
# req.options[:headers].merge!({"Authorization" => oauth_helper.header})
|
15
|
-
# hydra = Typhoeus::Hydra.new()
|
16
|
-
# hydra.queue(req)
|
17
|
-
# hydra.run
|
18
|
-
# response = req.response
|
19
|
-
proxies Typhoeus::Request
|
20
|
-
|
21
|
-
def method
|
22
|
-
request_method = request.options[:method].to_s.upcase
|
23
|
-
request_method.empty? ? 'GET' : request_method
|
24
|
-
end
|
1
|
+
# frozen_string_literal: true
|
25
2
|
|
26
|
-
|
27
|
-
|
28
|
-
|
3
|
+
require "oauth/request_proxy/base"
|
4
|
+
require "typhoeus"
|
5
|
+
require "typhoeus/request"
|
6
|
+
require "uri"
|
7
|
+
require "cgi"
|
29
8
|
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
9
|
+
module OAuth
|
10
|
+
module RequestProxy
|
11
|
+
module Typhoeus
|
12
|
+
class Request < OAuth::RequestProxy::Base
|
13
|
+
# Proxy for signing Typhoeus::Request requests
|
14
|
+
# Usage example:
|
15
|
+
# oauth_params = {:consumer => oauth_consumer, :token => access_token}
|
16
|
+
# req = Typhoeus::Request.new(uri, options)
|
17
|
+
# oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
|
18
|
+
# req.options[:headers].merge!({"Authorization" => oauth_helper.header})
|
19
|
+
# hydra = Typhoeus::Hydra.new()
|
20
|
+
# hydra.queue(req)
|
21
|
+
# hydra.run
|
22
|
+
# response = req.response
|
23
|
+
proxies ::Typhoeus::Request
|
37
24
|
|
38
|
-
|
25
|
+
def method
|
26
|
+
request_method = request.options[:method].to_s.upcase
|
27
|
+
request_method.empty? ? "GET" : request_method
|
28
|
+
end
|
39
29
|
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
30
|
+
def uri
|
31
|
+
options[:uri].to_s
|
32
|
+
end
|
33
|
+
|
34
|
+
def parameters
|
35
|
+
if options[:clobber_request]
|
36
|
+
options[:parameters]
|
37
|
+
else
|
38
|
+
post_parameters.merge(query_parameters).merge(options[:parameters] || {})
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
private
|
43
|
+
|
44
|
+
def query_parameters
|
45
|
+
query = URI.parse(request.url).query
|
46
|
+
query ? CGI.parse(query) : {}
|
47
|
+
end
|
44
48
|
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
49
|
+
def post_parameters
|
50
|
+
# Post params are only used if posting form data
|
51
|
+
if method == "POST"
|
52
|
+
OAuth::Helper.stringify_keys(request.options[:params] || {})
|
53
|
+
else
|
54
|
+
{}
|
55
|
+
end
|
56
|
+
end
|
51
57
|
end
|
52
58
|
end
|
53
59
|
end
|
data/lib/oauth/request_proxy.rb
CHANGED
@@ -5,13 +5,13 @@ module OAuth
|
|
5
5
|
end
|
6
6
|
|
7
7
|
def self.proxy(request, options = {})
|
8
|
-
return request if request.
|
8
|
+
return request if request.is_a?(OAuth::RequestProxy::Base)
|
9
9
|
|
10
10
|
klass = available_proxies[request.class]
|
11
11
|
|
12
12
|
# Search for possible superclass matches.
|
13
13
|
if klass.nil?
|
14
|
-
request_parent = available_proxies.keys.find { |rc| request.
|
14
|
+
request_parent = available_proxies.keys.find { |rc| request.is_a?(rc) }
|
15
15
|
klass = available_proxies[request_parent]
|
16
16
|
end
|
17
17
|
|
@@ -19,6 +19,6 @@ module OAuth
|
|
19
19
|
klass.new(request, options)
|
20
20
|
end
|
21
21
|
|
22
|
-
class UnknownRequestType <
|
22
|
+
class UnknownRequestType < RuntimeError; end
|
23
23
|
end
|
24
24
|
end
|
data/lib/oauth/server.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
|
-
require
|
2
|
-
require
|
1
|
+
require "oauth/helper"
|
2
|
+
require "oauth/consumer"
|
3
3
|
|
4
4
|
module OAuth
|
5
5
|
# This is mainly used to create consumer credentials and can pretty much be ignored if you want to create your own
|
@@ -8,9 +8,9 @@ module OAuth
|
|
8
8
|
attr_accessor :base_url
|
9
9
|
|
10
10
|
@@server_paths = {
|
11
|
-
:
|
12
|
-
:
|
13
|
-
:
|
11
|
+
request_token_path: "/oauth/request_token",
|
12
|
+
authorize_path: "/oauth/authorize",
|
13
|
+
access_token_path: "/oauth/access_token"
|
14
14
|
}
|
15
15
|
|
16
16
|
# Create a new server instance
|
@@ -23,7 +23,7 @@ module OAuth
|
|
23
23
|
[generate_key(16), generate_key]
|
24
24
|
end
|
25
25
|
|
26
|
-
def generate_consumer_credentials(
|
26
|
+
def generate_consumer_credentials(_params = {})
|
27
27
|
Consumer.new(*generate_credentials)
|
28
28
|
end
|
29
29
|
|
@@ -31,12 +31,10 @@ module OAuth
|
|
31
31
|
def create_consumer
|
32
32
|
creds = generate_credentials
|
33
33
|
Consumer.new(creds[0], creds[1],
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
:access_token_path => access_token_path
|
39
|
-
})
|
34
|
+
site: base_url,
|
35
|
+
request_token_path: request_token_path,
|
36
|
+
authorize_path: authorize_path,
|
37
|
+
access_token_path: access_token_path)
|
40
38
|
end
|
41
39
|
|
42
40
|
def request_token_path
|
data/lib/oauth/signature/base.rb
CHANGED
@@ -1,7 +1,7 @@
|
|
1
|
-
require
|
2
|
-
require
|
3
|
-
require
|
4
|
-
require
|
1
|
+
require "oauth/signature"
|
2
|
+
require "oauth/helper"
|
3
|
+
require "oauth/request_proxy/base"
|
4
|
+
require "base64"
|
5
5
|
|
6
6
|
module OAuth::Signature
|
7
7
|
class Base
|
@@ -17,7 +17,7 @@ module OAuth::Signature
|
|
17
17
|
end
|
18
18
|
|
19
19
|
def initialize(request, options = {}, &block)
|
20
|
-
raise TypeError unless request.
|
20
|
+
raise TypeError unless request.is_a?(OAuth::RequestProxy::Base)
|
21
21
|
@request = request
|
22
22
|
@options = options
|
23
23
|
|
@@ -47,15 +47,17 @@ module OAuth::Signature
|
|
47
47
|
end
|
48
48
|
|
49
49
|
def signature
|
50
|
-
Base64.encode64(digest).chomp.
|
50
|
+
Base64.encode64(digest).chomp.delete("\n")
|
51
51
|
end
|
52
52
|
|
53
53
|
def ==(cmp_signature)
|
54
|
-
signature
|
54
|
+
check = signature.bytesize ^ cmp_signature.bytesize
|
55
|
+
signature.bytes.zip(cmp_signature.bytes) { |x, y| check |= x ^ y.to_i }
|
56
|
+
check.zero?
|
55
57
|
end
|
56
58
|
|
57
59
|
def verify
|
58
|
-
self ==
|
60
|
+
self == request.signature
|
59
61
|
end
|
60
62
|
|
61
63
|
def signature_base_string
|
@@ -91,6 +93,5 @@ module OAuth::Signature
|
|
91
93
|
def raise_instantiation_error
|
92
94
|
raise NotImplementedError, "Cannot instantiate #{self.class.name} class directly."
|
93
95
|
end
|
94
|
-
|
95
96
|
end
|
96
97
|
end
|
@@ -1,17 +1,17 @@
|
|
1
|
-
require
|
1
|
+
require "oauth/signature/base"
|
2
2
|
|
3
3
|
module OAuth::Signature::HMAC
|
4
4
|
class SHA1 < OAuth::Signature::Base
|
5
|
-
implements
|
5
|
+
implements "hmac-sha1"
|
6
6
|
|
7
7
|
def body_hash
|
8
|
-
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body ||
|
8
|
+
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.delete("\n")
|
9
9
|
end
|
10
10
|
|
11
11
|
private
|
12
12
|
|
13
13
|
def digest
|
14
|
-
OpenSSL::HMAC.digest(OpenSSL::Digest.new(
|
14
|
+
OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha1"), secret, signature_base_string)
|
15
15
|
end
|
16
16
|
end
|
17
17
|
end
|
@@ -0,0 +1,17 @@
|
|
1
|
+
require "oauth/signature/base"
|
2
|
+
|
3
|
+
module OAuth::Signature::HMAC
|
4
|
+
class SHA256 < OAuth::Signature::Base
|
5
|
+
implements "hmac-sha256"
|
6
|
+
|
7
|
+
def body_hash
|
8
|
+
Base64.encode64(OpenSSL::Digest::SHA256.digest(request.body || "")).chomp.delete("\n")
|
9
|
+
end
|
10
|
+
|
11
|
+
private
|
12
|
+
|
13
|
+
def digest
|
14
|
+
OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha256"), secret, signature_base_string)
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
@@ -1,8 +1,8 @@
|
|
1
|
-
require
|
1
|
+
require "oauth/signature/base"
|
2
2
|
|
3
3
|
module OAuth::Signature::RSA
|
4
4
|
class SHA1 < OAuth::Signature::Base
|
5
|
-
implements
|
5
|
+
implements "rsa-sha1"
|
6
6
|
|
7
7
|
def ==(cmp_signature)
|
8
8
|
public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(cmp_signature.is_a?(Array) ? cmp_signature.first : cmp_signature), signature_base_string)
|
@@ -19,7 +19,7 @@ module OAuth::Signature::RSA
|
|
19
19
|
end
|
20
20
|
|
21
21
|
def body_hash
|
22
|
-
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body ||
|
22
|
+
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.delete("\n")
|
23
23
|
end
|
24
24
|
|
25
25
|
private
|
@@ -27,9 +27,9 @@ module OAuth::Signature::RSA
|
|
27
27
|
def decode_public_key
|
28
28
|
case consumer_secret
|
29
29
|
when /-----BEGIN CERTIFICATE-----/
|
30
|
-
OpenSSL::X509::Certificate.new(
|
30
|
+
OpenSSL::X509::Certificate.new(consumer_secret).public_key
|
31
31
|
else
|
32
|
-
OpenSSL::PKey::RSA.new(
|
32
|
+
OpenSSL::PKey::RSA.new(consumer_secret)
|
33
33
|
end
|
34
34
|
end
|
35
35
|
|
data/lib/oauth/signature.rb
CHANGED
@@ -20,26 +20,26 @@ module OAuth
|
|
20
20
|
|
21
21
|
# Sign a +request+
|
22
22
|
def self.sign(request, options = {}, &block)
|
23
|
-
|
23
|
+
build(request, options, &block).signature
|
24
24
|
end
|
25
25
|
|
26
26
|
# Verify the signature of +request+
|
27
27
|
def self.verify(request, options = {}, &block)
|
28
|
-
|
28
|
+
build(request, options, &block).verify
|
29
29
|
end
|
30
30
|
|
31
31
|
# Create the signature base string for +request+. This string is the normalized parameter information.
|
32
32
|
#
|
33
33
|
# See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
|
34
34
|
def self.signature_base_string(request, options = {}, &block)
|
35
|
-
|
35
|
+
build(request, options, &block).signature_base_string
|
36
36
|
end
|
37
37
|
|
38
38
|
# Create the body hash for a request
|
39
39
|
def self.body_hash(request, options = {}, &block)
|
40
|
-
|
40
|
+
build(request, options, &block).body_hash
|
41
41
|
end
|
42
42
|
|
43
|
-
class UnknownSignatureMethod <
|
43
|
+
class UnknownSignatureMethod < RuntimeError; end
|
44
44
|
end
|
45
45
|
end
|