RubyGems - oauth2 - Versions diffs - 1.4.9 → 2.0.2 - Mend

oauth2 1.4.9 → 2.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +89 -23
data/CONTRIBUTING.md +18 -0
data/README.md +165 -80
data/SECURITY.md +20 -0
data/lib/oauth2/access_token.rb +28 -19
data/lib/oauth2/authenticator.rb +9 -4
data/lib/oauth2/client.rb +97 -71
data/lib/oauth2/error.rb +27 -18
data/lib/oauth2/response.rb +61 -19
data/lib/oauth2/snaky_hash.rb +8 -0
data/lib/oauth2/strategy/assertion.rb +63 -38
data/lib/oauth2/strategy/auth_code.rb +12 -1
data/lib/oauth2/strategy/implicit.rb +7 -0
data/lib/oauth2/version.rb +1 -59
data/lib/oauth2.rb +19 -1
metadata +96 -77
data/lib/oauth2/mac_token.rb +0 -130
data/spec/fixtures/README.md +0 -11
data/spec/fixtures/RS256/jwtRS256.key +0 -51
data/spec/fixtures/RS256/jwtRS256.key.pub +0 -14
data/spec/helper.rb +0 -33
data/spec/oauth2/access_token_spec.rb +0 -218
data/spec/oauth2/authenticator_spec.rb +0 -86
data/spec/oauth2/client_spec.rb +0 -556
data/spec/oauth2/mac_token_spec.rb +0 -122
data/spec/oauth2/response_spec.rb +0 -96
data/spec/oauth2/strategy/assertion_spec.rb +0 -113
data/spec/oauth2/strategy/auth_code_spec.rb +0 -108
data/spec/oauth2/strategy/base_spec.rb +0 -7
data/spec/oauth2/strategy/client_credentials_spec.rb +0 -71
data/spec/oauth2/strategy/implicit_spec.rb +0 -28
data/spec/oauth2/strategy/password_spec.rb +0 -58
data/spec/oauth2/version_spec.rb +0 -23

data/spec/oauth2/response_spec.rb DELETED Viewed

@@ -1,96 +0,0 @@
-# frozen_string_literal: true
-describe OAuth2::Response do
-  describe '#initialize' do
-    let(:status) { 200 }
-    let(:headers) { {'foo' => 'bar'} }
-    let(:body) { 'foo' }
-    it 'returns the status, headers and body' do
-      response = double('response', :headers => headers,
-                                    :status => status,
-                                    :body => body)
-      subject = described_class.new(response)
-      expect(subject.headers).to eq(headers)
-      expect(subject.status).to eq(status)
-      expect(subject.body).to eq(body)
-    end
-  end
-  describe '.register_parser' do
-    let(:response) do
-      double('response', :headers => {'Content-Type' => 'application/foo-bar'},
-                         :status => 200,
-                         :body => 'baz')
-    end
-    before do
-      described_class.register_parser(:foobar, 'application/foo-bar') do |body|
-        "foobar #{body}"
-      end
-    end
-    it 'adds to the content types and parsers' do
-      expect(described_class.send(:class_variable_get, :@@parsers).keys).to include(:foobar)
-      expect(described_class.send(:class_variable_get, :@@content_types).keys).to include('application/foo-bar')
-    end
-    it 'is able to parse that content type automatically' do
-      expect(described_class.new(response).parsed).to eq('foobar baz')
-    end
-  end
-  describe '#parsed' do
-    it 'parses application/x-www-form-urlencoded body' do
-      headers = {'Content-Type' => 'application/x-www-form-urlencoded'}
-      body = 'foo=bar&answer=42'
-      response = double('response', :headers => headers, :body => body)
-      subject = described_class.new(response)
-      expect(subject.parsed.keys.size).to eq(2)
-      expect(subject.parsed['foo']).to eq('bar')
-      expect(subject.parsed['answer']).to eq('42')
-    end
-    it 'parses application/json body' do
-      headers = {'Content-Type' => 'application/json'}
-      body = MultiJson.encode(:foo => 'bar', :answer => 42)
-      response = double('response', :headers => headers, :body => body)
-      subject = described_class.new(response)
-      expect(subject.parsed.keys.size).to eq(2)
-      expect(subject.parsed['foo']).to eq('bar')
-      expect(subject.parsed['answer']).to eq(42)
-    end
-    it "doesn't try to parse other content-types" do
-      headers = {'Content-Type' => 'text/html'}
-      body = '<!DOCTYPE html><html><head></head><body></body></html>'
-      response = double('response', :headers => headers, :body => body)
-      expect(MultiJson).not_to receive(:decode)
-      expect(MultiJson).not_to receive(:load)
-      expect(Rack::Utils).not_to receive(:parse_query)
-      subject = described_class.new(response)
-      expect(subject.parsed).to be_nil
-    end
-  end
-  context 'with xml parser registration' do
-    before do
-      MultiXml.parser = :rexml
-    end
-    it 'tries to load multi_xml and use it' do
-      expect(described_class.send(:class_variable_get, :@@parsers)[:xml]).not_to be_nil
-    end
-    it 'is able to parse xml' do
-      headers = {'Content-Type' => 'text/xml'}
-      body = '<?xml version="1.0" standalone="yes" ?><foo><bar>baz</bar></foo>'
-      response = double('response', :headers => headers, :body => body)
-      expect(described_class.new(response).parsed).to eq('foo' => {'bar' => 'baz'})
-    end
-  end
-end

data/spec/oauth2/strategy/assertion_spec.rb DELETED Viewed

@@ -1,113 +0,0 @@
-# frozen_string_literal: true
-require 'openssl'
-describe OAuth2::Strategy::Assertion do
-  let(:client_assertion) { client.assertion }
-  let(:client) do
-    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
-    cli.connection = Faraday.new(cli.site, cli.options[:connection_opts]) do |b|
-      b.request :url_encoded
-      b.adapter :test do |stub|
-        stub.post('/oauth/token') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
-          end
-        end
-      end
-    end
-    cli
-  end
-  let(:params) do
-    {
-      :hmac_secret => 'foo',
-      :exp => Time.now.utc.to_i + 3600,
-    }
-  end
-  describe '#authorize_url' do
-    it 'raises NotImplementedError' do
-      expect { client_assertion.authorize_url }.to raise_error(NotImplementedError)
-    end
-  end
-  %w[json formencoded].each do |mode|
-    before { @mode = mode }
-    shared_examples_for "get_token #{mode}" do
-      describe "#get_token (#{mode})" do
-        subject(:get_token) { client_assertion.get_token(params) }
-        it 'returns AccessToken with same Client' do
-          expect(get_token.client).to eq(client)
-        end
-        it 'returns AccessToken with #token' do
-          expect(get_token.token).to eq('salmon')
-        end
-        it 'returns AccessToken with #expires_in' do
-          expect(get_token.expires_in).to eq(600)
-        end
-        it 'returns AccessToken with #expires_at' do
-          expect(get_token.expires_at).not_to be_nil
-        end
-      end
-    end
-    it_behaves_like "get_token #{mode}"
-    describe "#build_assertion (#{mode})" do
-      context 'with hmac_secret' do
-        subject(:build_assertion) { client_assertion.build_assertion(params) }
-        let(:hmac_secret) { '1883be842495c3b58f68ca71fbf1397fbb9ed2fdf8990f8404a25d0a1b995943' }
-        let(:params) do
-          {
-            :iss => 2345,
-            :aud => 'too',
-            :prn => 'much',
-            :exp => 123_456_789,
-            :hmac_secret => hmac_secret,
-          }
-        end
-        let(:jwt) { 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOjIzNDUsImF1ZCI6InRvbyIsInBybiI6Im11Y2giLCJleHAiOjEyMzQ1Njc4OX0.GnZjgcdc5WSWKNW0p9S4GuhpBs3LJCEqjPm6turLG-c' }
-        it 'returns JWT' do
-          expect(build_assertion).to eq(jwt)
-        end
-        it_behaves_like "get_token #{mode}"
-      end
-      context 'with private_key' do
-        subject(:build_assertion) { client_assertion.build_assertion(params) }
-        let(:private_key_file) { 'spec/fixtures/RS256/jwtRS256.key' }
-        let(:password) { '' }
-        let(:private_key) { OpenSSL::PKey::RSA.new(File.read(private_key_file), password) }
-        let(:params) do
-          {
-            :iss => 2345,
-            :aud => 'too',
-            :prn => 'much',
-            :exp => 123_456_789,
-            :private_key => private_key,
-          }
-        end
-        let(:jwt) { 'eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOjIzNDUsImF1ZCI6InRvbyIsInBybiI6Im11Y2giLCJleHAiOjEyMzQ1Njc4OX0.vJ32OiPVMdJrlNkPw02Y9u6beiFY0Mfndhg_CkEDLtOYn8dscQIEpWoR4GzH8tiQVOQ1fOkqxE95tNIKOTjnIoskmYnfzhzIl9fnfQ_lsEuLC-nq45KhPzSM2wYgF2ZEIjDq51daK70bRPzTBr1Id45cTY-jJSito0lbKXj2nPa_Gs-_vyEU2MSxjiMaIxxccfY4Ow5zN3AUMTKp6LjrpDKFxag3fJ1nrb6iDATa504gyJHVLift3ovhAwYidkA81WnmEtISWBY904CKIcZD9Cx3ifS5bc3JaLAteIBKAAyD8o7D60vOKutsjCMHUCKL357BQ36bW7fmaEtW367Ri-xgOsCY0_HeWp991vrJ-DxhFPeuF-8hn_9KggBzKbA2eKEOOY4iDKSFwjWQUFOcRdvHw9RgbGt0IjY3wdo8CaJVlhynh54YlaLgOFhTBPeMgZdqQUHOztljaK9zubeVkrDGNnGuSuq0KR82KArb1x2z7XyZpxiV5ZatP9SNyhn-YIWk7UeQYXaS0UfsBX7L5T1y_FZj84r7Vl42lj1DfdR5DyGvHfZyHotTnejdIrDuQfDL_bGe24eHsilzuEFaajYmu10hxflZ6Apm-lekRRV47tbxTF1zI5we14XsTeklrTXqgDkSw6gyOoNUJm-cQkJpfdvBgUHYGInC1ttz7NU' }
-        it 'returns JWT' do
-          expect(build_assertion).to eq(jwt)
-        end
-        it_behaves_like "get_token #{mode}"
-      end
-    end
-  end
-end

data/spec/oauth2/strategy/auth_code_spec.rb DELETED Viewed

@@ -1,108 +0,0 @@
-# encoding: utf-8
-# frozen_string_literal: true
-describe OAuth2::Strategy::AuthCode do
-  subject { client.auth_code }
-  let(:code) { 'sushi' }
-  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout&extra_param=steve' }
-  let(:facebook_token) { kvform_token.gsub('_in', '') }
-  let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'steve') }
-  let(:client) do
-    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
-      builder.adapter :test do |stub|
-        stub.get("/oauth/token?client_id=abc&client_secret=def&code=#{code}&grant_type=authorization_code") do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          when 'from_facebook'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
-          end
-        end
-        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'code' => 'sushi', 'grant_type' => 'authorization_code') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          when 'from_facebook'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, facebook_token]
-          end
-        end
-      end
-    end
-  end
-  describe '#authorize_url' do
-    it 'includes the client_id' do
-      expect(subject.authorize_url).to include('client_id=abc')
-    end
-    it 'includes the type' do
-      expect(subject.authorize_url).to include('response_type=code')
-    end
-    it 'includes passed in options' do
-      cb = 'http://myserver.local/oauth/callback'
-      expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
-    end
-  end
-  describe '#get_token (handling utf-8 data)' do
-    let(:json_token) { MultiJson.encode(:expires_in => 600, :access_token => 'salmon', :refresh_token => 'trout', :extra_param => 'André') }
-    before do
-      @mode = 'json'
-      client.options[:token_method] = :post
-    end
-    it 'does not raise an error' do
-      expect { subject.get_token(code) }.not_to raise_error
-    end
-    it 'does not create an error instance' do
-      expect(OAuth2::Error).not_to receive(:new)
-      subject.get_token(code)
-    end
-  end
-  %w[json formencoded from_facebook].each do |mode|
-    [:get, :post].each do |verb|
-      describe "#get_token (#{mode}, access_token_method=#{verb}" do
-        before do
-          @mode = mode
-          client.options[:token_method] = verb
-          @access = subject.get_token(code)
-        end
-        it 'returns AccessToken with same Client' do
-          expect(@access.client).to eq(client)
-        end
-        it 'returns AccessToken with #token' do
-          expect(@access.token).to eq('salmon')
-        end
-        it 'returns AccessToken with #refresh_token' do
-          expect(@access.refresh_token).to eq('trout')
-        end
-        it 'returns AccessToken with #expires_in' do
-          expect(@access.expires_in).to eq(600)
-        end
-        it 'returns AccessToken with #expires_at' do
-          expect(@access.expires_at).to be_kind_of(Integer)
-        end
-        it 'returns AccessToken with params accessible via []' do
-          expect(@access['extra_param']).to eq('steve')
-        end
-      end
-    end
-  end
-end

data/spec/oauth2/strategy/base_spec.rb DELETED Viewed

@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-describe OAuth2::Strategy::Base do
-  it 'initializes with a Client' do
-    expect { described_class.new(OAuth2::Client.new('abc', 'def')) }.not_to raise_error
-  end
-end

data/spec/oauth2/strategy/client_credentials_spec.rb DELETED Viewed

@@ -1,71 +0,0 @@
-# frozen_string_literal: true
-describe OAuth2::Strategy::ClientCredentials do
-  subject { client.client_credentials }
-  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout' }
-  let(:json_token) { '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}' }
-  let(:client) do
-    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
-      builder.adapter :test do |stub|
-        stub.post('/oauth/token', 'grant_type' => 'client_credentials') do |env|
-          client_id, client_secret = Base64.decode64(env[:request_headers]['Authorization'].split(' ', 2)[1]).split(':', 2)
-          (client_id == 'abc' && client_secret == 'def') || raise(Faraday::Adapter::Test::Stubs::NotFound)
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          end
-        end
-        stub.post('/oauth/token', 'client_id' => 'abc', 'client_secret' => 'def', 'grant_type' => 'client_credentials') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, json_token]
-          end
-        end
-      end
-    end
-  end
-  describe '#authorize_url' do
-    it 'raises NotImplementedError' do
-      expect { subject.authorize_url }.to raise_error(NotImplementedError)
-    end
-  end
-  %w[json formencoded].each do |mode|
-    [:basic_auth, :request_body].each do |auth_scheme|
-      describe "#get_token (#{mode}) (#{auth_scheme})" do
-        before do
-          @mode = mode
-          client.options[:auth_scheme] = auth_scheme
-          @access = subject.get_token
-        end
-        it 'returns AccessToken with same Client' do
-          expect(@access.client).to eq(client)
-        end
-        it 'returns AccessToken with #token' do
-          expect(@access.token).to eq('salmon')
-        end
-        it 'returns AccessToken without #refresh_token' do
-          expect(@access.refresh_token).to be_nil
-        end
-        it 'returns AccessToken with #expires_in' do
-          expect(@access.expires_in).to eq(600)
-        end
-        it 'returns AccessToken with #expires_at' do
-          expect(@access.expires_at).not_to be_nil
-        end
-      end
-    end
-  end
-end

data/spec/oauth2/strategy/implicit_spec.rb DELETED Viewed

@@ -1,28 +0,0 @@
-# frozen_string_literal: true
-describe OAuth2::Strategy::Implicit do
-  subject { client.implicit }
-  let(:client) { OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') }
-  describe '#authorize_url' do
-    it 'includes the client_id' do
-      expect(subject.authorize_url).to include('client_id=abc')
-    end
-    it 'includes the type' do
-      expect(subject.authorize_url).to include('response_type=token')
-    end
-    it 'includes passed in options' do
-      cb = 'http://myserver.local/oauth/callback'
-      expect(subject.authorize_url(:redirect_uri => cb)).to include("redirect_uri=#{Rack::Utils.escape(cb)}")
-    end
-  end
-  describe '#get_token' do
-    it 'raises NotImplementedError' do
-      expect { subject.get_token }.to raise_error(NotImplementedError)
-    end
-  end
-end

data/spec/oauth2/strategy/password_spec.rb DELETED Viewed

@@ -1,58 +0,0 @@
-# frozen_string_literal: true
-describe OAuth2::Strategy::Password do
-  subject { client.password }
-  let(:client) do
-    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
-    cli.connection = Faraday.new(cli.site, cli.options[:connection_opts]) do |b|
-      b.request :url_encoded
-      b.adapter :test do |stub|
-        stub.post('/oauth/token') do |env|
-          case @mode
-          when 'formencoded'
-            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, 'expires_in=600&access_token=salmon&refresh_token=trout']
-          when 'json'
-            [200, {'Content-Type' => 'application/json'}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
-          end
-        end
-      end
-    end
-    cli
-  end
-  describe '#authorize_url' do
-    it 'raises NotImplementedError' do
-      expect { subject.authorize_url }.to raise_error(NotImplementedError)
-    end
-  end
-  %w[json formencoded].each do |mode|
-    describe "#get_token (#{mode})" do
-      before do
-        @mode = mode
-        @access = subject.get_token('username', 'password')
-      end
-      it 'returns AccessToken with same Client' do
-        expect(@access.client).to eq(client)
-      end
-      it 'returns AccessToken with #token' do
-        expect(@access.token).to eq('salmon')
-      end
-      it 'returns AccessToken with #refresh_token' do
-        expect(@access.refresh_token).to eq('trout')
-      end
-      it 'returns AccessToken with #expires_in' do
-        expect(@access.expires_in).to eq(600)
-      end
-      it 'returns AccessToken with #expires_at' do
-        expect(@access.expires_at).not_to be_nil
-      end
-    end
-  end
-end

data/spec/oauth2/version_spec.rb DELETED Viewed

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-RSpec.describe OAuth2::Version do
-  it 'has a version number' do
-    expect(described_class).not_to be nil
-  end
-  it 'can be a string' do
-    expect(described_class.to_s).to be_a(String)
-  end
-  it 'allows Constant access' do
-    expect(described_class::VERSION).to be_a(String)
-  end
-  it 'is greater than 0.1.0' do
-    expect(Gem::Version.new(described_class) > Gem::Version.new('0.1.0')).to be(true)
-  end
-  it 'is not a pre-release' do
-    expect(Gem::Version.new(described_class).prerelease?).to be(false)
-  end
-end