oauth2 1.1.0 → 1.4.3

data/lib/oauth2/error.rb

@@ -8,17 +8,33 @@ module OAuth2
       response.error = self
       @response = response
 
-      message = []
-
       if response.parsed.is_a?(Hash)
         @code = response.parsed['error']
         @description = response.parsed['error_description']
-        message << "#{@code}: #{@description}"
+        error_description = "#{@code}: #{@description}"
       end
 
-      message << response.body
+      super(error_message(response.body, :error_description => error_description))
+    end
+
+    # Makes a error message
+    # @param [String] response_body response body of request
+    # @param [String] opts :error_description error description to show first line
+    def error_message(response_body, opts = {})
+      message = []
+
+      opts[:error_description] && message << opts[:error_description]
+
+      error_message = if opts[:error_description] && opts[:error_description].respond_to?(:encoding)
+                        script_encoding = opts[:error_description].encoding
+                        response_body.encode(script_encoding, :invalid => :replace, :undef => :replace)
+                      else
+                        response_body
+                      end
+
+      message << error_message
 
-      super(message.join("\n"))
+      message.join("\n")
     end
   end
 end

data/lib/oauth2/mac_token.rb

@@ -64,7 +64,7 @@ module OAuth2
 
       uri = URI.parse(url)
 
-      fail(ArgumentError, "could not parse \"#{url}\" into URI") unless uri.is_a?(URI::HTTP)
+      raise(ArgumentError, "could not parse \"#{url}\" into URI") unless uri.is_a?(URI::HTTP)
 
       mac = signature(timestamp, nonce, verb, uri)
 
@@ -102,7 +102,7 @@ module OAuth2
         when 'hmac-sha-256'
           OpenSSL::Digest::SHA256.new
         else
-          fail(ArgumentError, 'Unsupported algorithm')
+          raise(ArgumentError, 'Unsupported algorithm')
         end
       end
     end
@@ -111,7 +111,7 @@ module OAuth2
 
     # No-op since we need the verb and path
     # and the MAC always goes in a header
-    def token=(_)
+    def token=(_noop)
     end
 
     # Base64.strict_encode64 is not available on Ruby 1.8.7

data/lib/oauth2/response.rb

@@ -27,7 +27,7 @@ module OAuth2
     # Adds a new content type parser.
     #
     # @param [Symbol] key A descriptive symbol key such as :json or :query.
-    # @param [Array] One or more mime types to which this parser applies.
+    # @param [Array] mime_types One or more mime types to which this parser applies.
     # @yield [String] A block returning parsed content.
     def self.register_parser(key, mime_types, &block)
       key = key.to_sym

data/lib/oauth2/strategy/assertion.rb

@@ -25,7 +25,7 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def authorize_url
-        fail(NotImplementedError, 'The authorization endpoint is not used in this strategy')
+        raise(NotImplementedError, 'The authorization endpoint is not used in this strategy')
       end
 
       # Retrieve an access token given the specified client.
@@ -49,19 +49,21 @@ module OAuth2
 
       def build_request(params)
         assertion = build_assertion(params)
-        {:grant_type     => 'assertion',
-         :assertion_type => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
-         :assertion      => assertion,
-         :scope          => params[:scope],
-        }.merge(client_params)
+        {
+          :grant_type     => 'assertion',
+          :assertion_type => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
+          :assertion      => assertion,
+          :scope          => params[:scope],
+        }
       end
 
       def build_assertion(params)
-        claims = {:iss => params[:iss],
-                  :aud => params[:aud],
-                  :prn => params[:prn],
-                  :exp => params[:exp],
-                 }
+        claims = {
+          :iss => params[:iss],
+          :aud => params[:aud],
+          :prn => params[:prn],
+          :exp => params[:exp],
+        }
         if params[:hmac_secret]
           JWT.encode(claims, params[:hmac_secret], 'HS256')
         elsif params[:private_key]

data/lib/oauth2/strategy/auth_code.rb

@@ -25,7 +25,8 @@ module OAuth2
       # @param [Hash] opts options
       # @note that you must also provide a :redirect_uri with most OAuth 2.0 providers
       def get_token(code, params = {}, opts = {})
-        params = {'grant_type' => 'authorization_code', 'code' => code}.merge(client_params).merge(params)
+        params = {'grant_type' => 'authorization_code', 'code' => code}.merge(@client.redirection_params).merge(params)
+
         @client.get_token(params, opts)
       end
     end

data/lib/oauth2/strategy/base.rb

@@ -4,13 +4,6 @@ module OAuth2
       def initialize(client)
         @client = client
       end
-
-      # The OAuth client_id and client_secret
-      #
-      # @return [Hash]
-      def client_params
-        {'client_id' => @client.id, 'client_secret' => @client.secret}
-      end
     end
   end
 end

data/lib/oauth2/strategy/client_credentials.rb

@@ -1,5 +1,3 @@
-require 'base64'
-
 module OAuth2
   module Strategy
     # The Client Credentials Strategy
@@ -10,7 +8,7 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def authorize_url
-        fail(NotImplementedError, 'The authorization endpoint is not used in this strategy')
+        raise(NotImplementedError, 'The authorization endpoint is not used in this strategy')
       end
 
       # Retrieve an access token given the specified client.
@@ -18,19 +16,9 @@ module OAuth2
       # @param [Hash] params additional params
       # @param [Hash] opts options
       def get_token(params = {}, opts = {})
-        request_body = opts.delete('auth_scheme') == 'request_body'
-        params['grant_type'] = 'client_credentials'
-        params.merge!(request_body ? client_params : {:headers => {'Authorization' => authorization(client_params['client_id'], client_params['client_secret'])}})
+        params = params.merge('grant_type' => 'client_credentials')
         @client.get_token(params, opts.merge('refresh_token' => nil))
       end
-
-      # Returns the Authorization header value for Basic Authentication
-      #
-      # @param [String] The client ID
-      # @param [String] the client secret
-      def authorization(client_id, client_secret)
-        'Basic ' + Base64.encode64(client_id + ':' + client_secret).delete("\n")
-      end
     end
   end
 end

data/lib/oauth2/strategy/implicit.rb

@@ -22,7 +22,7 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def get_token(*)
-        fail(NotImplementedError, 'The token is accessed differently in this strategy')
+        raise(NotImplementedError, 'The token is accessed differently in this strategy')
       end
     end
   end

data/lib/oauth2/strategy/password.rb

@@ -8,7 +8,7 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def authorize_url
-        fail(NotImplementedError, 'The authorization endpoint is not used in this strategy')
+        raise(NotImplementedError, 'The authorization endpoint is not used in this strategy')
       end
 
       # Retrieve an access token given the specified End User username and password.
@@ -19,7 +19,7 @@ module OAuth2
       def get_token(username, password, params = {}, opts = {})
         params = {'grant_type' => 'password',
                   'username'   => username,
-                  'password'   => password}.merge(client_params).merge(params)
+                  'password'   => password}.merge(params)
         @client.get_token(params, opts)
       end
     end

data/lib/oauth2/version.rb

@@ -13,14 +13,14 @@ module OAuth2
     #
     # @return [Integer]
     def minor
-      1
+      4
     end
 
     # The patch version
     #
     # @return [Integer]
     def patch
-      0
+      3
     end
 
     # The pre-release version, if any

data/lib/oauth2.rb

@@ -1,4 +1,5 @@
 require 'oauth2/error'
+require 'oauth2/authenticator'
 require 'oauth2/client'
 require 'oauth2/strategy/base'
 require 'oauth2/strategy/auth_code'

data/oauth2.gemspec

@@ -1,24 +1,52 @@
 # coding: utf-8
+
 lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'oauth2/version'
 
 Gem::Specification.new do |spec|
-  spec.add_dependency 'faraday', ['>= 0.8', '< 0.10']
-  spec.add_dependency 'jwt', '~> 1.0', '< 1.5.2'
+  spec.add_dependency 'faraday', ['>= 0.8', '< 2.0']
+  spec.add_dependency 'jwt', ['>= 1.0', '< 3.0']
   spec.add_dependency 'multi_json', '~> 1.3'
   spec.add_dependency 'multi_xml', '~> 0.5'
   spec.add_dependency 'rack', ['>= 1.2', '< 3']
-  spec.add_development_dependency 'bundler', '~> 1.0'
-  spec.authors       = ['Michael Bleigh', 'Erik Michaels-Ober']
+
+  spec.authors       = ['Peter Boling', 'Michael Bleigh', 'Erik Michaels-Ober']
   spec.description   = 'A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth spec.'
-  spec.email         = ['michael@intridea.com', 'sferik@gmail.com']
-  spec.files         = %w(.document CONTRIBUTING.md LICENSE.md README.md oauth2.gemspec) + Dir['lib/**/*.rb']
-  spec.homepage      = 'http://github.com/intridea/oauth2'
-  spec.licenses      = %w(MIT)
+  spec.email         = ['peter.boling@gmail.com']
+  spec.homepage      = 'https://github.com/oauth-xx/oauth2'
+  spec.licenses      = %w[MIT]
   spec.name          = 'oauth2'
-  spec.require_paths = %w(lib)
+  spec.required_ruby_version = '>= 1.9.0'
   spec.required_rubygems_version = '>= 1.3.5'
   spec.summary       = 'A Ruby wrapper for the OAuth 2.0 protocol.'
   spec.version       = OAuth2::Version
+
+  spec.metadata = {
+    'bug_tracker_uri'   => 'https://github.com/oauth-xx/oauth2/issues',
+    'changelog_uri'     => "https://github.com/oauth-xx/oauth2/blob/v#{spec.version}/CHANGELOG.md",
+    'documentation_uri' => "https://www.rubydoc.info/gems/oauth2/#{spec.version}",
+    'source_code_uri'   => "https://github.com/oauth-xx/oauth2/tree/v#{spec.version}",
+    'wiki_uri'          => 'https://github.com/oauth-xx/oauth2/wiki'
+  }
+
+  spec.require_paths = %w[lib]
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(bin|test|spec|features)/})
+  end
+
+  spec.add_development_dependency 'addressable', '~> 2.3'
+  spec.add_development_dependency 'backports', '~> 3.11'
+  spec.add_development_dependency 'bundler', '>= 1.16'
+  spec.add_development_dependency 'coveralls', '~> 0.8'
+  spec.add_development_dependency 'rake', '~> 12.3'
+  spec.add_development_dependency 'rdoc', ['>= 5.0', '< 7']
+  spec.add_development_dependency 'rspec', '~> 3.0'
+  spec.add_development_dependency 'rspec-stubbed_env'
+  spec.add_development_dependency 'rspec-pending_for'
+  spec.add_development_dependency 'rspec-block_is_expected'
+  spec.add_development_dependency 'silent_stream'
+  spec.add_development_dependency 'wwtd'
 end

metadata

@@ -1,15 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: oauth2
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.4.3
 platform: ruby
 authors:
+- Peter Boling
 - Michael Bleigh
 - Erik Michaels-Ober
 autorequire: 
-bindir: bin
+bindir: exe
 cert_chain: []
-date: 2016-01-30 00:00:00.000000000 Z
+date: 2020-01-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -20,7 +21,7 @@ dependencies:
         version: '0.8'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '0.10'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -30,27 +31,27 @@ dependencies:
         version: '0.8'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '0.10'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.0'
     - - "<"
       - !ruby/object:Gem::Version
-        version: 1.5.2
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.0'
     - - "<"
       - !ruby/object:Gem::Version
-        version: 1.5.2
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: multi_json
   requirement: !ruby/object:Gem::Requirement
@@ -99,35 +100,223 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '3'
+- !ruby/object:Gem::Dependency
+  name: addressable
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+- !ruby/object:Gem::Dependency
+  name: backports
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.11'
 - !ruby/object:Gem::Dependency
   name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: coveralls
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0.8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0.8'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.3'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '5.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '5.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '7'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: rspec-stubbed_env
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec-pending_for
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec-block_is_expected
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: silent_stream
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: wwtd
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: A Ruby wrapper for the OAuth 2.0 protocol built with a similar style
   to the original OAuth spec.
 email:
-- michael@intridea.com
-- sferik@gmail.com
+- peter.boling@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - ".document"
+- ".gitignore"
+- ".jrubyrc"
+- ".rspec"
+- ".rubocop.yml"
+- ".rubocop_rspec.yml"
+- ".rubocop_todo.yml"
+- ".ruby-version"
+- ".travis.yml"
+- CHANGELOG.md
+- CODE_OF_CONDUCT.md
 - CONTRIBUTING.md
-- LICENSE.md
+- Gemfile
+- LICENSE
 - README.md
+- Rakefile
+- gemfiles/jruby_1.7.gemfile
+- gemfiles/jruby_9.0.gemfile
+- gemfiles/jruby_9.1.gemfile
+- gemfiles/jruby_9.2.gemfile
+- gemfiles/jruby_head.gemfile
+- gemfiles/ruby_1.9.gemfile
+- gemfiles/ruby_2.0.gemfile
+- gemfiles/ruby_2.1.gemfile
+- gemfiles/ruby_2.2.gemfile
+- gemfiles/ruby_2.3.gemfile
+- gemfiles/ruby_2.4.gemfile
+- gemfiles/ruby_2.5.gemfile
+- gemfiles/ruby_2.6.gemfile
+- gemfiles/ruby_2.7.gemfile
+- gemfiles/ruby_head.gemfile
+- gemfiles/truffleruby.gemfile
 - lib/oauth2.rb
 - lib/oauth2/access_token.rb
+- lib/oauth2/authenticator.rb
 - lib/oauth2/client.rb
 - lib/oauth2/error.rb
 - lib/oauth2/mac_token.rb
@@ -140,10 +329,15 @@ files:
 - lib/oauth2/strategy/password.rb
 - lib/oauth2/version.rb
 - oauth2.gemspec
-homepage: http://github.com/intridea/oauth2
+homepage: https://github.com/oauth-xx/oauth2
 licenses:
 - MIT
-metadata: {}
+metadata:
+  bug_tracker_uri: https://github.com/oauth-xx/oauth2/issues
+  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v1.4.3/CHANGELOG.md
+  documentation_uri: https://www.rubydoc.info/gems/oauth2/1.4.3
+  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v1.4.3
+  wiki_uri: https://github.com/oauth-xx/oauth2/wiki
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -152,17 +346,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.9.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: 1.3.5
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.2.5
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: A Ruby wrapper for the OAuth 2.0 protocol.
 test_files: []
-has_rdoc: 

data/LICENSE.md

@@ -1,20 +0,0 @@
-Copyright (c) 2011-2013 Michael Bleigh and Intridea, Inc.
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.