RubyGems - oauthenticator - Versions diffs - 1.1.0 → 1.2.0 - Mend

oauthenticator 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +7 -7
data/CHANGELOG.md +5 -0
data/Rakefile.rb +2 -0
data/lib/oauthenticator/faraday_signer.rb +3 -4
data/lib/oauthenticator/rack_test_signer.rb +51 -0
data/lib/oauthenticator/signable_request.rb +4 -4
data/lib/oauthenticator/signed_request.rb +6 -4
data/lib/oauthenticator/version.rb +1 -1
data/test/rack_authenticator_test.rb +19 -0
data/test/rack_test_signer_test.rb +61 -0
metadata +118 -188

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
----
-SHA1:
-  metadata.gz: 827942505f6a7a7454a54fec370230998566b31d
-  data.tar.gz: a2b80c738be4320eec657fea5b16d3b53ea06050
-SHA512:
-  metadata.gz: ce622ff45391f968819261955cfabf0f1a8f73a7d0956b1e63011b7e342d83259f198a2f4b0d3f3895dcb119e8e89e0bc78e6fbc02c36fa54dc2eecd01b545a7
-  data.tar.gz: 42c979625cb2411ecb257e2010c7038f346c0b839cd2d57c079f09db4cefb7f04eddceff664e78b9fe5a8529e1ab93a0841b0f9cffcfac71dbb356d6611d77b0
+---
+SHA1:
+  metadata.gz: f69d23d4847799b28bcac89a56d812472727cf3d
+  data.tar.gz: ca253660ea69d85715f8ebe2427f45744e8aec57
+SHA512:
+  metadata.gz: 7f2a35dc3501fa2542095db00906675fd0f77d40a3f0356e419a35399de4a3cd6ae7086b0420723529a271b6285b33efbdcf908e2b5c55109d81437fbf5fe7e2
+  data.tar.gz: b81c5679eb69fd602b0eb659e3be7c9f4b6df60792237a94aedcba0a47e231ecd9e6f5835fecc5a59b08ba50c42683160d2ca04a5957cccb800a6db5550622db

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,8 @@
+# 1.2.0
+- OAuthenticator::RackTestSigner / OAuthenticator.signing_rack_test
+- don't try to use a nonce when not required and specified
 # 1.1.0
 - added OAuthenticator::NonceUsedError to address race condition between `#nonce_used?` and `#use_nonce!`

data/Rakefile.rb CHANGED Viewed

@@ -9,3 +9,5 @@ task 'default' => 'test'
 require 'yard'
 YARD::Rake::YardocTask.new do |t|
 end
+require 'api_hammer/tasks'

data/lib/oauthenticator/faraday_signer.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+require 'oauthenticator'
 require 'faraday'
 if Faraday.respond_to?(:register_middleware)
@@ -57,10 +58,8 @@ module OAuthenticator
         :body => request_env[:body]
       }
       oauthenticator_signable_request = OAuthenticator::SignableRequest.new(@options.merge(request_attributes))
-      authorization = oauthenticator_signable_request.authorization
-      signed_request_headers = request_env[:request_headers].merge('Authorization' => authorization)
-      signed_request_env = request_env.merge(:request_headers => signed_request_headers)
-      @app.call(signed_request_env)
+      request_env[:request_headers]['Authorization'] = oauthenticator_signable_request.authorization
+      @app.call(request_env)
     end
   end
 end

data/lib/oauthenticator/rack_test_signer.rb ADDED Viewed

@@ -0,0 +1,51 @@
+module OAuthenticator
+  module RackTestSigner
+    # takes a block. for the duration of the block, requests made with Rack::Test will be signed
+    # with the given oauth_attrs. oauth_attrs are passed to {OAuthenticator::SignableRequest}.
+    #
+    # attributes of the request are set from the Rack::Test request, so you should not provide those in
+    # the outh_attrs.
+    #
+    # These are the options you should or may provide (see {OAuthenticator::SignableRequest} for details of
+    # what options are required, what options have default or generated values, and what may be omitted):
+    #
+    # - signature_method
+    # - consumer_key
+    # - consumer_secret
+    # - token
+    # - token_secret
+    # - version
+    # - realm
+    # - hash_body?
+    def signing_rack_test(oauth_attrs, &block)
+      begin
+        Thread.current[:oauthenticator_rack_test_attributes] = oauth_attrs
+        return yield
+      ensure
+        Thread.current[:oauthenticator_rack_test_attributes] = nil
+      end
+    end
+  end
+  # you can run OAuthenticator.signing_rack_test(attrs) { stuff }
+  extend RackTestSigner
+end
+class Rack::Test::Session
+  actual_process_request = instance_method(:process_request)
+  define_method(:process_request) do |uri, env, &block|
+    oauth_attrs = Thread.current[:oauthenticator_rack_test_attributes]
+    if oauth_attrs
+      request = Rack::Request.new(env)
+      env['HTTP_AUTHORIZATION'] = OAuthenticator::SignableRequest.new(oauth_attrs.merge({
+        :request_method => request.request_method,
+        :uri => request.url,
+        :media_type => request.media_type,
+        :body => request.body,
+      })).authorization
+    end
+    actual_process_request.bind(self).call(uri, env, &block)
+  end
+end

data/lib/oauthenticator/signable_request.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 require 'openssl'
-require 'uri'
+require 'addressable/uri'
 require 'base64'
 require 'cgi'
 require 'strscan'
@@ -176,9 +176,9 @@ module OAuthenticator
     #
     # @return [String]
     def base_string_uri
-      URI.parse(@attributes['uri'].to_s).tap do |uri|
-        uri.scheme = uri.scheme.downcase
-        uri.host = uri.host.downcase
+      Addressable::URI.parse(@attributes['uri'].to_s).tap do |uri|
+        uri.scheme = uri.scheme.downcase if uri.scheme
+        uri.host = uri.host.downcase if uri.host
         uri.normalize!
         uri.fragment = nil
         uri.query = nil

data/lib/oauthenticator/signed_request.rb CHANGED Viewed

@@ -219,10 +219,12 @@ module OAuthenticator
           throw(:errors, {'Authorization oauth_signature' => ['is invalid']})
         end
-        begin
-          use_nonce!
-        rescue NonceUsedError
-          throw(:errors, {'Authorization oauth_nonce' => ['has already been used']})
+        if nonce?
+          begin
+            use_nonce!
+          rescue NonceUsedError
+            throw(:errors, {'Authorization oauth_nonce' => ['has already been used']})
+          end
         end
         nil

data/lib/oauthenticator/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # OAuthenticator
 module OAuthenticator
   # OAuthenticator::VERSION
-  VERSION = "1.1.0"
+  VERSION = "1.2.0"
 end

data/test/rack_authenticator_test.rb CHANGED Viewed

@@ -305,6 +305,25 @@ describe OAuthenticator::RackAuthenticator do
       %q(oauth_version="1.0")
     assert_response(200, '☺', *oapp.call(request.env))
   end
+  it 'does not try to use an omitted nonce with PLAINTEXT' do
+    Timecop.travel Time.at 1391021695
+    consumer # cause this to be created
+    request = Rack::Request.new(Rack::MockRequest.env_for('/', :method => 'GET'))
+    request.env['HTTP_AUTHORIZATION'] = %q(OAuth oauth_consumer_key="test_client_app_key", ) +
+      #%q(oauth_nonce="c1c2bd8676d44e48691c8dceffa66a96", ) +
+      %q(oauth_signature="test_client_app_secret%26", ) +
+      %q(oauth_signature_method="PLAINTEXT", ) +
+      %q(oauth_timestamp="1391021695", ) +
+      %q(oauth_version="1.0")
+    test_config_methods_without_use_nonce = Module.new do
+      include OAuthenticatorTestConfigMethods
+      def use_nonce!
+        raise "#use_nonce! should not have been called"
+      end
+    end
+    app = OAuthenticator::RackAuthenticator.new(simpleapp, :config_methods => test_config_methods_without_use_nonce)
+    assert_response(200, '☺', *app.call(request.env))
+  end
   it 'has an already-used nonce' do
     Timecop.travel Time.at 1391021695
     consumer # cause this to be created

data/test/rack_test_signer_test.rb ADDED Viewed

@@ -0,0 +1,61 @@
+# encoding: utf-8
+proc { |p| $:.unshift(p) unless $:.any? { |lp| File.expand_path(lp) == p } }.call(File.expand_path('.', File.dirname(__FILE__)))
+require 'helper'
+require 'oauthenticator/rack_test_signer'
+# not going to test a ton here, since the rack test signer mostly just calls to SignableRequest which is
+# rather well-tested
+describe OAuthenticator::RackTestSigner do
+  def assert_response(expected_status, expected_body, rack_response)
+    assert_equal expected_status.to_i, rack_response.status.to_i, "Expected status to be #{expected_status.inspect}" +
+      "; got #{rack_response.status.inspect}. body was: #{rack_response.body}"
+    assert expected_body === rack_response.body, "Expected match for #{expected_body}; got #{rack_response.body}"
+  end
+  def app
+    oapp
+  end
+  # this will construct the rack test session for us
+  include Rack::Test::Methods
+  it 'succeeds' do
+    signing_options = {
+      :signature_method => 'PLAINTEXT',
+      :consumer_key => consumer_key,
+      :consumer_secret => consumer_secret,
+      :token => token,
+      :token_secret => token_secret,
+    }
+    response = OAuthenticator.signing_rack_test(signing_options) { get '/' }
+    assert_response 200, '☺', response
+  end
+  it 'succeeds with form-encoded with HMAC' do
+    signing_options = {
+      :signature_method => 'HMAC-SHA1',
+      :consumer_key => consumer_key,
+      :consumer_secret => consumer_secret,
+      :token => token,
+      :token_secret => token_secret,
+    }
+    response = OAuthenticator.signing_rack_test(signing_options) { put('/', :foo => {:bar => :baz}) }
+    assert_response 200, '☺', response
+  end
+  it 'is unauthorized' do
+    signing_options = {
+      :signature_method => 'PLAINTEXT',
+      :consumer_key => consumer_key,
+      :consumer_secret => 'nope',
+      :token => token,
+      :token_secret => 'definitelynot',
+    }
+    response = OAuthenticator.signing_rack_test(signing_options) { get '/' }
+    assert_response 401, /Authorization oauth_signature.*is invalid/m, response
+  end
+end

metadata CHANGED Viewed

@@ -1,258 +1,188 @@
---- !ruby/object:Gem::Specification
+--- !ruby/object:Gem::Specification
 name: oauthenticator
-version: !ruby/object:Gem::Version
-  version: 1.1.0
+version: !ruby/object:Gem::Version
+  version: 1.2.0
 platform: ruby
-authors:
+authors:
 - Ethan
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-05-01 00:00:00.000000000 Z
-dependencies:
-- !ruby/object:Gem::Dependency
+date: 2014-06-25 00:00:00 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: rack
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: json
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id001 !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: "1.4"
   type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency
+  name: json
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
+  requirement: &id002 !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: "1.8"
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency
   name: faraday
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: "0.9"
   type: :runtime
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency
+  name: addressable
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
+  requirement: &id004 !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: "2.3"
+  type: :runtime
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency
   name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: minitest
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id005 !ruby/object:Gem::Requirement
+    requirements:
+    - &id006
+      - ">="
+      - !ruby/object:Gem::Version
+        version: "0"
   type: :development
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency
+  name: minitest
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: minitest-reporters
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rack-test
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id007 !ruby/object:Gem::Requirement
+    requirements:
+    - *id006
   type: :development
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency
+  name: minitest-reporters
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: timecop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id008 !ruby/object:Gem::Requirement
+    requirements:
+    - *id006
   type: :development
+  version_requirements: *id008
+- !ruby/object:Gem::Dependency
+  name: rack-test
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: simplecov
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id009 !ruby/object:Gem::Requirement
+    requirements:
+    - *id006
   type: :development
+  version_requirements: *id009
+- !ruby/object:Gem::Dependency
+  name: timecop
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: yard
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id010 !ruby/object:Gem::Requirement
+    requirements:
+    - *id006
   type: :development
+  version_requirements: *id010
+- !ruby/object:Gem::Dependency
+  name: simplecov
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rdiscount
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id011 !ruby/object:Gem::Requirement
+    requirements:
+    - *id006
   type: :development
+  version_requirements: *id011
+- !ruby/object:Gem::Dependency
+  name: api_hammer
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: redcarpet
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
+  requirement: &id012 !ruby/object:Gem::Requirement
+    requirements:
+    - *id006
   type: :development
+  version_requirements: *id012
+- !ruby/object:Gem::Dependency
+  name: yard
   prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rdoc
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 3.9.0
+  requirement: &id013 !ruby/object:Gem::Requirement
+    requirements:
+    - *id006
   type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 3.9.0
+  version_requirements: *id013
 description: OAuthenticator signs and authenticates OAuth 1.0 requests
-email:
+email:
 - ethan@unth
 executables: []
 extensions: []
 extra_rdoc_files: []
-files:
-- ".simplecov"
-- ".yardopts"
-- CHANGELOG.md
-- LICENSE.txt
-- README.md
-- Rakefile.rb
+files:
 - lib/oauthenticator.rb
 - lib/oauthenticator/config_methods.rb
 - lib/oauthenticator/faraday_signer.rb
 - lib/oauthenticator/parse_authorization.rb
 - lib/oauthenticator/rack_authenticator.rb
+- lib/oauthenticator/rack_test_signer.rb
 - lib/oauthenticator/signable_request.rb
 - lib/oauthenticator/signed_request.rb
 - lib/oauthenticator/version.rb
+- .yardopts
+- LICENSE.txt
+- CHANGELOG.md
+- README.md
+- Rakefile.rb
 - test/config_methods_test.rb
 - test/faraday_signer_test.rb
 - test/helper.rb
 - test/parse_authorization_test.rb
 - test/rack_authenticator_test.rb
+- test/rack_test_signer_test.rb
 - test/signable_request_test.rb
 - test/signed_request_test.rb
 - test/test_config_methods.rb
+- .simplecov
 homepage: https://github.com/notEthan/oauthenticator
-licenses:
+licenses:
 - MIT
 metadata: {}
 post_install_message:
 rdoc_options: []
-require_paths:
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      version: '0'
-required_rubygems_version: !ruby/object:Gem::Requirement
-  requirements:
-  - - ">="
-    - !ruby/object:Gem::Version
-      version: '0'
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - *id006
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - *id006
 requirements: []
 rubyforge_project:
-rubygems_version: 2.2.2
+rubygems_version: 2.0.14
 signing_key:
 specification_version: 4
 summary: OAuth 1.0 request signing and authentication
-test_files:
+test_files:
 - test/config_methods_test.rb
 - test/faraday_signer_test.rb
 - test/helper.rb
 - test/parse_authorization_test.rb
 - test/rack_authenticator_test.rb
+- test/rack_test_signer_test.rb
 - test/signable_request_test.rb
 - test/signed_request_test.rb
 - test/test_config_methods.rb
-- ".simplecov"
-has_rdoc:
+- .simplecov