oauth2 0.9.1 → 0.9.2

data/README.md

@@ -1,13 +1,16 @@
 # OAuth2
+
 [![Gem Version](https://badge.fury.io/rb/oauth2.png)][gem]
 [![Build Status](https://secure.travis-ci.org/intridea/oauth2.png?branch=master)][travis]
 [![Dependency Status](https://gemnasium.com/intridea/oauth2.png?travis)][gemnasium]
 [![Code Climate](https://codeclimate.com/github/intridea/oauth2.png)][codeclimate]
+[![Coverage Status](https://coveralls.io/repos/intridea/oauth2/badge.png?branch=master)][coveralls]
 
 [gem]: https://rubygems.org/gems/oauth2
 [travis]: http://travis-ci.org/intridea/oauth2
 [gemnasium]: https://gemnasium.com/intridea/oauth2
 [codeclimate]: https://codeclimate.com/github/intridea/oauth2
+[coveralls]: https://coveralls.io/r/intridea/oauth2
 
 A Ruby wrapper for the OAuth 2.0 specification. This is a work in progress,
 being built first to solve the pragmatic process of connecting to existing
@@ -21,7 +24,7 @@ To ensure the code you're installing hasn't been tampered with, it's
 recommended that you verify the signature. To do this, you need to add my
 public key as a trusted certificate (you only need to do this once):
 
-    gem cert --add <(curl -Ls https://gist.github.com/sferik/4701180/raw/public_cert.pem)
+    gem cert --add <(curl -Ls https://raw.github.com/intridea/oauth2/master/certs/sferik.pem)
 
 Then, install the gem with the high security trust policy:
 
@@ -37,17 +40,19 @@ Then, install the gem with the high security trust policy:
 [wiki]: https://wiki.github.com/intridea/oauth2
 
 ## Usage Examples
-    require 'oauth2'
-    client = OAuth2::Client.new('client_id', 'client_secret', :site => 'https://example.org')
 
-    client.auth_code.authorize_url(:redirect_uri => 'http://localhost:8080/oauth2/callback')
-    # => "https://example.org/oauth/authorization?response_type=code&client_id=client_id&redirect_uri=http://localhost:8080/oauth2/callback"
+```ruby
+require 'oauth2'
+client = OAuth2::Client.new('client_id', 'client_secret', :site => 'https://example.org')
 
-    token = client.auth_code.get_token('authorization_code_value', :redirect_uri => 'http://localhost:8080/oauth2/callback', :headers => {'Authorization' => 'Basic some_password'})
-    response = token.get('/api/resource', :params => { 'query_foo' => 'bar' })
-    response.class.name
-    # => OAuth2::Response
+client.auth_code.authorize_url(:redirect_uri => 'http://localhost:8080/oauth2/callback')
+# => "https://example.org/oauth/authorization?response_type=code&client_id=client_id&redirect_uri=http://localhost:8080/oauth2/callback"
 
+token = client.auth_code.get_token('authorization_code_value', :redirect_uri => 'http://localhost:8080/oauth2/callback', :headers => {'Authorization' => 'Basic some_password'})
+response = token.get('/api/resource', :params => { 'query_foo' => 'bar' })
+response.class.name
+# => OAuth2::Response
+```
 ## OAuth2::Response
 The AccessToken methods #get, #post, #put and #delete and the generic #request
 will return an instance of the #OAuth2::Response class.
@@ -82,23 +87,27 @@ Currently the Authorization Code, Implicit, Resource Owner Password Credentials,
 authentication grant types have helper strategy classes that simplify client
 use.  They are available via the #auth_code, #implicit, #password, #client_credentials, and #assertion methods respectively.
 
-    auth_url = client.auth_code.authorize_url(:redirect_uri => 'http://localhost:8080/oauth/callback')
-    token = client.auth_code.get_token('code_value', :redirect_uri => 'http://localhost:8080/oauth/callback')
+```ruby
+auth_url = client.auth_code.authorize_url(:redirect_uri => 'http://localhost:8080/oauth/callback')
+token = client.auth_code.get_token('code_value', :redirect_uri => 'http://localhost:8080/oauth/callback')
 
-    auth_url = client.implicit.authorize_url(:redirect_uri => 'http://localhost:8080/oauth/callback')
-    # get the token params in the callback and
-    token = OAuth2::AccessToken.from_kvform(client, query_string)
+auth_url = client.implicit.authorize_url(:redirect_uri => 'http://localhost:8080/oauth/callback')
+# get the token params in the callback and
+token = OAuth2::AccessToken.from_kvform(client, query_string)
 
-    token = client.password.get_token('username', 'password')
+token = client.password.get_token('username', 'password')
 
-    token = client.client_credentials.get_token
+token = client.client_credentials.get_token
 
-    token = client.assertion.get_token(assertion_params)
+token = client.assertion.get_token(assertion_params)
+```
 
 If you want to specify additional headers to be sent out with the
 request, add a 'headers' hash under 'params':
 
-    token = client.auth_code.get_token('code_value', :redirect_uri => 'http://localhost:8080/oauth/callback', :headers => {'Some' => 'Header'})
+```ruby
+token = client.auth_code.get_token('code_value', :redirect_uri => 'http://localhost:8080/oauth/callback', :headers => {'Some' => 'Header'})
+```
 
 You can always use the #request method on the OAuth2::Client instance to make
 requests for tokens for any Authentication grant type.

data/lib/oauth2/access_token.rb

@@ -89,6 +89,13 @@ module OAuth2
       new_token
     end
 
+    # Convert AccessToken to a hash which can be used to rebuild itself with AccessToken.from_hash
+    #
+    # @return [Hash] a hash of AccessToken property values
+    def to_hash
+      params.merge({:access_token => token, :refresh_token => refresh_token, :expires_at => expires_at})
+    end
+
     # Make a request with the Access Token
     #
     # @param [Symbol] verb the HTTP request method

data/lib/oauth2/client.rb

@@ -24,17 +24,18 @@ module OAuth2
     #  on responses with 400+ status codes
     # @yield [builder] The Faraday connection builder
     def initialize(client_id, client_secret, opts={}, &block)
+      _opts = opts.dup
       @id = client_id
       @secret = client_secret
-      @site = opts.delete(:site)
-      ssl = opts.delete(:ssl)
+      @site = _opts.delete(:site)
+      ssl = _opts.delete(:ssl)
       @options = {:authorize_url    => '/oauth/authorize',
                   :token_url        => '/oauth/token',
                   :token_method     => :post,
                   :connection_opts  => {},
                   :connection_build => block,
                   :max_redirects    => 5,
-                  :raise_errors     => true}.merge(opts)
+                  :raise_errors     => true}.merge(_opts)
       @options[:connection_opts][:ssl] = ssl if ssl
     end
 
@@ -106,7 +107,7 @@ module OAuth2
         response
       when 400..599
         e = Error.new(response)
-        raise e if opts[:raise_errors] || options[:raise_errors]
+        raise e if opts.fetch(:raise_errors, options[:raise_errors])
         response.error = e
         response
       else
@@ -118,8 +119,9 @@ module OAuth2
     #
     # @param [Hash] params a Hash of params for the token endpoint
     # @param [Hash] access token options, to pass to the AccessToken object
+    # @param [Class] class of access token for easier subclassing OAuth2::AccessToken
     # @return [AccessToken] the initalized AccessToken
-    def get_token(params, access_token_opts={})
+    def get_token(params, access_token_opts={}, access_token_class = AccessToken)
       opts = {:raise_errors => options[:raise_errors], :parse => params.delete(:parse)}
       if options[:token_method] == :post
         headers = params.delete(:headers)
@@ -131,7 +133,7 @@ module OAuth2
       end
       response = request(options[:token_method], token_url, opts)
       raise Error.new(response) if options[:raise_errors] && !(response.parsed.is_a?(Hash) && response.parsed['access_token'])
-      AccessToken.from_hash(self, response.parsed.merge(access_token_opts))
+      access_token_class.from_hash(self, response.parsed.merge(access_token_opts))
     end
 
     # The Authorization Code strategy

data/lib/oauth2/strategy/assertion.rb

@@ -50,7 +50,7 @@ module OAuth2
 
       def build_request(params)
         assertion = build_assertion(params)
-        {:grant_type     => "assertion", 
+        {:grant_type     => "assertion",
          :assertion_type => "urn:ietf:params:oauth:grant-type:jwt-bearer",
          :assertion      => assertion,
          :scope          => params[:scope]

data/lib/oauth2/version.rb

@@ -2,7 +2,7 @@ module OAuth2
   class Version
     MAJOR = 0 unless defined? MAJOR
     MINOR = 9 unless defined? MINOR
-    PATCH = 1 unless defined? PATCH
+    PATCH = 2 unless defined? PATCH
     PRE = nil unless defined? PRE
 
     class << self

data/oauth2.gemspec

@@ -6,7 +6,7 @@ require 'oauth2/version'
 Gem::Specification.new do |spec|
   spec.add_development_dependency 'bundler', '~> 1.0'
   spec.add_dependency 'faraday', '~> 0.8'
-  spec.add_dependency 'httpauth', '~> 0.1'
+  spec.add_dependency 'httpauth', '~> 0.2'
   spec.add_dependency 'multi_json', '~> 1.0'
   spec.add_dependency 'multi_xml', '~> 0.5'
   spec.add_dependency 'rack', '~> 1.2'
@@ -22,7 +22,7 @@ Gem::Specification.new do |spec|
   spec.licenses      = ['MIT']
   spec.name          = 'oauth2'
   spec.require_paths = ['lib']
-  spec.required_rubygems_version = '>= 1.3.6'
+  spec.required_rubygems_version = '>= 1.3.5'
   spec.signing_key   = File.expand_path("~/.gem/private_key.pem") if $0 =~ /gem\z/
   spec.summary       = %q{A Ruby wrapper for the OAuth 2.0 protocol.}
   spec.test_files    = Dir.glob("spec/**/*")

data/spec/helper.rb

@@ -1,9 +1,11 @@
-unless ENV['CI']
-  require 'simplecov'
-  SimpleCov.start do
-    add_filter 'spec'
-  end
-end
+require 'simplecov'
+require 'coveralls'
+
+SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[
+  SimpleCov::Formatter::HTMLFormatter,
+  Coveralls::SimpleCov::Formatter
+]
+SimpleCov.start
 
 require 'oauth2'
 require 'addressable/uri'

data/spec/oauth2/access_token_spec.rb

@@ -59,7 +59,7 @@ describe AccessToken do
       expect(target.options[:header_format]).to eq('Bearer %')
       expect(target.options[:mode]).to eq(:body)
     end
-    
+
     it "initializes with a string expires_at" do
       hash = {:access_token => token, :expires_at => '1361396829', 'foo' => 'bar'}
       target = AccessToken.from_hash(client, hash)
@@ -70,7 +70,7 @@ describe AccessToken do
 
   describe "#request" do
     context ":mode => :header" do
-      before :all do
+      before do
         subject.options[:mode] = :header
       end
 
@@ -82,7 +82,7 @@ describe AccessToken do
     end
 
     context ":mode => :query" do
-      before :all do
+      before do
         subject.options[:mode] = :query
       end
 
@@ -94,7 +94,7 @@ describe AccessToken do
     end
 
     context ":mode => :body" do
-      before :all do
+      before do
         subject.options[:mode] = :body
       end
 
@@ -161,4 +161,12 @@ describe AccessToken do
       end
     end
   end
+
+  describe '#to_hash' do
+    it 'return a hash equals to the hash used to initialize access token' do
+      hash = {:access_token => token, :refresh_token => 'foobar', :expires_at => Time.now.to_i + 200, 'foo' => 'bar'}
+      access_token = AccessToken.from_hash(client, hash.clone)
+      expect(access_token.to_hash).to eq(hash)
+    end
+  end
 end

data/spec/oauth2/client_spec.rb

@@ -63,12 +63,31 @@ describe OAuth2::Client do
       expect(client.options[:raise_errors]).to be_true
     end
 
+    it "allows override of raise_errors option" do
+      client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :raise_errors => true) do |builder|
+        builder.adapter :test do |stub|
+          stub.get('/notfound') {|env| [404, {}, nil]}
+        end
+      end
+      expect(client.options[:raise_errors]).to be_true
+      expect{client.request(:get, '/notfound')}.to raise_error(OAuth2::Error)
+      response = client.request(:get, '/notfound', :raise_errors => false)
+      expect(response.status).to eq(404)
+    end
+
     it "allows get/post for access_token_method option" do
       client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :access_token_method => :get)
       expect(client.options[:access_token_method]).to eq(:get)
       client = OAuth2::Client.new('abc', 'def', :site => 'https://api.example.com', :access_token_method => :post)
       expect(client.options[:access_token_method]).to eq(:post)
     end
+
+    it 'does not mutate the opts hash argument' do
+      opts = { site: 'http://example.com/' }
+      opts2 = opts.dup
+      OAuth2::Client.new 'abc', 'def', opts
+      expect(opts).to eq(opts2)
+    end
   end
 
   %w(authorize token).each do |url_type|

data/spec/oauth2/strategy/auth_code_spec.rb

@@ -53,7 +53,7 @@ describe OAuth2::Strategy::AuthCode do
   %w(json formencoded from_facebook).each do |mode|
     [:get, :post].each do |verb|
       describe "#get_token (#{mode}, access_token_method=#{verb}" do
-        before :each do
+        before do
           @mode = mode
           client.options[:token_method] = verb
           @access = subject.get_token(code)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: oauth2
 version: !ruby/object:Gem::Version
-  version: 0.9.1
+  version: 0.9.2
   prerelease: 
 platform: ruby
 authors:
@@ -37,7 +37,7 @@ cert_chain:
   U0xxV3ZRUnNCbHlwSGZoczZKSnVMbHlaUEdoVTNSL3YKU2YzbFZLcEJDV2dS
   cEdUdnk0NVhWcEIrNTl5MzNQSm1FdVExUFRFT1l2UXlhbzlVS01BQWFBTi83
   cVdRdGpsMApobHc9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
-date: 2013-02-20 00:00:00.000000000 Z
+date: 2013-06-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -78,7 +78,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: '0.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -86,7 +86,7 @@ dependencies:
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: '0.2'
 - !ruby/object:Gem::Dependency
   name: multi_json
   requirement: !ruby/object:Gem::Requirement
@@ -206,7 +206,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ! '>='
     - !ruby/object:Gem::Version
-      version: 1.3.6
+      version: 1.3.5
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.23