RubyGems - rack-oauth2-revibe - Versions diffs - 1.0.7 - Mend

rack-oauth2-revibe 1.0.7

Files changed (107) hide show

checksums.yaml +7 -0
data/.document +5 -0
data/.gitignore +22 -0
data/.rspec +2 -0
data/.travis.yml +3 -0
data/Gemfile +7 -0
data/LICENSE +20 -0
data/README.rdoc +78 -0
data/Rakefile +25 -0
data/VERSION +1 -0
data/lib/rack/oauth2.rb +67 -0
data/lib/rack/oauth2/access_token.rb +36 -0
data/lib/rack/oauth2/access_token/authenticator.rb +24 -0
data/lib/rack/oauth2/access_token/bearer.rb +11 -0
data/lib/rack/oauth2/access_token/legacy.rb +23 -0
data/lib/rack/oauth2/access_token/mac.rb +103 -0
data/lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb +17 -0
data/lib/rack/oauth2/access_token/mac/signature.rb +34 -0
data/lib/rack/oauth2/access_token/mac/verifier.rb +44 -0
data/lib/rack/oauth2/client.rb +139 -0
data/lib/rack/oauth2/client/error.rb +14 -0
data/lib/rack/oauth2/client/grant.rb +30 -0
data/lib/rack/oauth2/client/grant/authorization_code.rb +12 -0
data/lib/rack/oauth2/client/grant/client_credentials.rb +10 -0
data/lib/rack/oauth2/client/grant/facebook_token.rb +12 -0
data/lib/rack/oauth2/client/grant/password.rb +11 -0
data/lib/rack/oauth2/client/grant/refresh_token.rb +11 -0
data/lib/rack/oauth2/debugger.rb +3 -0
data/lib/rack/oauth2/debugger/request_filter.rb +30 -0
data/lib/rack/oauth2/server.rb +4 -0
data/lib/rack/oauth2/server/abstract.rb +4 -0
data/lib/rack/oauth2/server/abstract/error.rb +69 -0
data/lib/rack/oauth2/server/abstract/handler.rb +20 -0
data/lib/rack/oauth2/server/abstract/request.rb +29 -0
data/lib/rack/oauth2/server/abstract/response.rb +15 -0
data/lib/rack/oauth2/server/authorize.rb +117 -0
data/lib/rack/oauth2/server/authorize/code.rb +39 -0
data/lib/rack/oauth2/server/authorize/error.rb +71 -0
data/lib/rack/oauth2/server/authorize/extension.rb +12 -0
data/lib/rack/oauth2/server/authorize/extension/code_and_token.rb +39 -0
data/lib/rack/oauth2/server/authorize/token.rb +43 -0
data/lib/rack/oauth2/server/resource.rb +55 -0
data/lib/rack/oauth2/server/resource/bearer.rb +47 -0
data/lib/rack/oauth2/server/resource/bearer/error.rb +24 -0
data/lib/rack/oauth2/server/resource/error.rb +81 -0
data/lib/rack/oauth2/server/resource/mac.rb +36 -0
data/lib/rack/oauth2/server/resource/mac/error.rb +24 -0
data/lib/rack/oauth2/server/token.rb +87 -0
data/lib/rack/oauth2/server/token/authorization_code.rb +28 -0
data/lib/rack/oauth2/server/token/client_credentials.rb +23 -0
data/lib/rack/oauth2/server/token/error.rb +54 -0
data/lib/rack/oauth2/server/token/extension.rb +12 -0
data/lib/rack/oauth2/server/token/extension/jwt.rb +37 -0
data/lib/rack/oauth2/server/token/facebook_token.rb +27 -0
data/lib/rack/oauth2/server/token/password.rb +27 -0
data/lib/rack/oauth2/server/token/refresh_token.rb +26 -0
data/lib/rack/oauth2/util.rb +58 -0
data/rack-oauth2.gemspec +30 -0
data/spec/helpers/time.rb +19 -0
data/spec/helpers/webmock_helper.rb +41 -0
data/spec/mock_response/blank +0 -0
data/spec/mock_response/errors/invalid_request.json +4 -0
data/spec/mock_response/resources/fake.txt +1 -0
data/spec/mock_response/tokens/_Bearer.json +6 -0
data/spec/mock_response/tokens/bearer.json +6 -0
data/spec/mock_response/tokens/legacy.json +5 -0
data/spec/mock_response/tokens/legacy.txt +1 -0
data/spec/mock_response/tokens/legacy_without_expires_in.txt +1 -0
data/spec/mock_response/tokens/mac.json +8 -0
data/spec/mock_response/tokens/unknown.json +6 -0
data/spec/rack/oauth2/access_token/authenticator_spec.rb +43 -0
data/spec/rack/oauth2/access_token/bearer_spec.rb +18 -0
data/spec/rack/oauth2/access_token/legacy_spec.rb +23 -0
data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb +28 -0
data/spec/rack/oauth2/access_token/mac/signature_spec.rb +59 -0
data/spec/rack/oauth2/access_token/mac/verifier_spec.rb +25 -0
data/spec/rack/oauth2/access_token/mac_spec.rb +141 -0
data/spec/rack/oauth2/access_token_spec.rb +69 -0
data/spec/rack/oauth2/client/error_spec.rb +18 -0
data/spec/rack/oauth2/client/grant/authorization_code_spec.rb +37 -0
data/spec/rack/oauth2/client/grant/client_credentials_spec.rb +7 -0
data/spec/rack/oauth2/client/grant/password_spec.rb +33 -0
data/spec/rack/oauth2/client/grant/refresh_token_spec.rb +21 -0
data/spec/rack/oauth2/client_spec.rb +287 -0
data/spec/rack/oauth2/debugger/request_filter_spec.rb +33 -0
data/spec/rack/oauth2/oauth2_spec.rb +74 -0
data/spec/rack/oauth2/server/abstract/error_spec.rb +59 -0
data/spec/rack/oauth2/server/authorize/code_spec.rb +57 -0
data/spec/rack/oauth2/server/authorize/error_spec.rb +103 -0
data/spec/rack/oauth2/server/authorize/extensions/code_and_token_spec.rb +60 -0
data/spec/rack/oauth2/server/authorize/token_spec.rb +73 -0
data/spec/rack/oauth2/server/authorize_spec.rb +214 -0
data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +52 -0
data/spec/rack/oauth2/server/resource/bearer_spec.rb +123 -0
data/spec/rack/oauth2/server/resource/error_spec.rb +147 -0
data/spec/rack/oauth2/server/resource/mac/error_spec.rb +52 -0
data/spec/rack/oauth2/server/resource/mac_spec.rb +119 -0
data/spec/rack/oauth2/server/resource_spec.rb +23 -0
data/spec/rack/oauth2/server/token/authorization_code_spec.rb +43 -0
data/spec/rack/oauth2/server/token/client_credentials_spec.rb +23 -0
data/spec/rack/oauth2/server/token/error_spec.rb +77 -0
data/spec/rack/oauth2/server/token/password_spec.rb +37 -0
data/spec/rack/oauth2/server/token/refresh_token_spec.rb +34 -0
data/spec/rack/oauth2/server/token_spec.rb +134 -0
data/spec/rack/oauth2/util_spec.rb +97 -0
data/spec/spec_helper.rb +14 -0
metadata +326 -0

data/lib/rack/oauth2/server/token/facebook_token.rb ADDED

@@ -0,0 +1,27 @@
+module Rack
+  module OAuth2
+    module Server
+      class Token
+        class FacebookToken < Abstract::Handler
+          def call(env)
+            @request  = Request.new(env)
+            @response = Response.new(request)
+            super
+          end
+          class Request < Token::Request
+            attr_required :facebook_token
+            def initialize(env)
+              super
+              @grant_type = :facebook_token
+              @facebook_token = params['facebook_token']
+              attr_missing!
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/server/token/password.rb ADDED

@@ -0,0 +1,27 @@
+module Rack
+  module OAuth2
+    module Server
+      class Token
+        class Password < Abstract::Handler
+          def call(env)
+            @request  = Request.new(env)
+            @response = Response.new(request)
+            super
+          end
+          class Request < Token::Request
+            attr_required :username, :password
+            def initialize(env)
+              super
+              @grant_type = :password
+              @username   = params['username']
+              @password   = params['password']
+              attr_missing!
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/server/token/refresh_token.rb ADDED

@@ -0,0 +1,26 @@
+module Rack
+  module OAuth2
+    module Server
+      class Token
+        class RefreshToken < Abstract::Handler
+          def call(env)
+            @request  = Request.new(env)
+            @response = Response.new(request)
+            super
+          end
+          class Request < Token::Request
+            attr_required :refresh_token
+            def initialize(env)
+              super
+              @grant_type    = :refresh_token
+              @refresh_token = params['refresh_token']
+              attr_missing!
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/util.rb ADDED

@@ -0,0 +1,58 @@
+require 'base64'
+module Rack
+  module OAuth2
+    module Util
+      class << self
+        def rfc3986_encode(text)
+          URI.encode(text, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]"))
+        end
+        def base64_encode(text)
+          Base64.encode64(text).gsub(/\n/, '')
+        end
+        def compact_hash(hash)
+          hash.reject do |key, value|
+            value.blank?
+          end
+        end
+        def parse_uri(uri)
+          case uri
+          when URI::Generic
+            uri
+          when String
+            URI.parse(uri)
+          else
+            raise "Invalid format of URI is given."
+          end
+        end
+        def redirect_uri(base_uri, location, params)
+          redirect_uri = parse_uri base_uri
+          case location
+          when :query
+            redirect_uri.query = [redirect_uri.query, Util.compact_hash(params).to_query].compact.join('&')
+          when :fragment
+            redirect_uri.fragment = Util.compact_hash(params).to_query
+          end
+          redirect_uri.to_s
+        end
+        def uri_match?(base, given)
+          base = parse_uri(base)
+          given = parse_uri(given)
+          base.path = '/' if base.path.blank?
+          given.path = '/' if given.path.blank?
+          [:scheme, :host, :port].all? do |key|
+            base.send(key) == given.send(key)
+          end && /^#{base.path}/ =~ given.path
+        rescue
+          false
+        end
+      end
+    end
+  end
+end

data/rack-oauth2.gemspec ADDED

@@ -0,0 +1,30 @@
+Gem::Specification.new do |s|
+  s.name = "rack-oauth2-revibe"
+  s.version = File.read("VERSION")
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.3.6") if s.respond_to? :required_rubygems_version=
+  s.authors = ["nov matake"]
+  s.description = %q{OAuth 2.0 Server & Client Library. Both Bearer and MAC token type are supported.}
+  s.summary = %q{OAuth 2.0 Server & Client Library - Both Bearer and MAC token type are supported}
+  s.email = "nov@matake.jp"
+  s.extra_rdoc_files = ["LICENSE", "README.rdoc"]
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.homepage = "http://github.com/nov/rack-oauth2"
+  s.license = 'MIT'
+  s.require_paths = ["lib"]
+  s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.files = `git ls-files`.split("\n")
+  s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.add_runtime_dependency "rack", ">= 1.1"
+  s.add_runtime_dependency "multi_json", ">= 1.3.6"
+  s.add_runtime_dependency "httpclient", ">= 2.2.0.2"
+  s.add_runtime_dependency "activesupport", ">= 2.3"
+  s.add_runtime_dependency "attr_required", ">= 0.0.5"
+  s.add_development_dependency "rake", ">= 0.8"
+  if RUBY_VERSION >= '1.9'
+    s.add_development_dependency "cover_me", ">= 1.2.0"
+  else
+    s.add_development_dependency "rcov", ">= 0.9"
+  end
+  s.add_development_dependency "rspec", ">= 2"
+  s.add_development_dependency "webmock", ">= 1.6.2"
+end

data/spec/helpers/time.rb ADDED

@@ -0,0 +1,19 @@
+class Time
+  class << self
+    def now_with_fixed_time
+      if @fixed_time
+        @fixed_time.dup
+      else
+        now_without_fixed_time
+      end
+    end
+    alias_method_chain :now, :fixed_time
+    def fix(time = Time.now)
+      @fixed_time = time
+      yield
+    ensure
+      @fixed_time = nil
+    end
+  end
+end

data/spec/helpers/webmock_helper.rb ADDED

@@ -0,0 +1,41 @@
+require 'webmock/rspec'
+module WebMockHelper
+  def mock_response(method, endpoint, response_file, options = {})
+    stub_request(method, endpoint).with(
+      request_for(method, options)
+    ).to_return(
+      response_for(response_file, options)
+    )
+  end
+  private
+  def request_for(method, options = {})
+    request = {}
+    if options[:params]
+      case method
+      when :post, :put
+        request[:body] = options[:params]
+      else
+        request[:query] = options[:params]
+      end
+    end
+    if options[:request_header]
+      request[:headers] = options[:request_header]
+    end
+    request
+  end
+  def response_for(response_file, options = {})
+    response = {}
+    response[:body] = File.new(File.join(File.dirname(__FILE__), '../mock_response', response_file))
+    if options[:status]
+      response[:status] = options[:status]
+    end
+    response
+  end
+end
+include WebMockHelper
+WebMock.disable_net_connect!

data/spec/mock_response/blank ADDED

File without changes

data/spec/mock_response/errors/invalid_request.json ADDED

@@ -0,0 +1,4 @@
+{
+  "error":"invalid_request",
+  "error_description":"error description"
+}

data/spec/mock_response/resources/fake.txt ADDED

	@@ -0,0 +1 @@
1	+ fake

data/spec/mock_response/tokens/_Bearer.json ADDED

@@ -0,0 +1,6 @@
+{
+  "access_token":"access_token",
+  "refresh_token":"refresh_token",
+  "token_type":"Bearer",
+  "expires_in":3600
+}

data/spec/mock_response/tokens/bearer.json ADDED

@@ -0,0 +1,6 @@
+{
+  "access_token":"access_token",
+  "refresh_token":"refresh_token",
+  "token_type":"bearer",
+  "expires_in":3600
+}

data/spec/mock_response/tokens/legacy.json ADDED

@@ -0,0 +1,5 @@
+{
+  "access_token":"access_token",
+  "refresh_token":"refresh_token",
+  "expires_in":3600
+}

data/spec/mock_response/tokens/legacy.txt ADDED

	@@ -0,0 +1 @@
1	+ access_token=access_token&expires=3600

data/spec/mock_response/tokens/legacy_without_expires_in.txt ADDED

	@@ -0,0 +1 @@
1	+ access_token=access_token

data/spec/mock_response/tokens/mac.json ADDED

@@ -0,0 +1,8 @@
+{
+  "token_type":"mac",
+  "mac_algorithm":"hmac-sha-256",
+  "expires_in":3600,
+  "mac_key":"secret",
+  "refresh_token":"refresh_token",
+  "access_token":"access_token"
+}

data/spec/mock_response/tokens/unknown.json ADDED

@@ -0,0 +1,6 @@
+{
+  "access_token":"access_token",
+  "refresh_token":"refresh_token",
+  "token_type":"unknown",
+  "expires_in":3600
+}

data/spec/rack/oauth2/access_token/authenticator_spec.rb ADDED

@@ -0,0 +1,43 @@
+require 'spec_helper'
+describe Rack::OAuth2::AccessToken::Authenticator do
+  let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
+  let(:request) { HTTP::Message.new_request(:get, URI.parse(resource_endpoint)) }
+  let(:authenticator) { Rack::OAuth2::AccessToken::Authenticator.new(token) }
+  shared_examples_for :authenticator do
+    it 'should let the token authenticate the request' do
+      token.should_receive(:authenticate).with(request)
+      authenticator.filter_request(request)
+    end
+  end
+  context 'when Legacy token is given' do
+    let(:token) do
+      Rack::OAuth2::AccessToken::Legacy.new(
+        :access_token => 'access_token'
+      )
+    end
+    it_behaves_like :authenticator
+  end
+  context 'when Bearer token is given' do
+    let(:token) do
+      Rack::OAuth2::AccessToken::Bearer.new(
+        :access_token => 'access_token'
+      )
+    end
+    it_behaves_like :authenticator
+  end
+  context 'when MAC token is given' do
+    let(:token) do
+      Rack::OAuth2::AccessToken::MAC.new(
+        :access_token => 'access_token',
+        :mac_key => 'secret',
+        :mac_algorithm => 'hmac-sha-256'
+      )
+    end
+    it_behaves_like :authenticator
+  end
+end

data/spec/rack/oauth2/access_token/bearer_spec.rb ADDED

@@ -0,0 +1,18 @@
+require 'spec_helper'
+describe Rack::OAuth2::AccessToken::Bearer do
+  let :token do
+    Rack::OAuth2::AccessToken::Bearer.new(
+      :access_token => 'access_token'
+    )
+  end
+  let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
+  let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {:hello => "world"}, {}) }
+  describe '.authenticate' do
+    it 'should set Authorization header' do
+      request.header.should_receive(:[]=).with('Authorization', 'Bearer access_token')
+      token.authenticate(request)
+    end
+  end
+end

data/spec/rack/oauth2/access_token/legacy_spec.rb ADDED

@@ -0,0 +1,23 @@
+require 'spec_helper'
+describe Rack::OAuth2::AccessToken::Legacy do
+  let :token do
+    Rack::OAuth2::AccessToken::Legacy.new(
+      :access_token => 'access_token'
+    )
+  end
+  let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
+  let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {:hello => "world"}, {}) }
+  describe '#to_s' do
+    subject { token }
+    its(:to_s) { should == token.access_token }
+  end
+  describe '.authenticate' do
+    it 'should set Authorization header' do
+      request.header.should_receive(:[]=).with('Authorization', 'OAuth access_token')
+      token.authenticate(request)
+    end
+  end
+end

data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb ADDED

@@ -0,0 +1,28 @@
+require 'spec_helper'
+describe Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier do
+  # From the example of webtopay wallet API spec
+  # ref) https://www.webtopay.com/wallet/#authentication
+  context 'when example from webtopay wallet API' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier.new(
+        :algorithm => 'hmac-sha-256',
+        :raw_body => 'grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA&redirect_uri=http%3A%2F%2Flocalhost%2Fabc'
+      )
+    end
+    its(:calculate) { should == '21fb73c40b589622d0c78e9cd8900f89d9472aa724d0e5c3eca9ac1cd9d2a6d5' }
+  end
+  context 'when raw_body is empty' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier.new(
+        :algorithm => 'hmac-sha-256',
+        :raw_body => ''
+      )
+    end
+    its(:calculate) { should be_nil }
+  end
+end

data/spec/rack/oauth2/access_token/mac/signature_spec.rb ADDED

@@ -0,0 +1,59 @@
+require 'spec_helper'
+describe Rack::OAuth2::AccessToken::MAC::Signature do
+  # From the example of Webtopay wallet API
+  # ref) https://www.webtopay.com/wallet/
+  context 'when ext is not given' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Signature.new(
+        :secret       => 'IrdTc8uQodU7PRpLzzLTW6wqZAO6tAMU',
+        :algorithm    => 'hmac-sha-256',
+        :nonce        => 'dj83hs9s',
+        :ts           => 1336363200,
+        :method       => 'GET',
+        :request_uri  => '/wallet/rest/api/v1/payment/123',
+        :host         => 'www.webtopay.com',
+        :port         => 443
+      )
+    end
+    its(:calculate) { should == 'OZE9fTk2qiRtL1jb01L8lRxC66PTiAGhMDEmboeVeLs=' }
+  end
+  # From the example of MAC spec section 1.1
+  # ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-01.pdf
+  context 'when ext is not given' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Signature.new(
+        :secret       => '489dks293j39',
+        :algorithm    => 'hmac-sha-1',
+        :nonce        => 'dj83hs9s',
+        :ts           => 1336363200,
+        :method       => 'GET',
+        :request_uri  => '/resource/1?b=1&a=2',
+        :host         => 'example.com',
+        :port         => 80
+      )
+    end
+    its(:calculate) { should == '6T3zZzy2Emppni6bzL7kdRxUWL4=' }
+  end
+  # From the example of MAC spec section 3.2
+  # ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-01.pdf
+  context 'otherwise' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Signature.new(
+        :secret      => '489dks293j39',
+        :algorithm   => 'hmac-sha-1',
+        :nonce       => '7d8f3e4a',
+        :ts           => 264095,
+        :method      => 'POST',
+        :request_uri => '/request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q',
+        :host        => 'example.com',
+        :port        => 80,
+        :ext         => 'a,b,c'
+      )
+    end
+    its(:calculate) { should == '+txL5oOFHGYjrfdNYH5VEzROaBY=' }
+  end
+end