rack-oauth2 0.0.3 → 0.0.4

Sign up to get free protection for your applications and to get access to all the features.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.3
1
+ 0.0.4
@@ -1,3 +1,4 @@
1
+ require 'rack/oauth2/server/util'
1
2
  require 'rack/oauth2/server/error'
2
3
  require 'rack/oauth2/server/abstract'
3
4
  require 'rack/oauth2/server/authorization'
@@ -7,6 +7,10 @@ module Rack
7
7
  class Handler < Rack::Auth::AbstractHandler
8
8
  attr_accessor :request, :response
9
9
 
10
+ def initialize(realm = '', &authenticator)
11
+ super(nil, realm, &authenticator)
12
+ end
13
+
10
14
  def call(env)
11
15
  @authenticator.call(@request, @response) if @authenticator
12
16
  env['rack.oauth2.request'] = @request
@@ -6,6 +6,25 @@ module Rack
6
6
  def initialize(request)
7
7
  super([], 200, {})
8
8
  end
9
+
10
+ def required_params
11
+ []
12
+ end
13
+
14
+ def verify_required_params!
15
+ missing_params = []
16
+ required_params.each do |key|
17
+ missing_params << key unless self.send(key)
18
+ end
19
+ unless missing_params.blank?
20
+ raise "Setup '#{missing_params.join('\', \'')}' first!"
21
+ end
22
+ end
23
+
24
+ def finish
25
+ verify_required_params!
26
+ super
27
+ end
9
28
  end
10
29
  end
11
30
  end
@@ -5,7 +5,7 @@ module Rack
5
5
 
6
6
  def call(env)
7
7
  request = Request.new(env)
8
- request.profile.new(@app, @realm, &@authenticator).call(env).finish
8
+ request.profile.new(@realm, &@authenticator).call(env).finish
9
9
  rescue Error => e
10
10
  e.finish
11
11
  end
@@ -15,7 +15,7 @@ module Rack
15
15
 
16
16
  def initialize(env)
17
17
  super
18
- @redirect_uri = URI.parse(params['redirect_uri'])
18
+ @redirect_uri = Util.parse_uri(params['redirect_uri']) if params['redirect_uri']
19
19
  @state = params['state']
20
20
  rescue URI::InvalidURIError
21
21
  # NOTE: can't redirect in this case.
@@ -23,7 +23,7 @@ module Rack
23
23
  end
24
24
 
25
25
  def required_params
26
- super + [:response_type, :client_id, :redirect_uri]
26
+ super + [:response_type, :client_id]
27
27
  end
28
28
 
29
29
  def profile
@@ -44,8 +44,8 @@ module Rack
44
44
  attr_accessor :redirect_uri, :state, :approved
45
45
 
46
46
  def initialize(request)
47
- @redirect_uri = request.redirect_uri
48
- @state = request.state
47
+ @redirect_uri = Util.parse_uri(request.redirect_uri) if request.redirect_uri
48
+ @state = request.state
49
49
  super
50
50
  end
51
51
 
@@ -20,6 +20,10 @@ module Rack
20
20
  class Response < Authorization::Response
21
21
  attr_accessor :code
22
22
 
23
+ def required_params
24
+ super + [:code]
25
+ end
26
+
23
27
  def finish
24
28
  if approved?
25
29
  params = {
@@ -20,6 +20,10 @@ module Rack
20
20
  class Response < Authorization::Response
21
21
  attr_accessor :code, :access_token, :expires_in, :scope
22
22
 
23
+ def required_params
24
+ super + [:code, :access_token]
25
+ end
26
+
23
27
  def finish
24
28
  if approved?
25
29
  # append query params
@@ -20,6 +20,10 @@ module Rack
20
20
  class Response < Authorization::Response
21
21
  attr_accessor :access_token, :expires_in, :scope
22
22
 
23
+ def required_params
24
+ super + [:access_token]
25
+ end
26
+
23
27
  def finish
24
28
  if approved?
25
29
  params = {
@@ -11,7 +11,7 @@ module Rack
11
11
  @description = description
12
12
  @uri = options[:uri]
13
13
  @state = options[:state]
14
- @redirect_uri = options[:redirect_uri]
14
+ @redirect_uri = Util.parse_uri(options[:redirect_uri]) if options[:redirect_uri]
15
15
  end
16
16
 
17
17
  def finish
@@ -24,21 +24,13 @@ module Rack
24
24
  value.blank?
25
25
  end
26
26
  if redirect_uri
27
- _redirect_uri_ = case redirect_uri
28
- when URI::Generic
29
- redirect_uri
30
- when String
31
- URI.parse(redirect_uri)
32
- else
33
- raise "Invalid redirect_uri is given. String or URI::Generic is require."
34
- end
35
- _redirect_uri_.query = if _redirect_uri_.query
36
- [_redirect_uri_.query, params.to_query].join('&')
27
+ redirect_uri.query = if redirect_uri.query
28
+ [redirect_uri.query, params.to_query].join('&')
37
29
  else
38
30
  params.to_query
39
31
  end
40
32
  response = Rack::Response.new
41
- response.redirect _redirect_uri_.to_s
33
+ response.redirect redirect_uri.to_s
42
34
  response.finish
43
35
  else
44
36
  [code, {'Content-Type' => 'application/json'}, params.to_json]
@@ -2,11 +2,10 @@ module Rack
2
2
  module OAuth2
3
3
  module Server
4
4
  class Token < Abstract::Handler
5
- attr_accessor :grant_type, :optional_authentication
6
5
 
7
6
  def call(env)
8
7
  request = Request.new(env)
9
- request.profile.new(@app, @realm, &@authenticator).call(env).finish
8
+ request.profile.new(@realm, &@authenticator).call(env).finish
10
9
  rescue Error => e
11
10
  e.finish
12
11
  end
@@ -43,6 +42,10 @@ module Rack
43
42
  class Response < Abstract::Response
44
43
  attr_accessor :access_token, :expires_in, :refresh_token, :scope
45
44
 
45
+ def required_params
46
+ super + [:access_token]
47
+ end
48
+
46
49
  def finish
47
50
  response = {:access_token => access_token}
48
51
  response[:expires_in] = expires_in if expires_in
@@ -0,0 +1,20 @@
1
+ module Rack
2
+ module OAuth2
3
+ module Server
4
+ module Util
5
+ class << self
6
+ def parse_uri(uri)
7
+ case uri
8
+ when URI::Generic
9
+ uri
10
+ when String
11
+ URI.parse(uri)
12
+ else
13
+ raise "Invalid format of URI is given."
14
+ end
15
+ end
16
+ end
17
+ end
18
+ end
19
+ end
20
+ end
data/rack-oauth2.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{rack-oauth2}
8
- s.version = "0.0.3"
8
+ s.version = "0.0.4"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["nov matake"]
12
- s.date = %q{2010-09-15}
12
+ s.date = %q{2010-09-16}
13
13
  s.description = %q{Rack Middleware for OAuth2 Client & Server, currently working on server code first.}
14
14
  s.email = %q{nov@matake.jp}
15
15
  s.extra_rdoc_files = [
@@ -41,6 +41,7 @@ Gem::Specification.new do |s|
41
41
  "lib/rack/oauth2/server/token/authorization_code.rb",
42
42
  "lib/rack/oauth2/server/token/password.rb",
43
43
  "lib/rack/oauth2/server/token/refresh_token.rb",
44
+ "lib/rack/oauth2/server/util.rb",
44
45
  "rack-oauth2.gemspec",
45
46
  "spec/rack/oauth2/server/authorization/code_and_token_spec.rb",
46
47
  "spec/rack/oauth2/server/authorization/code_spec.rb",
@@ -6,7 +6,7 @@ describe Rack::OAuth2::Server::Authorization::Token do
6
6
 
7
7
  before do
8
8
  # NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Token directly
9
- @app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
9
+ @app = Rack::OAuth2::Server::Authorization.new do |request, response|
10
10
  response.approve!
11
11
  response.access_token = "access_token"
12
12
  end
@@ -25,7 +25,7 @@ describe Rack::OAuth2::Server::Authorization::Token do
25
25
 
26
26
  before do
27
27
  # NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
28
- @app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
28
+ @app = Rack::OAuth2::Server::Authorization.new do |request, response|
29
29
  raise Rack::OAuth2::Server::Unauthorized.new(:access_denied, 'User rejected the requested access.', :redirect_uri => request.redirect_uri)
30
30
  end
31
31
  @request = Rack::MockRequest.new @app
@@ -1,17 +1,21 @@
1
1
  require 'spec_helper.rb'
2
2
 
3
3
  describe Rack::OAuth2::Server::Authorization do
4
+ it "should support realm" do
5
+ app = Rack::OAuth2::Server::Authorization.new("server.example.com")
6
+ app.realm.should == "server.example.com"
7
+ end
8
+ end
9
+
10
+ describe Rack::OAuth2::Server::Authorization::Request do
4
11
 
5
12
  before do
6
- @app = Rack::OAuth2::Server::Authorization.new(simple_app)
13
+ @app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
14
+ response.code = "authorization_code"
15
+ end
7
16
  @request = Rack::MockRequest.new @app
8
17
  end
9
18
 
10
- it "should support realm" do
11
- app = Rack::OAuth2::Server::Authorization.new(simple_app, "server.example.com")
12
- app.realm.should == "server.example.com"
13
- end
14
-
15
19
  context "when any required parameters are missing" do
16
20
  it "should return invalid_request error" do
17
21
  assert_error_response(:json, :invalid_request) do
@@ -21,16 +25,7 @@ describe Rack::OAuth2::Server::Authorization do
21
25
  @request.get('/?response_type=code')
22
26
  end
23
27
  assert_error_response(:json, :invalid_request) do
24
- @request.get('/?response_type=code&client_id=client')
25
- end
26
- assert_error_response(:json, :invalid_request) do
27
- @request.get('/?response_type=code&redirect_uri=http://client.example.com/callback')
28
- end
29
- assert_error_response(:json, :invalid_request) do
30
- @request.get('/?client_id=client&redirect_uri=http://client.example.com/callback')
31
- end
32
- assert_error_response(:json, :invalid_request) do
33
- @request.get('/?response_type=code&redirect_uri=http://client.example.com/callback')
28
+ @request.get('/?client_id=client')
34
29
  end
35
30
  end
36
31
  end
@@ -45,9 +40,48 @@ describe Rack::OAuth2::Server::Authorization do
45
40
 
46
41
  context "when all required parameters are valid" do
47
42
  it "should succeed" do
48
- response = @request.get('/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback')
43
+ response = @request.get('/?response_type=code&client_id=client')
49
44
  response.status.should == 200
50
45
  end
51
46
  end
52
47
 
48
+ end
49
+
50
+ describe Rack::OAuth2::Server::Authorization::Response do
51
+
52
+ context "when required response params are missing" do
53
+
54
+ before do
55
+ @app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
56
+ response.approve!
57
+ # code is missing
58
+ end
59
+ @request = Rack::MockRequest.new @app
60
+ end
61
+
62
+ it "should raise an error" do
63
+ lambda do
64
+ @request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback")
65
+ end.should raise_error(StandardError)
66
+ end
67
+
68
+ end
69
+
70
+ context "when required response params are given" do
71
+
72
+ before do
73
+ @app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
74
+ response.approve!
75
+ response.code = "authorization_code"
76
+ end
77
+ @request = Rack::MockRequest.new @app
78
+ end
79
+
80
+ it "should succeed" do
81
+ response = @request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback")
82
+ response.status.should == 302
83
+ end
84
+
85
+ end
86
+
53
87
  end
@@ -1,17 +1,21 @@
1
1
  require 'spec_helper.rb'
2
2
 
3
3
  describe Rack::OAuth2::Server::Token do
4
+ it "should support realm" do
5
+ app = Rack::OAuth2::Server::Token.new("server.example.com")
6
+ app.realm.should == "server.example.com"
7
+ end
8
+ end
9
+
10
+ describe Rack::OAuth2::Server::Token::Request do
4
11
 
5
12
  before do
6
- @app = Rack::OAuth2::Server::Token.new(simple_app)
13
+ @app = Rack::OAuth2::Server::Token.new do |request, response|
14
+ response.access_token = "access_token"
15
+ end
7
16
  @request = Rack::MockRequest.new @app
8
17
  end
9
18
 
10
- it "should support realm" do
11
- app = Rack::OAuth2::Server::Token.new(simple_app, "server.example.com")
12
- app.realm.should == "server.example.com"
13
- end
14
-
15
19
  context "when any required parameters are missing" do
16
20
  it "should return invalid_request error" do
17
21
  assert_error_response(:json, :invalid_request) do
@@ -56,4 +60,41 @@ describe Rack::OAuth2::Server::Token do
56
60
  end
57
61
  end
58
62
 
63
+ end
64
+
65
+ describe Rack::OAuth2::Server::Token::Response do
66
+
67
+ context "when required response params are missing" do
68
+
69
+ before do
70
+ @app = Rack::OAuth2::Server::Token.new do |request, response|
71
+ # access_token is missing
72
+ end
73
+ @request = Rack::MockRequest.new @app
74
+ end
75
+
76
+ it "should raise an error" do
77
+ lambda do
78
+ @request.get("/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback")
79
+ end.should raise_error(StandardError)
80
+ end
81
+
82
+ end
83
+
84
+ context "when required response params are given" do
85
+
86
+ before do
87
+ @app = Rack::OAuth2::Server::Token.new do |request, response|
88
+ response.access_token = "access_token"
89
+ end
90
+ @request = Rack::MockRequest.new @app
91
+ end
92
+
93
+ it "should succeed" do
94
+ response = @request.get("/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback")
95
+ response.status.should == 200
96
+ end
97
+
98
+ end
99
+
59
100
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- hash: 25
4
+ hash: 23
5
5
  prerelease: false
6
6
  segments:
7
7
  - 0
8
8
  - 0
9
- - 3
10
- version: 0.0.3
9
+ - 4
10
+ version: 0.0.4
11
11
  platform: ruby
12
12
  authors:
13
13
  - nov matake
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2010-09-15 00:00:00 +09:00
18
+ date: 2010-09-16 00:00:00 +09:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency
@@ -96,6 +96,7 @@ files:
96
96
  - lib/rack/oauth2/server/token/authorization_code.rb
97
97
  - lib/rack/oauth2/server/token/password.rb
98
98
  - lib/rack/oauth2/server/token/refresh_token.rb
99
+ - lib/rack/oauth2/server/util.rb
99
100
  - rack-oauth2.gemspec
100
101
  - spec/rack/oauth2/server/authorization/code_and_token_spec.rb
101
102
  - spec/rack/oauth2/server/authorization/code_spec.rb