oauth 0.5.8 → 0.5.11

Sign up to get free protection for your applications and to get access to all the features.
Files changed (56) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +60 -116
  3. data/CODE_OF_CONDUCT.md +0 -0
  4. data/CONTRIBUTING.md +2 -2
  5. data/LICENSE +0 -0
  6. data/README.md +229 -46
  7. data/SECURITY.md +10 -4
  8. data/TODO +0 -0
  9. data/lib/oauth/cli/authorize_command.rb +8 -10
  10. data/lib/oauth/cli/base_command.rb +8 -6
  11. data/lib/oauth/cli/help_command.rb +0 -0
  12. data/lib/oauth/cli/query_command.rb +3 -3
  13. data/lib/oauth/cli/sign_command.rb +12 -15
  14. data/lib/oauth/cli/version_command.rb +0 -0
  15. data/lib/oauth/cli.rb +2 -2
  16. data/lib/oauth/client/action_controller_request.rb +14 -15
  17. data/lib/oauth/client/em_http.rb +28 -28
  18. data/lib/oauth/client/helper.rb +14 -17
  19. data/lib/oauth/client/net_http.rb +27 -27
  20. data/lib/oauth/client.rb +0 -0
  21. data/lib/oauth/consumer.rb +52 -62
  22. data/lib/oauth/errors/error.rb +0 -0
  23. data/lib/oauth/errors/problem.rb +0 -0
  24. data/lib/oauth/errors/unauthorized.rb +0 -0
  25. data/lib/oauth/errors.rb +0 -0
  26. data/lib/oauth/helper.rb +7 -7
  27. data/lib/oauth/oauth.rb +4 -4
  28. data/lib/oauth/oauth_test_helper.rb +0 -0
  29. data/lib/oauth/request_proxy/action_controller_request.rb +0 -0
  30. data/lib/oauth/request_proxy/action_dispatch_request.rb +0 -0
  31. data/lib/oauth/request_proxy/base.rb +3 -3
  32. data/lib/oauth/request_proxy/curb_request.rb +0 -0
  33. data/lib/oauth/request_proxy/em_http_request.rb +0 -0
  34. data/lib/oauth/request_proxy/jabber_request.rb +0 -0
  35. data/lib/oauth/request_proxy/mock_request.rb +0 -0
  36. data/lib/oauth/request_proxy/net_http.rb +2 -2
  37. data/lib/oauth/request_proxy/rack_request.rb +0 -0
  38. data/lib/oauth/request_proxy/rest_client_request.rb +2 -2
  39. data/lib/oauth/request_proxy/typhoeus_request.rb +0 -0
  40. data/lib/oauth/request_proxy.rb +3 -3
  41. data/lib/oauth/server.rb +8 -10
  42. data/lib/oauth/signature/base.rb +3 -4
  43. data/lib/oauth/signature/hmac/sha1.rb +1 -1
  44. data/lib/oauth/signature/hmac/sha256.rb +1 -1
  45. data/lib/oauth/signature/plaintext.rb +0 -0
  46. data/lib/oauth/signature/rsa/sha1.rb +3 -3
  47. data/lib/oauth/signature.rb +5 -5
  48. data/lib/oauth/token.rb +0 -0
  49. data/lib/oauth/tokens/access_token.rb +0 -0
  50. data/lib/oauth/tokens/consumer_token.rb +2 -2
  51. data/lib/oauth/tokens/request_token.rb +7 -8
  52. data/lib/oauth/tokens/server_token.rb +0 -1
  53. data/lib/oauth/tokens/token.rb +0 -0
  54. data/lib/oauth/version.rb +1 -1
  55. data/lib/oauth.rb +0 -0
  56. metadata +63 -34
data/README.md CHANGED
@@ -1,59 +1,237 @@
1
+ <p align="center">
2
+ <a href="http://oauth.net/core/1.0/" target="_blank" rel="noopener">
3
+ <img width="124px" src="https://github.com/oauth-xx/oauth-ruby/raw/main/docs/images/logo/Oauth_logo.svg?raw=true" alt="OAuth 1.0 Logo by Chris Messina, CC BY-SA 3.0, via Wikimedia Commons">
4
+ </a>
5
+ <a href="https://www.ruby-lang.org/" target="_blank" rel="noopener">
6
+ <img width="124px" src="https://github.com/oauth-xx/oauth-ruby/raw/main/docs/images/logo/ruby-logo-198px.svg?raw=true" alt="Yukihiro Matsumoto, Ruby Visual Identity Team, CC BY-SA 2.5">
7
+ </a>
8
+ </p>
9
+
1
10
  # Ruby OAuth
2
11
 
12
+ OAuth 1.0 is an industry-standard protocol for authorization.
13
+
14
+ This is a RubyGem for implementing both OAuth 1.0 clients and servers in Ruby applications.
15
+ See the sibling `oauth2` gem for OAuth 2.0 implementations in Ruby.
16
+
17
+ * [OAuth 1.0 Spec][oauth1-spec]
18
+ * [oauth2 sibling gem][sibling-gem] for OAuth 2.0 implementations in Ruby.
19
+
20
+ [oauth1-spec]: http://oauth.net/core/1.0/
21
+ [sibling-gem]: https://github.com/oauth-xx/oauth-ruby
22
+
3
23
  **NOTE**
4
24
 
5
- This README, on branch `v0.5-maintenance`, targets 0.5.x series releases. For later releases please see the `msater` branch README.
25
+ This README, on branch `v0.5-maintenance`, targets 0.5.x series releases.
26
+ The v0.5.x series of releases will be EOL no later than April, 2023.
27
+ For later releases please see the `main` branch README.
6
28
 
7
29
  ## Status
8
30
 
9
- | Project | Ruby Oauth |
10
- |--------------------------- |--------------------------- |
11
- | name, license, docs | [![RubyGems.org](https://img.shields.io/badge/name-oauth-brightgreen.svg?style=flat)][rubygems] [![License: MIT](https://img.shields.io/badge/License-MIT-green.svg)][license-ref] [![RubyDoc.info](https://img.shields.io/badge/documentation-rubydoc-brightgreen.svg?style=flat)][documentation] |
12
- | version & downloads | [![Version](https://img.shields.io/gem/v/oauth.svg)][rubygems] [![Total Downloads](https://img.shields.io/gem/dt/oauth.svg)][rubygems] [![Downloads Today](https://img.shields.io/gem/rd/oauth.svg)][rubygems] [![Homepage](https://img.shields.io/badge/source-github-brightgreen.svg?style=flat)][source] |
13
- | dependencies & linting | [![Depfu](https://badges.depfu.com/badges/d570491bac0ad3b0b65deb3c82028327/count.svg)][depfu] [![lint status](https://github.com/oauth-xx/oauth-ruby/actions/workflows/style.yml/badge.svg)][actions] |
14
- | unit tests | [![supported rubies](https://github.com/oauth-xx/oauth-ruby/actions/workflows/supported.yml/badge.svg)][actions] [![unsupported status](https://github.com/oauth-xx/oauth-ruby/actions/workflows/unsupported.yml/badge.svg)][actions] |
15
- | coverage & maintainability | [![Test Coverage](https://api.codeclimate.com/v1/badges/3cf23270c21e8791d788/test_coverage)][climate_coverage] [![codecov](https://codecov.io/gh/oauth-xx/oauth-ruby/branch/master/graph/badge.svg?token=4ZNAWNxrf9)][codecov_coverage] [![Maintainability](https://api.codeclimate.com/v1/badges/3cf23270c21e8791d788/maintainability)][climate_maintainability] [![Maintenance Policy](https://img.shields.io/badge/maintenance-policy-brightgreen.svg?style=flat)][security] |
16
- | resources | [![Discussion](https://img.shields.io/badge/discussions-github-brightgreen.svg?style=flat)][gh_discussions] [![Mailing List](https://img.shields.io/badge/group-mailinglist.svg?style=social&logo=google)][mailinglist] [![Join the chat at https://gitter.im/oauth-xx/oauth-ruby](https://badges.gitter.im/Join%20Chat.svg)][chat] [![Blog](https://img.shields.io/badge/blog-railsbling-brightgreen.svg?style=flat)][blogpage] |
17
- | Spread ~♡ⓛⓞⓥⓔ♡~ | [![Open Source Helpers](https://www.codetriage.com/oauth-xx/oauth-ruby/badges/users.svg)][code_triage] [![Liberapay Patrons](https://img.shields.io/liberapay/patrons/pboling.svg?logo=liberapay)][liberapay_donate] [![Sponsor Me](https://img.shields.io/badge/sponsor-pboling.svg?style=social&logo=github)][gh_sponsors] [🌏][aboutme] [👼][angelme] [💻][coderme] [🌹][politicme] [![Tweet @ Peter][followme-img]][tweetme] |
31
+ <!--
32
+ Numbering rows and badges in each row as a visual "database" lookup,
33
+ as the table is extremely dense, and it can be very difficult to find anything
34
+ Putting one on each row here, to document the emoji that should be used, and for ease of copy/paste.
35
+
36
+ row #s:
37
+ 1️⃣
38
+ 2️⃣
39
+ 3️⃣
40
+ 4️⃣
41
+ 5️⃣
42
+ 6️⃣
43
+ 7️⃣
44
+
45
+ badge #s:
46
+ ⛳️
47
+ 🖇
48
+ 🏘
49
+ 🚎
50
+ 🖐
51
+ 🧮
52
+ 📗
53
+
54
+ appended indicators:
55
+ ♻️ - URL needs to be updated from SASS integration. Find / Replace is insufficient.
56
+ -->
57
+
58
+ | | Project | bundle add oauth2 |
59
+ |:----|-----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
60
+ | 1️⃣ | name, license, docs | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard] |
61
+ | 2️⃣ | version & activity | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home] [![Open PRs][🖐prs-o-img]][🖐prs-o] [![Closed PRs][🧮prs-c-img]][🧮prs-c] |
62
+ | 3️⃣ | maintenance & linting | [![Maintainability][⛳cclim-maint-img♻️]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img♻️]][🏘depfu♻️] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc] |
63
+ | 4️⃣ | testing | [![Open Issues][⛳iss-o-img]][⛳iss-o] [![Closed Issues][🖇iss-c-img]][🖇iss-c] [![Supported][🏘sup-wf-img]][🏘sup-wf] [![Heads][🚎heads-wf-img]][🚎heads-wf] [![Unofficial Support][🖐uns-wf-img]][🖐uns-wf] [![MacOS][🧮mac-wf-img]][🧮mac-wf] [![Windows][📗win-wf-img]][📗win-wf] |
64
+ | 5️⃣ | coverage & security | [![CodeClimate][⛳cclim-cov-img♻️]][⛳cclim-cov] [![CodeCov][🖇codecov-img♻️]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] [![Code Coverage][🧮cov-wf-img]][🧮cov-wf] |
65
+ | 6️⃣ | resources | [![Discussion][⛳gh-discussions-img]][⛳gh-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki] |
66
+ | 7️⃣ | spread 💖 | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme] |
67
+
68
+ <!--
69
+ The link tokens in the following sections should be kept ordered by the row and badge numbering scheme
70
+ -->
71
+
72
+ <!-- 1️⃣ name, license, docs -->
73
+ [⛳️gem]: https://rubygems.org/gems/oauth
74
+ [⛳️name-img]: https://img.shields.io/badge/name-oauth-brightgreen.svg?style=flat
75
+ [🖇src-license]: https://opensource.org/licenses/MIT
76
+ [🖇src-license-img]: https://img.shields.io/badge/License-MIT-green.svg
77
+ [🏘fossa]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth-ruby?ref=badge_shield
78
+ [🏘fossa-img]: https://app.fossa.io/api/projects/git%2Bgithub.com%2Foauth-xx%2Foauth-ruby.svg?type=shield
79
+ [🚎yard]: https://www.rubydoc.info/github/oauth-xx/oauth-ruby
80
+ [🚎yard-img]: https://img.shields.io/badge/documentation-rubydoc-brightgreen.svg?style=flat
81
+ [🖐inch-ci-img]: http://inch-ci.org/github/oauth-xx/oauth-ruby.png
82
+
83
+ <!-- 2️⃣ version & activity -->
84
+ [⛳️version-img]: http://img.shields.io/gem/v/oauth.svg
85
+ [🖇DL-total-img]: https://img.shields.io/gem/dt/oauth.svg
86
+ [🏘DL-rank-img]: https://img.shields.io/gem/rt/oauth.svg
87
+ [🚎src-home]: https://github.com/oauth-xx/oauth-ruby
88
+ [🚎src-home-img]: https://img.shields.io/badge/source-github-brightgreen.svg?style=flat
89
+ [🖐prs-o]: https://github.com/oauth-xx/oauth-ruby/pulls
90
+ [🖐prs-o-img]: https://img.shields.io/github/issues-pr/oauth-xx/oauth-ruby
91
+ [🧮prs-c]: https://github.com/oauth-xx/oauth-ruby/pulls?q=is%3Apr+is%3Aclosed
92
+ [🧮prs-c-img]: https://img.shields.io/github/issues-pr-closed/oauth-xx/oauth-ruby
93
+ [📗next]: https://github.com/oauth-xx/oauth-ruby/milestone/1
94
+ [📗next-img]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth-ruby/1?label=Next%20Version
95
+
96
+ <!-- 3️⃣ maintanence & linting -->
97
+ [⛳cclim-maint]: https://codeclimate.com/github/oauth-xx/oauth-ruby/maintainability
98
+ [⛳cclim-maint-img♻️]: https://api.codeclimate.com/v1/badges/3cf23270c21e8791d788/maintainability
99
+ [🖇triage-help]: https://www.codetriage.com/oauth-xx/oauth-ruby
100
+ [🖇triage-help-img]: https://www.codetriage.com/oauth-xx/oauth-ruby/badges/users.svg
101
+ [🏘depfu♻️]: https://depfu.com/github/oauth-xx/oauth-ruby?project_id=22868
102
+ [🏘depfu-img♻️]: https://badges.depfu.com/badges/d570491bac0ad3b0b65deb3c82028327/count.svg
103
+ [🚎contributors]: https://github.com/oauth-xx/oauth-ruby/graphs/contributors
104
+ [🚎contributors-img]: https://img.shields.io/github/contributors-anon/oauth-xx/oauth-ruby
105
+ [🖐style-wf]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/style.yml
106
+ [🖐style-wf-img]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/style.yml/badge.svg
107
+ [🧮kloc]: https://www.youtube.com/watch?v=dQw4w9WgXcQ
108
+ [🧮kloc-img]: https://img.shields.io/tokei/lines/github.com/oauth-xx/oauth-ruby
109
+
110
+ <!-- 4️⃣ testing -->
111
+ [⛳iss-o]: https://github.com/oauth-xx/oauth-ruby/issues
112
+ [⛳iss-o-img]: https://img.shields.io/github/issues-raw/oauth-xx/oauth-ruby
113
+ [🖇iss-c]: https://github.com/oauth-xx/oauth-ruby/issues?q=is%3Aissue+is%3Aclosed
114
+ [🖇iss-c-img]: https://img.shields.io/github/issues-closed-raw/oauth-xx/oauth-ruby
115
+ [🏘sup-wf]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/supported.yml
116
+ [🏘sup-wf-img]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/supported.yml/badge.svg
117
+ [🚎heads-wf]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/heads.yml
118
+ [🚎heads-wf-img]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/heads.yml/badge.svg
119
+ [🖐uns-wf]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/unsupported.yml
120
+ [🖐uns-wf-img]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/unsupported.yml/badge.svg
121
+ [🧮mac-wf]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/macos.yml
122
+ [🧮mac-wf-img]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/macos.yml/badge.svg
123
+ [📗win-wf]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/windows.yml
124
+ [📗win-wf-img]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/windows.yml/badge.svg
125
+
126
+ <!-- 5️⃣ coverage & security -->
127
+ [⛳cclim-cov]: https://codeclimate.com/github/oauth-xx/oauth-ruby/test_coverage
128
+ [⛳cclim-cov-img♻️]: https://api.codeclimate.com/v1/badges/3cf23270c21e8791d788/test_coverage
129
+ [🖇codecov-img♻️]: https://codecov.io/gh/oauth-xx/oauth-ruby/branch/main/graph/badge.svg?token=4ZNAWNxrf9
130
+ [🖇codecov]: https://codecov.io/gh/oauth-xx/oauth-ruby
131
+ [🏘coveralls]: https://coveralls.io/github/oauth-xx/oauth-ruby?branch=main
132
+ [🏘coveralls-img]: https://coveralls.io/repos/github/oauth-xx/oauth-ruby/badge.svg?branch=main
133
+ [🚎sec-pol]: https://github.com/oauth-xx/oauth-ruby/blob/main/SECURITY.md
134
+ [🚎sec-pol-img]: https://img.shields.io/badge/security-policy-brightgreen.svg?style=flat
135
+ [🖐codeQL]: https://github.com/oauth-xx/oauth-ruby/security/code-scanning
136
+ [🖐codeQL-img]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/codeql-analysis.yml/badge.svg
137
+ [🧮cov-wf]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/coverage.yml
138
+ [🧮cov-wf-img]: https://github.com/oauth-xx/oauth-ruby/actions/workflows/coverage.yml/badge.svg
139
+
140
+ <!-- 6️⃣ resources -->
141
+ [⛳gh-discussions]: https://github.com/oauth-xx/oauth-ruby/discussions
142
+ [⛳gh-discussions-img]: https://img.shields.io/github/discussions/oauth-xx/oauth-ruby
143
+ [🖇codementor]: https://www.codementor.io/peterboling?utm_source=github&utm_medium=button&utm_term=peterboling&utm_campaign=github
144
+ [🖇codementor-img]: https://cdn.codementor.io/badges/get_help_github.svg
145
+ [🏘chat]: https://gitter.im/oauth-xx/oauth-ruby
146
+ [🏘chat-img]: https://img.shields.io/gitter/room/oauth-xx/oauth-ruby.svg
147
+ [🚎blog]: http://www.railsbling.com/tags/oauth-ruby/
148
+ [🚎blog-img]: https://img.shields.io/badge/blog-railsbling-brightgreen.svg?style=flat
149
+ [🖐wiki]: https://github.com/oauth-xx/oauth-ruby/wiki
150
+ [🖐wiki-img]: https://img.shields.io/badge/wiki-examples-brightgreen.svg?style=flat
151
+
152
+ <!-- 7️⃣ spread 💖 -->
153
+ [⛳liberapay-img]: https://img.shields.io/liberapay/patrons/pboling.svg?logo=liberapay
154
+ [⛳liberapay]: https://liberapay.com/pboling/donate
155
+ [🖇sponsor-img]: https://img.shields.io/badge/sponsor-pboling.svg?style=social&logo=github
156
+ [🖇sponsor]: https://github.com/sponsors/pboling
157
+ [🏘tweet-img]: https://img.shields.io/twitter/follow/galtzo.svg?style=social&label=Follow
158
+ [🏘tweet]: http://twitter.com/galtzo
159
+
160
+ <!-- Maintainer Contact Links -->
161
+ [railsbling]: http://www.railsbling.com
162
+ [peterboling]: http://www.peterboling.com
18
163
 
19
- ## What
164
+ ## Installation
20
165
 
21
- This is a RubyGem for implementing both OAuth 1.0 clients and servers in Ruby
22
- applications.
166
+ Install the gem and add to the application's Gemfile by executing:
23
167
 
24
- See the OAuth 1.0 spec http://oauth.net/core/1.0/
168
+ $ bundle add oauth
25
169
 
26
- See the sibling gem [oauth2](https://github.com/oauth-xx/oauth2) for OAuth 2.0 implementations in Ruby.
170
+ If bundler is not being used to manage dependencies, install the gem by executing:
27
171
 
28
- ## Installation
172
+ $ gem install oauth
29
173
 
30
- Add this line to your application's Gemfile:
174
+ ## OAuth for Enterprise
31
175
 
32
- ```ruby
33
- gem "oauth"
34
- ```
176
+ Available as part of the Tidelift Subscription.
35
177
 
36
- And then execute:
178
+ The maintainers of OAuth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.](https://tidelift.com/subscription/pkg/rubygems-oauth?utm_source=rubygems-oauth&utm_medium=referral&utm_campaign=enterprise)
37
179
 
38
- $ bundle install
180
+ ## Security contact information [![Security Policy][🚎sec-pol-img]][🚎sec-pol]
39
181
 
40
- Or install it yourself as:
182
+ To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security).
183
+ Tidelift will coordinate the fix and disclosure.
41
184
 
42
- $ gem install oauth
185
+ For more see [SECURITY.md][🚎sec-pol].
43
186
 
44
187
  ## Compatibility
45
188
 
46
- Targeted ruby compatibility is non-EOL versions of Ruby, currently 2.6, 2.7, and
47
- 3.0. Ruby is limited to 2.0+ in the gemspec, and this may change while the gem is
48
- still at version 0.x. The `master` branch currently targets 0.6.x releases.
189
+ Targeted ruby compatibility is non-EOL versions of Ruby, currently 2.7, 3.0, and
190
+ 3.1. Ruby is limited to 2.0+ in the gemspec on this `v0.5-maintenance` branch.
49
191
 
50
- | Ruby OAuth Version | Maintenance Branch | Officially Supported Rubies | Unofficially Supported Rubies |
51
- |--------------------- | ------------------ | ------------------------------------------- | ----------------------------- |
52
- | 0.7.x (hypothetical) | N/A | 2.7, 3.0, 3.1 | 2.6 |
53
- | 0.6.x | `master` | 2.6, 2.7, 3.0 | 2.3, 2.4, 2.5 |
54
- | 0.5.x | `v0.5-maintenance` | 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 3.0 | |
192
+ The `v0.6-maintenance` branch targets 0.6.x releases.
193
+ See `v0.5-maintenance` branch for older rubies.
55
194
 
56
- NOTE: 0.5.7 is anticipated as last release of the 0.5.x series.
195
+ NOTE: No further releases of the 0.5.x series are anticipated.
196
+
197
+ <details>
198
+ <summary>Ruby Engine Compatibility Policy</summary>
199
+
200
+ This gem is tested against MRI, and to a lesser extent, against JRuby, and Truffleruby.
201
+ Each of those has varying versions that target a specific version of MRI Ruby.
202
+ This gem should work in the just-listed Ruby engines according to the targeted MRI compatibility in the table below.
203
+ If you would like to add support for additional engines,
204
+ first make sure Github Actions supports the engine,
205
+ then submit a PR to the correct maintenance branch as according to the table below.
206
+ </details>
207
+
208
+ <details>
209
+ <summary>Ruby Version Compatibility Policy</summary>
210
+
211
+ If something doesn't work on one of these interpreters, it's a bug.
212
+
213
+ This library may inadvertently work (or seem to work) on other Ruby
214
+ implementations, however support will only be provided for the versions listed
215
+ above.
216
+
217
+ If you would like this library to support another Ruby version, you may
218
+ volunteer to be a maintainer. Being a maintainer entails making sure all tests
219
+ run and pass on that implementation. When something breaks on your
220
+ implementation, you will be responsible for providing patches in a timely
221
+ fashion. If critical issues for a particular implementation exist at the time
222
+ of a major release, support for that Ruby version may be dropped.
223
+ </details>
224
+
225
+ | | Ruby OAuth Version | Maintenance Branch | 🚂 Compatibility | Official 💎 | Unofficial 💎 | Incidental 💎 |
226
+ |:----|--------------------|--------------------|------------------------|----------------------|-------------------------|---------------|
227
+ | 1️⃣ | 1.0.x | `main` | Rails 6, 7 | 2.7, 3.0, 3.1 | sorry, not sorry | nope |
228
+ | 2️⃣ | 0.6.x | `v0.6-maintenance` | Rails 5, 6, 7 | 2.7, 3.0, 3.1 | 2.5, 2.6 | 2.4 |
229
+ | 3️⃣ | 0.5.x | `v0.5-maintenance` | Rails 2, 3, 4, 5, 6, 7 | 2.7, 3.0, 3.1 | 2.2, 2.3, 2.4, 2.5, 2.6 | 2.0, 2.1 |
230
+ | 4️⃣ | older | N/A | | Best of luck to you! | Please upgrade! | noop |
231
+
232
+ NOTE: Support for version 0.5.x will end in April, 2023
233
+ NOTE: Once 1.0 is released, the 0.x series will only receive critical bug and security updates.
234
+ See [SECURITY.md][🚎sec-pol]
57
235
 
58
236
  ## Basics
59
237
 
@@ -61,16 +239,21 @@ This is a ruby library which is intended to be used in creating Ruby Consumer
61
239
  and Service Provider applications. It is NOT a Rails plugin, but could easily
62
240
  be used for the foundation for such a Rails plugin.
63
241
 
64
- As a matter of fact it has been pulled out from an OAuth Rails GEM
65
- (https://rubygems.org/gems/oauth-plugin https://github.com/pelle/oauth-plugin)
66
- which now uses this gem as a dependency.
242
+ This gem was originally extracted from @pelle's [oauth-plugin](https://github.com/pelle/oauth-plugin)
243
+ gem. After extraction that gem was made to depend on this gem.
244
+
245
+ Unfortunately, this gem does have some Rails related bits that are
246
+ **optional** to load. You don't need Rails! The Rails bits may be pulled out
247
+ into a separate gem with the release of version 1.0 of this gem.
67
248
 
68
249
  ## Usage
69
250
 
70
- We need to specify the oauth_callback url explicitly, otherwise it defaults to
251
+ We need to specify the `oauth_callback` url explicitly, otherwise it defaults to
71
252
  "oob" (Out of Band)
72
253
 
73
- callback_url = "http://127.0.0.1:3000/oauth/callback"
254
+ ```ruby
255
+ callback_url = "http://127.0.0.1:3000/oauth/callback"
256
+ ```
74
257
 
75
258
  Create a new `OAuth::Consumer` instance by passing it a configuration hash:
76
259
 
@@ -130,15 +313,16 @@ Made with [contributors-img][contrib-rocks].
130
313
  This library aims to adhere to [Semantic Versioning 2.0.0][semver]. Violations of this scheme should be reported as
131
314
  bugs. Specifically, if a minor or patch version is released that breaks backward compatibility, a new version should be
132
315
  immediately released that restores compatibility. Breaking changes to the public API will only be introduced with new
133
- major versions.
316
+ major versions. Compatibility with a major and minor versions of Ruby will only be changed with a major version bump.
134
317
 
135
318
  As a result of this policy, you can (and should) specify a dependency on this gem using
136
- the [Pessimistic Version Constraint][pvc] with two digits of precision.
319
+ the [Pessimistic Version Constraint][pvc] with two digits of precision once it hits a 1.0 release.
320
+ While on 0.x releases three digits of precision should be used.
137
321
 
138
322
  For example:
139
323
 
140
324
  ```ruby
141
- spec.add_dependency "oauth", "~> 0.5"
325
+ spec.add_dependency "oauth", "~> 0.5.10"
142
326
  ```
143
327
 
144
328
  ## License
@@ -156,8 +340,8 @@ Comments are welcome. Contact the [OAuth Ruby mailing list (Google Group)][maili
156
340
 
157
341
  [comment]: <> (Following links are used by README, CONTRIBUTING, Homepage)
158
342
 
159
- [conduct]: https://github.com/oauth-xx/oauth-ruby/blob/master/CODE_OF_CONDUCT.md
160
- [contributing]: https://github.com/oauth-xx/oauth-ruby/blob/master/CONTRIBUTING.md
343
+ [conduct]: https://github.com/oauth-xx/oauth-ruby/blob/main/CODE_OF_CONDUCT.md
344
+ [contributing]: https://github.com/oauth-xx/oauth-ruby/blob/main/CONTRIBUTING.md
161
345
  [contributors]: https://github.com/oauth-xx/oauth-ruby/graphs/contributors
162
346
  [mailinglist]: http://groups.google.com/group/oauth-ruby
163
347
  [source]: https://github.com/oauth-xx/oauth-ruby/
@@ -179,12 +363,11 @@ Comments are welcome. Contact the [OAuth Ruby mailing list (Google Group)][maili
179
363
  [followme-img]: https://img.shields.io/twitter/follow/galtzo.svg?style=social&label=Follow
180
364
  [gh_discussions]: https://github.com/oauth-xx/oauth-ruby/discussions
181
365
  [gh_sponsors]: https://github.com/sponsors/pboling
182
- [license]: https://github.com/oauth-xx/oauth-ruby/blob/master/LICENSE
366
+ [license]: https://github.com/oauth-xx/oauth-ruby/blob/main/LICENSE
183
367
  [license-ref]: https://opensource.org/licenses/MIT
184
368
  [liberapay_donate]: https://liberapay.com/pboling/donate
185
- [politicme]: https://nationalprogressiveparty.org
186
369
  [pvc]: http://guides.rubygems.org/patterns/#pessimistic-version-constraint
187
370
  [rubygems]: https://rubygems.org/gems/oauth
188
- [security]: https://github.com/oauth-xx/oauth-ruby/blob/master/SECURITY.md
371
+ [security]: https://github.com/oauth-xx/oauth-ruby/blob/main/SECURITY.md
189
372
  [semver]: http://semver.org/
190
373
  [tweetme]: http://twitter.com/galtzo
data/SECURITY.md CHANGED
@@ -3,14 +3,20 @@
3
3
  ## Supported Versions
4
4
 
5
5
  | Version | Supported |
6
- | ------- | ------------------ |
7
- | 0.7.x | :white_check_mark: |
6
+ |---------|--------------------|
8
7
  | 0.6.x | :white_check_mark: |
9
8
  | 0.5.x | :white_check_mark: |
10
9
  | <= 0.5 | :x: |
11
10
 
11
+ NOTE: Support for version 0.5.x will end in April, 2023
12
+
12
13
  ## Reporting a Vulnerability
13
14
 
14
- Peter Boling is the primary maintainer of the this gem. Please find a way to [contact him directly][contact] to report the issue. Include as much relevant information as possible.
15
+ To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security).
16
+ Tidelift will coordinate the fix and disclosure.
17
+
18
+ ## OAuth for Enterprise
19
+
20
+ Available as part of the Tidelift Subscription.
15
21
 
16
- [contact]: https://railsbling.com/contact
22
+ The maintainers of oauth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.](https://tidelift.com/subscription/pkg/rubygems-oauth?utm_source=rubygems-oauth&utm_medium=referral&utm_campaign=enterprise&utm_term=repo)
data/TODO CHANGED
File without changes
@@ -1,6 +1,5 @@
1
1
  class OAuth::CLI
2
2
  class AuthorizeCommand < BaseCommand
3
-
4
3
  def required_options
5
4
  [:uri]
6
5
  end
@@ -25,7 +24,7 @@ class OAuth::CLI
25
24
  def get_request_token
26
25
  consumer = get_consumer
27
26
  scope_options = options[:scope] ? { "scope" => options[:scope] } : {}
28
- consumer.get_request_token({ :oauth_callback => options[:oauth_callback] }, scope_options)
27
+ consumer.get_request_token({ oauth_callback: options[:oauth_callback] }, scope_options)
29
28
  rescue OAuth::Unauthorized => e
30
29
  alert "A problem occurred while attempting to authorize:"
31
30
  alert e
@@ -36,14 +35,13 @@ class OAuth::CLI
36
35
  OAuth::Consumer.new \
37
36
  options[:oauth_consumer_key],
38
37
  options[:oauth_consumer_secret],
39
- :access_token_url => options[:access_token_url],
40
- :authorize_url => options[:authorize_url],
41
- :request_token_url => options[:request_token_url],
42
- :scheme => options[:scheme],
43
- :http_method => options[:method].to_s.downcase.to_sym
38
+ access_token_url: options[:access_token_url],
39
+ authorize_url: options[:authorize_url],
40
+ request_token_url: options[:request_token_url],
41
+ scheme: options[:scheme],
42
+ http_method: options[:method].to_s.downcase.to_sym
44
43
  end
45
44
 
46
-
47
45
  def ask_user_for_verifier
48
46
  if options[:version] == "1.0a"
49
47
  puts "Please enter the verification code provided by the SP (oauth_verifier):"
@@ -56,10 +54,10 @@ class OAuth::CLI
56
54
  end
57
55
 
58
56
  def verbosely_get_access_token(request_token, oauth_verifier)
59
- access_token = request_token.get_access_token(:oauth_verifier => oauth_verifier)
57
+ access_token = request_token.get_access_token(oauth_verifier: oauth_verifier)
60
58
 
61
59
  puts "Response:"
62
- access_token.params.each do |k,v|
60
+ access_token.params.each do |k, v|
63
61
  puts " #{k}: #{v}" unless k.is_a?(Symbol)
64
62
  end
65
63
  rescue OAuth::Unauthorized => e
@@ -1,7 +1,9 @@
1
1
  class OAuth::CLI
2
2
  class BaseCommand
3
3
  def initialize(stdout, stdin, stderr, arguments)
4
- @stdout, @stdin, @stderr = stdout, stdin, stderr
4
+ @stdout = stdout
5
+ @stdin = stdin
6
+ @stderr = stderr
5
7
 
6
8
  @options = {}
7
9
  option_parser.parse!(arguments)
@@ -38,11 +40,11 @@ class OAuth::CLI
38
40
  options[:verbose]
39
41
  end
40
42
 
41
- def puts(string=nil)
43
+ def puts(string = nil)
42
44
  @stdout.puts(string)
43
45
  end
44
46
 
45
- def alert(string=nil)
47
+ def alert(string = nil)
46
48
  @stderr.puts(string)
47
49
  end
48
50
 
@@ -50,8 +52,8 @@ class OAuth::CLI
50
52
  @parameters ||= begin
51
53
  escaped_pairs = options[:params].collect do |pair|
52
54
  if pair =~ /:/
53
- Hash[*pair.split(":", 2)].collect do |k,v|
54
- [CGI.escape(k.strip), CGI.escape(v.strip)] * "="
55
+ Hash[*pair.split(":", 2)].collect do |k, v|
56
+ [CGI.escape(k.strip), CGI.escape(v.strip)].join("=")
55
57
  end
56
58
  else
57
59
  pair
@@ -68,7 +70,7 @@ class OAuth::CLI
68
70
  "oauth_token" => options[:oauth_token],
69
71
  "oauth_signature_method" => options[:oauth_signature_method],
70
72
  "oauth_version" => options[:oauth_version]
71
- }.reject { |_k,v| v.nil? || v == "" }.merge(cli_params)
73
+ }.reject { |_k, v| v.nil? || v == "" }.merge(cli_params)
72
74
  end
73
75
  end
74
76
 
File without changes
@@ -3,7 +3,7 @@ class OAuth::CLI
3
3
  extend OAuth::Helper
4
4
 
5
5
  def required_options
6
- [:oauth_consumer_key, :oauth_consumer_secret, :oauth_token, :oauth_token_secret]
6
+ %i[oauth_consumer_key oauth_consumer_secret oauth_token oauth_token_secret]
7
7
  end
8
8
 
9
9
  def _run
@@ -13,8 +13,8 @@ class OAuth::CLI
13
13
 
14
14
  # append params to the URL
15
15
  uri = URI.parse(options[:uri])
16
- params = parameters.map { |k,v| Array(v).map { |v2| "#{OAuth::Helper.escape(k)}=#{OAuth::Helper.escape(v2)}" } * "&" }
17
- uri.query = [uri.query, *params].reject { |x| x.nil? } * "&"
16
+ params = parameters.map { |k, v| Array(v).map { |v2| "#{OAuth::Helper.escape(k)}=#{OAuth::Helper.escape(v2)}" } * "&" }
17
+ uri.query = [uri.query, *params].reject(&:nil?) * "&"
18
18
  puts uri.to_s
19
19
 
20
20
  response = access_token.request(options[:method].to_s.downcase.to_sym, uri.to_s)
@@ -1,23 +1,20 @@
1
1
  class OAuth::CLI
2
2
  class SignCommand < BaseCommand
3
-
4
3
  def required_options
5
- [:oauth_consumer_key, :oauth_consumer_secret, :oauth_token, :oauth_token_secret]
4
+ %i[oauth_consumer_key oauth_consumer_secret oauth_token oauth_token_secret]
6
5
  end
7
6
 
8
7
  def _run
9
8
  request = OAuth::RequestProxy.proxy \
10
- "method" => options[:method],
11
- "uri" => options[:uri],
12
- "parameters" => parameters
9
+ "method" => options[:method],
10
+ "uri" => options[:uri],
11
+ "parameters" => parameters
13
12
 
14
- if verbose?
15
- puts_verbose_parameters(request)
16
- end
13
+ puts_verbose_parameters(request) if verbose?
17
14
 
18
15
  request.sign! \
19
- :consumer_secret => options[:oauth_consumer_secret],
20
- :token_secret => options[:oauth_token_secret]
16
+ consumer_secret: options[:oauth_consumer_secret],
17
+ token_secret: options[:oauth_token_secret]
21
18
 
22
19
  if verbose?
23
20
  puts_verbose_request(request)
@@ -28,15 +25,15 @@ class OAuth::CLI
28
25
 
29
26
  def puts_verbose_parameters(request)
30
27
  puts "OAuth parameters:"
31
- request.oauth_parameters.each do |k,v|
32
- puts " " + [k, v] * ": "
28
+ request.oauth_parameters.each do |k, v|
29
+ puts " " + [k, v].join(": ")
33
30
  end
34
31
  puts
35
32
 
36
33
  if request.non_oauth_parameters.any?
37
34
  puts "Parameters:"
38
- request.non_oauth_parameters.each do |k,v|
39
- puts " " + [k, v] * ": "
35
+ request.non_oauth_parameters.each do |k, v|
36
+ puts " " + [k, v].join(": ")
40
37
  end
41
38
  puts
42
39
  end
@@ -58,7 +55,7 @@ class OAuth::CLI
58
55
  else
59
56
  puts "OAuth Request URI: #{request.signed_uri}"
60
57
  puts "Request URI: #{request.signed_uri(false)}"
61
- puts "Authorization header: #{request.oauth_header(:realm => options[:realm])}"
58
+ puts "Authorization header: #{request.oauth_header(realm: options[:realm])}"
62
59
  end
63
60
  puts "Signature: #{request.oauth_signature}"
64
61
  puts "Escaped signature: #{OAuth::Helper.escape(request.oauth_signature)}"
File without changes
data/lib/oauth/cli.rb CHANGED
@@ -18,8 +18,8 @@ module OAuth
18
18
  "v" => "version",
19
19
  "q" => "query",
20
20
  "a" => "authorize",
21
- "s" => "sign",
22
- }
21
+ "s" => "sign"
22
+ }.freeze
23
23
 
24
24
  def initialize(stdout, stdin, stderr, command, arguments)
25
25
  klass = get_command_class(parse_command(command))
@@ -10,12 +10,12 @@ end
10
10
  module ActionController
11
11
  class Base
12
12
  if defined? ActionDispatch
13
- def process_with_new_base_test(request, response=nil)
13
+ def process_with_new_base_test(request, response = nil)
14
14
  request.apply_oauth! if request.respond_to?(:apply_oauth!)
15
15
  super(request, response)
16
16
  end
17
17
  else
18
- def process_with_oauth(request, response=nil)
18
+ def process_with_oauth(request, response = nil)
19
19
  request.apply_oauth! if request.respond_to?(:apply_oauth!)
20
20
  process_without_oauth(request, response)
21
21
  end
@@ -24,8 +24,8 @@ module ActionController
24
24
  end
25
25
 
26
26
  class TestRequest
27
- def self.use_oauth=(bool)
28
- @use_oauth = bool
27
+ class << self
28
+ attr_writer :use_oauth
29
29
  end
30
30
 
31
31
  def self.use_oauth?
@@ -33,21 +33,21 @@ module ActionController
33
33
  end
34
34
 
35
35
  def configure_oauth(consumer = nil, token = nil, options = {})
36
- @oauth_options = { :consumer => consumer,
37
- :token => token,
38
- :scheme => "header",
39
- :signature_method => nil,
40
- :nonce => nil,
41
- :timestamp => nil }.merge(options)
36
+ @oauth_options = { consumer: consumer,
37
+ token: token,
38
+ scheme: "header",
39
+ signature_method: nil,
40
+ nonce: nil,
41
+ timestamp: nil }.merge(options)
42
42
  end
43
43
 
44
44
  def apply_oauth!
45
45
  return unless ActionController::TestRequest.use_oauth? && @oauth_options
46
46
 
47
- @oauth_helper = OAuth::Client::Helper.new(self, @oauth_options.merge(:request_uri => (respond_to?(:fullpath) ? fullpath : request_uri)))
47
+ @oauth_helper = OAuth::Client::Helper.new(self, @oauth_options.merge(request_uri: (respond_to?(:fullpath) ? fullpath : request_uri)))
48
48
  @oauth_helper.amend_user_agent_header(env)
49
49
 
50
- self.send("set_oauth_#{@oauth_options[:scheme]}")
50
+ send("set_oauth_#{@oauth_options[:scheme]}")
51
51
  end
52
52
 
53
53
  def set_oauth_header
@@ -56,10 +56,9 @@ module ActionController
56
56
 
57
57
  def set_oauth_parameters
58
58
  @query_parameters = @oauth_helper.parameters_with_oauth
59
- @query_parameters.merge!(:oauth_signature => @oauth_helper.signature)
59
+ @query_parameters.merge!(oauth_signature: @oauth_helper.signature)
60
60
  end
61
61
 
62
- def set_oauth_query_string
63
- end
62
+ def set_oauth_query_string; end
64
63
  end
65
64
  end