oauth 0.5.8 → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +63 -116
- data/CODE_OF_CONDUCT.md +0 -0
- data/CONTRIBUTING.md +0 -0
- data/LICENSE +0 -0
- data/README.md +250 -63
- data/SECURITY.md +7 -9
- data/TODO +0 -0
- data/bin/oauth +8 -4
- data/lib/oauth/cli/authorize_command.rb +57 -55
- data/lib/oauth/cli/base_command.rb +163 -157
- data/lib/oauth/cli/help_command.rb +9 -5
- data/lib/oauth/cli/query_command.rb +26 -17
- data/lib/oauth/cli/sign_command.rb +58 -55
- data/lib/oauth/cli/version_command.rb +8 -4
- data/lib/oauth/cli.rb +4 -2
- data/lib/oauth/client/action_controller_request.rb +17 -15
- data/lib/oauth/client/em_http.rb +31 -29
- data/lib/oauth/client/helper.rb +76 -75
- data/lib/oauth/client/net_http.rb +109 -102
- data/lib/oauth/client.rb +2 -0
- data/lib/oauth/consumer.rb +96 -88
- data/lib/oauth/errors/error.rb +2 -0
- data/lib/oauth/errors/problem.rb +3 -0
- data/lib/oauth/errors/unauthorized.rb +4 -0
- data/lib/oauth/errors.rb +2 -0
- data/lib/oauth/helper.rb +16 -12
- data/lib/oauth/oauth.rb +6 -4
- data/lib/oauth/oauth_test_helper.rb +2 -0
- data/lib/oauth/request_proxy/action_controller_request.rb +0 -0
- data/lib/oauth/request_proxy/action_dispatch_request.rb +0 -0
- data/lib/oauth/request_proxy/base.rb +2 -2
- data/lib/oauth/request_proxy/curb_request.rb +0 -0
- data/lib/oauth/request_proxy/em_http_request.rb +0 -0
- data/lib/oauth/request_proxy/jabber_request.rb +0 -0
- data/lib/oauth/request_proxy/mock_request.rb +1 -1
- data/lib/oauth/request_proxy/net_http.rb +8 -8
- data/lib/oauth/request_proxy/rack_request.rb +0 -0
- data/lib/oauth/request_proxy/rest_client_request.rb +2 -1
- data/lib/oauth/request_proxy/typhoeus_request.rb +0 -0
- data/lib/oauth/request_proxy.rb +7 -4
- data/lib/oauth/server.rb +12 -10
- data/lib/oauth/signature/base.rb +73 -66
- data/lib/oauth/signature/hmac/sha1.rb +15 -9
- data/lib/oauth/signature/hmac/sha256.rb +15 -9
- data/lib/oauth/signature/plaintext.rb +18 -20
- data/lib/oauth/signature/rsa/sha1.rb +46 -38
- data/lib/oauth/signature.rb +8 -5
- data/lib/oauth/token.rb +2 -0
- data/lib/oauth/tokens/access_token.rb +2 -0
- data/lib/oauth/tokens/consumer_token.rb +4 -2
- data/lib/oauth/tokens/request_token.rb +12 -10
- data/lib/oauth/tokens/server_token.rb +2 -1
- data/lib/oauth/tokens/token.rb +2 -0
- data/lib/oauth/version.rb +5 -1
- data/lib/oauth.rb +8 -2
- metadata +34 -32
data/lib/oauth/consumer.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require "net/http"
|
2
4
|
require "net/https"
|
3
5
|
require "oauth/oauth"
|
@@ -16,8 +18,9 @@ module OAuth
|
|
16
18
|
end
|
17
19
|
end
|
18
20
|
|
19
|
-
|
20
|
-
CA_FILES = %
|
21
|
+
unless defined?(CA_FILE)
|
22
|
+
CA_FILES = %w[/etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt
|
23
|
+
/usr/share/curl/curl-ca-bundle.crt].freeze
|
21
24
|
CA_FILES.each do |ca_file|
|
22
25
|
if File.exist?(ca_file)
|
23
26
|
CA_FILE = ca_file
|
@@ -29,15 +32,15 @@ module OAuth
|
|
29
32
|
|
30
33
|
@@default_options = {
|
31
34
|
# Signature method used by server. Defaults to HMAC-SHA1
|
32
|
-
:
|
35
|
+
signature_method: "HMAC-SHA1",
|
33
36
|
|
34
37
|
# default paths on site. These are the same as the defaults set up by the generators
|
35
|
-
:
|
36
|
-
:
|
37
|
-
:
|
38
|
-
:
|
38
|
+
request_token_path: "/oauth/request_token",
|
39
|
+
authenticate_path: "/oauth/authenticate",
|
40
|
+
authorize_path: "/oauth/authorize",
|
41
|
+
access_token_path: "/oauth/access_token",
|
39
42
|
|
40
|
-
:
|
43
|
+
proxy: nil,
|
41
44
|
# How do we send the oauth values to the server see
|
42
45
|
# https://oauth.net/core/1.0/#consumer_req_param for more info
|
43
46
|
#
|
@@ -46,10 +49,10 @@ module OAuth
|
|
46
49
|
# :header - via the Authorize header (Default) ( option 1. in spec)
|
47
50
|
# :body - url form encoded in body of POST request ( option 2. in spec)
|
48
51
|
# :query_string - via the query part of the url ( option 3. in spec)
|
49
|
-
:
|
52
|
+
scheme: :header,
|
50
53
|
|
51
54
|
# Default http method used for OAuth Token Requests (defaults to :post)
|
52
|
-
:
|
55
|
+
http_method: :post,
|
53
56
|
|
54
57
|
# Add a custom ca_file for consumer
|
55
58
|
# :ca_file => '/etc/certs.pem'
|
@@ -59,9 +62,14 @@ module OAuth
|
|
59
62
|
# nil, false - no debug output
|
60
63
|
# true - uses $stdout
|
61
64
|
# some_value - uses some_value
|
62
|
-
:
|
65
|
+
debug_output: nil,
|
66
|
+
|
67
|
+
# Defaults to producing a body_hash as part of the signature but
|
68
|
+
# can be disabled since it's not officially part of the OAuth 1.0
|
69
|
+
# spec. Possible values are true and false
|
70
|
+
body_hash_enabled: true,
|
63
71
|
|
64
|
-
:
|
72
|
+
oauth_version: "1.0"
|
65
73
|
}
|
66
74
|
|
67
75
|
attr_accessor :options, :key, :secret
|
@@ -75,7 +83,8 @@ module OAuth
|
|
75
83
|
# :http_method => :post,
|
76
84
|
# :request_token_path => "/oauth/example/request_token.php",
|
77
85
|
# :access_token_path => "/oauth/example/access_token.php",
|
78
|
-
# :authorize_path => "/oauth/example/authorize.php"
|
86
|
+
# :authorize_path => "/oauth/example/authorize.php",
|
87
|
+
# :body_hash_enabled => false
|
79
88
|
# })
|
80
89
|
#
|
81
90
|
# Start the process by requesting a token
|
@@ -94,10 +103,7 @@ module OAuth
|
|
94
103
|
@secret = consumer_secret
|
95
104
|
|
96
105
|
# ensure that keys are symbols
|
97
|
-
@options = @@default_options.merge(options.
|
98
|
-
opts[key.to_sym] = value
|
99
|
-
opts
|
100
|
-
end)
|
106
|
+
@options = @@default_options.merge(options.transform_keys(&:to_sym))
|
101
107
|
end
|
102
108
|
|
103
109
|
# The default http method
|
@@ -106,15 +112,13 @@ module OAuth
|
|
106
112
|
end
|
107
113
|
|
108
114
|
def debug_output
|
109
|
-
@debug_output ||=
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
end
|
117
|
-
end
|
115
|
+
@debug_output ||= case @options[:debug_output]
|
116
|
+
when nil, false
|
117
|
+
when true
|
118
|
+
$stdout
|
119
|
+
else
|
120
|
+
@options[:debug_output]
|
121
|
+
end
|
118
122
|
end
|
119
123
|
|
120
124
|
# The HTTP object for the site. The HTTP Object is what you get when you do Net::HTTP.new
|
@@ -127,13 +131,14 @@ module OAuth
|
|
127
131
|
if custom_uri
|
128
132
|
@uri = custom_uri
|
129
133
|
@http = create_http # yike, oh well. less intrusive this way
|
130
|
-
else
|
134
|
+
else # if no custom passed, we use existing, which, if unset, is set to site uri
|
131
135
|
@uri ||= URI.parse(site)
|
132
136
|
end
|
133
137
|
end
|
134
138
|
|
135
139
|
def get_access_token(request_token, request_options = {}, *arguments, &block)
|
136
|
-
response = token_request(http_method, (access_token_url? ? access_token_url : access_token_path), request_token,
|
140
|
+
response = token_request(http_method, (access_token_url? ? access_token_url : access_token_path), request_token,
|
141
|
+
request_options, *arguments, &block)
|
137
142
|
OAuth::AccessToken.from_hash(self, response)
|
138
143
|
end
|
139
144
|
|
@@ -154,20 +159,23 @@ module OAuth
|
|
154
159
|
def get_request_token(request_options = {}, *arguments, &block)
|
155
160
|
# if oauth_callback wasn't provided, it is assumed that oauth_verifiers
|
156
161
|
# will be exchanged out of band
|
157
|
-
|
158
|
-
|
159
|
-
if block_given?
|
160
|
-
response = token_request(
|
161
|
-
http_method,
|
162
|
-
(request_token_url? ? request_token_url : request_token_path),
|
163
|
-
nil,
|
164
|
-
request_options,
|
165
|
-
*arguments,
|
166
|
-
&block
|
167
|
-
)
|
168
|
-
else
|
169
|
-
response = token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, request_options, *arguments)
|
162
|
+
unless request_options[:exclude_callback]
|
163
|
+
request_options[:oauth_callback] ||= OAuth::OUT_OF_BAND
|
170
164
|
end
|
165
|
+
|
166
|
+
response = if block
|
167
|
+
token_request(
|
168
|
+
http_method,
|
169
|
+
(request_token_url? ? request_token_url : request_token_path),
|
170
|
+
nil,
|
171
|
+
request_options,
|
172
|
+
*arguments,
|
173
|
+
&block
|
174
|
+
)
|
175
|
+
else
|
176
|
+
token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil,
|
177
|
+
request_options, *arguments)
|
178
|
+
end
|
171
179
|
OAuth::RequestToken.from_hash(self, response)
|
172
180
|
end
|
173
181
|
|
@@ -182,7 +190,7 @@ module OAuth
|
|
182
190
|
# @consumer.request(:post, '/people', @token, {}, @person.to_xml, { 'Content-Type' => 'application/xml' })
|
183
191
|
#
|
184
192
|
def request(http_method, path, token = nil, request_options = {}, *arguments)
|
185
|
-
|
193
|
+
unless %r{^/}.match?(path)
|
186
194
|
@http = create_http(path)
|
187
195
|
_uri = URI.parse(path)
|
188
196
|
path = "#{_uri.path}#{_uri.query ? "?#{_uri.query}" : ""}"
|
@@ -190,18 +198,19 @@ module OAuth
|
|
190
198
|
|
191
199
|
# override the request with your own, this is useful for file uploads which Net::HTTP does not do
|
192
200
|
req = create_signed_request(http_method, path, token, request_options, *arguments)
|
193
|
-
return nil if block_given?
|
201
|
+
return nil if block_given? && (yield(req) == :done)
|
202
|
+
|
194
203
|
rsp = http.request(req)
|
195
204
|
# check for an error reported by the Problem Reporting extension
|
196
205
|
# (https://wiki.oauth.net/ProblemReporting)
|
197
206
|
# note: a 200 may actually be an error; check for an oauth_problem key to be sure
|
198
207
|
if !(headers = rsp.to_hash["www-authenticate"]).nil? &&
|
199
|
-
|
200
|
-
|
208
|
+
(h = headers.grep(/^OAuth /)).any? &&
|
209
|
+
h.first.include?("oauth_problem")
|
201
210
|
|
202
211
|
# puts "Header: #{h.first}"
|
203
212
|
|
204
|
-
# TODO doesn't handle broken responses from api.login.yahoo.com
|
213
|
+
# TODO: doesn't handle broken responses from api.login.yahoo.com
|
205
214
|
# remove debug code when done
|
206
215
|
params = OAuth::Helper.parse_header(h.first)
|
207
216
|
|
@@ -235,10 +244,9 @@ module OAuth
|
|
235
244
|
# symbolize keys
|
236
245
|
# TODO this could be considered unexpected behavior; symbols or not?
|
237
246
|
# TODO this also drops subsequent values from multi-valued keys
|
238
|
-
CGI.parse(response.body).
|
247
|
+
CGI.parse(response.body).each_with_object({}) do |(k, v), h|
|
239
248
|
h[k.strip.to_sym] = v.first
|
240
249
|
h[k.strip] = v.first
|
241
|
-
h
|
242
250
|
end
|
243
251
|
end
|
244
252
|
when (300..399)
|
@@ -250,11 +258,11 @@ module OAuth
|
|
250
258
|
response.error! if uri.path == path && our_uri.host == uri.host
|
251
259
|
|
252
260
|
if uri.path == path && our_uri.host != uri.host
|
253
|
-
|
254
|
-
|
261
|
+
options[:site] = "#{uri.scheme}://#{uri.host}"
|
262
|
+
@http = create_http
|
255
263
|
end
|
256
264
|
|
257
|
-
|
265
|
+
token_request(http_method, uri.path, token, request_options, arguments)
|
258
266
|
when (400..499)
|
259
267
|
raise OAuth::Unauthorized, response
|
260
268
|
else
|
@@ -278,6 +286,7 @@ module OAuth
|
|
278
286
|
|
279
287
|
def request_endpoint
|
280
288
|
return nil if @options[:request_endpoint].nil?
|
289
|
+
|
281
290
|
@options[:request_endpoint].to_s
|
282
291
|
end
|
283
292
|
|
@@ -301,37 +310,37 @@ module OAuth
|
|
301
310
|
@options[:access_token_path]
|
302
311
|
end
|
303
312
|
|
304
|
-
# TODO this is ugly, rewrite
|
313
|
+
# TODO: this is ugly, rewrite
|
305
314
|
def request_token_url
|
306
|
-
@options[:request_token_url] || site + request_token_path
|
315
|
+
@options[:request_token_url] || (site + request_token_path)
|
307
316
|
end
|
308
317
|
|
309
318
|
def request_token_url?
|
310
|
-
@options.
|
319
|
+
@options.key?(:request_token_url)
|
311
320
|
end
|
312
321
|
|
313
322
|
def authenticate_url
|
314
|
-
@options[:authenticate_url] || site + authenticate_path
|
323
|
+
@options[:authenticate_url] || (site + authenticate_path)
|
315
324
|
end
|
316
325
|
|
317
326
|
def authenticate_url?
|
318
|
-
@options.
|
327
|
+
@options.key?(:authenticate_url)
|
319
328
|
end
|
320
329
|
|
321
330
|
def authorize_url
|
322
|
-
@options[:authorize_url] || site + authorize_path
|
331
|
+
@options[:authorize_url] || (site + authorize_path)
|
323
332
|
end
|
324
333
|
|
325
334
|
def authorize_url?
|
326
|
-
@options.
|
335
|
+
@options.key?(:authorize_url)
|
327
336
|
end
|
328
337
|
|
329
338
|
def access_token_url
|
330
|
-
@options[:access_token_url] || site + access_token_path
|
339
|
+
@options[:access_token_url] || (site + access_token_path)
|
331
340
|
end
|
332
341
|
|
333
342
|
def access_token_url?
|
334
|
-
@options.
|
343
|
+
@options.key?(:access_token_url)
|
335
344
|
end
|
336
345
|
|
337
346
|
def proxy
|
@@ -342,12 +351,9 @@ module OAuth
|
|
342
351
|
|
343
352
|
# Instantiates the http object
|
344
353
|
def create_http(_url = nil)
|
354
|
+
_url = request_endpoint unless request_endpoint.nil?
|
345
355
|
|
346
|
-
if
|
347
|
-
_url = request_endpoint
|
348
|
-
end
|
349
|
-
|
350
|
-
our_uri = if _url.nil? || _url[0] =~ /^\//
|
356
|
+
our_uri = if _url.nil? || _url[0] =~ %r{^/}
|
351
357
|
URI.parse(site)
|
352
358
|
else
|
353
359
|
your_uri = URI.parse(_url)
|
@@ -364,7 +370,8 @@ module OAuth
|
|
364
370
|
http_object = Net::HTTP.new(our_uri.host, our_uri.port)
|
365
371
|
else
|
366
372
|
proxy_uri = proxy.is_a?(URI) ? proxy : URI.parse(proxy)
|
367
|
-
http_object = Net::HTTP.new(our_uri.host, our_uri.port, proxy_uri.host, proxy_uri.port, proxy_uri.user,
|
373
|
+
http_object = Net::HTTP.new(our_uri.host, our_uri.port, proxy_uri.host, proxy_uri.port, proxy_uri.user,
|
374
|
+
proxy_uri.password)
|
368
375
|
end
|
369
376
|
|
370
377
|
http_object.use_ssl = (our_uri.scheme == "https")
|
@@ -372,19 +379,21 @@ module OAuth
|
|
372
379
|
if @options[:no_verify]
|
373
380
|
http_object.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
374
381
|
else
|
375
|
-
ca_file =
|
376
|
-
if ca_file
|
377
|
-
http_object.ca_file = ca_file
|
378
|
-
end
|
382
|
+
ca_file = @options[:ca_file] || CA_FILE
|
383
|
+
http_object.ca_file = ca_file if ca_file
|
379
384
|
http_object.verify_mode = OpenSSL::SSL::VERIFY_PEER
|
380
385
|
http_object.verify_depth = 5
|
381
386
|
end
|
382
387
|
|
383
388
|
http_object.read_timeout = http_object.open_timeout = @options[:timeout] || 60
|
384
|
-
|
389
|
+
if @options[:open_timeout]
|
390
|
+
http_object.open_timeout = @options[:open_timeout]
|
391
|
+
end
|
385
392
|
http_object.ssl_version = @options[:ssl_version] if @options[:ssl_version]
|
386
|
-
|
387
|
-
|
393
|
+
if @options[:ssl_client_cert]
|
394
|
+
http_object.cert = @options[:ssl_client_cert]
|
395
|
+
end
|
396
|
+
http_object.key = @options[:ssl_client_key] if @options[:ssl_client_key]
|
388
397
|
http_object.set_debug_output(debug_output) if debug_output
|
389
398
|
|
390
399
|
http_object
|
@@ -394,36 +403,36 @@ module OAuth
|
|
394
403
|
def create_http_request(http_method, path, *arguments)
|
395
404
|
http_method = http_method.to_sym
|
396
405
|
|
397
|
-
if [
|
398
|
-
data = arguments.shift
|
399
|
-
end
|
406
|
+
data = arguments.shift if %i[post put patch].include?(http_method)
|
400
407
|
|
401
408
|
# if the base site contains a path, add it now
|
402
409
|
# only add if the site host matches the current http object's host
|
403
410
|
# (in case we've specified a full url for token requests)
|
404
|
-
uri
|
405
|
-
|
411
|
+
uri = URI.parse(site)
|
412
|
+
if uri.path && uri.path != "/" && uri.host == http.address
|
413
|
+
path = uri.path + path
|
414
|
+
end
|
406
415
|
|
407
416
|
headers = arguments.first.is_a?(Hash) ? arguments.shift : {}
|
408
417
|
|
409
418
|
case http_method
|
410
419
|
when :post
|
411
|
-
request = Net::HTTP::Post.new(path,headers)
|
420
|
+
request = Net::HTTP::Post.new(path, headers)
|
412
421
|
request["Content-Length"] = "0" # Default to 0
|
413
422
|
when :put
|
414
|
-
request = Net::HTTP::Put.new(path,headers)
|
423
|
+
request = Net::HTTP::Put.new(path, headers)
|
415
424
|
request["Content-Length"] = "0" # Default to 0
|
416
425
|
when :patch
|
417
|
-
request = Net::HTTP::Patch.new(path,headers)
|
426
|
+
request = Net::HTTP::Patch.new(path, headers)
|
418
427
|
request["Content-Length"] = "0" # Default to 0
|
419
428
|
when :get
|
420
|
-
request = Net::HTTP::Get.new(path,headers)
|
429
|
+
request = Net::HTTP::Get.new(path, headers)
|
421
430
|
when :delete
|
422
|
-
request =
|
431
|
+
request = Net::HTTP::Delete.new(path, headers)
|
423
432
|
when :head
|
424
|
-
request = Net::HTTP::Head.new(path,headers)
|
433
|
+
request = Net::HTTP::Head.new(path, headers)
|
425
434
|
else
|
426
|
-
raise ArgumentError, "Don't know how to handle http_method: :#{http_method
|
435
|
+
raise ArgumentError, "Don't know how to handle http_method: :#{http_method}"
|
427
436
|
end
|
428
437
|
|
429
438
|
if data.is_a?(Hash)
|
@@ -448,13 +457,12 @@ module OAuth
|
|
448
457
|
request
|
449
458
|
end
|
450
459
|
|
451
|
-
def marshal_dump(*
|
452
|
-
{:
|
460
|
+
def marshal_dump(*_args)
|
461
|
+
{ key: @key, secret: @secret, options: @options }
|
453
462
|
end
|
454
463
|
|
455
464
|
def marshal_load(data)
|
456
465
|
initialize(data[:key], data[:secret], data[:options])
|
457
466
|
end
|
458
|
-
|
459
467
|
end
|
460
468
|
end
|
data/lib/oauth/errors/error.rb
CHANGED
data/lib/oauth/errors/problem.rb
CHANGED
data/lib/oauth/errors.rb
CHANGED
data/lib/oauth/helper.rb
CHANGED
@@ -1,9 +1,12 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require "time"
|
1
4
|
require "openssl"
|
2
5
|
require "base64"
|
3
6
|
|
4
7
|
module OAuth
|
5
8
|
module Helper
|
6
|
-
|
9
|
+
module_function
|
7
10
|
|
8
11
|
# Escape +value+ by URL encoding all non-reserved character.
|
9
12
|
#
|
@@ -24,13 +27,13 @@ module OAuth
|
|
24
27
|
|
25
28
|
# Generate a random key of up to +size+ bytes. The value returned is Base64 encoded with non-word
|
26
29
|
# characters removed.
|
27
|
-
def generate_key(size=32)
|
30
|
+
def generate_key(size = 32)
|
28
31
|
Base64.encode64(OpenSSL::Random.random_bytes(size)).gsub(/\W/, "")
|
29
32
|
end
|
30
33
|
|
31
|
-
|
34
|
+
alias generate_nonce generate_key
|
32
35
|
|
33
|
-
def generate_timestamp
|
36
|
+
def generate_timestamp # :nodoc:
|
34
37
|
Time.now.to_i.to_s
|
35
38
|
end
|
36
39
|
|
@@ -43,7 +46,8 @@ module OAuth
|
|
43
46
|
# See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
|
44
47
|
def normalize(params)
|
45
48
|
params.sort.map do |k, values|
|
46
|
-
|
49
|
+
case values
|
50
|
+
when Array
|
47
51
|
# make sure the array has an element so we don't lose the key
|
48
52
|
values << nil if values.empty?
|
49
53
|
# multiple values were provided for a single key
|
@@ -51,13 +55,13 @@ module OAuth
|
|
51
55
|
normalize_nested_query(values, k)
|
52
56
|
else
|
53
57
|
values.sort.collect do |v|
|
54
|
-
[escape(k),escape(v)]
|
58
|
+
[escape(k), escape(v)].join("=")
|
55
59
|
end
|
56
60
|
end
|
57
|
-
|
61
|
+
when Hash
|
58
62
|
normalize_nested_query(values, k)
|
59
63
|
else
|
60
|
-
[escape(k),escape(values)]
|
64
|
+
[escape(k), escape(values)].join("=")
|
61
65
|
end
|
62
66
|
end * "&"
|
63
67
|
end
|
@@ -76,7 +80,7 @@ module OAuth
|
|
76
80
|
normalize_nested_query(v, prefix ? "#{prefix}[#{k}]" : k)
|
77
81
|
end.flatten.sort
|
78
82
|
else
|
79
|
-
[escape(prefix), escape(value)]
|
83
|
+
[escape(prefix), escape(value)].join("=")
|
80
84
|
end
|
81
85
|
end
|
82
86
|
|
@@ -90,16 +94,16 @@ module OAuth
|
|
90
94
|
#
|
91
95
|
def parse_header(header)
|
92
96
|
# decompose
|
93
|
-
params = header[6,header.length].split(/[,=&]/)
|
97
|
+
params = header[6, header.length].split(/[,=&]/)
|
94
98
|
|
95
99
|
# odd number of arguments - must be a malformed header.
|
96
|
-
raise OAuth::Problem
|
100
|
+
raise OAuth::Problem, "Invalid authorization header" if params.size.odd?
|
97
101
|
|
98
102
|
params.map! do |v|
|
99
103
|
# strip and unescape
|
100
104
|
val = unescape(v.strip)
|
101
105
|
# strip quotes
|
102
|
-
val.sub(
|
106
|
+
val.sub(/^"(.*)"$/, '\1')
|
103
107
|
end
|
104
108
|
|
105
109
|
# convert into a Hash
|
data/lib/oauth/oauth.rb
CHANGED
@@ -1,13 +1,15 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module OAuth
|
2
4
|
# request tokens are passed between the consumer and the provider out of
|
3
5
|
# band (i.e. callbacks cannot be used), per section 6.1.1
|
4
6
|
OUT_OF_BAND = "oob"
|
5
7
|
|
6
8
|
# required parameters, per sections 6.1.1, 6.3.1, and 7
|
7
|
-
PARAMETERS = %w
|
8
|
-
|
9
|
-
|
9
|
+
PARAMETERS = %w[oauth_callback oauth_consumer_key oauth_token
|
10
|
+
oauth_signature_method oauth_timestamp oauth_nonce oauth_verifier
|
11
|
+
oauth_version oauth_signature oauth_body_hash].freeze
|
10
12
|
|
11
13
|
# reserved character regexp, per section 5.1
|
12
|
-
RESERVED_CHARACTERS = /[^a-zA-Z0-9
|
14
|
+
RESERVED_CHARACTERS = /[^a-zA-Z0-9\-._~]/.freeze
|
13
15
|
end
|
File without changes
|
File without changes
|
@@ -83,7 +83,7 @@ module OAuth
|
|
83
83
|
end
|
84
84
|
|
85
85
|
def oauth_parameters
|
86
|
-
parameters.select { |k,
|
86
|
+
parameters.select { |k, v| OAuth::PARAMETERS.include?(k) && !v.nil? && v != "" }
|
87
87
|
end
|
88
88
|
|
89
89
|
def non_oauth_parameters
|
@@ -127,7 +127,7 @@ module OAuth
|
|
127
127
|
end
|
128
128
|
|
129
129
|
# URI, including OAuth parameters
|
130
|
-
def signed_uri(with_oauth
|
130
|
+
def signed_uri(with_oauth: true)
|
131
131
|
if signed?
|
132
132
|
params = if with_oauth
|
133
133
|
parameters
|
File without changes
|
File without changes
|
File without changes
|
@@ -38,13 +38,11 @@ module OAuth
|
|
38
38
|
request_params = CGI.parse(query_string)
|
39
39
|
# request_params.each{|k,v| request_params[k] = [nil] if v == []}
|
40
40
|
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
request_params[k] = [v]
|
47
|
-
end
|
41
|
+
options[:parameters]&.each do |k, v|
|
42
|
+
if request_params.key?(k) && v
|
43
|
+
request_params[k] << v
|
44
|
+
else
|
45
|
+
request_params[k] = [v]
|
48
46
|
end
|
49
47
|
end
|
50
48
|
request_params
|
@@ -71,7 +69,9 @@ module OAuth
|
|
71
69
|
end
|
72
70
|
|
73
71
|
def auth_header_params
|
74
|
-
|
72
|
+
unless request["Authorization"] && request["Authorization"][0, 5] == "OAuth"
|
73
|
+
return nil
|
74
|
+
end
|
75
75
|
|
76
76
|
request["Authorization"]
|
77
77
|
end
|
File without changes
|
@@ -38,7 +38,8 @@ module OAuth
|
|
38
38
|
|
39
39
|
def post_parameters
|
40
40
|
# Post params are only used if posting form data
|
41
|
-
|
41
|
+
is_form_data = request.payload && request.payload.headers["Content-Type"] == "application/x-www-form-urlencoded"
|
42
|
+
if is_form_data && (method == "POST" || method == "PUT")
|
42
43
|
OAuth::Helper.stringify_keys(query_string_to_hash(request.payload.to_s) || {})
|
43
44
|
else
|
44
45
|
{}
|
File without changes
|
data/lib/oauth/request_proxy.rb
CHANGED
@@ -1,24 +1,27 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module OAuth
|
2
4
|
module RequestProxy
|
3
|
-
def self.available_proxies
|
5
|
+
def self.available_proxies # :nodoc:
|
4
6
|
@available_proxies ||= {}
|
5
7
|
end
|
6
8
|
|
7
9
|
def self.proxy(request, options = {})
|
8
|
-
return request if request.
|
10
|
+
return request if request.is_a?(OAuth::RequestProxy::Base)
|
9
11
|
|
10
12
|
klass = available_proxies[request.class]
|
11
13
|
|
12
14
|
# Search for possible superclass matches.
|
13
15
|
if klass.nil?
|
14
|
-
request_parent = available_proxies.keys.find { |rc| request.
|
16
|
+
request_parent = available_proxies.keys.find { |rc| request.is_a?(rc) }
|
15
17
|
klass = available_proxies[request_parent]
|
16
18
|
end
|
17
19
|
|
18
20
|
raise UnknownRequestType, request.class.to_s unless klass
|
21
|
+
|
19
22
|
klass.new(request, options)
|
20
23
|
end
|
21
24
|
|
22
|
-
class UnknownRequestType <
|
25
|
+
class UnknownRequestType < RuntimeError; end
|
23
26
|
end
|
24
27
|
end
|