oauth2 0.2.0 → 0.3.0

data/.gitignore

@@ -32,3 +32,4 @@ Gemfile.lock
 coverage.data
 
 ## PROJECT::SPECIFIC
+.svn

data/.travis.yml

@@ -0,0 +1,7 @@
+rvm:
+  - 1.8.7
+  - 1.9.1
+  - 1.9.2
+  - jruby
+  - rbx
+  - ree

data/{CHANGELOG.rdoc → CHANGELOG.md}

@@ -1,22 +1,22 @@
-== 0.0.10 (June 19)
-
+0.0.10 - June 19, 2010
+----------------------
 * Handle ActiveSupport JSON case where incompatible string does not raise an error. (via Flameeyes)
 * Depend on latest version of MultiJSON.
 
-== 0.0.9 (June 18)
-
+0.0.9 - June 18, 2010
+---------------------
 * Support a JSON token response with swappable JSON parser via MultiJSON.
 * Add support for "expires_in" parameter and relevant methods on AccessToken.
 
-== 0.0.8 (April 27)
-
+0.0.8 - April 27, 2010
+----------------------
 * Change get_request_token to use POST to conform to OAuth 2.0 spec. (via jeremy)
 
-== 0.0.7 (April 27)
-
+0.0.7 - April 27, 2010
+----------------------
 * Updating Faraday dependency for improved SSL support (via technoweenie)
 
-== 0.0.6 (April 25)
-
+0.0.6 - April 25, 2010
+----------------------
 * Added ResponseString so as not to throw away response information when making requests.
-* Deprecated #access_token on WebServer strategy in favor of #get_access_token
+* Deprecated #access_token on WebServer strategy in favor of #get_access_token

data/{LICENSE → LICENSE.md}

@@ -1,4 +1,4 @@
-Copyright (c) 2009 Intridea, Inc. and Michael Bleigh
+Copyright (c) 2011 Intridea, Inc. and Michael Bleigh
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -0,0 +1,95 @@
+OAuth2
+======
+A Ruby wrapper for the OAuth 2.0 specification. This is a work in progress, being built first to solve the pragmatic process of connecting to existing OAuth 2.0 endpoints (a.k.a. Facebook) with the goal of building it up to meet the entire specification over time.
+
+Installation
+------------
+    gem install oauth2
+
+Continuous Integration
+----------------------
+[![Build Status](http://travis-ci.org/intridea/oauth2.png)](http://travis-ci.org/intridea/oauth2)
+
+Resources
+---------
+* View Source on GitHub (https://github.com/intridea/oauth2)
+* Report Issues on GitHub (https://github.com/intridea/oauth2/issues)
+* Read More at the Wiki (https://wiki.github.com/intridea/oauth2)
+
+Web Server Example (Sinatra)
+----------------------------
+Below is a fully functional example of a Sinatra application that would authenticate to Facebook utilizing the OAuth 2.0 web server flow.
+
+    require 'rubygems'
+    require 'sinatra'
+    require 'oauth2'
+    require 'json'
+    
+    def client
+      OAuth2::Client.new('app_id', 'app_secret', :site => 'https://graph.facebook.com')
+    end
+    
+    get '/auth/facebook' do
+      redirect client.web_server.authorize_url(
+        :redirect_uri => redirect_uri,
+        :scope => 'email,offline_access'
+      )
+    end
+    
+    get '/auth/facebook/callback' do
+      access_token = client.web_server.get_access_token(params[:code], :redirect_uri => redirect_uri)
+      user = JSON.parse(access_token.get('/me'))
+      user.inspect
+    end
+    
+    def redirect_uri
+      uri = URI.parse(request.url)
+      uri.path = '/auth/facebook/callback'
+      uri.query = nil
+      uri.to_s
+    end
+
+That's all there is to it! You can use the access token like you would with the
+OAuth gem, calling HTTP verbs on it etc. You can view more examples on the [OAuth2
+Wiki](http://wiki.github.com/intridea/oauth2/examples).
+
+JSON Parsing
+------------
+Because JSON has become the standard format of the OAuth 2.0 specification,
+the <tt>oauth2</tt> gem contains a mode that will perform automatic parsing
+of JSON response bodies, returning a hash instead of a string. To enable this
+mode, simply add the <tt>:parse_json</tt> option to your client initialization:
+
+    client = OAuth2::Client.new(
+      'app_id',
+      'app_secret',
+      :site => 'https://example.com',
+      :parse_json => true,
+    )
+    
+    # Obtain an access token using the client
+    token.get('/some/url.json') #=> {"some" => "hash"}
+
+Testing
+-------
+To use the OAuth2 client for testing error conditions do:
+
+    my_client.raise_errors = false
+
+It will then return the error status and response instead of raising an exception.
+
+Note on Patches/Pull Requests
+-----------------------------
+1. Fork the project.
+2. Create a topic branch.
+3. Implement your feature or bug fix.
+4. Add documentation for your feature or bug fix.
+5. Add specs for your feature or bug fix.
+6. Run <tt>bundle exec rake spec</tt>. If your changes are not 100% covered, go back to step 5.
+7. Commit and push your changes.
+8. Submit a pull request. Please do not include changes to the [gemspec](https://github.com/intridea/oauth2/blob/master/oauth2.gemspec), [version](https://github.com/intridea/oauth2/blob/master/lib/oauth2/version.rb), or [changelog](https://github.com/intridea/oauth2/blob/master/CHANGELOG.md) file. (If you want to create your own version for some reason, please do so in a separate commit.)
+
+Copyright
+---------
+Copyright (c) 2011 Intridea, Inc. and Michael Bleigh.
+See [LICENSE](https://github.com/intridea/oauth2/blob/master/LICENSE.md) for details.

data/lib/oauth2.rb

@@ -7,5 +7,6 @@ end
 require 'oauth2/client'
 require 'oauth2/strategy/base'
 require 'oauth2/strategy/web_server'
+require 'oauth2/strategy/password'
 require 'oauth2/access_token'
 require 'oauth2/response_object'

data/lib/oauth2/access_token.rb

@@ -1,9 +1,9 @@
 module OAuth2
   class AccessToken
-    attr_reader :client, :token, :refresh_token, :expires_in, :expires_at
+    attr_reader :client, :token, :refresh_token, :expires_in, :expires_at, :params
     attr_accessor :token_param
 
-    def initialize(client, token, refresh_token = nil, expires_in = nil, params = {})
+    def initialize(client, token, refresh_token=nil, expires_in=nil, params={})
       @client = client
       @token = token.to_s
       @refresh_token = refresh_token.to_s
@@ -26,25 +26,25 @@ module OAuth2
       expires? && expires_at < Time.now
     end
 
-    def request(verb, path, params = {}, headers = {})
+    def request(verb, path, params={}, headers={})
       params = params.merge token_param => @token
       headers = headers.merge 'Authorization' => "OAuth #{@token}"
       @client.request(verb, path, params, headers)
     end
 
-    def get(path, params = {}, headers = {})
+    def get(path, params={}, headers={})
       request(:get, path, params, headers)
     end
 
-    def post(path, params = {}, headers = {})
+    def post(path, params={}, headers={})
       request(:post, path, params, headers)
     end
 
-    def put(path, params = {}, headers = {})
+    def put(path, params={}, headers={})
       request(:put, path, params, headers)
     end
 
-    def delete(path, params = {}, headers = {})
+    def delete(path, params={}, headers={})
       request(:delete, path, params, headers)
     end
   end

data/lib/oauth2/client.rb

@@ -2,7 +2,7 @@ require 'faraday'
 
 module OAuth2
   class Client
-    attr_accessor :id, :secret, :site, :connection, :options
+    attr_accessor :id, :secret, :site, :connection, :options, :raise_errors
     attr_writer :json
 
     # Instantiate a new OAuth 2.0 client using the
@@ -17,32 +17,41 @@ module OAuth2
     # <tt>:access_token_path</tt> :: Specify the path to the access token endpoint.
     # <tt>:access_token_url</tt> :: Specify the full URL of the access token endpoint.
     # <tt>:parse_json</tt> :: If true, <tt>application/json</tt> responses will be automatically parsed.
-    def initialize(client_id, client_secret, opts = {})
-      adapter         = opts.delete(:adapter)
-      self.id         = client_id
-      self.secret     = client_secret
-      self.site       = opts.delete(:site) if opts[:site]
-      self.options    = opts
-      self.connection = Faraday::Connection.new(site)
-      self.json       = opts.delete(:parse_json)
+    # <tt>:ssl</tt> :: Specify SSL options for the connection.
+    # <tt>:adapter</tt> :: The name of the Faraday::Adapter::* class to use, e.g. :net_http. To pass arguments
+    # to the adapter pass an array here, e.g. [:action_dispatch, my_test_session]
+    # <tt>:raise_errors</tt> :: Default true. When false it will then return the error status and response instead of raising an exception.
+    def initialize(client_id, client_secret, opts={})
+      self.options      = opts.dup
+      adapter           = self.options.delete(:adapter)
+      ssl_opts          = self.options.delete(:ssl) || {}
+      connection_opts   = ssl_opts ? {:ssl => ssl_opts} : {}
+      self.id           = client_id
+      self.secret       = client_secret
+      self.site         = self.options.delete(:site) if self.options[:site]
+      self.connection   = Faraday::Connection.new(site, connection_opts)
+      self.json         = self.options.delete(:parse_json)
+      self.raise_errors = !(self.options.delete(:raise_errors) == false)
 
       if adapter && adapter != :test
-        connection.build { |b| b.adapter(adapter) }
+        connection.build do |b|
+          b.adapter(*[adapter].flatten)
+        end
       end
     end
 
-    def authorize_url(params = nil)
+    def authorize_url(params=nil)
       path = options[:authorize_url] || options[:authorize_path] || "/oauth/authorize"
       connection.build_url(path, params).to_s
     end
 
-    def access_token_url(params = nil)
+    def access_token_url(params=nil)
       path = options[:access_token_url] || options[:access_token_path] || "/oauth/access_token"
       connection.build_url(path, params).to_s
     end
 
     # Makes a request relative to the specified site root.
-    def request(verb, url, params = {}, headers = {})
+    def request(verb, url, params={}, headers={})
       if verb == :get
         resp = connection.run_request(verb, url, nil, headers) do |req|
           req.params.update(params)
@@ -51,26 +60,37 @@ module OAuth2
         resp = connection.run_request(verb, url, params, headers)
       end
 
-      case resp.status
-        when 200..299
-          if json?
-            return ResponseObject.from(resp)
+      if raise_errors
+        case resp.status
+          when 200...299
+            return response_for(resp)
+          when 401
+            e = OAuth2::AccessDenied.new("Received HTTP 401 during request.")
+            e.response = resp
+            raise e
           else
-            return ResponseString.new(resp)
-          end
-        when 401
-          e = OAuth2::AccessDenied.new("Received HTTP 401 during request.")
-          e.response = resp
-          raise e
-        else
-          e = OAuth2::HTTPError.new("Received HTTP #{resp.status} during request.")
-          e.response = resp
-          raise e
+            e = OAuth2::HTTPError.new("Received HTTP #{resp.status} during request.")
+            e.response = resp
+            raise e
+        end
+      else
+        response_for resp
       end
     end
 
     def json?; !!@json end
 
     def web_server; OAuth2::Strategy::WebServer.new(self) end
+    def password; OAuth2::Strategy::Password.new(self) end
+
+    private
+
+    def response_for(resp)
+      if json?
+        return ResponseObject.from(resp)
+      else
+        return ResponseString.new(resp)
+      end
+    end
   end
 end

data/lib/oauth2/strategy/base.rb

@@ -5,20 +5,20 @@ module OAuth2
         @client = client
       end
 
-      def authorize_url(options = {}) #:nodoc:
+      def authorize_url(options={}) #:nodoc:
         @client.authorize_url(authorize_params(options))
       end
 
-      def authorize_params(options = {}) #:nodoc:
+      def authorize_params(options={}) #:nodoc:
         options = options.inject({}){|h, (k, v)| h[k.to_s] = v; h}
         {'client_id' => @client.id}.merge(options)
       end
 
-      def access_token_url(options = {})
+      def access_token_url(options={})
         @client.access_token_url(access_token_params(options))
       end
 
-      def access_token_params(options = {})
+      def access_token_params(options={})
         {
           'client_id' => @client.id,
           'client_secret' => @client.secret

data/lib/oauth2/strategy/password.rb

@@ -0,0 +1,38 @@
+require 'multi_json'
+
+module OAuth2
+  module Strategy
+    class Password < Base
+      def authorize_url
+        raise NotImplementedError, "The authorization endpoint is not used in this strategy"
+      end
+      # Retrieve an access token given the specified validation code.
+      # Note that you must also provide a <tt>:redirect_uri</tt> option
+      # in order to successfully verify your request for most OAuth 2.0
+      # endpoints.
+      def get_access_token(username, password, options={})
+        response = @client.request(:post, @client.access_token_url, access_token_params(username, password, options))
+
+        params   = MultiJson.decode(response) rescue nil
+        # the ActiveSupport JSON parser won't cause an exception when
+        # given a formencoded string, so make sure that it was
+        # actually parsed in an Hash. This covers even the case where
+        # it caused an exception since it'll still be nil.
+        params   = Rack::Utils.parse_query(response) unless params.is_a? Hash
+
+        access   = params.delete('access_token')
+        refresh  = params.delete('refresh_token')
+        expires_in = params.delete('expires_in')
+        OAuth2::AccessToken.new(@client, access, refresh, expires_in, params)
+      end
+
+      def access_token_params(username, password, options={}) #:nodoc:
+        super(options).merge({
+          'grant_type'  => 'password',
+          'username'    => username,
+          'password'    => password
+        })
+      end
+    end
+  end
+end

data/lib/oauth2/strategy/web_server.rb

@@ -3,7 +3,7 @@ require 'multi_json'
 module OAuth2
   module Strategy
     class WebServer < Base
-      def authorize_params(options = {}) #:nodoc:
+      def authorize_params(options={}) #:nodoc:
         super(options).merge('response_type' => 'code')
       end
 
@@ -11,36 +11,31 @@ module OAuth2
       # Note that you must also provide a <tt>:redirect_uri</tt> option
       # in order to successfully verify your request for most OAuth 2.0
       # endpoints.
-      def get_access_token(code, options = {})
-        response = @client.request(:post, @client.access_token_url, access_token_params(code, options))
+      def get_access_token(code, options={})
+        response = @client.request(:get, @client.access_token_url, access_token_params(code, options))
 
         if response.is_a? Hash
-          params=response
+          params = response
         else
-          params   = MultiJson.decode(response) rescue nil
+          params = MultiJson.decode(response) rescue nil
           # the ActiveSupport JSON parser won't cause an exception when
           # given a formencoded string, so make sure that it was
           # actually parsed in an Hash. This covers even the case where
           # it caused an exception since it'll still be nil.
-          params   = Rack::Utils.parse_query(response) unless params.is_a? Hash
+          params = Rack::Utils.parse_query(response) unless params.is_a? Hash
         end
 
-        access   = params['access_token']
-        refresh  = params['refresh_token']
-        expires_in = params['expires_in'] || params['expires'] # params['expires'] is only for facebook
+        access = params.delete('access_token')
+        refresh = params.delete('refresh_token')
+        # params['expires'] is only for Facebook
+        expires_in = params.delete('expires_in') || params.delete('expires')
         OAuth2::AccessToken.new(@client, access, refresh, expires_in, params)
       end
 
-      # <b>DEPRECATED:</b> Use #get_access_token instead.
-      def access_token(*args)
-        warn '[DEPRECATED] OAuth2::Strategy::WebServer#access_token is deprecated, use #get_access_token instead. Will be removed in 0.1.0'
-        get_access_token(*args)
-      end
-
-      def access_token_params(code, options = {}) #:nodoc:
+      def access_token_params(code, options={}) #:nodoc:
         super(options).merge({
           'grant_type' => 'authorization_code',
-          'code' => code
+          'code' => code,
         })
       end
     end

data/lib/oauth2/version.rb

@@ -1,3 +1,3 @@
 module OAuth2
-  VERSION = "0.2.0"
+  VERSION = "0.3.0"
 end

data/oauth2.gemspec

@@ -9,8 +9,6 @@ Gem::Specification.new do |s|
   s.description = %q{A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth gem.}
   s.summary = %q{A Ruby wrapper for the OAuth 2.0 protocol.}
   s.email = "michael@intridea.com"
-  s.extra_rdoc_files = ["LICENSE", "README.rdoc"]
-  s.rdoc_options = ["--charset=UTF-8"]
   s.homepage = "http://github.com/intridea/oauth2"
   s.require_paths = ["lib"]
   s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }

data/spec/oauth2/access_token_spec.rb

@@ -5,18 +5,18 @@ describe OAuth2::AccessToken do
     cli = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com')
     cli.connection.build do |b|
       b.adapter :test do |stub|
-        stub.get('/client?oauth_token=monkey') { |env| [200, {}, 'get']    }
-        stub.post('/client')                   { |env| [200, {}, 'oauth_token=' << env[:body]['oauth_token']] }
-        stub.put('/client')                    { |env| [200, {}, 'oauth_token=' << env[:body]['oauth_token']] }
-        stub.delete('/client')                 { |env| [200, {}, 'oauth_token=' << env[:body]['oauth_token']] }
+        stub.get('/client?oauth_token=monkey') {|env| [200, {}, 'get']}
+        stub.post('/client')                   {|env| [200, {}, 'oauth_token=' << env[:body]['oauth_token']]}
+        stub.put('/client')                    {|env| [200, {}, 'oauth_token=' << env[:body]['oauth_token']]}
+        stub.delete('/client')                 {|env| [200, {}, 'oauth_token=' << env[:body]['oauth_token']]}
       end
     end
     cli
   end
 
-  let(:token)  { 'monkey' }
+  let(:token) {'monkey'}
 
-  subject { OAuth2::AccessToken.new(client, token) }
+  subject {OAuth2::AccessToken.new(client, token)}
 
   describe '#initialize' do
     it 'should assign client and token' do
@@ -24,6 +24,12 @@ describe OAuth2::AccessToken do
       subject.token.should  == token
     end
 
+    it 'should assign extra params' do
+      target = OAuth2::AccessToken.new(client, token, nil, nil, {'foo' => 'bar'})
+      target.params.should include('foo')
+      target.params['foo'].should == 'bar'
+    end
+
     it "makes GET requests with access token" do
       subject.send(:get, 'client').should == 'get'
     end
@@ -51,7 +57,7 @@ describe OAuth2::AccessToken do
       Time.stub!(:now).and_return(@now)
     end
 
-    subject{ OAuth2::AccessToken.new(client, token, 'abaca', 600)}
+    subject{OAuth2::AccessToken.new(client, token, 'abaca', 600)}
 
     it 'should be a time representation of #expires_in' do
       subject.expires_at.should == (@now + 600)

data/spec/oauth2/client_spec.rb

@@ -5,10 +5,10 @@ describe OAuth2::Client do
     cli = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com')
     cli.connection.build do |b|
       b.adapter :test do |stub|
-        stub.get('/success')      { |env| [200, {'Content-Type' => 'text/awesome'}, 'yay'] }
-        stub.get('/unauthorized') { |env| [401, {}, '']    }
-        stub.get('/error')        { |env| [500, {}, '']    }
-        stub.get('/json')         { |env| [200, {'Content-Type' => 'application/json; charset=utf8'}, '{"abc":"def"}']}
+        stub.get('/success')      {|env| [200, {'Content-Type' => 'text/awesome'}, 'yay']}
+        stub.get('/unauthorized') {|env| [401, {'Content-Type' => 'text/plain'}, 'not authorized']}
+        stub.get('/error')        {|env| [500, {}, '']}
+        stub.get('/json')         {|env| [200, {'Content-Type' => 'application/json; charset=utf8'}, '{"abc":"def"}']}
       end
     end
     cli
@@ -27,6 +27,33 @@ describe OAuth2::Client do
     it 'should assign Faraday::Connection#host' do
       subject.connection.host.should == 'api.example.com'
     end
+
+    it 'should leave Faraday::Connection#ssl unset' do
+      subject.connection.ssl.should == {}
+    end
+
+    it "should be able to pass parameters to the adapter, e.g. Faraday::Adapter::ActionDispatch" do
+      connection = stub('connection')
+      Faraday::Connection.stub(:new => connection)
+      session = stub('session', :to_ary => nil)
+      builder = stub('builder')
+      connection.stub(:build).and_yield(builder)
+
+      builder.should_receive(:adapter).with(:action_dispatch, session)
+
+      OAuth2::Client.new('abc', 'def', :adapter => [:action_dispatch, session])
+    end
+    
+    it "defaults raise_errors to true" do
+      subject.raise_errors.should be_true
+    end
+    
+    it "allows true/false for raise_errors option" do
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => false)
+      client.raise_errors.should be_false
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => true)
+      client.raise_errors.should be_true
+    end
   end
 
   %w(authorize access_token).each do |path_type|
@@ -55,12 +82,21 @@ describe OAuth2::Client do
       response.headers.should == {'Content-Type' => 'text/awesome'}
     end
 
+    it "returns ResponseString on error if raise_errors is false" do
+      subject.raise_errors = false
+      response = subject.request(:get, '/unauthorized', {}, {})
+
+      response.should == 'not authorized'
+      response.status.should == 401
+      response.headers.should == {'Content-Type' => 'text/plain'}
+    end
+
     it "raises OAuth2::AccessDenied on 401 response" do
-      lambda { subject.request(:get, '/unauthorized', {}, {}) }.should raise_error(OAuth2::AccessDenied)
+      lambda {subject.request(:get, '/unauthorized', {}, {})}.should raise_error(OAuth2::AccessDenied)
     end
 
     it "raises OAuth2::HTTPError on error response" do
-      lambda { subject.request(:get, '/error', {}, {}) }.should raise_error(OAuth2::HTTPError)
+      lambda {subject.request(:get, '/error', {}, {})}.should raise_error(OAuth2::HTTPError)
     end
   end
 
@@ -95,4 +131,18 @@ describe OAuth2::Client do
       subject.json = false
     end
   end
+
+  context 'with SSL options' do
+    subject do
+      cli = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :ssl => {:ca_file => 'foo.pem'})
+      cli.connection.build do |b|
+        b.adapter :test
+      end
+      cli
+    end
+
+    it 'should pass the SSL options along to Faraday::Connection#ssl' do
+      subject.connection.ssl.should == {:ca_file => 'foo.pem'}
+    end
+  end
 end

data/spec/oauth2/strategy/base_spec.rb

@@ -2,6 +2,6 @@ require 'spec_helper'
 
 describe OAuth2::Strategy::Base do
   it 'should initialize with a Client' do
-    lambda{ OAuth2::Strategy::Base.new(OAuth2::Client.new('abc', 'def')) }.should_not raise_error
+    lambda{OAuth2::Strategy::Base.new(OAuth2::Client.new('abc', 'def'))}.should_not raise_error
   end
 end

data/spec/oauth2/strategy/password_spec.rb

@@ -0,0 +1,57 @@
+require 'spec_helper'
+
+describe OAuth2::Strategy::Password do
+  let(:client) do
+    cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
+    cli.connection.build do |b|
+      b.adapter :test do |stub|
+        stub.post('/oauth/access_token') do |env|
+          case @mode
+            when "formencoded"
+              [200, {}, 'expires_in=600&access_token=salmon&refresh_token=trout']
+            when "json"
+              [200, {}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}']
+          end
+        end
+      end
+    end
+    cli
+  end
+  subject {client.password}
+
+  describe "#authorize_url" do
+    it "should raise NotImplementedError" do
+      lambda {subject.authorize_url}.should raise_error(NotImplementedError)
+    end
+  end
+
+  %w(json formencoded).each do |mode|
+    describe "#get_access_token (#{mode})" do
+      before do
+        @mode = mode
+        @access = subject.get_access_token('username', 'password')
+      end
+
+      it 'returns AccessToken with same Client' do
+        @access.client.should == client
+      end
+
+      it 'returns AccessToken with #token' do
+        @access.token.should == 'salmon'
+      end
+
+      it 'returns AccessToken with #refresh_token' do
+        @access.refresh_token.should == 'trout'
+      end
+
+      it 'returns AccessToken with #expires_in' do
+        @access.expires_in.should == 600
+      end
+
+      it 'returns AccessToken with #expires_at' do
+        @access.expires_at.should be_kind_of(Time)
+      end
+    end
+  end
+
+end

data/spec/oauth2/strategy/web_server_spec.rb

@@ -5,21 +5,21 @@ describe OAuth2::Strategy::WebServer do
     cli = OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com')
     cli.connection.build do |b|
       b.adapter :test do |stub|
-        stub.post('/oauth/access_token') do |env|
+        stub.get('/oauth/access_token?client_id=abc&client_secret=def&code=sushi&grant_type=authorization_code') do |env|
           case @mode
-            when "formencoded"
-              [200, {}, 'expires_in=600&access_token=salmon&refresh_token=trout&extra_param=steve']
-            when "json"
-              [200, {}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout","extra_param":"steve"}']
-            when "from_facebook"
-              [200, {}, 'expires=600&access_token=salmon&refresh_token=trout&extra_param=steve']
+          when "formencoded"
+            [200, {}, 'expires_in=600&access_token=salmon&refresh_token=trout&extra_param=steve']
+          when "json"
+            [200, {}, '{"expires_in":600,"access_token":"salmon","refresh_token":"trout","extra_param":"steve"}']
+          when "from_facebook"
+            [200, {}, 'expires=600&access_token=salmon&refresh_token=trout&extra_param=steve']
           end
         end
       end
     end
     cli
   end
-  subject { client.web_server }
+  subject{client.web_server}
 
   describe '#authorize_url' do
     it 'should include the client_id' do

metadata

@@ -2,7 +2,7 @@
 name: oauth2
 version: !ruby/object:Gem::Version 
   prerelease: 
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors: 
 - Michael Bleigh
@@ -10,8 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-04-01 00:00:00 -07:00
-default_executable: 
+date: 2011-04-08 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: faraday
@@ -96,39 +95,40 @@ executables: []
 
 extensions: []
 
-extra_rdoc_files: 
-- LICENSE
-- README.rdoc
+extra_rdoc_files: []
+
 files: 
 - .document
 - .gemtest
 - .gitignore
 - .rspec
-- CHANGELOG.rdoc
+- .travis.yml
+- CHANGELOG.md
 - Gemfile
-- LICENSE
-- README.rdoc
+- LICENSE.md
+- README.md
 - Rakefile
 - lib/oauth2.rb
 - lib/oauth2/access_token.rb
 - lib/oauth2/client.rb
 - lib/oauth2/response_object.rb
 - lib/oauth2/strategy/base.rb
+- lib/oauth2/strategy/password.rb
 - lib/oauth2/strategy/web_server.rb
 - lib/oauth2/version.rb
 - oauth2.gemspec
 - spec/oauth2/access_token_spec.rb
 - spec/oauth2/client_spec.rb
 - spec/oauth2/strategy/base_spec.rb
+- spec/oauth2/strategy/password_spec.rb
 - spec/oauth2/strategy/web_server_spec.rb
 - spec/spec_helper.rb
-has_rdoc: true
 homepage: http://github.com/intridea/oauth2
 licenses: []
 
 post_install_message: 
-rdoc_options: 
-- --charset=UTF-8
+rdoc_options: []
+
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
@@ -146,7 +146,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.6.2
+rubygems_version: 1.7.2
 signing_key: 
 specification_version: 3
 summary: A Ruby wrapper for the OAuth 2.0 protocol.
@@ -154,5 +154,7 @@ test_files:
 - spec/oauth2/access_token_spec.rb
 - spec/oauth2/client_spec.rb
 - spec/oauth2/strategy/base_spec.rb
+- spec/oauth2/strategy/password_spec.rb
 - spec/oauth2/strategy/web_server_spec.rb
 - spec/spec_helper.rb
+has_rdoc: 

data/README.rdoc

@@ -1,80 +0,0 @@
-= OAuth2
-
-A Ruby wrapper for the OAuth 2.0 specification. This is a work in progress, being built first to solve the pragmatic process of connecting to existing OAuth 2.0 endpoints (a.k.a. Facebook) with the goal of building it up to meet the entire specification over time.
-
-== Installation
-
-    gem install oauth2
-    
-== Resources
-
-* View Source on GitHub (http://github.com/intridea/oauth2)
-* Report Issues on GitHub (http://github.com/intridea/oauth2/issues)
-* Read More at the Wiki (http://wiki.github.com/intridea/oauth2/)
-   
-== Web Server Example (Sinatra)
-
-Below is a fully functional example of a Sinatra application that would authenticate to Facebook utilizing the OAuth 2.0 web server flow.
-
-    require 'rubygems'
-    require 'sinatra'
-    require 'oauth2'
-    require 'json'
-
-    def client
-      OAuth2::Client.new('app_id', 'app_secret', :site => 'https://graph.facebook.com')
-    end
-
-    get '/auth/facebook' do
-      redirect client.web_server.authorize_url(
-        :redirect_uri => redirect_uri, 
-        :scope => 'email,offline_access'
-      )
-    end
-
-    get '/auth/facebook/callback' do
-      access_token = client.web_server.get_access_token(params[:code], :redirect_uri => redirect_uri)
-      user = JSON.parse(access_token.get('/me'))
-
-      user.inspect
-    end
-
-    def redirect_uri
-      uri = URI.parse(request.url)
-      uri.path = '/auth/facebook/callback'
-      uri.query = nil
-      uri.to_s
-    end
-    
-That's all there is to it! You can use the access token like you would with the 
-OAuth gem, calling HTTP verbs on it etc. You can view more examples on the OAuth2 
-Wiki (http://wiki.github.com/intridea/oauth2/examples)
-    
-== JSON Parsing
-
-Because JSON has become the standard format of the OAuth 2.0 specification,
-the <tt>oauth2</tt> gem contains a mode that will perform automatic parsing
-of JSON response bodies, returning a hash instead of a string. To enable this
-mode, simply add the <tt>:parse_json</tt> option to your client initialization:
-
-    client = OAuth2::Client.new('app_id', 'app_secret', 
-      :site => 'https://example.com', 
-      :parse_json => true
-    )
-    
-    # Obtain an access token using the client
-    token.get('/some/url.json') # {"some" => "hash"}
-
-== Note on Patches/Pull Requests
- 
-* Fork the project.
-* Make your feature addition or bug fix.
-* Add tests for it. This is important so I don't break it in a
-  future version unintentionally.
-* Commit, do not mess with rakefile, version, or history.
-  (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
-* Send me a pull request. Bonus points for topic branches.
-
-== Copyright
-
-Copyright (c) 2010 Intridea, Inc. and Michael Bleigh. See LICENSE for details.