oauth 0.5.5 → 0.5.8

data/lib/oauth/request_proxy/net_http.rb

@@ -1,72 +1,81 @@
-require 'oauth/request_proxy/base'
-require 'net/http'
-require 'uri'
-require 'cgi'
+# frozen_string_literal: true
 
-module OAuth::RequestProxy::Net
-  module HTTP
-    class HTTPRequest < OAuth::RequestProxy::Base
-      proxies ::Net::HTTPGenericRequest
+require "oauth/request_proxy/base"
+require "net/http"
+require "uri"
+require "cgi"
 
-      def method
-        request.method
-      end
+module OAuth
+  module RequestProxy
+    module Net
+      module HTTP
+        class HTTPRequest < OAuth::RequestProxy::Base
+          proxies ::Net::HTTPGenericRequest
 
-      def uri
-        options[:uri].to_s
-      end
+          def method
+            request.method
+          end
 
-      def parameters
-        if options[:clobber_request]
-          options[:parameters]
-        else
-          all_parameters
-        end
-      end
+          def uri
+            options[:uri].to_s
+          end
 
-      def body
-        request.body
-      end
+          def parameters
+            if options[:clobber_request]
+              options[:parameters]
+            else
+              all_parameters
+            end
+          end
 
-    private
+          def body
+            request.body
+          end
 
-      def all_parameters
-        request_params = CGI.parse(query_string)
-        # request_params.each{|k,v| request_params[k] = [nil] if v == []}
+          private
 
-        if options[:parameters]
-          options[:parameters].each do |k,v|
-            if request_params.has_key?(k) && v
-              request_params[k] << v
-            else
-              request_params[k] = [v]
+          def all_parameters
+            request_params = CGI.parse(query_string)
+            # request_params.each{|k,v| request_params[k] = [nil] if v == []}
+
+            if options[:parameters]
+              options[:parameters].each do |k,v|
+                if request_params.has_key?(k) && v
+                  request_params[k] << v
+                else
+                  request_params[k] = [v]
+                end
+              end
             end
+            request_params
           end
-        end
-        request_params
-      end
 
-      def query_string
-        params = [ query_params, auth_header_params ]
-        params << post_params if (method.to_s.upcase == 'POST' || method.to_s.upcase == 'PUT') && form_url_encoded?
-        params.compact.join('&')
-      end
+          def query_string
+            params = [query_params, auth_header_params]
+            if (method.to_s.casecmp("POST").zero? || method.to_s.casecmp("PUT").zero?) && form_url_encoded?
+              params << post_params
+            end
+            params.compact.join("&")
+          end
 
-      def form_url_encoded?
-        request['Content-Type'] != nil && request['Content-Type'].to_s.downcase.start_with?('application/x-www-form-urlencoded')
-      end
+          def form_url_encoded?
+            !request["Content-Type"].nil? && request["Content-Type"].to_s.downcase.start_with?("application/x-www-form-urlencoded")
+          end
 
-      def query_params
-        URI.parse(request.path).query
-      end
+          def query_params
+            URI.parse(request.path).query
+          end
 
-      def post_params
-        request.body
-      end
+          def post_params
+            request.body
+          end
 
-      def auth_header_params
-        return nil unless request['Authorization'] && request['Authorization'][0,5] == 'OAuth'
-        request['Authorization']
+          def auth_header_params
+            return nil unless request["Authorization"] && request["Authorization"][0, 5] == "OAuth"
+
+            request["Authorization"]
+          end
+        end
       end
     end
   end

data/lib/oauth/request_proxy/rack_request.rb

@@ -1,43 +1,47 @@
-require 'oauth/request_proxy/base'
-require 'uri'
-require 'rack'
+# frozen_string_literal: true
 
-module OAuth::RequestProxy
-  class RackRequest < OAuth::RequestProxy::Base
-    proxies Rack::Request
+require "oauth/request_proxy/base"
+require "uri"
+require "rack"
 
-    def method
-      request.env["rack.methodoverride.original_method"] || request.request_method
-    end
+module OAuth
+  module RequestProxy
+    class RackRequest < OAuth::RequestProxy::Base
+      proxies ::Rack::Request
 
-    def uri
-      request.url
-    end
+      def method
+        request.env["rack.methodoverride.original_method"] || request.request_method
+      end
 
-    def parameters
-      if options[:clobber_request]
-        options[:parameters] || {}
-      else
-        params = request_params.merge(query_params).merge(header_params)
-        params.merge(options[:parameters] || {})
+      def uri
+        request.url
       end
-    end
 
-    def signature
-      parameters['oauth_signature']
-    end
+      def parameters
+        if options[:clobber_request]
+          options[:parameters] || {}
+        else
+          params = request_params.merge(query_params).merge(header_params)
+          params.merge(options[:parameters] || {})
+        end
+      end
 
-  protected
+      def signature
+        parameters["oauth_signature"]
+      end
 
-    def query_params
-      request.GET
-    end
+      protected
+
+      def query_params
+        request.GET
+      end
 
-    def request_params
-      if request.content_type and request.content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
-        request.POST
-      else
-        {}
+      def request_params
+        if request.content_type && request.content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
+          request.POST
+        else
+          {}
+        end
       end
     end
   end

data/lib/oauth/request_proxy/rest_client_request.rb

@@ -1,62 +1,65 @@
-require 'oauth/request_proxy/base'
-require 'rest-client'
-require 'uri'
-require 'cgi'
-
-module OAuth::RequestProxy::RestClient
-  class Request < OAuth::RequestProxy::Base
-    proxies RestClient::Request
-    
-      def method
-        request.method.to_s.upcase
-      end
+# frozen_string_literal: true
 
-      def uri
-        request.url
-      end
+require "oauth/request_proxy/base"
+require "rest-client"
+require "uri"
+require "cgi"
+
+module OAuth
+  module RequestProxy
+    module RestClient
+      class Request < OAuth::RequestProxy::Base
+        proxies ::RestClient::Request
 
-      def parameters
-        if options[:clobber_request]
-          options[:parameters] || {}
-        else
-          post_parameters.merge(query_params).merge(options[:parameters] || {})
+        def method
+          request.method.to_s.upcase
         end
-      end
 
-    protected
+        def uri
+          request.url
+        end
 
-      def query_params
-        query = URI.parse(request.url).query
-        query ? CGI.parse(query) : {}
-      end
+        def parameters
+          if options[:clobber_request]
+            options[:parameters] || {}
+          else
+            post_parameters.merge(query_params).merge(options[:parameters] || {})
+          end
+        end
 
-      def request_params
-      end
-      
-      def post_parameters
-        # Post params are only used if posting form data
-        if method == 'POST' || method == 'PUT'
-          OAuth::Helper.stringify_keys(query_string_to_hash(request.payload.to_s) || {})
-        else
-          {}
+        protected
+
+        def query_params
+          query = URI.parse(request.url).query
+          query ? CGI.parse(query) : {}
         end
-      end
-      
-   private
-      
-      def query_string_to_hash(query)
-        keyvals = query.split('&').inject({}) do |result, q| 
-          k,v = q.split('=')
-          if !v.nil?
-             result.merge({k => v})
-          elsif !result.key?(k)
-            result.merge({k => true})
+
+        def request_params; end
+
+        def post_parameters
+          # Post params are only used if posting form data
+          if method == "POST" || method == "PUT"
+            OAuth::Helper.stringify_keys(query_string_to_hash(request.payload.to_s) || {})
           else
-            result
+            {}
+          end
+        end
+
+        private
+
+        def query_string_to_hash(query)
+          query.split("&").inject({}) do |result, q|
+            k, v = q.split("=")
+            if !v.nil?
+              result.merge({ k => v })
+            elsif !result.key?(k)
+              result.merge({ k => true })
+            else
+              result
+            end
           end
         end
-        keyvals
       end
-      
+    end
   end
-end
+end

data/lib/oauth/request_proxy/typhoeus_request.rb

@@ -1,53 +1,59 @@
-require 'oauth/request_proxy/base'
-require 'typhoeus'
-require 'typhoeus/request'
-require 'uri'
-require 'cgi'
-
-module OAuth::RequestProxy::Typhoeus
-  class Request < OAuth::RequestProxy::Base
-    # Proxy for signing Typhoeus::Request requests
-    # Usage example:
-    # oauth_params = {:consumer => oauth_consumer, :token => access_token}
-    # req = Typhoeus::Request.new(uri, options)
-    # oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
-    # req.options[:headers].merge!({"Authorization" => oauth_helper.header})
-    # hydra = Typhoeus::Hydra.new()
-    # hydra.queue(req)
-    # hydra.run
-    # response = req.response
-    proxies Typhoeus::Request
-
-    def method
-      request_method = request.options[:method].to_s.upcase
-      request_method.empty? ? 'GET' : request_method
-    end
+# frozen_string_literal: true
 
-    def uri
-      options[:uri].to_s
-    end
+require "oauth/request_proxy/base"
+require "typhoeus"
+require "typhoeus/request"
+require "uri"
+require "cgi"
 
-    def parameters
-      if options[:clobber_request]
-        options[:parameters]
-      else
-        post_parameters.merge(query_parameters).merge(options[:parameters] || {})
-      end
-    end
+module OAuth
+  module RequestProxy
+    module Typhoeus
+      class Request < OAuth::RequestProxy::Base
+        # Proxy for signing Typhoeus::Request requests
+        # Usage example:
+        # oauth_params = {:consumer => oauth_consumer, :token => access_token}
+        # req = Typhoeus::Request.new(uri, options)
+        # oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))
+        # req.options[:headers].merge!({"Authorization" => oauth_helper.header})
+        # hydra = Typhoeus::Hydra.new()
+        # hydra.queue(req)
+        # hydra.run
+        # response = req.response
+        proxies ::Typhoeus::Request
 
-    private
+        def method
+          request_method = request.options[:method].to_s.upcase
+          request_method.empty? ? "GET" : request_method
+        end
 
-    def query_parameters
-      query = URI.parse(request.url).query
-      query ? CGI.parse(query) : {}
-    end
+        def uri
+          options[:uri].to_s
+        end
+
+        def parameters
+          if options[:clobber_request]
+            options[:parameters]
+          else
+            post_parameters.merge(query_parameters).merge(options[:parameters] || {})
+          end
+        end
+
+        private
+
+        def query_parameters
+          query = URI.parse(request.url).query
+          query ? CGI.parse(query) : {}
+        end
 
-    def post_parameters
-      # Post params are only used if posting form data
-      if method == 'POST'
-        OAuth::Helper.stringify_keys(request.options[:params] || {})
-      else
-        {}
+        def post_parameters
+          # Post params are only used if posting form data
+          if method == "POST"
+            OAuth::Helper.stringify_keys(request.options[:params] || {})
+          else
+            {}
+          end
+        end
       end
     end
   end

data/lib/oauth/server.rb

@@ -1,5 +1,5 @@
-require 'oauth/helper'
-require 'oauth/consumer'
+require "oauth/helper"
+require "oauth/consumer"
 
 module OAuth
   # This is mainly used to create consumer credentials and can pretty much be ignored if you want to create your own

data/lib/oauth/signature/base.rb

@@ -1,7 +1,7 @@
-require 'oauth/signature'
-require 'oauth/helper'
-require 'oauth/request_proxy/base'
-require 'base64'
+require "oauth/signature"
+require "oauth/helper"
+require "oauth/request_proxy/base"
+require "base64"
 
 module OAuth::Signature
   class Base
@@ -47,11 +47,13 @@ module OAuth::Signature
     end
 
     def signature
-      Base64.encode64(digest).chomp.gsub(/\n/,'')
+      Base64.encode64(digest).chomp.gsub(/\n/,"")
     end
 
     def ==(cmp_signature)
-      signature == cmp_signature
+      check = signature.bytesize ^ cmp_signature.bytesize
+      signature.bytes.zip(cmp_signature.bytes) { |x, y| check |= x ^ y.to_i }
+      check.zero?
     end
 
     def verify

data/lib/oauth/signature/hmac/sha1.rb

@@ -1,17 +1,17 @@
-require 'oauth/signature/base'
+require "oauth/signature/base"
 
 module OAuth::Signature::HMAC
   class SHA1 < OAuth::Signature::Base
-    implements 'hmac-sha1'
+    implements "hmac-sha1"
 
     def body_hash
-      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || '')).chomp.gsub(/\n/,'')
+      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.gsub(/\n/,"")
     end
 
     private
 
     def digest
-      OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), secret, signature_base_string)
+      OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha1"), secret, signature_base_string)
     end
   end
 end

data/lib/oauth/signature/hmac/sha256.rb

@@ -0,0 +1,17 @@
+require "oauth/signature/base"
+
+module OAuth::Signature::HMAC
+  class SHA256 < OAuth::Signature::Base
+    implements "hmac-sha256"
+
+    def body_hash
+      Base64.encode64(OpenSSL::Digest::SHA256.digest(request.body || "")).chomp.gsub(/\n/,"")
+    end
+
+    private
+
+    def digest
+      OpenSSL::HMAC.digest(OpenSSL::Digest.new("sha256"), secret, signature_base_string)
+    end
+  end
+end

data/lib/oauth/signature/plaintext.rb

@@ -1,8 +1,8 @@
-require 'oauth/signature/base'
+require "oauth/signature/base"
 
 module OAuth::Signature
   class PLAINTEXT < Base
-    implements 'plaintext'
+    implements "plaintext"
 
     def signature
       signature_base_string

data/lib/oauth/signature/rsa/sha1.rb

@@ -1,8 +1,8 @@
-require 'oauth/signature/base'
+require "oauth/signature/base"
 
 module OAuth::Signature::RSA
   class SHA1 < OAuth::Signature::Base
-    implements 'rsa-sha1'
+    implements "rsa-sha1"
 
     def ==(cmp_signature)
       public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(cmp_signature.is_a?(Array) ? cmp_signature.first : cmp_signature), signature_base_string)
@@ -19,7 +19,7 @@ module OAuth::Signature::RSA
     end
 
     def body_hash
-      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || '')).chomp.gsub(/\n/,'')
+      Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.gsub(/\n/,"")
     end
 
     private

data/lib/oauth/token.rb

@@ -1,7 +1,7 @@
 # this exists for backwards-compatibility
 
-require 'oauth/tokens/token'
-require 'oauth/tokens/server_token'
-require 'oauth/tokens/consumer_token'
-require 'oauth/tokens/request_token'
-require 'oauth/tokens/access_token'
+require "oauth/tokens/token"
+require "oauth/tokens/server_token"
+require "oauth/tokens/consumer_token"
+require "oauth/tokens/request_token"
+require "oauth/tokens/access_token"

data/lib/oauth/tokens/access_token.rb

@@ -43,7 +43,7 @@ module OAuth
     #   @response = @token.post('/people', nil, {'Accept' => 'application/xml' })
     #   @response = @token.post('/people', @person.to_xml, { 'Accept'=>'application/xml', 'Content-Type' => 'application/xml' })
     #
-    def post(path, body = '', headers = {})
+    def post(path, body = "", headers = {})
       request(:post, path, body, headers)
     end
 
@@ -55,7 +55,7 @@ module OAuth
     #   @response = @token.put('/people/123', nil, { 'Accept' => 'application/xml' })
     #   @response = @token.put('/people/123', @person.to_xml, { 'Accept' => 'application/xml', 'Content-Type' => 'application/xml' })
     #
-    def put(path, body = '', headers = {})
+    def put(path, body = "", headers = {})
       request(:put, path, body, headers)
     end
 
@@ -67,7 +67,7 @@ module OAuth
     #   @response = @token.patch('/people/123', nil, { 'Accept' => 'application/xml' })
     #   @response = @token.patch('/people/123', @person.to_xml, { 'Accept' => 'application/xml', 'Content-Type' => 'application/xml' })
     #
-    def patch(path, body = '', headers = {})
+    def patch(path, body = "", headers = {})
       request(:patch, path, body, headers)
     end
 

data/lib/oauth/version.rb

@@ -1,3 +1,3 @@
 module OAuth
-  VERSION = "0.5.5"
+  VERSION = "0.5.8"
 end

data/lib/oauth.rb

@@ -1,11 +1,13 @@
 root = File.dirname(__FILE__)
 $LOAD_PATH << root unless $LOAD_PATH.include?(root)
 
-require 'oauth/version'
+require "oauth/version"
 
-require 'oauth/oauth'
+require "oauth/oauth"
 
-require 'oauth/client/helper'
-require 'oauth/signature/hmac/sha1'
-require 'oauth/signature/rsa/sha1'
-require 'oauth/request_proxy/mock_request'
+require "oauth/client/helper"
+require "oauth/signature/plaintext"
+require "oauth/signature/hmac/sha1"
+require "oauth/signature/hmac/sha256"
+require "oauth/signature/rsa/sha1"
+require "oauth/request_proxy/mock_request"