oauth_provider 0.1.0

data/lib/oauth_provider/token.rb

@@ -0,0 +1,25 @@
+module OAuthProvider
+  class Token
+    def self.generate
+      new(generate_key(16), generate_key)
+    end
+
+    def self.generate_key(size = 32)
+      Base64.encode64(OpenSSL::Random.random_bytes(size)).gsub(/\W/,'')
+    end
+
+    def initialize(shared_key, secret_key)
+      @shared_key, @secret_key = shared_key, secret_key
+    end
+    attr_reader :shared_key, :secret_key
+
+    def query_string
+      OAuth::Token.new(shared_key, secret_key).to_query
+    end
+
+    def ==(token)
+      return false unless token.is_a?(Token)
+      [shared_key, secret_key].eql?([token.shared_key, token.secret_key])
+    end
+  end
+end

data/lib/oauth_provider/user_access.rb

@@ -0,0 +1,25 @@
+module OAuthProvider
+  class UserAccess
+    def initialize(backend, consumer, request_shared_key, token)
+      @backend, @consumer, @request_shared_key, @token = backend, consumer, request_shared_key, token
+    end
+    attr_reader :consumer, :request_shared_key, :token
+
+    def query_string
+      @token.query_string
+    end
+
+    def shared_key
+      @token.shared_key
+    end
+
+    def secret_key
+      @token.secret_key
+    end
+
+    def ==(user_access)
+      return false unless user_access.is_a?(UserAccess)
+      [consumer, request_shared_key, token] == [user_access.consumer, user_access.request_shared_key, user_access.token]
+    end
+  end
+end

data/lib/oauth_provider/user_request.rb

@@ -0,0 +1,46 @@
+module OAuthProvider
+  class UserRequest
+    def initialize(backend, consumer, authorized, token)
+      @backend, @consumer, @authorized, @token = backend, consumer, authorized, token
+    end
+    attr_reader :consumer, :token
+
+    def authorized?
+      @authorized
+    end
+
+    def authorize
+      @authorized = true
+      @backend.save_user_request(self)
+    end
+
+    def upgrade(token = nil)
+      if authorized?
+        @backend.add_user_access(self, token || Token.generate)
+      else
+        raise UserRequestNotAuthorized.new(self)
+      end
+    end
+
+    def callback
+      @consumer.callback
+    end
+
+    def query_string
+      @token.query_string
+    end
+
+    def shared_key
+      @token.shared_key
+    end
+
+    def secret_key
+      @token.secret_key
+    end
+
+    def ==(user_request)
+      return false unless user_request.is_a?(UserRequest)
+      [consumer, authorized?, token] == [user_request.consumer, user_request.authorized?, user_request.token]
+    end
+  end
+end

data/lib/oauth_provider/version.rb

@@ -0,0 +1,3 @@
+module OAuthProvider
+  VERSION = "0.0.9"
+end

data/spec/backend_spec.rb

@@ -0,0 +1,3 @@
+describe "A Backend" do
+
+end

data/spec/backends/abstract_spec.rb

@@ -0,0 +1,11 @@
+describe "The Abstract backend" do
+  %w( create_consumer find_consumer save_consumer destroy_consumer
+      create_user_request find_user_request save_user_request destroy_user_request
+      create_user_access find_user_access destroy_user_access ).each do |method_name|
+    it "does not implement the ##{method_name} method" do
+      backend = OAuthProvider::Backends::Abstract.new
+      lambda { backend.send(method_name, :arg) }.
+        should raise_error(OAuthProvider::NotImplemented, /#{method_name}/)
+    end
+  end
+end

data/spec/consumer_spec.rb

@@ -0,0 +1,65 @@
+describe "A Consumer" do
+  describe "issuing a user request" do
+    it "saves the request" do
+      provider = create_provider
+      consumer = provider.add_consumer("http://foo.com")
+      user_request = consumer.issue_request
+      consumer.find_user_request(user_request.shared_key).should == user_request
+    end
+
+    describe "specifying that it is already authorized" do
+      it "is authorized" do
+        provider = create_provider
+        consumer = provider.add_consumer("http://foo.com")
+        user_request = consumer.issue_request(true)
+        consumer.find_user_request(user_request.shared_key).should be_authorized
+      end
+    end
+
+    describe "specifying that it is not authorized" do
+      it "is not authorized" do
+        provider = create_provider
+        consumer = provider.add_consumer("http://foo.com")
+        user_request = consumer.issue_request(false)
+        consumer.find_user_request(user_request.shared_key).should_not be_authorized
+      end
+    end
+
+    describe "with a custom token" do
+      it "uses the provided token" do
+        provider = create_provider
+        consumer = provider.add_consumer("http://foo.com")
+        user_request = consumer.issue_request(false, OAuthProvider::Token.new("shared key", "secret key"))
+        consumer.find_user_request("shared key").should == user_request
+        user_request.secret_key.should == "secret key"
+      end
+    end
+  end
+
+  it "can destroy a user request" do
+    provider = create_provider
+    consumer = provider.add_consumer("http://foo.com")
+    user_request = consumer.issue_request
+    consumer.find_user_request(user_request.shared_key).should == user_request
+    consumer.destroy_user_request(user_request).should be_true
+    lambda {consumer.find_user_request(user_request)}.should raise_error(OAuthProvider::UserRequestNotFound)
+  end
+
+  it "finds the same user access for a shared key" do
+    provider = create_provider
+    consumer = provider.add_consumer("http://foo.com")
+    user_request = consumer.issue_request
+    user_request.authorize
+    user_access = user_request.upgrade
+    consumer.find_user_access(user_access.shared_key).should == user_access
+  end
+
+  it "is equal to another consumer when both the callback and token match" do
+    provider = create_provider
+    token1 = OAuthProvider::Token.new("123", "456")
+    token2 = OAuthProvider::Token.new("123", "456")
+    consumer1 = OAuthProvider::Consumer.new(nil, provider, "callback", token1)
+    consumer2 = OAuthProvider::Consumer.new(nil, provider, "callback", token2)
+    consumer1.should == consumer2
+  end
+end

data/spec/helpers/backend_helper.rb

@@ -0,0 +1,85 @@
+require 'fileutils'
+
+module OAuthBackendHelper
+  module InMemory
+    def self.create
+      OAuthProvider.create(:in_memory)
+    end
+
+    def self.setup; end
+    def self.reset; end
+  end
+
+  module DataMapper
+    def self.create
+      OAuthProvider.create(:data_mapper)
+    end
+
+    def self.setup
+      require 'dm-core'
+      ::DataMapper.setup(:default, "sqlite3:///tmp/oauth_provider_test.sqlite3")
+    end
+
+    def self.reset
+      create
+      ::DataMapper.auto_migrate!
+    end
+  end
+
+  module Sqlite3
+    PATH = "/tmp/oauth_provider_sqlite3_test.sqlite3" unless defined?(PATH)
+
+    def self.create
+      OAuthProvider.create(:sqlite3, PATH)
+    end
+
+    def self.setup; end
+
+    def self.reset
+      FileUtils.rm(PATH) rescue nil
+    end
+  end
+
+  module Mysql
+    def self.create
+      host      = ENV['MYSQL_HOST'] || "localhost"
+      user      = ENV['MYSQL_USER'] || "root"
+      password  = ENV['MYSQL_PASSWORD'] || ""
+      db        = ENV['MYSQL_DB'] || "oauth_provider_test"
+      port      = ENV['MYSQL_PORT'] || 3306
+      OAuthProvider.create(:mysql, host, user, password, db, port)
+    end
+
+    def self.setup; end
+
+    def self.reset
+      self.create.backend.clear!
+    end
+  end
+
+
+  def self.setup
+    backend_module.setup
+  end
+
+  def self.reset
+    backend_module.reset
+  end
+
+  def self.provider
+    backend_module.create
+  end
+
+  def self.backend_module
+    klass_name = backend_name.to_s.split('_').map {|e| e.capitalize}.join
+    unless const_defined?(klass_name)
+      $stderr.puts "There is no backend for #{backend_name.inspect}"
+      exit!
+    end
+    const_get(klass_name)
+  end
+
+  def self.backend_name
+    (ENV["BACKEND"] || "in_memory").to_sym
+  end
+end

data/spec/provider_spec.rb

@@ -0,0 +1,107 @@
+require File.dirname(__FILE__) + '/spec_helper'
+
+describe "A Provider" do
+  describe "adding a consumer" do
+    it "saves the consumer" do
+      provider = create_provider
+      consumer = provider.add_consumer("http://testconsumer.example.org/")
+      provider.find_consumer(consumer.shared_key).should == consumer
+    end
+
+    it "disallows a consumer with the same callback" do
+      provider = create_provider
+      provider.add_consumer("http://testconsumer.example.org/")
+      lambda { provider.add_consumer("http://testconsumer.example.org/") }.
+        should raise_error(OAuthProvider::DuplicateCallback)
+    end
+
+    describe "with a custom token" do
+      it "uses the token" do
+        provider = create_provider
+        consumer = provider.add_consumer("http://testconsumer.example.org/", OAuthProvider::Token.new("shared key", "secret key"))
+        provider.find_consumer("shared key").should == consumer
+        consumer.secret_key.should == "secret key"
+      end
+    end
+  end
+
+  describe "all the consumers" do
+    it "returns the complete list" do
+      provider = create_provider
+      one = provider.add_consumer("http://one.com/")
+      two = provider.add_consumer("http://two.com/")
+      provider.consumers.should == [one, two]
+    end
+  end
+
+  describe "deleting a consumer" do
+    it "removes the consumer from the backend" do
+      provider = create_provider
+      one = provider.add_consumer("http://one.com/")
+      provider.destroy_consumer(one)
+      provider.consumers.should be_empty
+    end
+  end
+
+  describe "finding a consumer" do
+    it "removes the consumer from the backend" do
+      provider = create_provider
+      one = provider.add_consumer("http://one.com/")
+      provider.destroy_consumer(one)
+      provider.consumers.should be_empty
+    end
+  end
+
+  describe "with a consumer" do
+    before(:each) do
+      @provider = create_provider
+      @consumer = @provider.add_consumer("http://testconsumer.example.org/")
+      @client = OAuthClient.new(@consumer)
+    end
+
+    it "issues a user request" do
+      user_request = @provider.issue_request(@client.request)
+      lambda { @provider.confirm_access(@client.request(user_request)) }.
+        should raise_error(OAuthProvider::UserAccessNotFound)
+      @consumer.find_user_request(user_request.shared_key).should_not be_nil
+    end
+
+    describe "with a user request" do
+      before(:each) do
+        @user_request = @provider.issue_request(@client.request)
+      end
+
+      it "authorizes the request" do
+        @user_request.authorize
+        @user_request.should be_authorized
+      end
+
+      describe "which has been authorized" do
+        before(:each) do
+          @user_request.authorize
+        end
+
+        it "upgrades the request" do
+          request = @client.request(@user_request)
+          user_access = @provider.upgrade_request(request)
+          lambda { @provider.confirm_access(@client.request(user_access)) }.
+            should_not raise_error
+        end
+
+        describe "converted to user access" do
+          before(:each) do
+            request = @client.request(@user_request)
+            @access_token = @provider.upgrade_request(request)
+          end
+
+          it "validates the token" do
+            request = @client.request(@access_token)
+            @provider.confirm_access(request)
+            lambda { @provider.confirm_access(request) }.
+              should_not raise_error
+          end
+        end
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,93 @@
+require 'rubygems'
+require 'spec'
+require 'rack'
+require 'pp'
+require 'oauth/helper'
+
+require File.dirname(__FILE__) + '/../lib/oauth_provider'
+require File.dirname(__FILE__) + '/helpers/backend_helper'
+
+OAuthBackendHelper.setup
+
+module OAuthProviderHelper
+  def create_provider
+    OAuthBackendHelper.provider
+  end
+end
+
+Spec::Runner.configure do |config|
+  config.include(OAuthProviderHelper)
+
+  config.before(:each) do
+    OAuthBackendHelper.reset
+  end
+end
+
+require 'oauth/request_proxy/base'
+
+module OAuth
+  module RequestProxy
+    class MockRequest < OAuth::RequestProxy::Base
+      proxies Hash
+
+      def parameters
+        @request["parameters"]
+      end
+
+      def method
+        @request["method"]
+      end
+
+      def uri
+        @request["uri"]
+      end
+    end
+  end
+end
+
+class OAuthClient
+  def initialize(consumer)
+    @consumer = OAuth::Consumer.new(consumer.shared_key, consumer.secret_key)
+  end
+  attr_reader :consumer
+
+  def request(token = nil)
+    Request.new(@consumer, Time.now.to_i, token).signed_request
+  end
+
+  class Request
+    include OAuth::Helper
+
+    def initialize(consumer, timestamp, token)
+      @consumer, @timestamp, @nonce, @token = consumer, timestamp, generate_key, token
+    end
+
+    def signed_request
+      r = request
+      r["parameters"]["oauth_signature"] = signature
+      r
+    end
+
+    def signature
+      OAuth::Signature.sign(request) do |token|
+        [@token && @token.secret_key, @consumer.secret]
+      end
+    end
+
+    def request
+      {"parameters" => query_hash,
+        "method" => "GET",
+        "uri" => "http://example.org/"}
+    end
+
+    def query_hash
+      h = {"oauth_nonce" => @nonce,
+           "oauth_timestamp" => @timestamp,
+           "oauth_signature_method" => "HMAC-SHA1",
+           "oauth_consumer_key" => @consumer.key,
+           "oauth_version" => "1.0"}
+      h["oauth_token"] = @token.shared_key if @token
+      h
+    end
+  end
+end