oauth 0.5.6 → 1.1.5

data/REEK

@@ -0,0 +1,2 @@
+Error: No such file - is
+Error: No such file - empty

data/RUBOCOP.md

@@ -0,0 +1,71 @@
+# RuboCop Usage Guide
+
+## Overview
+
+A tale of two RuboCop plugin gems.
+
+### RuboCop Gradual
+
+This project uses `rubocop_gradual` instead of vanilla RuboCop for code style checking. The `rubocop_gradual` tool allows for gradual adoption of RuboCop rules by tracking violations in a lock file.
+
+### RuboCop LTS
+
+This project uses `rubocop-lts` to ensure, on a best-effort basis, compatibility with Ruby >= 1.9.2.
+RuboCop rules are meticulously configured by the `rubocop-lts` family of gems to ensure that a project is compatible with a specific version of Ruby. See: https://rubocop-lts.gitlab.io for more.
+
+## Checking RuboCop Violations
+
+To check for RuboCop violations in this project, always use:
+
+```bash
+bundle exec rake rubocop_gradual:check
+```
+
+**Do not use** the standard RuboCop commands like:
+- `bundle exec rubocop`
+- `rubocop`
+
+## Understanding the Lock File
+
+The `.rubocop_gradual.lock` file tracks all current RuboCop violations in the project. This allows the team to:
+
+1. Prevent new violations while gradually fixing existing ones
+2. Track progress on code style improvements
+3. Ensure CI builds don't fail due to pre-existing violations
+
+## Common Commands
+
+- **Check violations**
+    - `bundle exec rake rubocop_gradual`
+    - `bundle exec rake rubocop_gradual:check`
+- **(Safe) Autocorrect violations, and update lockfile if no new violations**
+  - `bundle exec rake rubocop_gradual:autocorrect`
+- **Force update the lock file (w/o autocorrect) to match violations present in code**
+  - `bundle exec rake rubocop_gradual:force_update`
+
+## Workflow
+
+1. Before submitting a PR, run `bundle exec rake rubocop_gradual:autocorrect`
+   a. or just the default `bundle exec rake`, as autocorrection is a pre-requisite of the default task.
+2. If there are new violations, either:
+   - Fix them in your code
+   - Run `bundle exec rake rubocop_gradual:force_update` to update the lock file (only for violations you can't fix immediately)
+3. Commit the updated `.rubocop_gradual.lock` file along with your changes
+
+## Never add inline RuboCop disables
+
+Do not add inline `rubocop:disable` / `rubocop:enable` comments anywhere in the codebase (including specs, except when following the few existing `rubocop:disable` patterns for a rule already being disabled elsewhere in the code). We handle exceptions in two supported ways:
+
+- Permanent/structural exceptions: prefer adjusting the RuboCop configuration (e.g., in `.rubocop.yml`) to exclude a rule for a path or file pattern when it makes sense project-wide.
+- Temporary exceptions while improving code: record the current violations in `.rubocop_gradual.lock` via the gradual workflow:
+  - `bundle exec rake rubocop_gradual:autocorrect` (preferred; will autocorrect what it can and update the lock only if no new violations were introduced)
+  - If needed, `bundle exec rake rubocop_gradual:force_update` (as a last resort when you cannot fix the newly reported violations immediately)
+
+In general, treat the rules as guidance to follow; fix violations rather than ignore them. For example, RSpec conventions in this project expect `described_class` to be used in specs that target a specific class under test.
+
+## Benefits of rubocop_gradual
+
+- Allows incremental adoption of code style rules
+- Prevents CI failures due to pre-existing violations
+- Provides a clear record of code style debt
+- Enables focused efforts on improving code quality over time

data/SECURITY.md

@@ -0,0 +1,24 @@
+# Security Policy
+
+## Supported Versions
+
+| Version  | Supported |
+|----------|-----------|
+| 1.latest | ✅         |
+
+## Security contact information
+
+To report a security vulnerability, please use the
+[Tidelift security contact](https://tidelift.com/security).
+Tidelift will coordinate the fix and disclosure.
+
+More detailed explanation of the process is in [IRP.md][IRP].
+
+## Additional Support
+
+If you are interested in support for versions older than the latest release,
+please consider sponsoring the project / maintainer @ https://liberapay.com/pboling/donate,
+or find other sponsorship links in the [README].
+
+[README]: README.md
+[IRP]: IRP.md

data/lib/oauth/auth_sanitizer.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module OAuth
+  AUTH_SANITIZER = begin
+    auth_sanitizer_requirement = Gem::Requirement.new("~> 0.1", ">= 0.1.3")
+    auth_sanitizer_spec = Gem.loaded_specs["auth-sanitizer"]
+    unless auth_sanitizer_spec && auth_sanitizer_requirement.satisfied_by?(auth_sanitizer_spec.version)
+      # :nocov:
+      auth_sanitizer_spec = Gem::Specification.find_by_name("auth-sanitizer", auth_sanitizer_requirement)
+      # :nocov:
+    end
+
+    auth_sanitizer_loader_path = File.join(
+      auth_sanitizer_spec.full_gem_path,
+      "lib/auth_sanitizer/loader.rb",
+    )
+    unless File.file?(auth_sanitizer_loader_path)
+      # :nocov:
+      raise LoadError, "oauth requires auth-sanitizer #{auth_sanitizer_requirement}; " \
+        "loader not found at #{auth_sanitizer_loader_path}"
+      # :nocov:
+    end
+
+    auth_sanitizer_loader_namespace = Module.new
+    auth_sanitizer_loader_namespace.module_eval(
+      File.read(auth_sanitizer_loader_path),
+      auth_sanitizer_loader_path,
+      1,
+    )
+
+    auth_sanitizer_loader_namespace
+      .const_get(:AuthSanitizer)
+      .const_get(:Loader)
+      .load_isolated
+  end
+end

data/lib/oauth/client/action_controller_request.rb

@@ -1,21 +1,23 @@
+# frozen_string_literal: true
+
 if defined? ActionDispatch
-  require 'oauth/request_proxy/rack_request'
-  require 'oauth/request_proxy/action_dispatch_request'
-  require 'action_dispatch/testing/test_process'
+  require "oauth/request_proxy/rack_request"
+  require "oauth/request_proxy/action_dispatch_request"
+  require "action_dispatch/testing/test_process"
 else
-  require 'oauth/request_proxy/action_controller_request'
-  require 'action_controller/test_process'
+  require "oauth/request_proxy/action_controller_request"
+  require "action_controller/test_process"
 end
 
 module ActionController
   class Base
     if defined? ActionDispatch
-      def process_with_new_base_test(request, response=nil)
+      def process_with_new_base_test(request, response = nil)
         request.apply_oauth! if request.respond_to?(:apply_oauth!)
         super(request, response)
       end
     else
-      def process_with_oauth(request, response=nil)
+      def process_with_oauth(request, response = nil)
         request.apply_oauth! if request.respond_to?(:apply_oauth!)
         process_without_oauth(request, response)
       end
@@ -24,39 +26,48 @@ module ActionController
   end
 
   class TestRequest
-    def self.use_oauth=(bool)
-      @use_oauth = bool
-    end
+    OAUTH_ENABLED_KEY = :oauth_action_controller_test_request_use_oauth
 
-    def self.use_oauth?
-      @use_oauth
+    class << self
+      def use_oauth=(value)
+        Thread.current[OAUTH_ENABLED_KEY] = value
+      end
+
+      def use_oauth?
+        Thread.current[OAUTH_ENABLED_KEY]
+      end
     end
 
     def configure_oauth(consumer = nil, token = nil, options = {})
-      @oauth_options = { :consumer  => consumer,
-                         :token     => token,
-                         :scheme    => 'header',
-                         :signature_method => nil,
-                         :nonce     => nil,
-                         :timestamp => nil }.merge(options)
+      @oauth_options = {
+        consumer: consumer,
+        token: token,
+        scheme: "header",
+        signature_method: nil,
+        nonce: nil,
+        timestamp: nil,
+      }.merge(options)
     end
 
     def apply_oauth!
       return unless ActionController::TestRequest.use_oauth? && @oauth_options
 
-      @oauth_helper = OAuth::Client::Helper.new(self, @oauth_options.merge(:request_uri => (respond_to?(:fullpath) ? fullpath : request_uri)))
+      @oauth_helper = OAuth::Client::Helper.new(
+        self,
+        @oauth_options.merge(request_uri: (respond_to?(:fullpath) ? fullpath : request_uri)),
+      )
       @oauth_helper.amend_user_agent_header(env)
 
-      self.send("set_oauth_#{@oauth_options[:scheme]}")
+      send("set_oauth_#{@oauth_options[:scheme]}")
     end
 
     def set_oauth_header
-      env['Authorization'] = @oauth_helper.header
+      env["Authorization"] = @oauth_helper.header
     end
 
     def set_oauth_parameters
       @query_parameters = @oauth_helper.parameters_with_oauth
-      @query_parameters.merge!(:oauth_signature => @oauth_helper.signature)
+      @query_parameters.merge!(oauth_signature: @oauth_helper.signature)
     end
 
     def set_oauth_query_string

data/lib/oauth/client/em_http.rb

@@ -1,119 +1,126 @@
-require 'em-http'
-require 'oauth/helper'
-require 'oauth/request_proxy/em_http_request'
+# frozen_string_literal: true
 
-# Extensions for em-http so that we can use consumer.sign! with an EventMachine::HttpClient
-# instance. This is purely syntactic sugar.
-class EventMachine::HttpClient
+require "oauth/helper"
+require "oauth/optional"
 
-  attr_reader :oauth_helper
+if OAuth::Optional.em_http_available?
+  require "oauth/request_proxy/em_http_request"
 
-  # Add the OAuth information to an HTTP request. Depending on the <tt>options[:scheme]</tt> setting
-  # this may add a header, additional query string parameters, or additional POST body parameters.
-  # The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
-  # header.
-  #
-  # * http - Configured Net::HTTP instance, ignored in this scenario except for getting host.
-  # * consumer - OAuth::Consumer instance
-  # * token - OAuth::Token instance
-  # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
-  #   +signature_method+, +nonce+, +timestamp+)
-  #
-  # This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
-  #
-  # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1]
-  def oauth!(http, consumer = nil, token = nil, options = {})
-    options = { :request_uri      => normalized_oauth_uri(http),
-                :consumer         => consumer,
-                :token            => token,
-                :scheme           => 'header',
-                :signature_method => nil,
-                :nonce            => nil,
-                :timestamp        => nil }.merge(options)
+  # Extensions for em-http so that we can use consumer.sign! with an EventMachine::HttpClient
+  # instance. This is purely syntactic sugar.
+  module EventMachine
+    class HttpClient
+      attr_reader :oauth_helper
 
-    @oauth_helper = OAuth::Client::Helper.new(self, options)
-    self.__send__(:"set_oauth_#{options[:scheme]}")
-  end
+      # Add the OAuth information to an HTTP request. Depending on the <tt>options[:scheme]</tt> setting
+      # this may add a header, additional query string parameters, or additional POST body parameters.
+      # The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
+      # header.
+      #
+      # * http - Configured Net::HTTP instance, ignored in this scenario except for getting host.
+      # * consumer - OAuth::Consumer instance
+      # * token - OAuth::Token instance
+      # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
+      #   +signature_method+, +nonce+, +timestamp+)
+      #
+      # This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
+      #
+      # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1]
+      def oauth!(http, consumer = nil, token = nil, options = {})
+        options = {
+          request_uri: normalized_oauth_uri(http),
+          consumer: consumer,
+          token: token,
+          scheme: "header",
+          signature_method: nil,
+          nonce: nil,
+          timestamp: nil,
+        }.merge(options)
 
-  # Create a string suitable for signing for an HTTP request. This process involves parameter
-  # normalization as specified in the OAuth specification. The exact normalization also depends
-  # on the <tt>options[:scheme]</tt> being used so this must match what will be used for the request
-  # itself. The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
-  # header.
-  #
-  # * http - Configured Net::HTTP instance
-  # * consumer - OAuth::Consumer instance
-  # * token - OAuth::Token instance
-  # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
-  #   +signature_method+, +nonce+, +timestamp+)
-  #
-  # See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
-  def signature_base_string(http, consumer = nil, token = nil, options = {})
-    options = { :request_uri      => normalized_oauth_uri(http),
-                :consumer         => consumer,
-                :token            => token,
-                :scheme           => 'header',
-                :signature_method => nil,
-                :nonce            => nil,
-                :timestamp        => nil }.merge(options)
+        @oauth_helper = OAuth::Client::Helper.new(self, options)
+        __send__(:"set_oauth_#{options[:scheme]}")
+      end
 
-    OAuth::Client::Helper.new(self, options).signature_base_string
-  end
+      # Create a string suitable for signing for an HTTP request. This process involves parameter
+      # normalization as specified in the OAuth specification. The exact normalization also depends
+      # on the <tt>options[:scheme]</tt> being used so this must match what will be used for the request
+      # itself. The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
+      # header.
+      #
+      # * http - Configured Net::HTTP instance
+      # * consumer - OAuth::Consumer instance
+      # * token - OAuth::Token instance
+      # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
+      #   +signature_method+, +nonce+, +timestamp+)
+      #
+      # See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
+      def signature_base_string(http, consumer = nil, token = nil, options = {})
+        options = {
+          request_uri: normalized_oauth_uri(http),
+          consumer: consumer,
+          token: token,
+          scheme: "header",
+          signature_method: nil,
+          nonce: nil,
+          timestamp: nil,
+        }.merge(options)
 
-  # This code was lifted from the em-http-request because it was removed from
-  # the gem June 19, 2010
-  # see: http://github.com/igrigorik/em-http-request/commit/d536fc17d56dbe55c487eab01e2ff9382a62598b
-  def normalize_uri
-    @normalized_uri ||= begin
-      uri = @uri.dup
-      encoded_query = encode_query(@uri, @options[:query])
-      path, query = encoded_query.split("?", 2)
-      uri.query = query unless encoded_query.empty?
-      uri.path  = path
-      uri
-    end
-  end
+        OAuth::Client::Helper.new(self, options).signature_base_string
+      end
 
-  protected
+      # This code was lifted from the em-http-request because it was removed from
+      # the gem June 19, 2010
+      # see: http://github.com/igrigorik/em-http-request/commit/d536fc17d56dbe55c487eab01e2ff9382a62598b
+      def normalize_uri
+        @normalized_uri ||= begin
+          uri = @conn.dup
+          encoded_query = encode_query(@conn, @req[:query])
+          path, query = encoded_query.split("?", 2)
+          uri.query = query unless encoded_query.empty?
+          uri.path = path
+          uri
+        end
+      end
 
-  def combine_query(path, query, uri_query)
-    combined_query = if query.kind_of?(Hash)
-      query.map { |k, v| encode_param(k, v) }.join('&')
-    else
-      query.to_s
-    end
-    if !uri_query.to_s.empty?
-      combined_query = [combined_query, uri_query].reject {|part| part.empty?}.join("&")
-    end
-    combined_query.to_s.empty? ? path : "#{path}?#{combined_query}"
-  end
+      protected
 
-  # Since we expect to get the host etc details from the http instance (...),
-  # we create a fake url here. Surely this is a horrible, horrible idea?
-  def normalized_oauth_uri(http)
-    uri = URI.parse(normalize_uri.path)
-    uri.host = http.address
-    uri.port = http.port
+      def combine_query(path, query, uri_query)
+        combined_query = if query.is_a?(Hash)
+          query.map { |k, v| encode_param(k, v) }.join("&")
+        else
+          query.to_s
+        end
+        combined_query = [combined_query, uri_query].reject(&:empty?).join("&") unless uri_query.to_s.empty?
+        combined_query.to_s.empty? ? path : "#{path}?#{combined_query}"
+      end
 
-    if http.respond_to?(:use_ssl?) && http.use_ssl?
-      uri.scheme = "https"
-    else
-      uri.scheme = "http"
-    end
-    uri.to_s
-  end
+      # Since we expect to get the host etc details from the http instance (...),
+      # we create a fake url here. Surely this is a horrible, horrible idea?
+      def normalized_oauth_uri(http)
+        uri = URI.parse(normalize_uri.path)
+        uri.host = http.address
+        uri.port = http.port
 
-  def set_oauth_header
-    headers = (self.options[:head] ||= {})
-    headers['Authorization'] = @oauth_helper.header
-  end
+        uri.scheme = if http.respond_to?(:use_ssl?) && http.use_ssl?
+          "https"
+        else
+          "http"
+        end
+        uri.to_s
+      end
 
-  def set_oauth_body
-    raise NotImplementedError, 'please use the set_oauth_header method instead'
-  end
+      def set_oauth_header
+        req[:head] ||= {}
+        req[:head].merge!("Authorization" => @oauth_helper.header)
+      end
 
-  def set_oauth_query_string
-    raise NotImplementedError, 'please use the set_oauth_header method instead'
-  end
+      def set_oauth_body
+        raise NotImplementedError, "please use the set_oauth_header method instead"
+      end
 
+      def set_oauth_query_string
+        raise NotImplementedError, "please use the set_oauth_header method instead"
+      end
+    end
+  end
 end

data/lib/oauth/client/helper.rb

@@ -1,101 +1,106 @@
-require 'oauth/client'
-require 'oauth/consumer'
-require 'oauth/helper'
-require 'oauth/token'
-require 'oauth/signature/hmac/sha1'
-
-module OAuth::Client
-  class Helper
-    include OAuth::Helper
-
-    def initialize(request, options = {})
-      @request = request
-      @options = options
-      @options[:signature_method] ||= 'HMAC-SHA1'
-    end
+# frozen_string_literal: true
+
+require "oauth/client"
+require "oauth/consumer"
+require "oauth/helper"
+require "oauth/token"
+require "oauth/signature/hmac/sha1"
+
+module OAuth
+  module Client
+    class Helper
+      include OAuth::Helper
+
+      def initialize(request, options = {})
+        @request = request
+        @options = options
+        @options[:signature_method] ||= "HMAC-SHA1"
+      end
 
-    def options
-      @options
-    end
+      attr_reader :options
 
-    def nonce
-      options[:nonce] ||= generate_key
-    end
+      def nonce
+        options[:nonce] ||= generate_key
+      end
 
-    def timestamp
-      options[:timestamp] ||= generate_timestamp
-    end
+      def timestamp
+        options[:timestamp] ||= generate_timestamp
+      end
 
-    def oauth_parameters
-      out = {
-        'oauth_body_hash'        => options[:body_hash],
-        'oauth_callback'         => options[:oauth_callback],
-        'oauth_consumer_key'     => options[:consumer].key,
-        'oauth_token'            => options[:token] ? options[:token].token : '',
-        'oauth_signature_method' => options[:signature_method],
-        'oauth_timestamp'        => timestamp,
-        'oauth_nonce'            => nonce,
-        'oauth_verifier'         => options[:oauth_verifier],
-        'oauth_version'          => (options[:oauth_version] || '1.0'),
-        'oauth_session_handle'   => options[:oauth_session_handle]
-      }
-      allowed_empty_params = options[:allow_empty_params]
-      if allowed_empty_params != true && !allowed_empty_params.kind_of?(Array)
-        allowed_empty_params = allowed_empty_params == false ? [] : [allowed_empty_params]
+      def oauth_parameters
+        out = {
+          "oauth_body_hash" => options[:body_hash],
+          "oauth_callback" => options[:oauth_callback],
+          "oauth_consumer_key" => options[:consumer].key,
+          "oauth_token" => options[:token] ? options[:token].token : "",
+          "oauth_signature_method" => options[:signature_method],
+          "oauth_timestamp" => timestamp,
+          "oauth_nonce" => nonce,
+          "oauth_verifier" => options[:oauth_verifier],
+          "oauth_version" => options[:oauth_version] || "1.0",
+          "oauth_session_handle" => options[:oauth_session_handle],
+        }
+        allowed_empty_params = options[:allow_empty_params]
+        if allowed_empty_params != true && !allowed_empty_params.is_a?(Array)
+          allowed_empty_params = (allowed_empty_params == false) ? [] : [allowed_empty_params]
+        end
+        out.select! { |k, v| v.to_s != "" || allowed_empty_params == true || allowed_empty_params.include?(k) }
+        out
       end
-      out.select! { |k,v| v.to_s != '' || allowed_empty_params == true || allowed_empty_params.include?(k) }
-      out
-    end
 
-    def signature(extra_options = {})
-      OAuth::Signature.sign(@request, { :uri      => options[:request_uri],
-                                        :consumer => options[:consumer],
-                                        :token    => options[:token],
-                                        :unsigned_parameters => options[:unsigned_parameters]
-      }.merge(extra_options) )
-    end
+      def signature(extra_options = {})
+        OAuth::Signature.sign(@request, {
+          uri: options[:request_uri],
+          consumer: options[:consumer],
+          token: options[:token],
+          unsigned_parameters: options[:unsigned_parameters],
+        }.merge(extra_options))
+      end
 
-    def signature_base_string(extra_options = {})
-      OAuth::Signature.signature_base_string(@request, { :uri        => options[:request_uri],
-                                                         :consumer   => options[:consumer],
-                                                         :token      => options[:token],
-                                                         :parameters => oauth_parameters}.merge(extra_options) )
-    end
+      def signature_base_string(extra_options = {})
+        OAuth::Signature.signature_base_string(@request, {
+          uri: options[:request_uri],
+          consumer: options[:consumer],
+          token: options[:token],
+          parameters: oauth_parameters,
+        }.merge(extra_options))
+      end
 
-    def token_request?
-      @options[:token_request].eql?(true)
-    end
+      def token_request?
+        @options[:token_request].eql?(true)
+      end
 
-    def hash_body
-      @options[:body_hash] = OAuth::Signature.body_hash(@request, :parameters => oauth_parameters)
-    end
+      def hash_body
+        @options[:body_hash] = OAuth::Signature.body_hash(@request, parameters: oauth_parameters)
+      end
 
-    def amend_user_agent_header(headers)
-      @oauth_ua_string ||= "OAuth gem v#{OAuth::VERSION}"
-      # Net::HTTP in 1.9 appends Ruby
-      if headers['User-Agent'] && headers['User-Agent'] != 'Ruby'
-        headers['User-Agent'] += " (#{@oauth_ua_string})"
-      else
-        headers['User-Agent'] = @oauth_ua_string
+      def amend_user_agent_header(headers)
+        @oauth_ua_string ||= "OAuth gem v#{OAuth::Version::VERSION}"
+        # Net::HTTP in 1.9 appends Ruby
+        if headers["User-Agent"] && headers["User-Agent"] != "Ruby"
+          headers["User-Agent"] += " (#{@oauth_ua_string})"
+        else
+          headers["User-Agent"] = @oauth_ua_string
+        end
       end
-    end
 
-    def header
-      parameters = oauth_parameters
-      parameters.merge!('oauth_signature' => signature(options.merge(:parameters => parameters)))
+      def header
+        parameters = oauth_parameters
+        parameters["oauth_signature"] = signature(options.merge(parameters: parameters))
 
-      header_params_str = parameters.sort.map { |k,v| "#{k}=\"#{escape(v)}\"" }.join(', ')
+        header_params_str = parameters.sort.map { |k, v| "#{k}=\"#{escape(v)}\"" }.join(", ")
 
-      realm = "realm=\"#{options[:realm]}\", " if options[:realm]
-      "OAuth #{realm}#{header_params_str}"
-    end
+        realm = "realm=\"#{options[:realm]}\", " if options[:realm]
+        "OAuth #{realm}#{header_params_str}"
+      end
 
-    def parameters
-      OAuth::RequestProxy.proxy(@request).parameters
-    end
+      def parameters
+        OAuth::RequestProxy.proxy(@request).parameters
+      end
 
-    def parameters_with_oauth
-      oauth_parameters.merge(parameters)
+      def parameters_with_oauth
+        oauth_parameters.merge(parameters)
+      end
     end
   end
 end