proletarian-oauth 0.3.2

data/lib/oauth/server.rb

@@ -0,0 +1,68 @@
+require 'oauth/helper'
+require 'oauth/consumer'
+module OAuth
+  # This is mainly used to create consumer credentials and can pretty much be ignored if you want to create your own
+  class Server
+    include OAuth::Helper
+    attr_accessor :base_url
+    
+    @@server_paths={
+      :request_token_path=>"/oauth/request_token",
+      :authorize_path=>"/oauth/authorize",
+      :access_token_path=>"/oauth/access_token"
+    }
+    # Create a new server instance
+    def initialize(base_url,paths={})
+      @base_url=base_url
+      @paths=@@server_paths.merge(paths)
+    end
+        
+    def generate_credentials()
+      [generate_key(16),generate_key]
+    end
+    
+    def generate_consumer_credentials(params={})
+      Consumer.new( *generate_credentials)
+    end
+
+    # mainly for testing purposes
+    def create_consumer
+      credentials=generate_credentials
+      Consumer.new( 
+        credentials[0],
+        credentials[1],
+        {
+          :site=>base_url,
+          :request_token_path=>request_token_path,
+          :authorize_path=>authorize_path,
+          :access_token_path=>access_token_path
+      })
+    end
+        
+    def request_token_path
+      @paths[:request_token_path]
+    end
+    
+    def request_token_url
+      base_url+request_token_path
+    end
+    
+    def authorize_path
+      @paths[:authorize_path]
+    end
+    
+    def authorize_url
+      base_url+authorize_path
+    end
+    
+    def access_token_path
+      @paths[:access_token_path]
+    end
+
+    def access_token_url
+      base_url+access_token_path
+    end
+    
+    
+  end
+end

data/lib/oauth/signature/base.rb

@@ -0,0 +1,89 @@
+require 'oauth/signature'
+require 'oauth/helper'
+require 'oauth/request_proxy/base'
+require 'base64'
+
+module OAuth::Signature
+  class Base
+    include OAuth::Helper
+    
+    attr_accessor :options
+    
+    def self.implements(signature_method)
+      OAuth::Signature.available_methods[signature_method] = self
+    end
+
+    def self.digest_class(digest_class = nil)
+      return @digest_class if digest_class.nil?
+      @digest_class = digest_class
+    end
+
+    attr_reader :token_secret, :consumer_secret, :request
+
+    def initialize(request, options = {}, &block)
+      raise TypeError unless request.kind_of?(OAuth::RequestProxy::Base)
+      @request = request
+      @options = options
+
+      if block_given?
+
+        # consumer secret and token secret need to be looked up based on pieces of the request
+        @token_secret, @consumer_secret = yield block.arity == 1 ? request : [token, consumer_key,nonce,request.timestamp]
+
+      else
+        ## consumer secret was determined beforehand
+
+        @consumer_secret = options[:consumer].secret if options[:consumer]
+
+        # presence of :consumer_secret option will override any Consumer that's provided
+        @consumer_secret = options[:consumer_secret] if options[:consumer_secret]
+
+        ## token secret was determined beforehand
+
+        @token_secret = options[:token].secret if options[:token]
+
+        # presence of :token_secret option will override any Token that's provided
+        @token_secret = options[:token_secret] if options[:token_secret]
+      end
+    end
+
+    def signature
+      Base64.encode64(digest).chomp.gsub(/\n/,'')
+    end
+
+    def ==(cmp_signature)
+      Base64.decode64(signature) == Base64.decode64(cmp_signature)
+    end
+
+    def verify
+      self == self.request.signature
+    end
+
+    def signature_base_string
+      request.signature_base_string
+    end
+    
+    private
+
+    def token
+      request.token
+    end
+    
+    def consumer_key
+      request.consumer_key
+    end
+    
+    def nonce
+      request.nonce
+    end
+
+    def secret
+      "#{escape(consumer_secret)}&#{escape(token_secret)}"
+    end
+
+    def digest
+      self.class.digest_class.digest(signature_base_string)
+    end
+
+  end
+end

data/lib/oauth/signature/hmac/base.rb

@@ -0,0 +1,12 @@
+require 'oauth/signature/base'
+
+module OAuth::Signature::HMAC
+  class Base < OAuth::Signature::Base
+
+    private
+
+    def digest
+      self.class.digest_class.digest(secret, signature_base_string)
+    end
+  end
+end

data/lib/oauth/signature/hmac/md5.rb

@@ -0,0 +1,9 @@
+require 'oauth/signature/hmac/base'
+require 'hmac-md5'
+
+module OAuth::Signature::HMAC
+  class MD5 < Base
+    implements 'hmac-md5'
+    digest_class ::HMAC::MD5
+  end
+end

data/lib/oauth/signature/hmac/rmd160.rb

@@ -0,0 +1,9 @@
+require 'oauth/signature/hmac/base'
+require 'hmac-rmd160'
+
+module OAuth::Signature::HMAC
+  class RMD160 < Base
+    implements 'hmac-rmd160'
+    digest_class ::HMAC::RMD160
+  end
+end

data/lib/oauth/signature/hmac/sha1.rb

@@ -0,0 +1,10 @@
+require 'oauth/signature/hmac/base'
+require 'rubygems'
+require 'hmac-sha1'
+
+module OAuth::Signature::HMAC
+  class SHA1 < Base
+    implements 'hmac-sha1'
+    digest_class ::HMAC::SHA1
+  end
+end

data/lib/oauth/signature/hmac/sha2.rb

@@ -0,0 +1,9 @@
+require 'oauth/signature/hmac/base'
+require 'hmac-sha2'
+
+module OAuth::Signature::HMAC
+  class SHA2 < Base
+    implements 'hmac-sha2'
+    digest_class ::HMAC::SHA2
+  end
+end

data/lib/oauth/signature/md5.rb

@@ -0,0 +1,13 @@
+require 'oauth/signature/base'
+require 'digest/md5'
+
+module OAuth::Signature
+  class MD5 < Base
+    implements 'md5'
+    digest_class Digest::MD5
+
+    def signature_base_string
+      secret + super
+    end
+  end
+end

data/lib/oauth/signature/plaintext.rb

@@ -0,0 +1,23 @@
+require 'oauth/signature/base'
+
+module OAuth::Signature
+  class PLAINTEXT < Base
+    implements 'plaintext'
+
+    def signature
+      signature_base_string
+    end
+
+    def ==(cmp_signature)
+      signature == escape(cmp_signature)
+    end
+
+    def signature_base_string
+      secret
+    end
+    
+    def secret
+      escape super
+    end
+  end
+end

data/lib/oauth/signature/rsa/sha1.rb

@@ -0,0 +1,44 @@
+require 'oauth/signature/base'
+require 'openssl'
+
+module OAuth::Signature::RSA
+  class SHA1 < OAuth::Signature::Base
+    implements 'rsa-sha1'
+
+    def ==(cmp_signature)
+      public_key.verify(OpenSSL::Digest::SHA1.new, Base64.decode64(cmp_signature.is_a?(Array) ? cmp_signature.first : cmp_signature), signature_base_string)
+    end
+
+    def public_key
+      if consumer_secret.is_a?(String)
+        decode_public_key
+      elsif consumer_secret.is_a?(OpenSSL::X509::Certificate)
+        consumer_secret.public_key
+      else
+        consumer_secret
+      end
+    end
+    
+    private
+    
+    def decode_public_key
+      case consumer_secret
+      when /-----BEGIN CERTIFICATE-----/
+        OpenSSL::X509::Certificate.new( consumer_secret).public_key
+      else
+        OpenSSL::PKey::RSA.new( consumer_secret)
+      end
+    end
+    
+    def digest
+      private_key = OpenSSL::PKey::RSA.new(
+        if options[:private_key_file]
+          IO.read(options[:private_key_file])
+        else
+          consumer_secret
+        end
+      )
+      private_key.sign(OpenSSL::Digest::SHA1.new, signature_base_string)
+    end
+  end
+end

data/lib/oauth/signature/sha1.rb

@@ -0,0 +1,13 @@
+require 'oauth/signature/base'
+require 'digest/sha1'
+
+module OAuth::Signature
+  class SHA1 < Base
+    implements 'sha1'
+    digest_class Digest::SHA1
+
+    def signature_base_string
+      secret + super
+    end
+  end
+end

data/lib/oauth/signature.rb

@@ -0,0 +1,28 @@
+module OAuth
+  module Signature
+    def self.available_methods
+      @available_methods ||= {}
+    end
+
+    def self.build(request, options = {}, &block)
+      request = OAuth::RequestProxy.proxy(request, options)
+      klass = available_methods[(request.signature_method || "").downcase]
+      raise UnknownSignatureMethod, request.signature_method unless klass
+      klass.new(request, options, &block)
+    end
+
+    def self.sign(request, options = {}, &block)
+      self.build(request, options, &block).signature
+    end
+
+    def self.verify(request, options = {}, &block)
+      self.build(request, options, &block).verify
+    end
+
+    def self.signature_base_string(request, options = {}, &block)
+      self.build(request, options, &block).signature_base_string
+    end
+
+    class UnknownSignatureMethod < Exception; end
+  end
+end

data/lib/oauth/token.rb

@@ -0,0 +1,137 @@
+require 'oauth/helper'
+module OAuth
+  
+  # Superclass for the various tokens used by OAuth
+  
+  class Token
+    include OAuth::Helper
+    
+    attr_accessor :token, :secret
+
+    def initialize(token, secret)
+      @token = token
+      @secret = secret
+    end
+    
+    def to_query
+      "oauth_token=#{escape(token)}&oauth_secret=#{escape(secret)}"
+    end
+    
+  end
+  
+  # Used on the server for generating tokens
+  class ServerToken<Token
+    
+    def initialize
+      super generate_key(16),generate_key
+    end
+  end
+  # Superclass for tokens used by OAuth Clients
+  class ConsumerToken<Token
+    attr_accessor :consumer
+
+    def initialize(consumer,token="",secret="")
+      super token,secret
+      @consumer=consumer
+    end
+    
+    # Make a signed request using given http_method to the path
+    #
+    #   @token.request(:get,'/people')
+    #   @token.request(:post,'/people',@person.to_xml,{ 'Content-Type' => 'application/xml' })
+    #
+    def request(http_method,path,*arguments)
+      response=consumer.request(http_method,path,self,{},*arguments)
+    end
+    
+    # Sign a request generated elsewhere using Net:HTTP::Post.new or friends
+    def sign!(request,options = {})
+      consumer.sign!(request,self,options)
+    end
+    
+  end
+
+  # The RequestToken is used for the initial Request.
+  # This is normally created by the Consumer object.
+  class RequestToken<ConsumerToken
+    
+    # Returns the authorization url that you need to use for redirecting the user
+    def authorize_url
+      consumer.authorize_url+"?oauth_token="+CGI.escape(token)
+    end
+    
+    # exchange for AccessToken on server
+    def get_access_token(options={})
+      response=consumer.token_request(consumer.http_method,(consumer.access_token_url? ? consumer.access_token_url : consumer.access_token_path),self,options)
+      OAuth::AccessToken.new(consumer,response[:oauth_token],response[:oauth_token_secret])
+    end
+  end
+  
+  # The Access Token is used for the actual "real" web service calls thatyou perform against the server
+  class AccessToken<ConsumerToken
+
+    # The less intrusive way. Otherwise, if we are to do it correctly inside consumer,
+    # we need to restructure and touch more methods: request(), sign!(), etc.
+    def request(http_method, path, *arguments)
+      request_uri = URI.parse(path)
+      site_uri = consumer.uri
+      is_service_uri_different = (request_uri.absolute? && request_uri != site_uri)
+      consumer.uri(request_uri) if is_service_uri_different
+      resp = super(http_method, path, *arguments)
+      # NOTE: reset for wholesomeness? meaning that we admit only AccessToken service calls may use different URIs?
+      # so reset in case consumer is still used for other token-management tasks subsequently?
+      consumer.uri(site_uri) if is_service_uri_different
+      resp
+    end
+    
+    # Make a regular get request using AccessToken
+    #
+    #   @response=@token.get('/people')
+    #   @response=@token.get('/people',{'Accept'=>'application/xml'})
+    #
+    def get(path,headers={})
+      request(:get,path,headers)
+    end
+    
+    # Make a regular head request using AccessToken
+    #
+    #   @response=@token.head('/people')
+    #
+    def head(path,headers={})
+      request(:head,path,headers)
+    end
+
+    # Make a regular post request using AccessToken
+    #
+    #   @response=@token.post('/people')
+    #   @response=@token.post('/people',{:name=>'Bob',:email=>'bob@mailinator.com'})
+    #   @response=@token.post('/people',{:name=>'Bob',:email=>'bob@mailinator.com'},{'Accept'=>'application/xml'})
+    #   @response=@token.post('/people',nil,{'Accept'=>'application/xml'})
+    #   @response=@token.post('/people',@person.to_xml,{'Accept'=>'application/xml','Content-Type' => 'application/xml'})
+    #
+    def post(path, body = '',headers={})
+      request(:post,path,body,headers)
+    end
+
+    # Make a regular put request using AccessToken
+    #
+    #   @response=@token.put('/people/123')
+    #   @response=@token.put('/people/123',{:name=>'Bob',:email=>'bob@mailinator.com'})
+    #   @response=@token.put('/people/123',{:name=>'Bob',:email=>'bob@mailinator.com'},{'Accept'=>'application/xml'})
+    #   @response=@token.put('/people/123',nil,{'Accept'=>'application/xml'})
+    #   @response=@token.put('/people/123',@person.to_xml,{'Accept'=>'application/xml','Content-Type' => 'application/xml'})
+    #
+    def put(path, body = '', headers={})
+      request(:put,path,body,headers)
+    end
+    
+    # Make a regular delete request using AccessToken
+    #
+    #   @response=@token.delete('/people/123')
+    #   @response=@token.delete('/people/123',{'Accept'=>'application/xml'})
+    #
+    def delete(path,headers={})
+      request(:delete,path,headers)
+    end
+  end
+end

data/lib/oauth/version.rb

@@ -0,0 +1,3 @@
+module OAuth #:nodoc:
+  VERSION = '0.3.1'
+end

data/lib/oauth.rb

@@ -0,0 +1,3 @@
+require 'oauth/client/helper'
+require 'oauth/signature/hmac/sha1'
+require 'oauth/request_proxy/mock_request'

data/oauth.gemspec

@@ -0,0 +1,43 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{oauth}
+  s.version = "0.3.2"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Pelle Braendgaard", "Blaine Cook", "Larry Halff", "Jesse Clark", "Jon Crosby", "Seth Fitzsimmons"]
+  s.date = %q{2009-01-26}
+  s.default_executable = %q{oauth}
+  s.description = %q{OAuth Core Ruby implementation}
+  s.email = %q{pelleb@gmail.com}
+  s.executables = ["oauth"]
+  s.extra_rdoc_files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "website/index.txt"]
+  s.files = ["History.txt", "License.txt", "Manifest.txt", "README.rdoc", "Rakefile", "TODO", "bin/oauth", "lib/oauth.rb", "lib/oauth/cli.rb", "lib/oauth/client.rb", "lib/oauth/client/action_controller_request.rb", "lib/oauth/client/helper.rb", "lib/oauth/client/net_http.rb", "lib/oauth/consumer.rb", "lib/oauth/helper.rb", "lib/oauth/oauth_test_helper.rb", "lib/oauth/request_proxy.rb", "lib/oauth/request_proxy/action_controller_request.rb", "lib/oauth/request_proxy/base.rb", "lib/oauth/request_proxy/jabber_request.rb", "lib/oauth/request_proxy/mock_request.rb", "lib/oauth/request_proxy/net_http.rb", "lib/oauth/request_proxy/rack_request.rb", "lib/oauth/server.rb", "lib/oauth/signature.rb", "lib/oauth/signature/base.rb", "lib/oauth/signature/hmac/base.rb", "lib/oauth/signature/hmac/md5.rb", "lib/oauth/signature/hmac/rmd160.rb", "lib/oauth/signature/hmac/sha1.rb", "lib/oauth/signature/hmac/sha2.rb", "lib/oauth/signature/md5.rb", "lib/oauth/signature/plaintext.rb", "lib/oauth/signature/rsa/sha1.rb", "lib/oauth/signature/sha1.rb", "lib/oauth/token.rb", "lib/oauth/version.rb", "oauth.gemspec", "script/destroy", "script/generate", "script/txt2html", "setup.rb", "tasks/deployment.rake", "tasks/environment.rake", "tasks/website.rake", "test/cases/oauth_case.rb", "test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/keys/rsa.cert", "test/keys/rsa.pem", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb", "website/index.html", "website/index.txt", "website/javascripts/rounded_corners_lite.inc.js", "website/stylesheets/screen.css", "website/template.rhtml"]
+  s.has_rdoc = true
+  s.homepage = %q{http://oauth.rubyforge.org}
+  s.rdoc_options = ["--main", "README.rdoc"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{oauth}
+  s.rubygems_version = %q{1.3.1}
+  s.summary = %q{OAuth Core Ruby implementation}
+  s.test_files = ["test/cases/spec/1_0-final/test_construct_request_url.rb", "test/cases/spec/1_0-final/test_normalize_request_parameters.rb", "test/cases/spec/1_0-final/test_parameter_encodings.rb", "test/cases/spec/1_0-final/test_signature_base_strings.rb", "test/test_action_controller_request_proxy.rb", "test/test_consumer.rb", "test/test_helper.rb", "test/test_hmac_sha1.rb", "test/test_net_http_client.rb", "test/test_net_http_request_proxy.rb", "test/test_rack_request_proxy.rb", "test/test_rsa_sha1.rb", "test/test_server.rb", "test/test_signature.rb", "test/test_signature_base.rb", "test/test_signature_plain_text.rb", "test/test_token.rb"]
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 2
+
+    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<ruby-hmac>, [">= 0.3.1"])
+      s.add_development_dependency(%q<newgem>, [">= 1.2.3"])
+      s.add_development_dependency(%q<hoe>, [">= 1.8.0"])
+    else
+      s.add_dependency(%q<ruby-hmac>, [">= 0.3.1"])
+      s.add_dependency(%q<newgem>, [">= 1.2.3"])
+      s.add_dependency(%q<hoe>, [">= 1.8.0"])
+    end
+  else
+    s.add_dependency(%q<ruby-hmac>, [">= 0.3.1"])
+    s.add_dependency(%q<newgem>, [">= 1.2.3"])
+    s.add_dependency(%q<hoe>, [">= 1.8.0"])
+  end
+end

data/script/destroy

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+APP_ROOT = File.join(File.dirname(__FILE__), '..')
+
+begin
+  require 'rubigen'
+rescue LoadError
+  require 'rubygems'
+  require 'rubigen'
+end
+require 'rubigen/scripts/destroy'
+
+ARGV.shift if ['--help', '-h'].include?(ARGV[0])
+RubiGen::Base.use_component_sources! [:rubygems, :newgem, :newgem_theme, :test_unit]
+RubiGen::Scripts::Destroy.new.run(ARGV)

data/script/generate

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+APP_ROOT = File.join(File.dirname(__FILE__), '..')
+
+begin
+  require 'rubigen'
+rescue LoadError
+  require 'rubygems'
+  require 'rubigen'
+end
+require 'rubigen/scripts/generate'
+
+ARGV.shift if ['--help', '-h'].include?(ARGV[0])
+RubiGen::Base.use_component_sources! [:rubygems, :newgem, :newgem_theme, :test_unit]
+RubiGen::Scripts::Generate.new.run(ARGV)

data/script/txt2html

@@ -0,0 +1,74 @@
+#!/usr/bin/env ruby
+
+require 'rubygems'
+begin
+  require 'newgem'
+rescue LoadError
+  puts "\n\nGenerating the website requires the newgem RubyGem"
+  puts "Install: gem install newgem\n\n"
+  exit(1)
+end
+require 'redcloth'
+require 'syntax/convertors/html'
+require 'erb'
+require File.dirname(__FILE__) + '/../lib/oauth/version.rb'
+
+version  = OAuth::VERSION::STRING
+download = 'http://rubyforge.org/projects/oauth'
+
+class Fixnum
+  def ordinal
+    # teens
+    return 'th' if (10..19).include?(self % 100)
+    # others
+    case self % 10
+    when 1: return 'st'
+    when 2: return 'nd'
+    when 3: return 'rd'
+    else    return 'th'
+    end
+  end
+end
+
+class Time
+  def pretty
+    return "#{mday}#{mday.ordinal} #{strftime('%B')} #{year}"
+  end
+end
+
+def convert_syntax(syntax, source)
+  return Syntax::Convertors::HTML.for_syntax(syntax).convert(source).gsub(%r!^<pre>|</pre>$!,'')
+end
+
+if ARGV.length >= 1
+  src, template = ARGV
+  template ||= File.join(File.dirname(__FILE__), '/../website/template.rhtml')
+  
+else
+  puts("Usage: #{File.split($0).last} source.txt [template.rhtml] > output.html")
+  exit!
+end
+
+template = ERB.new(File.open(template).read)
+
+title = nil
+body = nil
+File.open(src) do |fsrc|
+  title_text = fsrc.readline
+  body_text = fsrc.read
+  syntax_items = []
+  body_text.gsub!(%r!<(pre|code)[^>]*?syntax=['"]([^'"]+)[^>]*>(.*?)</\1>!m){
+    ident = syntax_items.length
+    element, syntax, source = $1, $2, $3
+    syntax_items << "<#{element} class='syntax'>#{convert_syntax(syntax, source)}</#{element}>"
+    "syntax-temp-#{ident}"
+  }
+  title = RedCloth.new(title_text).to_html.gsub(%r!<.*?>!,'').strip
+  body = RedCloth.new(body_text).to_html
+  body.gsub!(%r!(?:<pre><code>)?syntax-temp-(\d+)(?:</code></pre>)?!){ syntax_items[$1.to_i] }
+end
+stat = File.stat(src)
+created = stat.ctime
+modified = stat.mtime
+
+$stdout << template.result(binding)