oauth2 0.9.2 → 0.9.3

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 9924e71401dd6ab5d22d1472dbdc7505452938ef
+  data.tar.gz: 117bb2eb9de7facad9c2c090d492a350309d62e9
+SHA512:
+  metadata.gz: 6a5bfc4ac23428a81c0c30418d8180cfebe7cef9fb0071fdfe94753acc34c6a54f4bb9733a36e6bbfddb360b3f33fbd7bec2513c94f590a20064348384195a75
+  data.tar.gz: f429aed04aedecaffea86c0e1690767994bb4af758ec6243177f426ac660cb36b506154ce89c7e291fd726a57c2555e7ff9528ff7500a53862cfe9f41c45451f

data/CONTRIBUTING.md

@@ -4,11 +4,14 @@
 3. Add specs for your unimplemented feature or bug fix.
 4. Run `bundle exec rake spec`. If your specs pass, return to step 3.
 5. Implement your feature or bug fix.
-6. Run `bundle exec rake spec`. If your specs fail, return to step 5.
+6. Run `bundle exec rake`. If your specs fail, return to step 5.
 7. Run `open coverage/index.html`. If your changes are not completely covered
    by your tests, return to step 3.
-8. Add, commit, and push your changes.
-9. [Submit a pull request.][pr]
+8. Add documentation for your feature or bug fix.
+9. Run `bundle exec rake verify_measurements`. If your changes are not 100%
+   documented, go back to step 8.
+10. Commit and push your changes.
+11. [Submit a pull request.][pr]
 
 [fork]: http://help.github.com/fork-a-repo/
 [branch]: http://learn.github.com/p/branching.html

data/README.md

@@ -14,22 +14,12 @@
 
 A Ruby wrapper for the OAuth 2.0 specification. This is a work in progress,
 being built first to solve the pragmatic process of connecting to existing
-OAuth 2.0 endpoints (a.k.a. Facebook) with the goal of building it up to meet
+OAuth 2.0 endpoints (e.g. Facebook) with the goal of building it up to meet
 the entire specification over time.
 
 ## Installation
     gem install oauth2
 
-To ensure the code you're installing hasn't been tampered with, it's
-recommended that you verify the signature. To do this, you need to add my
-public key as a trusted certificate (you only need to do this once):
-
-    gem cert --add <(curl -Ls https://raw.github.com/intridea/oauth2/master/certs/sferik.pem)
-
-Then, install the gem with the high security trust policy:
-
-    gem install oauth2 -P HighSecurity
-
 ## Resources
 * [View Source on GitHub][code]
 * [Report Issues on GitHub][issues]
@@ -120,6 +110,7 @@ implementations:
 * Ruby 1.9.2
 * Ruby 1.9.3
 * Ruby 2.0.0
+* Ruby 2.1.0
 * [JRuby][]
 * [Rubinius][]
 

data/Rakefile

@@ -4,7 +4,6 @@ Bundler::GemHelper.install_tasks
 require 'rspec/core/rake_task'
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
 task :test => :spec
 
 namespace :doc do
@@ -17,3 +16,24 @@ namespace :doc do
     rdoc.rdoc_files.include('README.md', 'LICENSE.md', 'lib/**/*.rb')
   end
 end
+
+begin
+  require 'rubocop/rake_task'
+  Rubocop::RakeTask.new
+rescue LoadError
+  task :rubocop do
+    $stderr.puts 'Rubocop is disabled'
+  end
+end
+
+require 'yardstick/rake/measurement'
+Yardstick::Rake::Measurement.new do |measurement|
+  measurement.output = 'measurement/report.txt'
+end
+
+require 'yardstick/rake/verify'
+Yardstick::Rake::Verify.new do |verify|
+  verify.threshold = 58.9
+end
+
+task :default => [:spec, :rubocop, :verify_measurements]

data/lib/oauth2/access_token.rb

@@ -10,7 +10,7 @@ module OAuth2
       # @param [Hash] a hash of AccessToken property values
       # @return [AccessToken] the initalized AccessToken
       def from_hash(client, hash)
-        self.new(client, hash.delete('access_token') || hash.delete(:access_token), hash)
+        new(client, hash.delete('access_token') || hash.delete(:access_token), hash)
       end
 
       # Initializes an AccessToken from a key/value application/x-www-form-urlencoded string
@@ -36,7 +36,7 @@ module OAuth2
     # @option opts [String] :header_format ('Bearer %s') the string format to use for the Authorization header
     # @option opts [String] :param_name ('access_token') the parameter name to use for transmission of the
     #    Access Token value in :body or :query transmission mode
-    def initialize(client, token, opts={})
+    def initialize(client, token, opts = {})
       @client = client
       @token = token.to_s
       [:refresh_token, :expires_in, :expires_at].each do |arg|
@@ -77,8 +77,8 @@ module OAuth2
     #
     # @return [AccessToken] a new AccessToken
     # @note options should be carried over to the new AccessToken
-    def refresh!(params={})
-      raise "A refresh_token is not available" unless refresh_token
+    def refresh!(params = {})
+      fail('A refresh_token is not available') unless refresh_token
       params.merge!(:client_id      => @client.id,
                     :client_secret  => @client.secret,
                     :grant_type     => 'refresh_token',
@@ -93,7 +93,7 @@ module OAuth2
     #
     # @return [Hash] a hash of AccessToken property values
     def to_hash
-      params.merge({:access_token => token, :refresh_token => refresh_token, :expires_at => expires_at})
+      params.merge(:access_token => token, :refresh_token => refresh_token, :expires_at => expires_at)
     end
 
     # Make a request with the Access Token
@@ -102,53 +102,54 @@ module OAuth2
     # @param [String] path the HTTP URL path of the request
     # @param [Hash] opts the options to make the request with
     # @see Client#request
-    def request(verb, path, opts={}, &block)
-      set_token(opts)
+    def request(verb, path, opts = {}, &block)
+      self.token = opts
       @client.request(verb, path, opts, &block)
     end
 
     # Make a GET request with the Access Token
     #
     # @see AccessToken#request
-    def get(path, opts={}, &block)
+    def get(path, opts = {}, &block)
       request(:get, path, opts, &block)
     end
 
     # Make a POST request with the Access Token
     #
     # @see AccessToken#request
-    def post(path, opts={}, &block)
+    def post(path, opts = {}, &block)
       request(:post, path, opts, &block)
     end
 
     # Make a PUT request with the Access Token
     #
     # @see AccessToken#request
-    def put(path, opts={}, &block)
+    def put(path, opts = {}, &block)
       request(:put, path, opts, &block)
     end
 
     # Make a PATCH request with the Access Token
     #
     # @see AccessToken#request
-    def patch(path, opts={}, &block)
+    def patch(path, opts = {}, &block)
       request(:patch, path, opts, &block)
     end
 
     # Make a DELETE request with the Access Token
     #
     # @see AccessToken#request
-    def delete(path, opts={}, &block)
+    def delete(path, opts = {}, &block)
       request(:delete, path, opts, &block)
     end
 
     # Get the headers hash (includes Authorization token)
     def headers
-      { 'Authorization' => options[:header_format] % token }
+      {'Authorization' => options[:header_format] % token}
     end
 
   private
-    def set_token(opts)
+
+    def token=(opts) # rubocop:disable MethodLength
       case options[:mode]
       when :header
         opts[:headers] ||= {}
@@ -165,7 +166,7 @@ module OAuth2
         end
         # @todo support for multi-part (file uploads)
       else
-        raise "invalid :mode option of #{options[:mode]}"
+        fail("invalid :mode option of #{options[:mode]}")
       end
     end
   end

data/lib/oauth2/client.rb

@@ -23,7 +23,7 @@ module OAuth2
     # @option opts [Boolean] :raise_errors (true) whether or not to raise an OAuth2::Error
     #  on responses with 400+ status codes
     # @yield [builder] The Faraday connection builder
-    def initialize(client_id, client_secret, opts={}, &block)
+    def initialize(client_id, client_secret, opts = {}, &block)
       _opts = opts.dup
       @id = client_id
       @secret = client_secret
@@ -61,14 +61,14 @@ module OAuth2
     # The authorize endpoint URL of the OAuth2 provider
     #
     # @param [Hash] params additional query parameters
-    def authorize_url(params=nil)
+    def authorize_url(params = nil)
       connection.build_url(options[:authorize_url], params).to_s
     end
 
     # The token endpoint URL of the OAuth2 provider
     #
     # @param [Hash] params additional query parameters
-    def token_url(params=nil)
+    def token_url(params = nil)
       connection.build_url(options[:token_url], params).to_s
     end
 
@@ -84,8 +84,8 @@ module OAuth2
     #   code response for this request.  Will default to client option
     # @option opts [Symbol] :parse @see Response::initialize
     # @yield [req] The Faraday request
-    def request(verb, url, opts={})
-      url = self.connection.build_url(url, opts[:params]).to_s
+    def request(verb, url, opts = {}) # rubocop:disable CyclomaticComplexity, MethodLength
+      url = connection.build_url(url, opts[:params]).to_s
 
       response = connection.run_request(verb, url, opts[:body], opts[:headers]) do |req|
         yield(req) if block_given?
@@ -106,12 +106,13 @@ module OAuth2
         # on non-redirecting 3xx statuses, just return the response
         response
       when 400..599
-        e = Error.new(response)
-        raise e if opts.fetch(:raise_errors, options[:raise_errors])
-        response.error = e
+        error = Error.new(response)
+        fail(error) if opts.fetch(:raise_errors, options[:raise_errors])
+        response.error = error
         response
       else
-        raise Error.new(response), "Unhandled status code value of #{response.status}"
+        error = Error.new(response)
+        fail(error, "Unhandled status code value of #{response.status}")
       end
     end
 
@@ -121,7 +122,7 @@ module OAuth2
     # @param [Hash] access token options, to pass to the AccessToken object
     # @param [Class] class of access token for easier subclassing OAuth2::AccessToken
     # @return [AccessToken] the initalized AccessToken
-    def get_token(params, access_token_opts={}, access_token_class = AccessToken)
+    def get_token(params, access_token_opts = {}, access_token_class = AccessToken)
       opts = {:raise_errors => options[:raise_errors], :parse => params.delete(:parse)}
       if options[:token_method] == :post
         headers = params.delete(:headers)
@@ -132,7 +133,8 @@ module OAuth2
         opts[:params] = params
       end
       response = request(options[:token_method], token_url, opts)
-      raise Error.new(response) if options[:raise_errors] && !(response.parsed.is_a?(Hash) && response.parsed['access_token'])
+      error = Error.new(response)
+      fail(error) if options[:raise_errors] && !(response.parsed.is_a?(Hash) && response.parsed['access_token'])
       access_token_class.from_hash(self, response.parsed.merge(access_token_opts))
     end
 

data/lib/oauth2/response.rb

@@ -1,4 +1,5 @@
 require 'multi_json'
+require 'multi_xml'
 require 'rack'
 
 module OAuth2
@@ -26,7 +27,7 @@ module OAuth2
     # @param [Hash] opts options in which to initialize the instance
     # @option opts [Symbol] :parse (:automatic) how to parse the response body.  one of :query (for x-www-form-urlencoded),
     #   :json, or :automatic (determined by Content-Type response header)
-    def initialize(response, opts={})
+    def initialize(response, opts = {})
       @response = response
       @options = {:parse => :automatic}.merge(opts)
     end
@@ -49,11 +50,9 @@ module OAuth2
     # Procs that, when called, will parse a response body according
     # to the specified format.
     PARSERS = {
-      # Can't reliably detect whether MultiJson responds to load, since it's
-      # a reserved word. Use adapter as a proxy for new features.
-      :json  => lambda{ |body| MultiJson.respond_to?(:adapter) ? MultiJson.load(body) : MultiJson.decode(body) rescue body },
-      :query => lambda{ |body| Rack::Utils.parse_query(body) },
-      :text  => lambda{ |body| body }
+      :json  => lambda { |body| MultiJson.load(body) rescue body }, # rubocop:disable RescueModifier
+      :query => lambda { |body| Rack::Utils.parse_query(body) },
+      :text  => lambda { |body| body }
     }
 
     # Content type assignments for various potential HTTP content types.
@@ -85,9 +84,6 @@ module OAuth2
   end
 end
 
-begin
-  require 'multi_xml'
-  OAuth2::Response.register_parser(:xml, ['text/xml', 'application/rss+xml', 'application/rdf+xml', 'application/atom+xml']) do |body|
-    MultiXml.parse(body) rescue body
-  end
-rescue LoadError; end
+OAuth2::Response.register_parser(:xml, ['text/xml', 'application/rss+xml', 'application/rdf+xml', 'application/atom+xml']) do |body|
+  MultiXml.parse(body) rescue body # rubocop:disable RescueModifier
+end

data/lib/oauth2/strategy/assertion.rb

@@ -1,4 +1,3 @@
-require 'httpauth'
 require 'jwt'
 
 module OAuth2
@@ -26,7 +25,7 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def authorize_url
-        raise NotImplementedError, "The authorization endpoint is not used in this strategy"
+        fail(NotImplementedError, 'The authorization endpoint is not used in this strategy')
       end
 
       # Retrieve an access token given the specified client.
@@ -43,15 +42,15 @@ module OAuth2
       #   params :exp, expired at, in seconds, like Time.now.utc.to_i + 3600
       #
       # @param [Hash] opts options
-      def get_token(params={}, opts={})
+      def get_token(params = {}, opts = {})
         hash = build_request(params)
         @client.get_token(hash, opts.merge('refresh_token' => nil))
       end
 
       def build_request(params)
         assertion = build_assertion(params)
-        {:grant_type     => "assertion",
-         :assertion_type => "urn:ietf:params:oauth:grant-type:jwt-bearer",
+        {:grant_type     => 'assertion',
+         :assertion_type => 'urn:ietf:params:oauth:grant-type:jwt-bearer',
          :assertion      => assertion,
          :scope          => params[:scope]
         }.merge(client_params)
@@ -64,12 +63,11 @@ module OAuth2
                   :exp => params[:exp]
                  }
         if params[:hmac_secret]
-          jwt_assertion = JWT.encode(claims, params[:hmac_secret], "HS256")
+          JWT.encode(claims, params[:hmac_secret], 'HS256')
         elsif params[:private_key]
-          jwt_assertion = JWT.encode(claims, params[:private_key], "RS256")
+          JWT.encode(claims, params[:private_key], 'RS256')
         end
       end
     end
   end
 end
-

data/lib/oauth2/strategy/auth_code.rb

@@ -7,14 +7,14 @@ module OAuth2
       # The required query parameters for the authorize URL
       #
       # @param [Hash] params additional query parameters
-      def authorize_params(params={})
+      def authorize_params(params = {})
         params.merge('response_type' => 'code', 'client_id' => @client.id)
       end
 
       # The authorization URL endpoint of the provider
       #
       # @param [Hash] params additional query parameters for the URL
-      def authorize_url(params={})
+      def authorize_url(params = {})
         @client.authorize_url(authorize_params.merge(params))
       end
 
@@ -24,7 +24,7 @@ module OAuth2
       # @param [Hash] params additional params
       # @param [Hash] opts options
       # @note that you must also provide a :redirect_uri with most OAuth 2.0 providers
-      def get_token(code, params={}, opts={})
+      def get_token(code, params = {}, opts = {})
         params = {'grant_type' => 'authorization_code', 'code' => code}.merge(client_params).merge(params)
         @client.get_token(params, opts)
       end

data/lib/oauth2/strategy/client_credentials.rb

@@ -1,4 +1,4 @@
-require 'httpauth'
+require 'base64'
 
 module OAuth2
   module Strategy
@@ -10,19 +10,27 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def authorize_url
-        raise NotImplementedError, "The authorization endpoint is not used in this strategy"
+        fail(NotImplementedError, 'The authorization endpoint is not used in this strategy')
       end
 
       # Retrieve an access token given the specified client.
       #
       # @param [Hash] params additional params
       # @param [Hash] opts options
-      def get_token(params={}, opts={})
+      def get_token(params = {}, opts = {})
         request_body = opts.delete('auth_scheme') == 'request_body'
         params.merge!('grant_type' => 'client_credentials')
-        params.merge!(request_body ? client_params : {:headers => {'Authorization' => HTTPAuth::Basic.pack_authorization(client_params['client_id'], client_params['client_secret'])}})
+        params.merge!(request_body ? client_params : {:headers => {'Authorization' => authorization(client_params['client_id'], client_params['client_secret'])}})
         @client.get_token(params, opts.merge('refresh_token' => nil))
       end
+
+      # Returns the Authorization header value for Basic Authentication
+      #
+      # @param [String] The client ID
+      # @param [String] the client secret
+      def authorization(client_id, client_secret)
+        'Basic ' + Base64.encode64(client_id + ':' + client_secret).gsub("\n", '')
+      end
     end
   end
 end

data/lib/oauth2/strategy/implicit.rb

@@ -7,14 +7,14 @@ module OAuth2
       # The required query parameters for the authorize URL
       #
       # @param [Hash] params additional query parameters
-      def authorize_params(params={})
+      def authorize_params(params = {})
         params.merge('response_type' => 'token', 'client_id' => @client.id)
       end
 
       # The authorization URL endpoint of the provider
       #
       # @param [Hash] params additional query parameters for the URL
-      def authorize_url(params={})
+      def authorize_url(params = {})
         @client.authorize_url(authorize_params.merge(params))
       end
 
@@ -22,7 +22,7 @@ module OAuth2
       #
       # @raise [NotImplementedError]
       def get_token(*)
-        raise NotImplementedError, "The token is accessed differently in this strategy"
+        fail(NotImplementedError, 'The token is accessed differently in this strategy')
       end
     end
   end