oauth2 0.0.1

data/.document

@@ -0,0 +1,5 @@
+README.rdoc
+lib/**/*.rb
+bin/*
+features/**/*.feature
+LICENSE

data/.gitignore

@@ -0,0 +1,24 @@
+.rvmrc
+/live
+
+## MAC OS
+.DS_Store
+
+## TEXTMATE
+*.tmproj
+tmtags
+
+## EMACS
+*~
+\#*
+.\#*
+
+## VIM
+*.swp
+
+## PROJECT::GENERAL
+coverage
+rdoc
+pkg
+
+## PROJECT::SPECIFIC

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 Michael Bleigh
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,61 @@
+= OAuth2
+
+A Ruby wrapper for the OAuth 2.0 specification. This is a work in progress, being built first to solve the pragmatic process of connecting to existing OAuth 2.0 endpoints (a.k.a. Facebook) with the goal of building it up to meet the entire specification over time.
+
+== Installation
+
+    gem install oauth2
+   
+== Web Server Example (Sinatra)
+
+Below is a fully functional example of a Sinatra application that would authenticate to Facebook utilizing the OAuth 2.0 web server flow.
+
+    require 'rubygems'
+    require 'sinatra'
+    require 'oauth2'
+    require 'json'
+
+    def client
+      OAuth2::Client.new('5a816feeea97e6c7188a12f8e98a2c0f', 'd04fafd7d173b0e80853adab158fbd1f', :site => 'https://graph.facebook.com')
+    end
+    
+    get '/auth/facebook' do
+      redirect client.web_server.authorize_url(
+        :redirect_uri => redirect_uri, 
+        :scope => 'email,offline_access'
+      )
+    end
+
+    get '/auth/facebook/callback' do
+      begin
+        access_token = client.web_server.access_token(params[:code], :redirect_uri => redirect_uri)
+        user = JSON.parse(access_token.get('/me'))
+      rescue OAuth2::ErrorWithResponse => e
+        raise e.response.body
+      end
+
+      user.inspect
+    end
+
+    def redirect_uri
+      uri = URI.parse(request.url)
+      uri.path = '/auth/facebook/callback'
+      uri.query = nil
+      uri.to_s
+    end
+    
+That's all there is to it! You can use the access token like you would with the OAuth gem, calling HTTP verbs on it etc.
+
+== Note on Patches/Pull Requests
+ 
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a
+  future version unintentionally.
+* Commit, do not mess with rakefile, version, or history.
+  (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
+* Send me a pull request. Bonus points for topic branches.
+
+== Copyright
+
+Copyright (c) 2010 Michael Bleigh. See LICENSE for details.

data/Rakefile

@@ -0,0 +1,45 @@
+require 'rubygems'
+require 'rake'
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |gem|
+    gem.name = "oauth2"
+    gem.summary = %Q{A Ruby wrapper for the OAuth 2.0 protocol.}
+    gem.description = %Q{A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth gem.}
+    gem.email = "michael@intridea.com"
+    gem.homepage = "http://github.com/intridea/oauth2"
+    gem.authors = ["Michael Bleigh"]
+    gem.add_development_dependency "rspec", ">= 1.2.9"
+    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
+  end
+  Jeweler::GemcutterTasks.new
+rescue LoadError
+  puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
+end
+
+require 'spec/rake/spectask'
+Spec::Rake::SpecTask.new(:spec) do |spec|
+  spec.libs << 'lib' << 'spec'
+  spec.spec_files = FileList['spec/**/*_spec.rb']
+end
+
+Spec::Rake::SpecTask.new(:rcov) do |spec|
+  spec.libs << 'lib' << 'spec'
+  spec.pattern = 'spec/**/*_spec.rb'
+  spec.rcov = true
+end
+
+task :spec => :check_dependencies
+
+task :default => :spec
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "oauth2 #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/VERSION

@@ -0,0 +1 @@
+0.0.1

data/lib/oauth2.rb

@@ -0,0 +1,11 @@
+module OAuth2
+  class ErrorWithResponse < StandardError; attr_accessor :response end
+  class AccessDenied < ErrorWithResponse; end
+  class HTTPError < ErrorWithResponse; end
+end
+
+require 'oauth2/uri'
+require 'oauth2/client'
+require 'oauth2/strategy/base'
+require 'oauth2/strategy/web_server'
+require 'oauth2/access_token'

data/lib/oauth2/access_token.rb

@@ -0,0 +1,28 @@
+module OAuth2
+  class AccessToken
+    def initialize(client, token)
+      @client = client
+      @token = token
+    end
+    
+    def request(verb, path, params = {}, headers = {})
+      @client.request(verb, path, params.merge('access_token' => @token), headers)
+    end
+    
+    def get(path, params = {}, headers = {})
+      request(:get, path, params, headers)
+    end
+    
+    def post(path, params = {}, headers = {})
+      request(:post, path, params, headers)
+    end
+    
+    def put(path, params = {}, headers = {})
+      request(:put, path, params, headers)
+    end
+    
+    def delete(path, params = {}, headers = {})
+      request(:delete, path, params, headers)
+    end
+  end
+end

data/lib/oauth2/client.rb

@@ -0,0 +1,84 @@
+require 'net/https'
+
+module OAuth2
+  class Client
+    attr_accessor :id, :secret, :site, :options
+    
+    # Instantiate a new OAuth 2.0 client using the
+    # client ID and client secret registered to your
+    # application.
+    #
+    # Options:
+    #
+    # <tt>:site</tt> :: Specify a base URL for your OAuth 2.0 client.
+    # <tt>:authorize_path</tt> :: Specify the path to the authorization endpoint.
+    # <tt>:authorize_url</tt> :: Specify a full URL of the authorization endpoint.
+    # <tt>:access_token_path</tt> :: Specify the path to the access token endpoint.
+    # <tt>:access_token_url</tt> :: Specify the full URL of the access token endpoint.
+    def initialize(client_id, client_secret, opts = {})
+      self.id = client_id
+      self.secret = client_secret
+      self.site = opts.delete(:site) if opts[:site]
+      self.options = opts
+    end
+    
+    def authorize_url
+      return options[:authorize_url] if options[:authorize_url]
+
+      uri = URI.parse(site)
+      uri.path = options[:authorize_path] || "/oauth/authorize"
+      uri.to_s
+    end
+    
+    def access_token_url
+      return options[:access_token_url] if options[:access_token_url]
+
+      uri = URI.parse(site)
+      uri.path = options[:access_token_path] || "/oauth/access_token"
+      uri.to_s
+    end
+    
+    def request(verb, url_or_path, params = {}, headers = {})
+      if url_or_path[0..3] == 'http'
+        uri = URI.parse(url_or_path)
+        path = uri.path
+      else
+        uri = URI.parse(self.site)
+        path = (uri.path + url_or_path).gsub('//','/')
+      end
+      
+      net = Net::HTTP.new(uri.host, uri.port)
+      net.use_ssl = (uri.scheme == 'https')
+      
+      net.start do |http|
+        if verb == :get
+          uri.query_hash = uri.query_hash.merge(params)
+          path += "?#{uri.query}"
+        end
+        
+        req = Net::HTTP.const_get(verb.to_s.capitalize).new(path, headers)
+        
+        unless verb == :get
+          req.set_form_data(params)
+        end
+        
+        response = http.request(req)
+        
+        case response
+          when Net::HTTPSuccess
+            response.body
+          when Net::HTTPUnauthorized
+            e = OAuth2::AccessDenied.new("Received HTTP 401 when retrieving access token.")
+            e.response = response
+            raise e
+          else
+            e = OAuth2::HTTPError.new("Received HTTP #{response.code} when retrieving access token.")
+            e.response = response
+            raise e
+        end
+      end
+    end
+    
+    def web_server; OAuth2::Strategy::WebServer.new(self) end
+  end
+end

data/lib/oauth2/strategy/base.rb

@@ -0,0 +1,33 @@
+module OAuth2
+  module Strategy
+    class Base #:nodoc:
+      def initialize(client)#:nodoc:
+        @client = client
+      end
+    
+      def authorize_url(options = {}) #:nodoc:
+        uri = URI.parse(@client.authorize_url)
+        uri.query_hash = authorize_params(options)
+        uri.to_s
+      end
+    
+      def authorize_params(options = {}) #:nodoc:
+        options = options.inject({}){|h,(k,v)| h[k.to_s] = v; h}
+        {'client_id' => @client.id}.merge(options)
+      end
+      
+      def access_token_url(options = {})
+        uri = URI.parse(@client.access_token_url)
+        uri.query_hash = access_token_params(options)
+        uri.to_s
+      end
+      
+      def access_token_params(options = {})
+        {
+          'client_id' => @client.id,
+          'client_secret' => @client.secret
+        }.merge(options)
+      end
+    end
+  end
+end

data/lib/oauth2/strategy/web_server.rb

@@ -0,0 +1,22 @@
+module OAuth2
+  module Strategy
+    class WebServer < Base
+      def authorize_params(options = {}) #:nodoc:
+        super(options).merge('type' => 'web_server')
+      end
+      
+      def access_token(code, options = {})
+        response = @client.request(:get, @client.access_token_url, access_token_params(code, options))
+        token = response.split('&').inject({}){|h,kv| (k,v) = kv.split('='); h[k] = v; h}['access_token']
+        OAuth2::AccessToken.new(@client, token)
+      end
+      
+      def access_token_params(code, options = {})
+        super(options).merge({
+          'type' => 'web_server',
+          'code' => code
+        })
+      end
+    end
+  end
+end

data/lib/oauth2/uri.rb

@@ -0,0 +1,14 @@
+require 'uri'
+require 'cgi'
+
+module URI
+  class Generic
+    def query_hash
+      CGI.parse(self.query || '').inject({}){|hash, (k,v)| hash[k] = (v.size == 1 ? v.first : v); hash}
+    end
+    
+    def query_hash=(hash)
+      self.query = hash.map{|(k,v)| "#{k}=#{CGI.escape(v)}"}.join('&')
+    end
+  end
+end

data/spec/oauth2/client_spec.rb

@@ -0,0 +1,38 @@
+require 'spec_helper'
+
+describe OAuth2::Client do
+  subject{ OAuth2::Client.new('abc','def', :site => 'https://api.example.com')}
+  
+  describe '#initialize' do
+    it 'should assign id and secret' do
+      subject.id.should == 'abc'
+      subject.secret.should == 'def'
+    end
+    
+    it 'should assign site from the options hash' do
+      subject.site.should == 'https://api.example.com'
+    end
+  end
+  
+  %w(authorize access_token).each do |path_type|
+    describe "##{path_type}_url" do
+      it "should default to a path of /oauth/#{path_type}" do
+        subject.send("#{path_type}_url").should == "https://api.example.com/oauth/#{path_type}"
+      end
+    
+      it "should be settable via the :#{path_type}_path option" do
+        subject.options[:"#{path_type}_path"] = '/oauth/custom'
+        subject.send("#{path_type}_url").should == 'https://api.example.com/oauth/custom'
+      end
+    
+      it "should be settable via the :#{path_type}_url option" do
+        subject.options[:"#{path_type}_url"] = 'https://abc.com/authorize'
+        subject.send("#{path_type}_url").should == 'https://abc.com/authorize'
+      end
+    end
+  end
+  
+  it '#web_server should instantiate a WebServer strategy with this client' do
+    subject.web_server.should be_kind_of(OAuth2::Strategy::WebServer)
+  end
+end

data/spec/oauth2/strategy/base_spec.rb

@@ -0,0 +1,7 @@
+require 'spec_helper'
+
+describe OAuth2::Strategy::Base do
+  it 'should initialize with a Client' do
+    lambda{ OAuth2::Strategy::Base.new(OAuth2::Client.new('abc','def')) }.should_not raise_error
+  end
+end

data/spec/oauth2/strategy/web_server_spec.rb

@@ -0,0 +1,20 @@
+require 'spec_helper'
+
+describe OAuth2::Strategy::WebServer do
+  let(:client){ OAuth2::Client.new('abc','def', :site => 'http://api.example.com') }
+  subject { client.web_server }
+  describe '#authorize_url' do
+    it 'should include the client_id' do
+      subject.authorize_url.should be_include('client_id=abc')
+    end
+    
+    it 'should include the type' do
+      subject.authorize_url.should be_include('type=web_server')
+    end
+    
+    it 'should include passed in options' do
+      cb = 'http://myserver.local/oauth/callback'
+      subject.authorize_url(:redirect_uri => cb).should be_include("redirect_uri=#{CGI.escape(cb)}")
+    end
+  end
+end

data/spec/oauth2/uri_spec.rb

@@ -0,0 +1,29 @@
+require 'spec_helper'
+
+describe URI::Generic do
+  subject{ URI.parse('http://example.com')}
+  
+  describe '#query_hash' do
+    it 'should be a hash of the query parameters' do
+      subject.query_hash.should == {}
+      subject.query = 'abc=def&foo=123'
+      subject.query_hash.should == {'abc' => 'def', 'foo' => '123'}
+    end
+  end
+  
+  describe '#query_hash=' do
+    it 'should set the query' do
+      subject.query_hash = {'abc' => 'def'}
+      subject.query.should == 'abc=def'
+      subject.query_hash = {'abc' => 'foo', 'bar' => 'baz'}
+      subject.query.should be_include('abc=foo')
+      subject.query.should be_include('bar=baz')
+      subject.query.split('&').size.should == 2
+    end
+    
+    it 'should escape stuff' do
+      subject.query_hash = {'abc' => '$%!!'}
+      subject.query.should == "abc=#{CGI.escape('$%!!')}"
+    end
+  end
+end

data/spec/spec.opts

@@ -0,0 +1,2 @@
+--color
+--backtrace

data/spec/spec_helper.rb

@@ -0,0 +1,9 @@
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+require 'oauth2'
+require 'spec'
+require 'spec/autorun'
+
+Spec::Runner.configure do |config|
+  
+end

data/specs.watchr

@@ -0,0 +1,61 @@
+# Run me with:
+#
+#   $ watchr specs.watchr
+ 
+# --------------------------------------------------
+# Convenience Methods
+# --------------------------------------------------
+def all_test_files
+  Dir['spec/**/*_spec.rb']
+end
+ 
+def run_test_matching(thing_to_match)
+  matches = all_test_files.grep(/#{thing_to_match}/i)
+  if matches.empty?
+    puts "Sorry, thanks for playing, but there were no matches for #{thing_to_match}"  
+  else
+    run matches.join(' ')
+  end
+end
+ 
+def run(files_to_run)
+  puts("Running: #{files_to_run}")
+  system("clear;spec -cfs --backtrace #{files_to_run}")
+  no_int_for_you
+end
+ 
+def run_all_tests
+  # system("clear;rake spec")
+  run(all_test_files.join(' '))
+end
+ 
+# --------------------------------------------------
+# Watchr Rules
+# --------------------------------------------------
+watch('^spec/(.*)_spec\.rb')   { |m| run_test_matching(m[1]) }
+watch('^lib/(.*)\.rb')         { |m| run_test_matching(m[1]) }
+watch('^sites/(.*)\.rb')         { |m| run_test_matching(m[1]) }
+watch('^spec/spec_helper\.rb') { run_all_tests }
+watch('^spec/support/.*\.rb')   { run_all_tests }
+ 
+# --------------------------------------------------
+# Signal Handling
+# --------------------------------------------------
+ 
+def no_int_for_you
+  @sent_an_int = nil
+end
+ 
+Signal.trap 'INT' do
+  if @sent_an_int then      
+    puts "   A second INT?  Ok, I get the message.  Shutting down now."
+    exit
+  else
+    puts "   Did you just send me an INT? Ugh.  I'll quit for real if you do it again."
+    @sent_an_int = true
+    Kernel.sleep 1.5
+    run_all_tests
+  end
+end
+ 
+# vim:ft=ruby

metadata

@@ -0,0 +1,98 @@
+--- !ruby/object:Gem::Specification 
+name: oauth2
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- Michael Bleigh
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-04-22 00:00:00 -04:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        segments: 
+        - 1
+        - 2
+        - 9
+        version: 1.2.9
+  type: :development
+  version_requirements: *id001
+description: A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth gem.
+email: michael@intridea.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- LICENSE
+- README.rdoc
+files: 
+- .document
+- .gitignore
+- LICENSE
+- README.rdoc
+- Rakefile
+- VERSION
+- lib/oauth2.rb
+- lib/oauth2/access_token.rb
+- lib/oauth2/client.rb
+- lib/oauth2/strategy/base.rb
+- lib/oauth2/strategy/web_server.rb
+- lib/oauth2/uri.rb
+- spec/oauth2/client_spec.rb
+- spec/oauth2/strategy/base_spec.rb
+- spec/oauth2/strategy/web_server_spec.rb
+- spec/oauth2/uri_spec.rb
+- spec/spec.opts
+- spec/spec_helper.rb
+- specs.watchr
+has_rdoc: true
+homepage: http://github.com/intridea/oauth2
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.6
+signing_key: 
+specification_version: 3
+summary: A Ruby wrapper for the OAuth 2.0 protocol.
+test_files: 
+- spec/oauth2/client_spec.rb
+- spec/oauth2/strategy/base_spec.rb
+- spec/oauth2/strategy/web_server_spec.rb
+- spec/oauth2/uri_spec.rb
+- spec/spec_helper.rb