oauth2 0.5.2 → 0.6.0

data/.rspec

@@ -1,3 +1,2 @@
 --color
---format=nested
---backtrace
+--order random

data/.travis.yml

@@ -1,7 +1,9 @@
+language: ruby
 rvm:
   - 1.8.7
   - 1.9.2
   - 1.9.3
-  - jruby
-  - rbx
-  - ree
+  - jruby-18mode
+  - jruby-19mode
+  - rbx-18mode
+  - rbx-19mode

data/README.md

@@ -26,7 +26,7 @@ the entire specification over time.
     client.auth_code.authorize_url(:redirect_uri => 'http://localhost:8080/oauth2/callback')
     # => "https://example.org/oauth/authorization?response_type=code&client_id=client_id&redirect_uri=http://localhost:8080/oauth2/callback"
 
-    token = client.auth_code.get_token('authorization_code_value', :redirect_uri => 'http://localhost:8080/oauth2/callback')
+    token = client.auth_code.get_token('authorization_code_value', :redirect_uri => 'http://localhost:8080/oauth2/callback', :headers => {'Authorization' => 'Basic some_password'})
     response = token.get('/api/resource', :params => { 'query_foo' => 'bar' })
     response.class.name
     # => OAuth2::Response
@@ -51,8 +51,7 @@ application/x-www-form-urlencoded encoded string of the values).
 
 ## <a name="error"></a>OAuth2::Error
 On 400+ status code responses, an OAuth2::Error will be raised.  If it is a
-standard OAuth2 error response, the body will be parsed and #code and
-#description will contain the values provided from the error and
+standard OAuth2 error response, the body will be parsed and #code and #description will contain the values provided from the error and
 error_description parameters.  The #response property of OAuth2::Error will
 always contain the OAuth2::Response instance.
 
@@ -62,15 +61,22 @@ instance will be returned as usual and on 400+ status code responses, the
 Response instance will contain the OAuth2::Error instance.
 
 ## <a name="authorization_grants"></a>Authorization Grants
-Currently the Authorization Code and Resource Owner Password Credentials
+Currently the Authorization Code, Resource Owner Password Credentials, and Client Credentials
 authentication grant types have helper strategy classes that simplify client
-use.  They are available via the #auth_code and #password methods respectively.
+use.  They are available via the #auth_code, #password, and #client_credentials methods respectively.
 
     auth_url = client.auth_code.authorize_url(:redirect_uri => 'http://localhost:8080/oauth/callback')
     token = client.auth_code.get_token('code_value', :redirect_uri => 'http://localhost:8080/oauth/callback')
 
     token = client.password.get_token('username', 'password')
 
+    token = client.client_credentials.get_token
+
+If you want to specify additional headers to be sent out with the
+request, add a 'headers' hash under 'params':
+
+    token = client.auth_code.get_token('code_value', :redirect_uri => 'http://localhost:8080/oauth/callback', :headers => {'Some' => 'Header'})
+
 You can always use the #request method on the OAuth2::Client instance to make
 requests for tokens for any Authentication grant type.
 
@@ -100,11 +106,9 @@ implementations:
 * Ruby 1.9.3
 * [JRuby][]
 * [Rubinius][]
-* [Ruby Enterprise Edition][ree]
 
 [jruby]: http://www.jruby.org/
 [rubinius]: http://rubini.us/
-[ree]: http://www.rubyenterpriseedition.com/
 
 If something doesn't work on one of these interpreters, it should be considered
 a bug.

data/lib/oauth2.rb

@@ -3,5 +3,6 @@ require 'oauth2/client'
 require 'oauth2/strategy/base'
 require 'oauth2/strategy/auth_code'
 require 'oauth2/strategy/password'
+require 'oauth2/strategy/client_credentials'
 require 'oauth2/access_token'
 require 'oauth2/response'

data/lib/oauth2/client.rb

@@ -91,9 +91,7 @@ module OAuth2
       response = Response.new(response, :parse => opts[:parse])
 
       case response.status
-      when 200..299
-        response
-      when 300..399
+      when 301, 302, 303, 307
         opts[:redirect_count] ||= 0
         opts[:redirect_count] += 1
         return response if opts[:redirect_count] > options[:max_redirects]
@@ -102,6 +100,9 @@ module OAuth2
           opts.delete(:body)
         end
         request(verb, response.headers['location'], opts)
+      when 200..299, 300..399
+        # on non-redirecting 3xx statuses, just return the response
+        response
       when 400..599
         e = Error.new(response)
         raise e if opts[:raise_errors] || options[:raise_errors]
@@ -120,8 +121,10 @@ module OAuth2
     def get_token(params, access_token_opts={})
       opts = {:raise_errors => options[:raise_errors], :parse => params.delete(:parse)}
       if options[:token_method] == :post
+        headers = params.delete(:headers)
         opts[:body] = params
         opts[:headers] =  {'Content-Type' => 'application/x-www-form-urlencoded'}
+        opts[:headers].merge!(headers) if headers
       else
         opts[:params] = params
       end
@@ -143,5 +146,12 @@ module OAuth2
     def password
       @password ||= OAuth2::Strategy::Password.new(self)
     end
+
+    # The Client Credentials strategy
+    #
+    # @see http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.4
+    def client_credentials
+      @client_credentials ||= OAuth2::Strategy::ClientCredentials.new(self)
+    end
   end
 end

data/lib/oauth2/error.rb

@@ -7,11 +7,18 @@ module OAuth2
     def initialize(response)
       response.error = self
       @response = response
+
+      message = []
+
       if response.parsed.is_a?(Hash)
         @code = response.parsed['error']
         @description = response.parsed['error_description']
+        message << "#{@code}: #{@description}"
       end
-    end
 
+      message << response.body
+
+      super(message.join("\n"))
+    end
   end
 end

data/lib/oauth2/strategy/client_credentials.rb

@@ -0,0 +1,28 @@
+require 'httpauth'
+
+module OAuth2
+  module Strategy
+    # The Client Credentials Strategy
+    #
+    # @see http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.4
+    class ClientCredentials < Base
+      # Not used for this strategy
+      #
+      # @raise [NotImplementedError]
+      def authorize_url
+        raise NotImplementedError, "The authorization endpoint is not used in this strategy"
+      end
+
+      # Retrieve an access token given the specified client.
+      #
+      # @param [Hash] params additional params
+      # @param [Hash] opts options
+      def get_token(params={}, opts={})
+        request_body = opts.delete('auth_scheme') == 'request_body'
+        params.merge!('grant_type' => 'client_credentials')
+        params.merge!(request_body ? client_params : {:headers => {'Authorization' => HTTPAuth::Basic.pack_authorization(client_params['client_id'], client_params['client_secret'])}})
+        @client.get_token(params, opts.merge('refresh_token' => nil))
+      end
+    end
+  end
+end

data/lib/oauth2/version.rb

@@ -1,3 +1,3 @@
 module OAuth2
-  VERSION = "0.5.2"
+  VERSION = "0.6.0"
 end

data/oauth2.gemspec

@@ -4,12 +4,12 @@ require File.expand_path('../lib/oauth2/version', __FILE__)
 Gem::Specification.new do |gem|
   gem.add_dependency 'faraday', '~> 0.7'
   gem.add_dependency 'multi_json', '~> 1.0'
+  gem.add_dependency 'httpauth', '~> 0.1'
   gem.add_development_dependency 'multi_xml'
   gem.add_development_dependency 'rake'
   gem.add_development_dependency 'rdoc'
   gem.add_development_dependency 'rspec'
   gem.add_development_dependency 'simplecov'
-  gem.add_development_dependency 'yard'
   gem.authors = ["Michael Bleigh", "Erik Michaels-Ober"]
   gem.description = %q{A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth gem.}
   gem.email = ['michael@intridea.com', 'sferik@gmail.com']

data/spec/helper.rb

@@ -1,5 +1,7 @@
-require 'simplecov'
-SimpleCov.start
+unless ENV['CI']
+  require 'simplecov'
+  SimpleCov.start
+end
 require 'oauth2'
 require 'rspec'
 require 'rspec/autorun'

data/spec/oauth2/client_spec.rb

@@ -14,7 +14,7 @@ describe OAuth2::Client do
         stub.get('/conflict')     {|env| [409, {'Content-Type' => 'text/plain'}, 'not authorized']}
         stub.get('/redirect')     {|env| [302, {'Content-Type' => 'text/plain', 'location' => '/success' }, '']}
         stub.post('/redirect')    {|env| [303, {'Content-Type' => 'text/plain', 'location' => '/reflect' }, '']}
-        stub.get('/error')        {|env| [500, {}, '']}
+        stub.get('/error')        {|env| [500, {'Content-Type' => 'text/plain'}, 'unknown error']}
         stub.get('/empty_get')    {|env| [204, {}, nil]}
       end
     end
@@ -148,6 +148,8 @@ describe OAuth2::Client do
       rescue Exception => e
         e.code.should == error_value
         e.description.should == error_description_value
+        e.to_s.should match(/#{error_value}/)
+        e.to_s.should match(/#{error_description_value}/)
       end
     end
 
@@ -156,6 +158,7 @@ describe OAuth2::Client do
         subject.request(:get, '/error')
       rescue Exception => e
         e.response.should_not be_nil
+        e.to_s.should match(/unknown error/)
       end
     end
   end

data/spec/oauth2/strategy/client_credentials_spec.rb

@@ -0,0 +1,70 @@
+require 'helper'
+
+describe OAuth2::Strategy::ClientCredentials do
+  let(:kvform_token) { 'expires_in=600&access_token=salmon&refresh_token=trout' }
+  let(:json_token) { '{"expires_in":600,"access_token":"salmon","refresh_token":"trout"}' }
+
+  let(:client) do
+    OAuth2::Client.new('abc', 'def', :site => 'http://api.example.com') do |builder|
+      builder.adapter :test do |stub|
+        stub.post('/oauth/token', {'grant_type' => 'client_credentials'}) do |env|
+          client_id, client_secret = HTTPAuth::Basic.unpack_authorization(env[:request_headers]['Authorization'])
+          client_id == 'abc' && client_secret == 'def' or raise Faraday::Adapter::Test::Stubs::NotFound.new 
+          case @mode
+          when "formencoded"
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when "json"
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          end
+        end
+        stub.post('/oauth/token', {'client_id' => 'abc', 'client_secret' => 'def', 'grant_type' => 'client_credentials'}) do |env|
+          case @mode
+          when "formencoded"
+            [200, {'Content-Type' => 'application/x-www-form-urlencoded'}, kvform_token]
+          when "json"
+            [200, {'Content-Type' => 'application/json'}, json_token]
+          end
+        end
+      end
+    end
+  end
+
+  subject {client.client_credentials}
+
+  describe "#authorize_url" do
+    it "should raise NotImplementedError" do
+      lambda {subject.authorize_url}.should raise_error(NotImplementedError)
+    end
+  end
+
+  %w(json formencoded).each do |mode|
+    %w(default basic_auth request_body).each do |auth_scheme|
+      describe "#get_token (#{mode}) (#{auth_scheme})" do
+        before do
+          @mode = mode
+          @access = subject.get_token({}, auth_scheme == 'default' ? {} : {'auth_scheme' => auth_scheme})
+        end
+
+        it 'returns AccessToken with same Client' do
+          @access.client.should == client
+        end
+
+        it 'returns AccessToken with #token' do
+          @access.token.should == 'salmon'
+        end
+
+        it 'returns AccessToken without #refresh_token' do
+          @access.refresh_token.should be_nil
+        end
+
+        it 'returns AccessToken with #expires_in' do
+          @access.expires_in.should == 600
+        end
+
+        it 'returns AccessToken with #expires_at' do
+          @access.expires_at.should_not be_nil
+        end
+      end
+    end
+  end
+end

metadata

@@ -1,114 +1,150 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification 
 name: oauth2
-version: !ruby/object:Gem::Version
-  version: 0.5.2
+version: !ruby/object:Gem::Version 
+  hash: 7
   prerelease: 
+  segments: 
+  - 0
+  - 6
+  - 0
+  version: 0.6.0
 platform: ruby
-authors:
+authors: 
 - Michael Bleigh
 - Erik Michaels-Ober
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-01-04 00:00:00.000000000Z
-dependencies:
-- !ruby/object:Gem::Dependency
+
+date: 2012-04-12 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
   name: faraday
-  requirement: &70259907739420 !ruby/object:Gem::Requirement
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
+    requirements: 
     - - ~>
-      - !ruby/object:Gem::Version
-        version: '0.7'
+      - !ruby/object:Gem::Version 
+        hash: 5
+        segments: 
+        - 0
+        - 7
+        version: "0.7"
   type: :runtime
-  prerelease: false
-  version_requirements: *70259907739420
-- !ruby/object:Gem::Dependency
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
   name: multi_json
-  requirement: &70259907738920 !ruby/object:Gem::Requirement
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
+    requirements: 
     - - ~>
-      - !ruby/object:Gem::Version
-        version: '1.0'
+      - !ruby/object:Gem::Version 
+        hash: 15
+        segments: 
+        - 1
+        - 0
+        version: "1.0"
   type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: httpauth
   prerelease: false
-  version_requirements: *70259907738920
-- !ruby/object:Gem::Dependency
-  name: multi_xml
-  requirement: &70259907738540 !ruby/object:Gem::Requirement
+  requirement: &id003 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 9
+        segments: 
+        - 0
+        - 1
+        version: "0.1"
+  type: :runtime
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: multi_xml
   prerelease: false
-  version_requirements: *70259907738540
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: &70259907738080 !ruby/object:Gem::Requirement
+  requirement: &id004 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: rake
   prerelease: false
-  version_requirements: *70259907738080
-- !ruby/object:Gem::Dependency
-  name: rdoc
-  requirement: &70259907737660 !ruby/object:Gem::Requirement
+  requirement: &id005 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: rdoc
   prerelease: false
-  version_requirements: *70259907737660
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: &70259907737240 !ruby/object:Gem::Requirement
+  requirement: &id006 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency 
+  name: rspec
   prerelease: false
-  version_requirements: *70259907737240
-- !ruby/object:Gem::Dependency
-  name: simplecov
-  requirement: &70259907767020 !ruby/object:Gem::Requirement
+  requirement: &id007 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency 
+  name: simplecov
   prerelease: false
-  version_requirements: *70259907767020
-- !ruby/object:Gem::Dependency
-  name: yard
-  requirement: &70259907766600 !ruby/object:Gem::Requirement
+  requirement: &id008 !ruby/object:Gem::Requirement 
     none: false
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
   type: :development
-  prerelease: false
-  version_requirements: *70259907766600
-description: A Ruby wrapper for the OAuth 2.0 protocol built with a similar style
-  to the original OAuth gem.
-email:
+  version_requirements: *id008
+description: A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth gem.
+email: 
 - michael@intridea.com
 - sferik@gmail.com
 executables: []
+
 extensions: []
+
 extra_rdoc_files: []
-files:
+
+files: 
 - .document
 - .gemtest
 - .gitignore
@@ -125,6 +161,7 @@ files:
 - lib/oauth2/response.rb
 - lib/oauth2/strategy/auth_code.rb
 - lib/oauth2/strategy/base.rb
+- lib/oauth2/strategy/client_credentials.rb
 - lib/oauth2/strategy/password.rb
 - lib/oauth2/version.rb
 - oauth2.gemspec
@@ -134,37 +171,50 @@ files:
 - spec/oauth2/response_spec.rb
 - spec/oauth2/strategy/auth_code_spec.rb
 - spec/oauth2/strategy/base_spec.rb
+- spec/oauth2/strategy/client_credentials_spec.rb
 - spec/oauth2/strategy/password_spec.rb
+has_rdoc: true
 homepage: http://github.com/intridea/oauth2
 licenses: []
+
 post_install_message: 
 rdoc_options: []
-require_paths:
+
+require_paths: 
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
+required_ruby_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
-  requirements:
-  - - ! '>='
-    - !ruby/object:Gem::Version
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 23
+      segments: 
+      - 1
+      - 3
+      - 6
       version: 1.3.6
 requirements: []
+
 rubyforge_project: 
-rubygems_version: 1.8.13
+rubygems_version: 1.6.2
 signing_key: 
 specification_version: 3
 summary: A Ruby wrapper for the OAuth 2.0 protocol.
-test_files:
+test_files: 
 - spec/helper.rb
 - spec/oauth2/access_token_spec.rb
 - spec/oauth2/client_spec.rb
 - spec/oauth2/response_spec.rb
 - spec/oauth2/strategy/auth_code_spec.rb
 - spec/oauth2/strategy/base_spec.rb
+- spec/oauth2/strategy/client_credentials_spec.rb
 - spec/oauth2/strategy/password_spec.rb
-has_rdoc: