rack-oauth2-provider 0.0.2 → 0.0.3

data/lib/rack/oauth2/assertion_profile.rb

@@ -6,12 +6,24 @@ require 'vendor/information_card'
 
 module Rack
   module OAuth2
+    # Rack::OAuth2::AssertionProfile implements the Assertion Profile for generating 
+    # authorization tokens as per draft-ieft-oauth. This is a preliminary version based on the
+    # Apr 16, 2010 working standard developed by the IETF.
+    #
+    # Initialize with the Rack application that will work as Authorization Server,
+    # and a set of parameters that enables specific checks. The only mandatory parameter
+    # is **:shared_secret** which is required for HMAC-SHA256 processing.
     class AssertionProfile < Rack::Auth::AbstractHandler
+      
+      # Creates a new instance of Rack::OAuth2::Provider, the opts are required 
       def initialize(app, opts = {})
         @app = app
         @opts = opts
       end
-    
+      
+      # Authorizes the request and generates the _access token_ on the body, 
+      # signed with the shared key (passed as c'tor parameter),
+      # as a successful response of the token processing.
       def call(env)
         request = Request.new(env)
         
@@ -30,24 +42,34 @@ module Rack
         
         return @app.call(env)
       end
-  
+      
+      # Singleton instance of the SimpleWebTokenBuilder
+      # 
+      # see alse: SimpleWebToken::SimpleWebTokenBuilder
       def token_builder
         @token_builder ||= SimpleWebToken::SimpleWebTokenBuilder.new(@opts)
       end
-    
+      
+      # Internal class used to parse the current request based on 
+      # the enviroment parameters.    
       class Request < Rack::Request
         def initialize(env)
           super(env)
         end
      
+        # Returns a value indicating whether the type 
+        # the of authorization request is _assertion_
         def assertion_profile?
           self.params["type"] =~ /assertion/i
         end
         
+        # Reads from the formvars the format of the
+        # set assertion
         def format
           (self.params["format"] or "saml").downcase.to_sym
         end
         
+        # Reads the assertion from the given formvars
         def token
           self.params["assertion"]
         end

data/lib/rack/oauth2/provider.rb

@@ -1,5 +1,6 @@
 module Rack
   module OAuth2
-    VERSION = "0.0.2"
+    # Version
+    VERSION = "0.0.3"
   end
 end

data/lib/simple_web_token_builder.rb

@@ -3,9 +3,13 @@ require 'base64'
 require 'hmac-sha2'
 
 module SimpleWebToken
+  # Creates a SimpleWebToken using the given parameters
+  # plus a hash containing "claims" 
   class SimpleWebTokenBuilder
     attr_accessor :shared_secret, :issuer, :audience, :expiration
     
+    # Creates a new instance of the SimpleTokenBuilder, 
+    # if <b>:shared_secret</b> is not provided, an exception will be raised
     def initialize(opts = {})
       raise InvalidOption, :shared_secret unless opts[:shared_secret]
       self.shared_secret = opts[:shared_secret]
@@ -14,19 +18,25 @@ module SimpleWebToken
       self.expiration = (opts[:expiration] or 3600)
     end
     
+    # Creates and signs the token based on the given claims hash 
+    # plus the default claims set (issuer, audience, expires_on)
     def build(claims)
       token = (convert(claims) + default_claim_set).join("&")
       return token += "&HMACSHA256=#{CGI.escape(sign(token))}"
     end
-
+    
+    # Creates the HMAC-SHA256 signature based on the form-enconded-values
+    # representation of the token
     def sign(bare_token)
       signature = Base64.encode64(HMAC::SHA256.new(Base64.decode64(self.shared_secret)).update(bare_token.toutf8).digest).strip
     end
 
+    # Converts a hash of claims into a claim-value pair
     def convert(claims)
       claims.map{|k, v| claim_pair(k, v)}
     end
 
+    # Returns the default claim set (issuer, audience, expires_on)
     def default_claim_set
       default_claims = []
       default_claims << claim_pair(:issuer, self.issuer) if(self.issuer)
@@ -35,6 +45,15 @@ module SimpleWebToken
       return default_claims
     end
     
+    # Creates a claim-value pair 
+    #
+    # The given key is converted to PascalCase and merged (_ are removed, 
+    # words between _ are considered discrete terms hence are uppercased)
+    #
+    # Values and Keys are encoded using CGI urlEscaping
+    #
+    # NOTE: If the claim value is an array, the given claim value is built
+    # as csv (comma-separted-values) 
     def claim_pair(key, value)
       new_key = key.to_s.downcase.split("_").map{|l| l.capitalize.strip}.join("")
       value = [value].flatten.uniq.join(",")

data/rakefile

@@ -21,7 +21,8 @@ namespace :docs do
   	t.options << '--line-numbers' << '--inline-source' << '-A cattr_accessor=object'
   	t.options << '--charset' << 'utf-8'
   	t.rdoc_files.include('README.rdoc')
-  	t.rdoc_files.include('lib/**/*.rb')
+  	t.rdoc_files.include('lib/*.rb')
+  	t.rdoc_files.include('lib/rack/**/*.rb')
   end
 end
 

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 0
-  - 2
-  version: 0.0.2
+  - 3
+  version: 0.0.3
 platform: ruby
 authors: 
 - Johnny G. Halife & Ezequiel Morito
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-04-20 00:00:00 -03:00
+date: 2010-04-21 00:00:00 -03:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency