oauth 0.5.8 → 0.5.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +60 -116
- data/CODE_OF_CONDUCT.md +0 -0
- data/CONTRIBUTING.md +2 -2
- data/LICENSE +0 -0
- data/README.md +229 -46
- data/SECURITY.md +10 -4
- data/TODO +0 -0
- data/lib/oauth/cli/authorize_command.rb +8 -10
- data/lib/oauth/cli/base_command.rb +8 -6
- data/lib/oauth/cli/help_command.rb +0 -0
- data/lib/oauth/cli/query_command.rb +3 -3
- data/lib/oauth/cli/sign_command.rb +12 -15
- data/lib/oauth/cli/version_command.rb +0 -0
- data/lib/oauth/cli.rb +2 -2
- data/lib/oauth/client/action_controller_request.rb +14 -15
- data/lib/oauth/client/em_http.rb +28 -28
- data/lib/oauth/client/helper.rb +14 -17
- data/lib/oauth/client/net_http.rb +27 -27
- data/lib/oauth/client.rb +0 -0
- data/lib/oauth/consumer.rb +52 -62
- data/lib/oauth/errors/error.rb +0 -0
- data/lib/oauth/errors/problem.rb +0 -0
- data/lib/oauth/errors/unauthorized.rb +0 -0
- data/lib/oauth/errors.rb +0 -0
- data/lib/oauth/helper.rb +7 -7
- data/lib/oauth/oauth.rb +4 -4
- data/lib/oauth/oauth_test_helper.rb +0 -0
- data/lib/oauth/request_proxy/action_controller_request.rb +0 -0
- data/lib/oauth/request_proxy/action_dispatch_request.rb +0 -0
- data/lib/oauth/request_proxy/base.rb +3 -3
- data/lib/oauth/request_proxy/curb_request.rb +0 -0
- data/lib/oauth/request_proxy/em_http_request.rb +0 -0
- data/lib/oauth/request_proxy/jabber_request.rb +0 -0
- data/lib/oauth/request_proxy/mock_request.rb +0 -0
- data/lib/oauth/request_proxy/net_http.rb +2 -2
- data/lib/oauth/request_proxy/rack_request.rb +0 -0
- data/lib/oauth/request_proxy/rest_client_request.rb +2 -2
- data/lib/oauth/request_proxy/typhoeus_request.rb +0 -0
- data/lib/oauth/request_proxy.rb +3 -3
- data/lib/oauth/server.rb +8 -10
- data/lib/oauth/signature/base.rb +3 -4
- data/lib/oauth/signature/hmac/sha1.rb +1 -1
- data/lib/oauth/signature/hmac/sha256.rb +1 -1
- data/lib/oauth/signature/plaintext.rb +0 -0
- data/lib/oauth/signature/rsa/sha1.rb +3 -3
- data/lib/oauth/signature.rb +5 -5
- data/lib/oauth/token.rb +0 -0
- data/lib/oauth/tokens/access_token.rb +0 -0
- data/lib/oauth/tokens/consumer_token.rb +2 -2
- data/lib/oauth/tokens/request_token.rb +7 -8
- data/lib/oauth/tokens/server_token.rb +0 -1
- data/lib/oauth/tokens/token.rb +0 -0
- data/lib/oauth/version.rb +1 -1
- data/lib/oauth.rb +0 -0
- metadata +63 -34
@@ -51,9 +51,9 @@ module OAuth
|
|
51
51
|
query.split("&").inject({}) do |result, q|
|
52
52
|
k, v = q.split("=")
|
53
53
|
if !v.nil?
|
54
|
-
result.merge(
|
54
|
+
result.merge(k => v)
|
55
55
|
elsif !result.key?(k)
|
56
|
-
result.merge(
|
56
|
+
result.merge(k => true)
|
57
57
|
else
|
58
58
|
result
|
59
59
|
end
|
File without changes
|
data/lib/oauth/request_proxy.rb
CHANGED
@@ -5,13 +5,13 @@ module OAuth
|
|
5
5
|
end
|
6
6
|
|
7
7
|
def self.proxy(request, options = {})
|
8
|
-
return request if request.
|
8
|
+
return request if request.is_a?(OAuth::RequestProxy::Base)
|
9
9
|
|
10
10
|
klass = available_proxies[request.class]
|
11
11
|
|
12
12
|
# Search for possible superclass matches.
|
13
13
|
if klass.nil?
|
14
|
-
request_parent = available_proxies.keys.find { |rc| request.
|
14
|
+
request_parent = available_proxies.keys.find { |rc| request.is_a?(rc) }
|
15
15
|
klass = available_proxies[request_parent]
|
16
16
|
end
|
17
17
|
|
@@ -19,6 +19,6 @@ module OAuth
|
|
19
19
|
klass.new(request, options)
|
20
20
|
end
|
21
21
|
|
22
|
-
class UnknownRequestType <
|
22
|
+
class UnknownRequestType < RuntimeError; end
|
23
23
|
end
|
24
24
|
end
|
data/lib/oauth/server.rb
CHANGED
@@ -8,9 +8,9 @@ module OAuth
|
|
8
8
|
attr_accessor :base_url
|
9
9
|
|
10
10
|
@@server_paths = {
|
11
|
-
:
|
12
|
-
:
|
13
|
-
:
|
11
|
+
request_token_path: "/oauth/request_token",
|
12
|
+
authorize_path: "/oauth/authorize",
|
13
|
+
access_token_path: "/oauth/access_token"
|
14
14
|
}
|
15
15
|
|
16
16
|
# Create a new server instance
|
@@ -23,7 +23,7 @@ module OAuth
|
|
23
23
|
[generate_key(16), generate_key]
|
24
24
|
end
|
25
25
|
|
26
|
-
def generate_consumer_credentials(
|
26
|
+
def generate_consumer_credentials(_params = {})
|
27
27
|
Consumer.new(*generate_credentials)
|
28
28
|
end
|
29
29
|
|
@@ -31,12 +31,10 @@ module OAuth
|
|
31
31
|
def create_consumer
|
32
32
|
creds = generate_credentials
|
33
33
|
Consumer.new(creds[0], creds[1],
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
:access_token_path => access_token_path
|
39
|
-
})
|
34
|
+
site: base_url,
|
35
|
+
request_token_path: request_token_path,
|
36
|
+
authorize_path: authorize_path,
|
37
|
+
access_token_path: access_token_path)
|
40
38
|
end
|
41
39
|
|
42
40
|
def request_token_path
|
data/lib/oauth/signature/base.rb
CHANGED
@@ -17,7 +17,7 @@ module OAuth::Signature
|
|
17
17
|
end
|
18
18
|
|
19
19
|
def initialize(request, options = {}, &block)
|
20
|
-
raise TypeError unless request.
|
20
|
+
raise TypeError unless request.is_a?(OAuth::RequestProxy::Base)
|
21
21
|
@request = request
|
22
22
|
@options = options
|
23
23
|
|
@@ -47,7 +47,7 @@ module OAuth::Signature
|
|
47
47
|
end
|
48
48
|
|
49
49
|
def signature
|
50
|
-
Base64.encode64(digest).chomp.
|
50
|
+
Base64.encode64(digest).chomp.delete("\n")
|
51
51
|
end
|
52
52
|
|
53
53
|
def ==(cmp_signature)
|
@@ -57,7 +57,7 @@ module OAuth::Signature
|
|
57
57
|
end
|
58
58
|
|
59
59
|
def verify
|
60
|
-
self ==
|
60
|
+
self == request.signature
|
61
61
|
end
|
62
62
|
|
63
63
|
def signature_base_string
|
@@ -93,6 +93,5 @@ module OAuth::Signature
|
|
93
93
|
def raise_instantiation_error
|
94
94
|
raise NotImplementedError, "Cannot instantiate #{self.class.name} class directly."
|
95
95
|
end
|
96
|
-
|
97
96
|
end
|
98
97
|
end
|
@@ -5,7 +5,7 @@ module OAuth::Signature::HMAC
|
|
5
5
|
implements "hmac-sha1"
|
6
6
|
|
7
7
|
def body_hash
|
8
|
-
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.
|
8
|
+
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.delete("\n")
|
9
9
|
end
|
10
10
|
|
11
11
|
private
|
@@ -5,7 +5,7 @@ module OAuth::Signature::HMAC
|
|
5
5
|
implements "hmac-sha256"
|
6
6
|
|
7
7
|
def body_hash
|
8
|
-
Base64.encode64(OpenSSL::Digest::SHA256.digest(request.body || "")).chomp.
|
8
|
+
Base64.encode64(OpenSSL::Digest::SHA256.digest(request.body || "")).chomp.delete("\n")
|
9
9
|
end
|
10
10
|
|
11
11
|
private
|
File without changes
|
@@ -19,7 +19,7 @@ module OAuth::Signature::RSA
|
|
19
19
|
end
|
20
20
|
|
21
21
|
def body_hash
|
22
|
-
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.
|
22
|
+
Base64.encode64(OpenSSL::Digest::SHA1.digest(request.body || "")).chomp.delete("\n")
|
23
23
|
end
|
24
24
|
|
25
25
|
private
|
@@ -27,9 +27,9 @@ module OAuth::Signature::RSA
|
|
27
27
|
def decode_public_key
|
28
28
|
case consumer_secret
|
29
29
|
when /-----BEGIN CERTIFICATE-----/
|
30
|
-
OpenSSL::X509::Certificate.new(
|
30
|
+
OpenSSL::X509::Certificate.new(consumer_secret).public_key
|
31
31
|
else
|
32
|
-
OpenSSL::PKey::RSA.new(
|
32
|
+
OpenSSL::PKey::RSA.new(consumer_secret)
|
33
33
|
end
|
34
34
|
end
|
35
35
|
|
data/lib/oauth/signature.rb
CHANGED
@@ -20,26 +20,26 @@ module OAuth
|
|
20
20
|
|
21
21
|
# Sign a +request+
|
22
22
|
def self.sign(request, options = {}, &block)
|
23
|
-
|
23
|
+
build(request, options, &block).signature
|
24
24
|
end
|
25
25
|
|
26
26
|
# Verify the signature of +request+
|
27
27
|
def self.verify(request, options = {}, &block)
|
28
|
-
|
28
|
+
build(request, options, &block).verify
|
29
29
|
end
|
30
30
|
|
31
31
|
# Create the signature base string for +request+. This string is the normalized parameter information.
|
32
32
|
#
|
33
33
|
# See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
|
34
34
|
def self.signature_base_string(request, options = {}, &block)
|
35
|
-
|
35
|
+
build(request, options, &block).signature_base_string
|
36
36
|
end
|
37
37
|
|
38
38
|
# Create the body hash for a request
|
39
39
|
def self.body_hash(request, options = {}, &block)
|
40
|
-
|
40
|
+
build(request, options, &block).body_hash
|
41
41
|
end
|
42
42
|
|
43
|
-
class UnknownSignatureMethod <
|
43
|
+
class UnknownSignatureMethod < RuntimeError; end
|
44
44
|
end
|
45
45
|
end
|
data/lib/oauth/token.rb
CHANGED
File without changes
|
File without changes
|
@@ -5,12 +5,12 @@ module OAuth
|
|
5
5
|
attr_reader :response
|
6
6
|
|
7
7
|
def self.from_hash(consumer, hash)
|
8
|
-
token =
|
8
|
+
token = new(consumer, hash[:oauth_token], hash[:oauth_token_secret])
|
9
9
|
token.params = hash
|
10
10
|
token
|
11
11
|
end
|
12
12
|
|
13
|
-
def initialize(consumer, token="", secret="")
|
13
|
+
def initialize(consumer, token = "", secret = "")
|
14
14
|
super(token, secret)
|
15
15
|
@consumer = consumer
|
16
16
|
@params = {}
|
@@ -2,19 +2,18 @@ module OAuth
|
|
2
2
|
# The RequestToken is used for the initial Request.
|
3
3
|
# This is normally created by the Consumer object.
|
4
4
|
class RequestToken < ConsumerToken
|
5
|
-
|
6
5
|
# Generate an authorization URL for user authorization
|
7
6
|
def authorize_url(params = nil)
|
8
|
-
return nil if
|
7
|
+
return nil if token.nil?
|
9
8
|
|
10
|
-
params = (params || {}).merge(:
|
9
|
+
params = (params || {}).merge(oauth_token: token)
|
11
10
|
build_url(consumer.authorize_url, params)
|
12
11
|
end
|
13
12
|
|
14
13
|
def authenticate_url(params = nil)
|
15
|
-
return nil if
|
14
|
+
return nil if token.nil?
|
16
15
|
|
17
|
-
params = (params || {}).merge(:
|
16
|
+
params = (params || {}).merge(oauth_token: token)
|
18
17
|
build_url(consumer.authenticate_url, params)
|
19
18
|
end
|
20
19
|
|
@@ -28,16 +27,16 @@ module OAuth
|
|
28
27
|
OAuth::AccessToken.from_hash(consumer, response)
|
29
28
|
end
|
30
29
|
|
31
|
-
|
30
|
+
protected
|
32
31
|
|
33
32
|
# construct an authorization or authentication url
|
34
33
|
def build_url(base_url, params)
|
35
34
|
uri = URI.parse(base_url.to_s)
|
36
35
|
queries = {}
|
37
36
|
queries = Hash[URI.decode_www_form(uri.query)] if uri.query
|
38
|
-
# TODO doesn't handle array values correctly
|
37
|
+
# TODO: doesn't handle array values correctly
|
39
38
|
queries.merge!(params) if params
|
40
|
-
uri.query = URI.encode_www_form(queries)
|
39
|
+
uri.query = URI.encode_www_form(queries) unless queries.empty?
|
41
40
|
uri.to_s
|
42
41
|
end
|
43
42
|
end
|
data/lib/oauth/tokens/token.rb
CHANGED
File without changes
|
data/lib/oauth/version.rb
CHANGED
data/lib/oauth.rb
CHANGED
File without changes
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oauth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.11
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Pelle Braendgaard
|
@@ -16,22 +16,8 @@ authors:
|
|
16
16
|
autorequire:
|
17
17
|
bindir: bin
|
18
18
|
cert_chain: []
|
19
|
-
date:
|
19
|
+
date: 2022-08-23 00:00:00.000000000 Z
|
20
20
|
dependencies:
|
21
|
-
- !ruby/object:Gem::Dependency
|
22
|
-
name: actionpack
|
23
|
-
requirement: !ruby/object:Gem::Requirement
|
24
|
-
requirements:
|
25
|
-
- - ">="
|
26
|
-
- !ruby/object:Gem::Version
|
27
|
-
version: '5.0'
|
28
|
-
type: :development
|
29
|
-
prerelease: false
|
30
|
-
version_requirements: !ruby/object:Gem::Requirement
|
31
|
-
requirements:
|
32
|
-
- - ">="
|
33
|
-
- !ruby/object:Gem::Version
|
34
|
-
version: '5.0'
|
35
21
|
- !ruby/object:Gem::Dependency
|
36
22
|
name: curb
|
37
23
|
requirement: !ruby/object:Gem::Requirement
|
@@ -78,16 +64,16 @@ dependencies:
|
|
78
64
|
name: minitest
|
79
65
|
requirement: !ruby/object:Gem::Requirement
|
80
66
|
requirements:
|
81
|
-
- - "
|
67
|
+
- - "<"
|
82
68
|
- !ruby/object:Gem::Version
|
83
|
-
version: '
|
69
|
+
version: '5.16'
|
84
70
|
type: :development
|
85
71
|
prerelease: false
|
86
72
|
version_requirements: !ruby/object:Gem::Requirement
|
87
73
|
requirements:
|
88
|
-
- - "
|
74
|
+
- - "<"
|
89
75
|
- !ruby/object:Gem::Version
|
90
|
-
version: '
|
76
|
+
version: '5.16'
|
91
77
|
- !ruby/object:Gem::Dependency
|
92
78
|
name: mocha
|
93
79
|
requirement: !ruby/object:Gem::Requirement
|
@@ -106,16 +92,16 @@ dependencies:
|
|
106
92
|
name: rack
|
107
93
|
requirement: !ruby/object:Gem::Requirement
|
108
94
|
requirements:
|
109
|
-
- - "
|
95
|
+
- - ">="
|
110
96
|
- !ruby/object:Gem::Version
|
111
|
-
version: '
|
97
|
+
version: '0'
|
112
98
|
type: :development
|
113
99
|
prerelease: false
|
114
100
|
version_requirements: !ruby/object:Gem::Requirement
|
115
101
|
requirements:
|
116
|
-
- - "
|
102
|
+
- - ">="
|
117
103
|
- !ruby/object:Gem::Version
|
118
|
-
version: '
|
104
|
+
version: '0'
|
119
105
|
- !ruby/object:Gem::Dependency
|
120
106
|
name: rack-test
|
121
107
|
requirement: !ruby/object:Gem::Requirement
|
@@ -134,16 +120,16 @@ dependencies:
|
|
134
120
|
name: rake
|
135
121
|
requirement: !ruby/object:Gem::Requirement
|
136
122
|
requirements:
|
137
|
-
- - "
|
123
|
+
- - ">="
|
138
124
|
- !ruby/object:Gem::Version
|
139
|
-
version: '
|
125
|
+
version: '0'
|
140
126
|
type: :development
|
141
127
|
prerelease: false
|
142
128
|
version_requirements: !ruby/object:Gem::Requirement
|
143
129
|
requirements:
|
144
|
-
- - "
|
130
|
+
- - ">="
|
145
131
|
- !ruby/object:Gem::Version
|
146
|
-
version: '
|
132
|
+
version: '0'
|
147
133
|
- !ruby/object:Gem::Dependency
|
148
134
|
name: rest-client
|
149
135
|
requirement: !ruby/object:Gem::Requirement
|
@@ -158,6 +144,20 @@ dependencies:
|
|
158
144
|
- - ">="
|
159
145
|
- !ruby/object:Gem::Version
|
160
146
|
version: '0'
|
147
|
+
- !ruby/object:Gem::Dependency
|
148
|
+
name: rubocop-lts
|
149
|
+
requirement: !ruby/object:Gem::Requirement
|
150
|
+
requirements:
|
151
|
+
- - "~>"
|
152
|
+
- !ruby/object:Gem::Version
|
153
|
+
version: '4.0'
|
154
|
+
type: :development
|
155
|
+
prerelease: false
|
156
|
+
version_requirements: !ruby/object:Gem::Requirement
|
157
|
+
requirements:
|
158
|
+
- - "~>"
|
159
|
+
- !ruby/object:Gem::Version
|
160
|
+
version: '4.0'
|
161
161
|
- !ruby/object:Gem::Dependency
|
162
162
|
name: typhoeus
|
163
163
|
requirement: !ruby/object:Gem::Requirement
|
@@ -253,12 +253,40 @@ homepage: https://github.com/oauth-xx/oauth-ruby
|
|
253
253
|
licenses:
|
254
254
|
- MIT
|
255
255
|
metadata:
|
256
|
-
bug_tracker_uri: https://github.com/oauth-xx/oauth-ruby/issues
|
257
|
-
changelog_uri: https://github.com/oauth-xx/oauth-ruby/blob/master/CHANGELOG.md
|
258
|
-
documentation_uri: https://rubydoc.info/github/oauth-xx/oauth-ruby/master
|
259
256
|
homepage_uri: https://github.com/oauth-xx/oauth-ruby
|
260
|
-
source_code_uri: https://github.com/oauth-xx/oauth-ruby
|
261
|
-
|
257
|
+
source_code_uri: https://github.com/oauth-xx/oauth-ruby/tree/v0.5.11
|
258
|
+
changelog_uri: https://github.com/oauth-xx/oauth-ruby/blob/v0.5.11/CHANGELOG.md
|
259
|
+
bug_tracker_uri: https://github.com/oauth-xx/oauth-ruby/issues
|
260
|
+
documentation_uri: https://www.rubydoc.info/gems/oauth/0.5.11
|
261
|
+
wiki_uri: https://github.com/oauth-xx/oauth-ruby/wiki
|
262
|
+
rubygems_mfa_required: 'true'
|
263
|
+
post_install_message: |2+
|
264
|
+
|
265
|
+
You have installed oauth2 version 0.5.11, congratulations!
|
266
|
+
|
267
|
+
Support for the 0.5.x series will end in April, 2023. Please upgrade to 0.6.x as soon as possible!
|
268
|
+
The only breaking change will be dropped support for Ruby 2.0, 2.1, 2.2, and 2.3.
|
269
|
+
|
270
|
+
Please see:
|
271
|
+
• https://github.com/oauth-xx/oauth/blob/main/SECURITY.md
|
272
|
+
|
273
|
+
Note also that I, and this project, am in the process of leaving Github.
|
274
|
+
I wrote about some of the reasons here:
|
275
|
+
• https://dev.to/galtzo/im-leaving-github-50ba
|
276
|
+
|
277
|
+
If you are a human, please consider a donation as I move toward supporting myself with Open Source work:
|
278
|
+
• https://liberapay.com/pboling
|
279
|
+
• https://ko-fi.com/pboling
|
280
|
+
• https://patreon.com/galtzo
|
281
|
+
|
282
|
+
If you are a corporation, please consider supporting this project, and open source work generally, with a TideLift subscription.
|
283
|
+
• https://tidelift.com/funding/github/rubygems/oauth
|
284
|
+
• Or hire me. I am looking for a job!
|
285
|
+
|
286
|
+
Please report issues, and support the project!
|
287
|
+
|
288
|
+
Thanks, |7eter l-|. l3oling
|
289
|
+
|
262
290
|
rdoc_options: []
|
263
291
|
require_paths:
|
264
292
|
- lib
|
@@ -273,8 +301,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
273
301
|
- !ruby/object:Gem::Version
|
274
302
|
version: '0'
|
275
303
|
requirements: []
|
276
|
-
rubygems_version: 3.
|
304
|
+
rubygems_version: 3.3.20
|
277
305
|
signing_key:
|
278
306
|
specification_version: 4
|
279
307
|
summary: OAuth Core Ruby implementation
|
280
308
|
test_files: []
|
309
|
+
...
|