qoobaa-oauth 0.3.8

data/lib/oauth/request_proxy/mock_request.rb

@@ -0,0 +1,44 @@
+require 'oauth/request_proxy/base'
+
+module OAuth
+  module RequestProxy
+    # RequestProxy for Hashes to facilitate simpler signature creation.
+    # Usage:
+    #   request = OAuth::RequestProxy.proxy \
+    #      "method" => "iq",
+    #      "uri"    => [from, to] * "&",
+    #      "parameters" => {
+    #        "oauth_consumer_key"     => oauth_consumer_key,
+    #        "oauth_token"            => oauth_token,
+    #        "oauth_signature_method" => "HMAC-SHA1"
+    #      }
+    #
+    #   signature = OAuth::Signature.sign \
+    #     request,
+    #     :consumer_secret => oauth_consumer_secret,
+    #     :token_secret    => oauth_token_secret,
+    class MockRequest < OAuth::RequestProxy::Base
+      proxies Hash
+
+      def parameters
+        @request["parameters"]
+      end
+
+      def method
+        @request["method"]
+      end
+
+      def normalized_uri
+        super
+      rescue
+        # if this is a non-standard URI, it may not parse properly
+        # in that case, assume that it's already been normalized
+        uri
+      end
+
+      def uri
+        @request["uri"]
+      end
+    end
+  end
+end

data/lib/oauth/request_proxy/net_http.rb

@@ -0,0 +1,65 @@
+require 'oauth/request_proxy/base'
+require 'net/http'
+require 'uri'
+require 'cgi'
+
+module OAuth::RequestProxy::Net
+  module HTTP
+    class HTTPRequest < OAuth::RequestProxy::Base
+      proxies ::Net::HTTPRequest
+
+      def method
+        request.method
+      end
+
+      def uri
+        uri = options[:uri]
+        uri.to_s
+      end
+
+      def parameters
+        if options[:clobber_request]
+          options[:parameters]
+        else
+          all_parameters
+        end
+      end
+
+    private
+
+      def all_parameters
+        request_params = CGI.parse(query_string)
+        if options[:parameters]
+          options[:parameters].each do |k,v|
+            if request_params.has_key?(k)
+              request_params[k] << v
+            else
+              request_params[k] = [v].flatten
+            end
+          end
+        end
+        request_params
+      end
+
+      def query_string
+        params = [ query_params, auth_header_params ]
+        is_form_urlencoded = request['Content-Type'] != nil && request['Content-Type'].downcase == 'application/x-www-form-urlencoded'
+        params << post_params if method.to_s.upcase == 'POST' && is_form_urlencoded
+        params.compact.join('&')
+      end
+
+      def query_params
+        URI.parse(request.path).query
+      end
+
+      def post_params
+        request.body
+      end
+
+      def auth_header_params
+        return nil unless request['Authorization'] && request['Authorization'][0,5] == 'OAuth'
+        auth_params = request['Authorization']
+      end
+    end
+  end
+end

data/lib/oauth/request_proxy/rack_request.rb

@@ -0,0 +1,40 @@
+require 'oauth/request_proxy/base'
+require 'uri'
+require 'rack'
+
+module OAuth::RequestProxy
+  class RackRequest < OAuth::RequestProxy::Base
+    proxies Rack::Request
+
+    def method
+      request.env["rack.methodoverride.original_method"] || request.request_method
+    end
+
+    def uri
+      request.url
+    end
+
+    def parameters
+      if options[:clobber_request]
+        options[:parameters] || {}
+      else
+        params = request_params.merge(query_params).merge(header_params)
+        params.merge(options[:parameters] || {})
+      end
+    end
+
+    def signature
+      parameters['oauth_signature']
+    end
+
+  protected
+
+    def query_params
+      request.GET
+    end
+
+    def request_params
+      request.params
+    end
+  end
+end

data/lib/oauth/request_proxy/typhoeus_request.rb

@@ -0,0 +1,53 @@
+require 'oauth/request_proxy/base'
+require 'typhoeus'
+require 'typhoeus/request'
+require 'uri'
+require 'cgi'
+
+module OAuth::RequestProxy::Typhoeus
+  class Request < OAuth::RequestProxy::Base
+    # Proxy for signing Typhoeus::Request requests
+    # Usage example:   
+    # oauth_params = {:consumer => oauth_consumer, :token => access_token}      
+    # req = Typhoeus::Request.new(uri, options)
+    # oauth_helper = OAuth::Client::Helper.new(req, oauth_params.merge(:request_uri => uri))      
+    # req.headers.merge!({"Authorization" => oauth_helper.header})
+    # hydra = Typhoeus::Hydra.new()
+    # hydra.queue(req)
+    # hydra.run
+    # response = req.response
+    proxies Typhoeus::Request        
+
+    def method
+      request.method.to_s.upcase
+    end
+    
+    def uri
+      options[:uri].to_s
+    end
+    
+    def parameters
+      if options[:clobber_request]
+        options[:parameters]
+      else
+        post_parameters.merge(query_parameters).merge(options[:parameters] || {})
+      end
+    end
+    
+    private
+    
+    def query_parameters
+      query = URI.parse(request.url).query
+      return(query ? CGI.parse(query) : {})
+    end
+    
+    def post_parameters
+      # Post params are only used if posting form data
+      if(method == 'POST' && request.headers['Content-Type'] && request.headers['Content-Type'].downcase == 'application/x-www-form-urlencoded')
+        request.body || {}
+      else
+        {}
+      end      
+    end
+  end
+end

data/lib/oauth/server.rb

@@ -0,0 +1,66 @@
+require 'oauth/helper'
+require 'oauth/consumer'
+
+module OAuth
+  # This is mainly used to create consumer credentials and can pretty much be ignored if you want to create your own
+  class Server
+    include OAuth::Helper
+    attr_accessor :base_url
+
+    @@server_paths = {
+      :request_token_path => "/oauth/request_token",
+      :authorize_path     => "/oauth/authorize",
+      :access_token_path  => "/oauth/access_token"
+    }
+
+    # Create a new server instance
+    def initialize(base_url, paths = {})
+      @base_url = base_url
+      @paths = @@server_paths.merge(paths)
+    end
+
+    def generate_credentials
+      [generate_key(16), generate_key]
+    end
+
+    def generate_consumer_credentials(params = {})
+      Consumer.new(*generate_credentials)
+    end
+
+    # mainly for testing purposes
+    def create_consumer
+      creds = generate_credentials
+      Consumer.new(creds[0], creds[1],
+        {
+          :site               => base_url,
+          :request_token_path => request_token_path,
+          :authorize_path     => authorize_path,
+          :access_token_path  => access_token_path
+        })
+    end
+
+    def request_token_path
+      @paths[:request_token_path]
+    end
+
+    def request_token_url
+      base_url + request_token_path
+    end
+
+    def authorize_path
+      @paths[:authorize_path]
+    end
+
+    def authorize_url
+      base_url + authorize_path
+    end
+
+    def access_token_path
+      @paths[:access_token_path]
+    end
+
+    def access_token_url
+      base_url + access_token_path
+    end
+  end
+end

data/lib/oauth/signature.rb

@@ -0,0 +1,40 @@
+module OAuth
+  module Signature
+    # Returns a list of available signature methods
+    def self.available_methods
+      @available_methods ||= {}
+    end
+
+    # Build a signature from a +request+.
+    #
+    # Raises UnknownSignatureMethod exception if the signature method is unknown.
+    def self.build(request, options = {}, &block)
+      request = OAuth::RequestProxy.proxy(request, options)
+      klass = available_methods[
+        (request.signature_method ||
+        ((c = request.options[:consumer]) && c.options[:signature_method]) ||
+        "").downcase]
+      raise UnknownSignatureMethod, request.signature_method unless klass
+      klass.new(request, options, &block)
+    end
+
+    # Sign a +request+
+    def self.sign(request, options = {}, &block)
+      self.build(request, options, &block).signature
+    end
+
+    # Verify the signature of +request+
+    def self.verify(request, options = {}, &block)
+      self.build(request, options, &block).verify
+    end
+
+    # Create the signature base string for +request+. This string is the normalized parameter information.
+    #
+    # See Also: {OAuth core spec version 1.0, section 9.1.1}[http://oauth.net/core/1.0#rfc.section.9.1.1]
+    def self.signature_base_string(request, options = {}, &block)
+      self.build(request, options, &block).signature_base_string
+    end
+
+    class UnknownSignatureMethod < Exception; end
+  end
+end

data/lib/oauth/signature/base.rb

@@ -0,0 +1,87 @@
+require "oauth/signature"
+require "oauth/helper"
+require "oauth/request_proxy/base"
+require "base64"
+
+module OAuth::Signature
+  class Base
+    include OAuth::Helper
+
+    attr_accessor :options
+    attr_reader :token_secret, :consumer_secret, :request
+
+    def self.implements(signature_method)
+      OAuth::Signature.available_methods[signature_method] = self
+    end
+
+    def self.digest_class(digest_class = nil)
+      return @digest_class if digest_class.nil?
+      @digest_class = digest_class
+    end
+
+    def initialize(request, options = {}, &block)
+      raise TypeError unless request.kind_of?(OAuth::RequestProxy::Base)
+      @request = request
+      @options = options
+
+      ## consumer secret was determined beforehand
+
+      @consumer_secret = options[:consumer].secret if options[:consumer]
+
+      # presence of :consumer_secret option will override any Consumer that's provided
+      @consumer_secret = options[:consumer_secret] if options[:consumer_secret]
+
+      ## token secret was determined beforehand
+
+      @token_secret = options[:token].secret if options[:token]
+
+      # presence of :token_secret option will override any Token that's provided
+      @token_secret = options[:token_secret] if options[:token_secret]
+
+
+      # override secrets based on the values returned from the block (if any)
+      if block_given?
+        # consumer secret and token secret need to be looked up based on pieces of the request
+        secrets = yield block.arity == 1 ? request : [token, consumer_key, nonce, request.timestamp]
+        if secrets.is_a?(Array) && secrets.size == 2
+          @token_secret = secrets[0]
+          @consumer_secret = secrets[1]
+        end
+      end
+    end
+
+    def signature
+      Base64.encode64(digest).chomp.gsub(/\n/, "")
+    end
+
+    def ==(cmp_signature)
+      Base64.decode64(signature) == Base64.decode64(cmp_signature)
+    end
+
+    def verify
+      self == (request.signature.is_a?(Array) ? request.signature.first : request.signature)
+    end
+
+    def signature_base_string
+      request.signature_base_string
+    end
+
+    private
+
+    def token
+      request.token
+    end
+
+    def consumer_key
+      request.consumer_key
+    end
+
+    def nonce
+      request.nonce
+    end
+
+    def secret
+      "#{escape(consumer_secret)}&#{escape(token_secret)}"
+    end
+  end
+end

data/lib/oauth/signature/hmac/md5.rb

@@ -0,0 +1,21 @@
+require 'oauth/signature/base'
+
+if RUBY_VERSION >= "1.9"
+  require 'digest/hmac'
+else
+  require 'hmac-md5'
+end
+
+module OAuth::Signature::HMAC
+  class MD5 < OAuth::Signature::Base
+    implements 'hmac-md5'
+
+    def digest
+      if RUBY_VERSION >= "1.9"
+        Digest::HMAC.new(secret, Digest::MD5).digest(signature_base_string)
+      else
+        ::HMAC::MD5.digest(secret, signature_base_string)
+      end
+    end
+  end
+end

data/lib/oauth/signature/hmac/rmd160.rb

@@ -0,0 +1,21 @@
+require 'oauth/signature/base'
+
+if RUBY_VERSION >= "1.9"
+  require 'digest/hmac'
+else
+  require 'hmac-rmd160'
+end
+
+module OAuth::Signature::HMAC
+  class RMD160 < OAuth::Signature::Base
+    implements 'hmac-rmd160'
+
+    def digest
+      if RUBY_VERSION >= "1.9"
+        Digest::HMAC.new(secret, Digest::RMD160).digest(signature_base_string)
+      else
+        ::HMAC::RMD160.digest(secret, signature_base_string)
+      end
+    end
+  end
+end