oauth 0.3.7.pre1 → 0.4.0

data/.gitignore

@@ -1 +1,2 @@
-pkg/*
+pkg/*
+_site

data/{History.txt → HISTORY}

@@ -1,4 +1,8 @@
-== 0.3.7
+== 0.4.0 2010-04-22
+
+* Added computation of oauth_body_hash as per OAuth Request Body Hash 1.0
+  Draft 4 (Michael Reinsch)
+* Added the optional `oauth_session_handle` parameter for the Yahoo implementation (Will Bailey)
 * Better marshalling implementation (Yoan Blanc)
 * Added optional block to OAuth::Consumer.get_*_token (Neill Pearman)
 * Exclude `oauth_callback` with :exclude_callback (Neill Pearman)
@@ -13,6 +17,7 @@
 * Support for Typhoeus (Bill Kocik)
 * Support for em-http (EventMachine) (Darcy Laycock)
 * Support for curb (André Luis Leal Cardoso Junior)
+* New website (Aaron Quint)
 
 == 0.3.6 2009-09-14
 
@@ -104,7 +109,9 @@
 
 == 0.2 2008-1-19 All together now release
 
-This is a big release, where we have merged the efforts of various parties into one common library. This means there are definitely some API changes you should be aware of. They should be minimal but please have a look at the unit tests.
+This is a big release, where we have merged the efforts of various parties into one common library. 
+This means there are definitely some API changes you should be aware of. They should be minimal 
+but please have a look at the unit tests.
 
 == 0.1.2 2007-12-1
 

data/README.rdoc

@@ -1,4 +1,4 @@
-= Ruby OAuth GEM
+= Ruby OAuth
 
 == What
 
@@ -12,7 +12,7 @@ See the OAuth specs http://oauth.net/core/1.0/
 
 You can also install it from the oauth rubyforge project http://rubyforge.org/projects/oauth/.
 
-The source code is now hosted on the OAuth GitHub Project http://github.com/mojodna/oauth
+The source code is now hosted on the OAuth GitHub Project http://github.com/oauth/oauth-ruby
 
 == The basics
 
@@ -70,7 +70,7 @@ http://groups.google.com/group/oauth-ruby
 
 Read the "8 steps for fixing other people's code" http://drnicwilliams.com/2007/06/01/8-steps-for-fixing-other-peoples-code/.
 
-The source code is now hosted on the OAuth GitHub Project http://github.com/mojodna/oauth
+The source code is now hosted on the OAuth GitHub Project http://github.com/oauth/oauth-ruby
 
 To submit a patch, please fork the oauth project and create a patch with tests. Once you're happy with it send a pull request and post a message to the google group.
 
@@ -80,5 +80,8 @@ This code is free to use under the terms of the MIT license.
 
 == Contact
 
-Comments are welcome. Send an email to "Pelle Braendgaard" pelleb@gmail.com email via the OAuth Ruby mailing list http://groups.google.com/group/oauth-ruby
+OAuth Ruby has been created and maintained by a large number of talented individuals. 
+The current maintainer is Aaron Quint (quirkey).
+
+Comments are welcome. Send an email to via the OAuth Ruby mailing list http://groups.google.com/group/oauth-ruby
 

data/Rakefile

@@ -1,24 +1,23 @@
 %w[rubygems rake rake/clean rake/testtask fileutils].each { |f| require f }
 $LOAD_PATH << File.dirname(__FILE__) + '/lib'
 require 'oauth'
-require 'oauth/version'
 
 begin
   require 'jeweler'
   Jeweler::Tasks.new do |s|
     s.name = %q{oauth}
     s.version = OAuth::VERSION
-    s.date = %q{2009-08-10}
     s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons", "Matt Sanford", "Aaron Quint"]
     s.email = "oauth-ruby@googlegroups.com"
     s.description = "OAuth Core Ruby implementation"
     s.summary = s.description
     s.rubyforge_project = %q{oauth}
-    s.add_development_dependency(%q<actionpack>, [">= 2.2.0"])
+    s.add_development_dependency(%q<actionpack>, [">= 2.2.0", "<2.3.0"])
     s.add_development_dependency(%q<rack>, [">= 1.0.0"])
     s.add_development_dependency(%q<mocha>, [">= 0.9.8"])
     s.add_development_dependency(%q<typhoeus>, [">= 0.1.13"])
     s.add_development_dependency(%q<em-http-request>)
+    s.add_development_dependency(%q<curb>, [">= 0.6.6.0"])
   end
   Jeweler::GemcutterTasks.new
 rescue LoadError

data/bin/oauth

@@ -1,5 +1,5 @@
-#!/usr/bin/env ruby -w -rubygems
+#!/usr/bin/env ruby
 
 require "oauth/cli"
 
-OAuth::CLI.execute(STDOUT, STDIN, STDERR, ARGV)
+OAuth::CLI.execute(STDOUT, STDIN, STDERR, ARGV)

data/lib/oauth.rb

@@ -1,8 +1,12 @@
 $LOAD_PATH << File.dirname(__FILE__) unless $LOAD_PATH.include?(File.dirname(__FILE__))
 
+module OAuth
+  VERSION = "0.4.0"
+end
+
 require 'oauth/oauth'
 require 'oauth/core_ext'
 
 require 'oauth/client/helper'
 require 'oauth/signature/hmac/sha1'
-require 'oauth/request_proxy/mock_request'
+require 'oauth/request_proxy/mock_request'

data/lib/oauth/client/helper.rb

@@ -2,7 +2,6 @@ require 'oauth/client'
 require 'oauth/consumer'
 require 'oauth/helper'
 require 'oauth/token'
-require 'oauth/version'
 require 'oauth/signature/hmac/sha1'
 
 module OAuth::Client
@@ -29,6 +28,7 @@ module OAuth::Client
 
     def oauth_parameters
       {
+        'oauth_body_hash'        => options[:body_hash],
         'oauth_callback'         => options[:oauth_callback],
         'oauth_consumer_key'     => options[:consumer].key,
         'oauth_token'            => options[:token] ? options[:token].token : '',
@@ -36,7 +36,8 @@ module OAuth::Client
         'oauth_timestamp'        => timestamp,
         'oauth_nonce'            => nonce,
         'oauth_verifier'         => options[:oauth_verifier],
-        'oauth_version'          => (options[:oauth_version] || '1.0')
+        'oauth_version'          => (options[:oauth_version] || '1.0'),
+        'oauth_session_handle'   => options[:oauth_session_handle]
       }.reject { |k,v| v.to_s == "" }
     end
 
@@ -55,6 +56,10 @@ module OAuth::Client
                                                          :parameters => oauth_parameters}.merge(extra_options) )
     end
 
+    def hash_body
+      @options[:body_hash] = OAuth::Signature.body_hash(@request, :parameters => oauth_parameters)
+    end
+
     def amend_user_agent_header(headers)
       @oauth_ua_string ||= "OAuth gem v#{OAuth::VERSION}"
       # Net::HTTP in 1.9 appends Ruby

data/lib/oauth/client/net_http.rb

@@ -20,19 +20,14 @@ class Net::HTTPRequest
   #
   # This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
   #
-  # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1]
+  # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1],
+  #           {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html]
   def oauth!(http, consumer = nil, token = nil, options = {})
-    options = { :request_uri      => oauth_full_request_uri(http),
-                :consumer         => consumer,
-                :token            => token,
-                :scheme           => 'header',
-                :signature_method => nil,
-                :nonce            => nil,
-                :timestamp        => nil }.merge(options)
-
-    @oauth_helper = OAuth::Client::Helper.new(self, options)
+    helper_options = oauth_helper_options(http, consumer, token, options)
+    @oauth_helper = OAuth::Client::Helper.new(self, helper_options)
     @oauth_helper.amend_user_agent_header(self)
-    self.send("set_oauth_#{options[:scheme]}")
+    @oauth_helper.hash_body if oauth_body_hash_required?
+    self.send("set_oauth_#{helper_options[:scheme]}")
   end
 
   # Create a string suitable for signing for an HTTP request. This process involves parameter
@@ -47,21 +42,27 @@ class Net::HTTPRequest
   # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
   #   +signature_method+, +nonce+, +timestamp+)
   # 
-  # See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
+  # See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1],
+  #           {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html]
   def signature_base_string(http, consumer = nil, token = nil, options = {})
-    options = { :request_uri      => oauth_full_request_uri(http),
-                :consumer         => consumer,
-                :token            => token,
-                :scheme           => 'header',
-                :signature_method => nil,
-                :nonce            => nil,
-                :timestamp        => nil }.merge(options)
-
-    OAuth::Client::Helper.new(self, options).signature_base_string
+    helper_options = oauth_helper_options(http, consumer, token, options)
+    oauth_helper = OAuth::Client::Helper.new(self, helper_options)
+    oauth_helper.hash_body if oauth_body_hash_required?
+    oauth_helper.signature_base_string
   end
 
 private
 
+  def oauth_helper_options(http, consumer, token, options)
+    { :request_uri      => oauth_full_request_uri(http),
+      :consumer         => consumer,
+      :token            => token,
+      :scheme           => 'header',
+      :signature_method => nil,
+      :nonce            => nil,
+      :timestamp        => nil }.merge(options)
+  end
+
   def oauth_full_request_uri(http)
     uri = URI.parse(self.path)
     uri.host = http.address
@@ -76,6 +77,10 @@ private
     uri.to_s
   end
 
+  def oauth_body_hash_required?
+    request_body_permitted? && content_type != "application/x-www-form-urlencoded"
+  end
+
   def set_oauth_header
     self['Authorization'] = @oauth_helper.header
   end

data/lib/oauth/consumer.rb

@@ -76,10 +76,10 @@ module OAuth
       @secret = consumer_secret
 
       # ensure that keys are symbols
-      @options = @@default_options.merge(options.inject({}) { |opts, (key, value)|
+      @options = @@default_options.merge(options.inject({}) do |opts, (key, value)|
         opts[key.to_sym] = value
         opts
-      })
+      end)
     end
 
     # The default http method
@@ -128,10 +128,10 @@ module OAuth
 
       if block_given?
         response = token_request(http_method,
-                                 (request_token_url? ? request_token_url : request_token_path),
-                                 nil,
-                                 request_options,
-                                 *arguments, &block)
+        (request_token_url? ? request_token_url : request_token_path),
+        nil,
+        request_options,
+        *arguments, &block)
       else
         response = token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, request_options, *arguments)
       end
@@ -277,7 +277,7 @@ module OAuth
       @options[:proxy]
     end
 
-  protected
+    protected
 
     # Instantiates the http object
     def create_http(_url = nil)
@@ -358,9 +358,7 @@ module OAuth
     end
 
     def marshal_dump(*args)
-      {:key => @key,
-       :secret => @secret,
-       :options => @options}
+      {:key => @key, :secret => @secret, :options => @options}
     end
 
     def marshal_load(data)

data/lib/oauth/oauth.rb

@@ -4,7 +4,9 @@ module OAuth
   OUT_OF_BAND = "oob"
 
   # required parameters, per sections 6.1.1, 6.3.1, and 7
-  PARAMETERS = %w(oauth_callback oauth_consumer_key oauth_token oauth_signature_method oauth_timestamp oauth_nonce oauth_verifier oauth_version oauth_signature)
+  PARAMETERS = %w(oauth_callback oauth_consumer_key oauth_token 
+    oauth_signature_method oauth_timestamp oauth_nonce oauth_verifier
+    oauth_version oauth_signature oauth_body_hash)
 
   # reserved character regexp, per section 5.1
   RESERVED_CHARACTERS = /[^a-zA-Z0-9\-\.\_\~]/

data/lib/oauth/request_proxy/net_http.rb

@@ -24,6 +24,10 @@ module OAuth::RequestProxy::Net
         end
       end
 
+      def body
+        request.body
+      end
+
     private
 
       def all_parameters

data/lib/oauth/signature.rb

@@ -35,6 +35,11 @@ module OAuth
       self.build(request, options, &block).signature_base_string
     end
 
+    # Create the body hash for a request
+    def self.body_hash(request, options = {}, &block)
+      self.build(request, options, &block).body_hash
+    end
+
     class UnknownSignatureMethod < Exception; end
   end
 end

data/lib/oauth/signature/base.rb

@@ -26,6 +26,11 @@ module OAuth::Signature
       @digest_klass = digest_klass
     end
 
+    def self.hash_class(hash_class = nil)
+      return @hash_class if hash_class.nil?
+      @hash_class = hash_class
+    end
+
     def initialize(request, options = {}, &block)
       raise TypeError unless request.kind_of?(OAuth::RequestProxy::Base)
       @request = request
@@ -72,6 +77,14 @@ module OAuth::Signature
       request.signature_base_string
     end
 
+    def body_hash
+      if self.class.hash_class
+        Base64.encode64(self.class.hash_class.digest(request.body || '')).chomp.gsub(/\n/,'')
+      else
+        nil # no body hash algorithm defined, so don't generate one
+      end
+    end
+
   private
 
     def token

data/lib/oauth/signature/hmac/sha1.rb

@@ -4,5 +4,6 @@ module OAuth::Signature::HMAC
   class SHA1 < Base    
     implements 'hmac-sha1'
     digest_klass 'SHA1'
+    hash_class ::Digest::SHA1
   end
 end

data/lib/oauth/signature/rsa/sha1.rb

@@ -4,6 +4,7 @@ require 'openssl'
 module OAuth::Signature::RSA
   class SHA1 < OAuth::Signature::Base
     implements 'rsa-sha1'
+    hash_class ::Digest::SHA1
 
     def ==(cmp_signature)
       public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(cmp_signature.is_a?(Array) ? cmp_signature.first : cmp_signature), signature_base_string)

data/oauth.gemspec

@@ -5,24 +5,24 @@
 
 Gem::Specification.new do |s|
   s.name = %q{oauth}
-  s.version = "0.3.7.pre1"
+  s.version = "0.4.0"
 
-  s.required_rubygems_version = Gem::Requirement.new("> 1.3.1") if s.respond_to? :required_rubygems_version=
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons", "Matt Sanford", "Aaron Quint"]
-  s.date = %q{2010-02-15}
+  s.date = %q{2010-04-21}
   s.default_executable = %q{oauth}
   s.description = %q{OAuth Core Ruby implementation}
   s.email = %q{oauth-ruby@googlegroups.com}
   s.executables = ["oauth"]
   s.extra_rdoc_files = [
-    "README.rdoc",
+    "LICENSE",
+     "README.rdoc",
      "TODO"
   ]
   s.files = [
     ".gitignore",
-     "History.txt",
-     "License.txt",
-     "Manifest.txt",
+     "HISTORY",
+     "LICENSE",
      "README.rdoc",
      "Rakefile",
      "TODO",
@@ -73,12 +73,7 @@ Gem::Specification.new do |s|
      "lib/oauth/tokens/request_token.rb",
      "lib/oauth/tokens/server_token.rb",
      "lib/oauth/tokens/token.rb",
-     "lib/oauth/version.rb",
      "oauth.gemspec",
-     "script/destroy",
-     "script/generate",
-     "script/txt2html",
-     "setup.rb",
      "tasks/deployment.rake",
      "tasks/environment.rake",
      "tasks/website.rake",
@@ -109,17 +104,12 @@ Gem::Specification.new do |s|
      "test/test_signature_base.rb",
      "test/test_signature_plain_text.rb",
      "test/test_token.rb",
-     "test/test_typhoeus_request_proxy.rb",
-     "website/index.html",
-     "website/index.txt",
-     "website/javascripts/rounded_corners_lite.inc.js",
-     "website/stylesheets/screen.css",
-     "website/template.rhtml"
+     "test/test_typhoeus_request_proxy.rb"
   ]
   s.rdoc_options = ["--charset=UTF-8"]
   s.require_paths = ["lib"]
   s.rubyforge_project = %q{oauth}
-  s.rubygems_version = %q{1.3.5}
+  s.rubygems_version = %q{1.3.6}
   s.summary = %q{OAuth Core Ruby implementation}
   s.test_files = [
     "test/cases/oauth_case.rb",
@@ -156,24 +146,27 @@ Gem::Specification.new do |s|
     s.specification_version = 3
 
     if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
-      s.add_development_dependency(%q<actionpack>, [">= 2.2.0"])
+      s.add_development_dependency(%q<actionpack>, [">= 2.2.0", "< 2.3.0"])
       s.add_development_dependency(%q<rack>, [">= 1.0.0"])
       s.add_development_dependency(%q<mocha>, [">= 0.9.8"])
       s.add_development_dependency(%q<typhoeus>, [">= 0.1.13"])
       s.add_development_dependency(%q<em-http-request>, [">= 0"])
+      s.add_development_dependency(%q<curb>, [">= 0.6.6.0"])
     else
-      s.add_dependency(%q<actionpack>, [">= 2.2.0"])
+      s.add_dependency(%q<actionpack>, [">= 2.2.0", "< 2.3.0"])
       s.add_dependency(%q<rack>, [">= 1.0.0"])
       s.add_dependency(%q<mocha>, [">= 0.9.8"])
       s.add_dependency(%q<typhoeus>, [">= 0.1.13"])
       s.add_dependency(%q<em-http-request>, [">= 0"])
+      s.add_dependency(%q<curb>, [">= 0.6.6.0"])
     end
   else
-    s.add_dependency(%q<actionpack>, [">= 2.2.0"])
+    s.add_dependency(%q<actionpack>, [">= 2.2.0", "< 2.3.0"])
     s.add_dependency(%q<rack>, [">= 1.0.0"])
     s.add_dependency(%q<mocha>, [">= 0.9.8"])
     s.add_dependency(%q<typhoeus>, [">= 0.1.13"])
     s.add_dependency(%q<em-http-request>, [">= 0"])
+    s.add_dependency(%q<curb>, [">= 0.6.6.0"])
   end
 end