RubyGems - rack-oauth2-revibe - Versions diffs - 1.0.7 - Mend

rack-oauth2-revibe 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (107) hide show

checksums.yaml +7 -0
data/.document +5 -0
data/.gitignore +22 -0
data/.rspec +2 -0
data/.travis.yml +3 -0
data/Gemfile +7 -0
data/LICENSE +20 -0
data/README.rdoc +78 -0
data/Rakefile +25 -0
data/VERSION +1 -0
data/lib/rack/oauth2.rb +67 -0
data/lib/rack/oauth2/access_token.rb +36 -0
data/lib/rack/oauth2/access_token/authenticator.rb +24 -0
data/lib/rack/oauth2/access_token/bearer.rb +11 -0
data/lib/rack/oauth2/access_token/legacy.rb +23 -0
data/lib/rack/oauth2/access_token/mac.rb +103 -0
data/lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb +17 -0
data/lib/rack/oauth2/access_token/mac/signature.rb +34 -0
data/lib/rack/oauth2/access_token/mac/verifier.rb +44 -0
data/lib/rack/oauth2/client.rb +139 -0
data/lib/rack/oauth2/client/error.rb +14 -0
data/lib/rack/oauth2/client/grant.rb +30 -0
data/lib/rack/oauth2/client/grant/authorization_code.rb +12 -0
data/lib/rack/oauth2/client/grant/client_credentials.rb +10 -0
data/lib/rack/oauth2/client/grant/facebook_token.rb +12 -0
data/lib/rack/oauth2/client/grant/password.rb +11 -0
data/lib/rack/oauth2/client/grant/refresh_token.rb +11 -0
data/lib/rack/oauth2/debugger.rb +3 -0
data/lib/rack/oauth2/debugger/request_filter.rb +30 -0
data/lib/rack/oauth2/server.rb +4 -0
data/lib/rack/oauth2/server/abstract.rb +4 -0
data/lib/rack/oauth2/server/abstract/error.rb +69 -0
data/lib/rack/oauth2/server/abstract/handler.rb +20 -0
data/lib/rack/oauth2/server/abstract/request.rb +29 -0
data/lib/rack/oauth2/server/abstract/response.rb +15 -0
data/lib/rack/oauth2/server/authorize.rb +117 -0
data/lib/rack/oauth2/server/authorize/code.rb +39 -0
data/lib/rack/oauth2/server/authorize/error.rb +71 -0
data/lib/rack/oauth2/server/authorize/extension.rb +12 -0
data/lib/rack/oauth2/server/authorize/extension/code_and_token.rb +39 -0
data/lib/rack/oauth2/server/authorize/token.rb +43 -0
data/lib/rack/oauth2/server/resource.rb +55 -0
data/lib/rack/oauth2/server/resource/bearer.rb +47 -0
data/lib/rack/oauth2/server/resource/bearer/error.rb +24 -0
data/lib/rack/oauth2/server/resource/error.rb +81 -0
data/lib/rack/oauth2/server/resource/mac.rb +36 -0
data/lib/rack/oauth2/server/resource/mac/error.rb +24 -0
data/lib/rack/oauth2/server/token.rb +87 -0
data/lib/rack/oauth2/server/token/authorization_code.rb +28 -0
data/lib/rack/oauth2/server/token/client_credentials.rb +23 -0
data/lib/rack/oauth2/server/token/error.rb +54 -0
data/lib/rack/oauth2/server/token/extension.rb +12 -0
data/lib/rack/oauth2/server/token/extension/jwt.rb +37 -0
data/lib/rack/oauth2/server/token/facebook_token.rb +27 -0
data/lib/rack/oauth2/server/token/password.rb +27 -0
data/lib/rack/oauth2/server/token/refresh_token.rb +26 -0
data/lib/rack/oauth2/util.rb +58 -0
data/rack-oauth2.gemspec +30 -0
data/spec/helpers/time.rb +19 -0
data/spec/helpers/webmock_helper.rb +41 -0
data/spec/mock_response/blank +0 -0
data/spec/mock_response/errors/invalid_request.json +4 -0
data/spec/mock_response/resources/fake.txt +1 -0
data/spec/mock_response/tokens/_Bearer.json +6 -0
data/spec/mock_response/tokens/bearer.json +6 -0
data/spec/mock_response/tokens/legacy.json +5 -0
data/spec/mock_response/tokens/legacy.txt +1 -0
data/spec/mock_response/tokens/legacy_without_expires_in.txt +1 -0
data/spec/mock_response/tokens/mac.json +8 -0
data/spec/mock_response/tokens/unknown.json +6 -0
data/spec/rack/oauth2/access_token/authenticator_spec.rb +43 -0
data/spec/rack/oauth2/access_token/bearer_spec.rb +18 -0
data/spec/rack/oauth2/access_token/legacy_spec.rb +23 -0
data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb +28 -0
data/spec/rack/oauth2/access_token/mac/signature_spec.rb +59 -0
data/spec/rack/oauth2/access_token/mac/verifier_spec.rb +25 -0
data/spec/rack/oauth2/access_token/mac_spec.rb +141 -0
data/spec/rack/oauth2/access_token_spec.rb +69 -0
data/spec/rack/oauth2/client/error_spec.rb +18 -0
data/spec/rack/oauth2/client/grant/authorization_code_spec.rb +37 -0
data/spec/rack/oauth2/client/grant/client_credentials_spec.rb +7 -0
data/spec/rack/oauth2/client/grant/password_spec.rb +33 -0
data/spec/rack/oauth2/client/grant/refresh_token_spec.rb +21 -0
data/spec/rack/oauth2/client_spec.rb +287 -0
data/spec/rack/oauth2/debugger/request_filter_spec.rb +33 -0
data/spec/rack/oauth2/oauth2_spec.rb +74 -0
data/spec/rack/oauth2/server/abstract/error_spec.rb +59 -0
data/spec/rack/oauth2/server/authorize/code_spec.rb +57 -0
data/spec/rack/oauth2/server/authorize/error_spec.rb +103 -0
data/spec/rack/oauth2/server/authorize/extensions/code_and_token_spec.rb +60 -0
data/spec/rack/oauth2/server/authorize/token_spec.rb +73 -0
data/spec/rack/oauth2/server/authorize_spec.rb +214 -0
data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +52 -0
data/spec/rack/oauth2/server/resource/bearer_spec.rb +123 -0
data/spec/rack/oauth2/server/resource/error_spec.rb +147 -0
data/spec/rack/oauth2/server/resource/mac/error_spec.rb +52 -0
data/spec/rack/oauth2/server/resource/mac_spec.rb +119 -0
data/spec/rack/oauth2/server/resource_spec.rb +23 -0
data/spec/rack/oauth2/server/token/authorization_code_spec.rb +43 -0
data/spec/rack/oauth2/server/token/client_credentials_spec.rb +23 -0
data/spec/rack/oauth2/server/token/error_spec.rb +77 -0
data/spec/rack/oauth2/server/token/password_spec.rb +37 -0
data/spec/rack/oauth2/server/token/refresh_token_spec.rb +34 -0
data/spec/rack/oauth2/server/token_spec.rb +134 -0
data/spec/rack/oauth2/util_spec.rb +97 -0
data/spec/spec_helper.rb +14 -0
metadata +326 -0

data/lib/rack/oauth2/server/token/facebook_token.rb ADDED

@@ -0,0 +1,27 @@
+module Rack
+  module OAuth2
+    module Server
+      class Token
+        class FacebookToken < Abstract::Handler
+          def call(env)
+            @request  = Request.new(env)
+            @response = Response.new(request)
+            super
+          end
+          class Request < Token::Request
+            attr_required :facebook_token
+            def initialize(env)
+              super
+              @grant_type = :facebook_token
+              @facebook_token = params['facebook_token']
+              attr_missing!
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/server/token/password.rb ADDED

@@ -0,0 +1,27 @@
+module Rack
+  module OAuth2
+    module Server
+      class Token
+        class Password < Abstract::Handler
+          def call(env)
+            @request  = Request.new(env)
+            @response = Response.new(request)
+            super
+          end
+          class Request < Token::Request
+            attr_required :username, :password
+            def initialize(env)
+              super
+              @grant_type = :password
+              @username   = params['username']
+              @password   = params['password']
+              attr_missing!
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/server/token/refresh_token.rb ADDED

@@ -0,0 +1,26 @@
+module Rack
+  module OAuth2
+    module Server
+      class Token
+        class RefreshToken < Abstract::Handler
+          def call(env)
+            @request  = Request.new(env)
+            @response = Response.new(request)
+            super
+          end
+          class Request < Token::Request
+            attr_required :refresh_token
+            def initialize(env)
+              super
+              @grant_type    = :refresh_token
+              @refresh_token = params['refresh_token']
+              attr_missing!
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/util.rb ADDED

@@ -0,0 +1,58 @@
+require 'base64'
+module Rack
+  module OAuth2
+    module Util
+      class << self
+        def rfc3986_encode(text)
+          URI.encode(text, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
+        end
+        def base64_encode(text)
+          Base64.encode64(text).gsub(/\n/, '')
+        end
+        def compact_hash(hash)
+          hash.reject do |key, value|
+            value.blank?
+          end
+        end
+        def parse_uri(uri)
+          case uri
+          when URI::Generic
+            uri
+          when String
+            URI.parse(uri)
+          else
+            raise "Invalid format of URI is given."
+          end
+        end
+        def redirect_uri(base_uri, location, params)
+          redirect_uri = parse_uri base_uri
+          case location
+          when :query
+            redirect_uri.query = [redirect_uri.query, Util.compact_hash(params).to_query].compact.join('&')
+          when :fragment
+            redirect_uri.fragment = Util.compact_hash(params).to_query
+          end
+          redirect_uri.to_s
+        end
+        def uri_match?(base, given)
+          base = parse_uri(base)
+          given = parse_uri(given)
+          base.path = '/' if base.path.blank?
+          given.path = '/' if given.path.blank?
+          [:scheme, :host, :port].all? do |key|
+            base.send(key) == given.send(key)
+          end && /^#{base.path}/ =~ given.path
+        rescue
+          false
+        end
+      end
+    end
+  end
+end

data/rack-oauth2.gemspec ADDED

@@ -0,0 +1,30 @@
+Gem::Specification.new do |s|
+  s.name = "rack-oauth2-revibe"
+  s.version = File.read("VERSION")
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.3.6") if s.respond_to? :required_rubygems_version=
+  s.authors = ["nov matake"]
+  s.description = %q{OAuth 2.0 Server & Client Library. Both Bearer and MAC token type are supported.}
+  s.summary = %q{OAuth 2.0 Server & Client Library - Both Bearer and MAC token type are supported}
+  s.email = "nov@matake.jp"
+  s.extra_rdoc_files = ["LICENSE", "README.rdoc"]
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.homepage = "http://github.com/nov/rack-oauth2"
+  s.license = 'MIT'
+  s.require_paths = ["lib"]
+  s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.files = `git ls-files`.split("\n")
+  s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.add_runtime_dependency "rack", ">= 1.1"
+  s.add_runtime_dependency "multi_json", ">= 1.3.6"
+  s.add_runtime_dependency "httpclient", ">= 2.2.0.2"
+  s.add_runtime_dependency "activesupport", ">= 2.3"
+  s.add_runtime_dependency "attr_required", ">= 0.0.5"
+  s.add_development_dependency "rake", ">= 0.8"
+  if RUBY_VERSION >= '1.9'
+    s.add_development_dependency "cover_me", ">= 1.2.0"
+  else
+    s.add_development_dependency "rcov", ">= 0.9"
+  end
+  s.add_development_dependency "rspec", ">= 2"
+  s.add_development_dependency "webmock", ">= 1.6.2"
+end

data/spec/helpers/time.rb ADDED

@@ -0,0 +1,19 @@
+class Time
+  class << self
+    def now_with_fixed_time
+      if @fixed_time
+        @fixed_time.dup
+      else
+        now_without_fixed_time
+      end
+    end
+    alias_method_chain :now, :fixed_time
+    def fix(time = Time.now)
+      @fixed_time = time
+      yield
+    ensure
+      @fixed_time = nil
+    end
+  end
+end

data/spec/helpers/webmock_helper.rb ADDED

@@ -0,0 +1,41 @@
+require 'webmock/rspec'
+module WebMockHelper
+  def mock_response(method, endpoint, response_file, options = {})
+    stub_request(method, endpoint).with(
+      request_for(method, options)
+    ).to_return(
+      response_for(response_file, options)
+    )
+  end
+  private
+  def request_for(method, options = {})
+    request = {}
+    if options[:params]
+      case method
+      when :post, :put
+        request[:body] = options[:params]
+      else
+        request[:query] = options[:params]
+      end
+    end
+    if options[:request_header]
+      request[:headers] = options[:request_header]
+    end
+    request
+  end
+  def response_for(response_file, options = {})
+    response = {}
+    response[:body] = File.new(File.join(File.dirname(__FILE__), '../mock_response', response_file))
+    if options[:status]
+      response[:status] = options[:status]
+    end
+    response
+  end
+end
+include WebMockHelper
+WebMock.disable_net_connect!

data/spec/mock_response/blank ADDED

File without changes

data/spec/mock_response/errors/invalid_request.json ADDED

@@ -0,0 +1,4 @@
+{
+  "error":"invalid_request",
+  "error_description":"error description"
+}

data/spec/mock_response/resources/fake.txt ADDED

	@@ -0,0 +1 @@
1	+ fake

data/spec/mock_response/tokens/_Bearer.json ADDED

@@ -0,0 +1,6 @@
+{
+  "access_token":"access_token",
+  "refresh_token":"refresh_token",
+  "token_type":"Bearer",
+  "expires_in":3600
+}

data/spec/mock_response/tokens/bearer.json ADDED

@@ -0,0 +1,6 @@
+{
+  "access_token":"access_token",
+  "refresh_token":"refresh_token",
+  "token_type":"bearer",
+  "expires_in":3600
+}

data/spec/mock_response/tokens/legacy.json ADDED

@@ -0,0 +1,5 @@
+{
+  "access_token":"access_token",
+  "refresh_token":"refresh_token",
+  "expires_in":3600
+}

data/spec/mock_response/tokens/legacy.txt ADDED

	@@ -0,0 +1 @@
1	+ access_token=access_token&expires=3600

data/spec/mock_response/tokens/legacy_without_expires_in.txt ADDED

	@@ -0,0 +1 @@
1	+ access_token=access_token

data/spec/mock_response/tokens/mac.json ADDED

@@ -0,0 +1,8 @@
+{
+  "token_type":"mac",
+  "mac_algorithm":"hmac-sha-256",
+  "expires_in":3600,
+  "mac_key":"secret",
+  "refresh_token":"refresh_token",
+  "access_token":"access_token"
+}

data/spec/mock_response/tokens/unknown.json ADDED

@@ -0,0 +1,6 @@
+{
+  "access_token":"access_token",
+  "refresh_token":"refresh_token",
+  "token_type":"unknown",
+  "expires_in":3600
+}

data/spec/rack/oauth2/access_token/authenticator_spec.rb ADDED

@@ -0,0 +1,43 @@
+require 'spec_helper'
+describe Rack::OAuth2::AccessToken::Authenticator do
+  let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
+  let(:request) { HTTP::Message.new_request(:get, URI.parse(resource_endpoint)) }
+  let(:authenticator) { Rack::OAuth2::AccessToken::Authenticator.new(token) }
+  shared_examples_for :authenticator do
+    it 'should let the token authenticate the request' do
+      token.should_receive(:authenticate).with(request)
+      authenticator.filter_request(request)
+    end
+  end
+  context 'when Legacy token is given' do
+    let(:token) do
+      Rack::OAuth2::AccessToken::Legacy.new(
+        :access_token => 'access_token'
+      )
+    end
+    it_behaves_like :authenticator
+  end
+  context 'when Bearer token is given' do
+    let(:token) do
+      Rack::OAuth2::AccessToken::Bearer.new(
+        :access_token => 'access_token'
+      )
+    end
+    it_behaves_like :authenticator
+  end
+  context 'when MAC token is given' do
+    let(:token) do
+      Rack::OAuth2::AccessToken::MAC.new(
+        :access_token => 'access_token',
+        :mac_key => 'secret',
+        :mac_algorithm => 'hmac-sha-256'
+      )
+    end
+    it_behaves_like :authenticator
+  end
+end

data/spec/rack/oauth2/access_token/bearer_spec.rb ADDED

@@ -0,0 +1,18 @@
+require 'spec_helper'
+describe Rack::OAuth2::AccessToken::Bearer do
+  let :token do
+    Rack::OAuth2::AccessToken::Bearer.new(
+      :access_token => 'access_token'
+    )
+  end
+  let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
+  let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {:hello => "world"}, {}) }
+  describe '.authenticate' do
+    it 'should set Authorization header' do
+      request.header.should_receive(:[]=).with('Authorization', 'Bearer access_token')
+      token.authenticate(request)
+    end
+  end
+end

data/spec/rack/oauth2/access_token/legacy_spec.rb ADDED

@@ -0,0 +1,23 @@
+require 'spec_helper'
+describe Rack::OAuth2::AccessToken::Legacy do
+  let :token do
+    Rack::OAuth2::AccessToken::Legacy.new(
+      :access_token => 'access_token'
+    )
+  end
+  let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
+  let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {:hello => "world"}, {}) }
+  describe '#to_s' do
+    subject { token }
+    its(:to_s) { should == token.access_token }
+  end
+  describe '.authenticate' do
+    it 'should set Authorization header' do
+      request.header.should_receive(:[]=).with('Authorization', 'OAuth access_token')
+      token.authenticate(request)
+    end
+  end
+end

data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb ADDED

@@ -0,0 +1,28 @@
+require 'spec_helper'
+describe Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier do
+  # From the example of webtopay wallet API spec
+  # ref) https://www.webtopay.com/wallet/#authentication
+  context 'when example from webtopay wallet API' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier.new(
+        :algorithm => 'hmac-sha-256',
+        :raw_body => 'grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA&redirect_uri=http%3A%2F%2Flocalhost%2Fabc'
+      )
+    end
+    its(:calculate) { should == '21fb73c40b589622d0c78e9cd8900f89d9472aa724d0e5c3eca9ac1cd9d2a6d5' }
+  end
+  context 'when raw_body is empty' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier.new(
+        :algorithm => 'hmac-sha-256',
+        :raw_body => ''
+      )
+    end
+    its(:calculate) { should be_nil }
+  end
+end

data/spec/rack/oauth2/access_token/mac/signature_spec.rb ADDED

@@ -0,0 +1,59 @@
+require 'spec_helper'
+describe Rack::OAuth2::AccessToken::MAC::Signature do
+  # From the example of Webtopay wallet API
+  # ref) https://www.webtopay.com/wallet/
+  context 'when ext is not given' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Signature.new(
+        :secret       => 'IrdTc8uQodU7PRpLzzLTW6wqZAO6tAMU',
+        :algorithm    => 'hmac-sha-256',
+        :nonce        => 'dj83hs9s',
+        :ts           => 1336363200,
+        :method       => 'GET',
+        :request_uri  => '/wallet/rest/api/v1/payment/123',
+        :host         => 'www.webtopay.com',
+        :port         => 443
+      )
+    end
+    its(:calculate) { should == 'OZE9fTk2qiRtL1jb01L8lRxC66PTiAGhMDEmboeVeLs=' }
+  end
+  # From the example of MAC spec section 1.1
+  # ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-01.pdf
+  context 'when ext is not given' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Signature.new(
+        :secret       => '489dks293j39',
+        :algorithm    => 'hmac-sha-1',
+        :nonce        => 'dj83hs9s',
+        :ts           => 1336363200,
+        :method       => 'GET',
+        :request_uri  => '/resource/1?b=1&a=2',
+        :host         => 'example.com',
+        :port         => 80
+      )
+    end
+    its(:calculate) { should == '6T3zZzy2Emppni6bzL7kdRxUWL4=' }
+  end
+  # From the example of MAC spec section 3.2
+  # ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-01.pdf
+  context 'otherwise' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Signature.new(
+        :secret      => '489dks293j39',
+        :algorithm   => 'hmac-sha-1',
+        :nonce       => '7d8f3e4a',
+        :ts           => 264095,
+        :method      => 'POST',
+        :request_uri => '/request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q',
+        :host        => 'example.com',
+        :port        => 80,
+        :ext         => 'a,b,c'
+      )
+    end
+    its(:calculate) { should == '+txL5oOFHGYjrfdNYH5VEzROaBY=' }
+  end
+end