rack-oauth2 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/lib/rack/oauth2/server.rb +1 -0
- data/lib/rack/oauth2/server/abstract/handler.rb +4 -0
- data/lib/rack/oauth2/server/abstract/response.rb +19 -0
- data/lib/rack/oauth2/server/authorization.rb +5 -5
- data/lib/rack/oauth2/server/authorization/code.rb +4 -0
- data/lib/rack/oauth2/server/authorization/code_and_token.rb +4 -0
- data/lib/rack/oauth2/server/authorization/token.rb +4 -0
- data/lib/rack/oauth2/server/error.rb +4 -12
- data/lib/rack/oauth2/server/token.rb +5 -2
- data/lib/rack/oauth2/server/util.rb +20 -0
- data/rack-oauth2.gemspec +3 -2
- data/spec/rack/oauth2/server/authorization/token_spec.rb +2 -2
- data/spec/rack/oauth2/server/authorization_spec.rb +51 -17
- data/spec/rack/oauth2/server/token_spec.rb +47 -6
- metadata +5 -4
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.0.
|
1
|
+
0.0.4
|
data/lib/rack/oauth2/server.rb
CHANGED
@@ -7,6 +7,10 @@ module Rack
|
|
7
7
|
class Handler < Rack::Auth::AbstractHandler
|
8
8
|
attr_accessor :request, :response
|
9
9
|
|
10
|
+
def initialize(realm = '', &authenticator)
|
11
|
+
super(nil, realm, &authenticator)
|
12
|
+
end
|
13
|
+
|
10
14
|
def call(env)
|
11
15
|
@authenticator.call(@request, @response) if @authenticator
|
12
16
|
env['rack.oauth2.request'] = @request
|
@@ -6,6 +6,25 @@ module Rack
|
|
6
6
|
def initialize(request)
|
7
7
|
super([], 200, {})
|
8
8
|
end
|
9
|
+
|
10
|
+
def required_params
|
11
|
+
[]
|
12
|
+
end
|
13
|
+
|
14
|
+
def verify_required_params!
|
15
|
+
missing_params = []
|
16
|
+
required_params.each do |key|
|
17
|
+
missing_params << key unless self.send(key)
|
18
|
+
end
|
19
|
+
unless missing_params.blank?
|
20
|
+
raise "Setup '#{missing_params.join('\', \'')}' first!"
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
def finish
|
25
|
+
verify_required_params!
|
26
|
+
super
|
27
|
+
end
|
9
28
|
end
|
10
29
|
end
|
11
30
|
end
|
@@ -5,7 +5,7 @@ module Rack
|
|
5
5
|
|
6
6
|
def call(env)
|
7
7
|
request = Request.new(env)
|
8
|
-
request.profile.new(@
|
8
|
+
request.profile.new(@realm, &@authenticator).call(env).finish
|
9
9
|
rescue Error => e
|
10
10
|
e.finish
|
11
11
|
end
|
@@ -15,7 +15,7 @@ module Rack
|
|
15
15
|
|
16
16
|
def initialize(env)
|
17
17
|
super
|
18
|
-
@redirect_uri =
|
18
|
+
@redirect_uri = Util.parse_uri(params['redirect_uri']) if params['redirect_uri']
|
19
19
|
@state = params['state']
|
20
20
|
rescue URI::InvalidURIError
|
21
21
|
# NOTE: can't redirect in this case.
|
@@ -23,7 +23,7 @@ module Rack
|
|
23
23
|
end
|
24
24
|
|
25
25
|
def required_params
|
26
|
-
super + [:response_type, :client_id
|
26
|
+
super + [:response_type, :client_id]
|
27
27
|
end
|
28
28
|
|
29
29
|
def profile
|
@@ -44,8 +44,8 @@ module Rack
|
|
44
44
|
attr_accessor :redirect_uri, :state, :approved
|
45
45
|
|
46
46
|
def initialize(request)
|
47
|
-
@redirect_uri = request.redirect_uri
|
48
|
-
@state
|
47
|
+
@redirect_uri = Util.parse_uri(request.redirect_uri) if request.redirect_uri
|
48
|
+
@state = request.state
|
49
49
|
super
|
50
50
|
end
|
51
51
|
|
@@ -11,7 +11,7 @@ module Rack
|
|
11
11
|
@description = description
|
12
12
|
@uri = options[:uri]
|
13
13
|
@state = options[:state]
|
14
|
-
@redirect_uri = options[:redirect_uri]
|
14
|
+
@redirect_uri = Util.parse_uri(options[:redirect_uri]) if options[:redirect_uri]
|
15
15
|
end
|
16
16
|
|
17
17
|
def finish
|
@@ -24,21 +24,13 @@ module Rack
|
|
24
24
|
value.blank?
|
25
25
|
end
|
26
26
|
if redirect_uri
|
27
|
-
|
28
|
-
|
29
|
-
redirect_uri
|
30
|
-
when String
|
31
|
-
URI.parse(redirect_uri)
|
32
|
-
else
|
33
|
-
raise "Invalid redirect_uri is given. String or URI::Generic is require."
|
34
|
-
end
|
35
|
-
_redirect_uri_.query = if _redirect_uri_.query
|
36
|
-
[_redirect_uri_.query, params.to_query].join('&')
|
27
|
+
redirect_uri.query = if redirect_uri.query
|
28
|
+
[redirect_uri.query, params.to_query].join('&')
|
37
29
|
else
|
38
30
|
params.to_query
|
39
31
|
end
|
40
32
|
response = Rack::Response.new
|
41
|
-
response.redirect
|
33
|
+
response.redirect redirect_uri.to_s
|
42
34
|
response.finish
|
43
35
|
else
|
44
36
|
[code, {'Content-Type' => 'application/json'}, params.to_json]
|
@@ -2,11 +2,10 @@ module Rack
|
|
2
2
|
module OAuth2
|
3
3
|
module Server
|
4
4
|
class Token < Abstract::Handler
|
5
|
-
attr_accessor :grant_type, :optional_authentication
|
6
5
|
|
7
6
|
def call(env)
|
8
7
|
request = Request.new(env)
|
9
|
-
request.profile.new(@
|
8
|
+
request.profile.new(@realm, &@authenticator).call(env).finish
|
10
9
|
rescue Error => e
|
11
10
|
e.finish
|
12
11
|
end
|
@@ -43,6 +42,10 @@ module Rack
|
|
43
42
|
class Response < Abstract::Response
|
44
43
|
attr_accessor :access_token, :expires_in, :refresh_token, :scope
|
45
44
|
|
45
|
+
def required_params
|
46
|
+
super + [:access_token]
|
47
|
+
end
|
48
|
+
|
46
49
|
def finish
|
47
50
|
response = {:access_token => access_token}
|
48
51
|
response[:expires_in] = expires_in if expires_in
|
@@ -0,0 +1,20 @@
|
|
1
|
+
module Rack
|
2
|
+
module OAuth2
|
3
|
+
module Server
|
4
|
+
module Util
|
5
|
+
class << self
|
6
|
+
def parse_uri(uri)
|
7
|
+
case uri
|
8
|
+
when URI::Generic
|
9
|
+
uri
|
10
|
+
when String
|
11
|
+
URI.parse(uri)
|
12
|
+
else
|
13
|
+
raise "Invalid format of URI is given."
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
data/rack-oauth2.gemspec
CHANGED
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{rack-oauth2}
|
8
|
-
s.version = "0.0.
|
8
|
+
s.version = "0.0.4"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["nov matake"]
|
12
|
-
s.date = %q{2010-09-
|
12
|
+
s.date = %q{2010-09-16}
|
13
13
|
s.description = %q{Rack Middleware for OAuth2 Client & Server, currently working on server code first.}
|
14
14
|
s.email = %q{nov@matake.jp}
|
15
15
|
s.extra_rdoc_files = [
|
@@ -41,6 +41,7 @@ Gem::Specification.new do |s|
|
|
41
41
|
"lib/rack/oauth2/server/token/authorization_code.rb",
|
42
42
|
"lib/rack/oauth2/server/token/password.rb",
|
43
43
|
"lib/rack/oauth2/server/token/refresh_token.rb",
|
44
|
+
"lib/rack/oauth2/server/util.rb",
|
44
45
|
"rack-oauth2.gemspec",
|
45
46
|
"spec/rack/oauth2/server/authorization/code_and_token_spec.rb",
|
46
47
|
"spec/rack/oauth2/server/authorization/code_spec.rb",
|
@@ -6,7 +6,7 @@ describe Rack::OAuth2::Server::Authorization::Token do
|
|
6
6
|
|
7
7
|
before do
|
8
8
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Token directly
|
9
|
-
@app = Rack::OAuth2::Server::Authorization.new
|
9
|
+
@app = Rack::OAuth2::Server::Authorization.new do |request, response|
|
10
10
|
response.approve!
|
11
11
|
response.access_token = "access_token"
|
12
12
|
end
|
@@ -25,7 +25,7 @@ describe Rack::OAuth2::Server::Authorization::Token do
|
|
25
25
|
|
26
26
|
before do
|
27
27
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
28
|
-
@app = Rack::OAuth2::Server::Authorization.new
|
28
|
+
@app = Rack::OAuth2::Server::Authorization.new do |request, response|
|
29
29
|
raise Rack::OAuth2::Server::Unauthorized.new(:access_denied, 'User rejected the requested access.', :redirect_uri => request.redirect_uri)
|
30
30
|
end
|
31
31
|
@request = Rack::MockRequest.new @app
|
@@ -1,17 +1,21 @@
|
|
1
1
|
require 'spec_helper.rb'
|
2
2
|
|
3
3
|
describe Rack::OAuth2::Server::Authorization do
|
4
|
+
it "should support realm" do
|
5
|
+
app = Rack::OAuth2::Server::Authorization.new("server.example.com")
|
6
|
+
app.realm.should == "server.example.com"
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
describe Rack::OAuth2::Server::Authorization::Request do
|
4
11
|
|
5
12
|
before do
|
6
|
-
@app = Rack::OAuth2::Server::Authorization.new(simple_app)
|
13
|
+
@app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
|
14
|
+
response.code = "authorization_code"
|
15
|
+
end
|
7
16
|
@request = Rack::MockRequest.new @app
|
8
17
|
end
|
9
18
|
|
10
|
-
it "should support realm" do
|
11
|
-
app = Rack::OAuth2::Server::Authorization.new(simple_app, "server.example.com")
|
12
|
-
app.realm.should == "server.example.com"
|
13
|
-
end
|
14
|
-
|
15
19
|
context "when any required parameters are missing" do
|
16
20
|
it "should return invalid_request error" do
|
17
21
|
assert_error_response(:json, :invalid_request) do
|
@@ -21,16 +25,7 @@ describe Rack::OAuth2::Server::Authorization do
|
|
21
25
|
@request.get('/?response_type=code')
|
22
26
|
end
|
23
27
|
assert_error_response(:json, :invalid_request) do
|
24
|
-
@request.get('/?
|
25
|
-
end
|
26
|
-
assert_error_response(:json, :invalid_request) do
|
27
|
-
@request.get('/?response_type=code&redirect_uri=http://client.example.com/callback')
|
28
|
-
end
|
29
|
-
assert_error_response(:json, :invalid_request) do
|
30
|
-
@request.get('/?client_id=client&redirect_uri=http://client.example.com/callback')
|
31
|
-
end
|
32
|
-
assert_error_response(:json, :invalid_request) do
|
33
|
-
@request.get('/?response_type=code&redirect_uri=http://client.example.com/callback')
|
28
|
+
@request.get('/?client_id=client')
|
34
29
|
end
|
35
30
|
end
|
36
31
|
end
|
@@ -45,9 +40,48 @@ describe Rack::OAuth2::Server::Authorization do
|
|
45
40
|
|
46
41
|
context "when all required parameters are valid" do
|
47
42
|
it "should succeed" do
|
48
|
-
response = @request.get('/?response_type=code&client_id=client
|
43
|
+
response = @request.get('/?response_type=code&client_id=client')
|
49
44
|
response.status.should == 200
|
50
45
|
end
|
51
46
|
end
|
52
47
|
|
48
|
+
end
|
49
|
+
|
50
|
+
describe Rack::OAuth2::Server::Authorization::Response do
|
51
|
+
|
52
|
+
context "when required response params are missing" do
|
53
|
+
|
54
|
+
before do
|
55
|
+
@app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
|
56
|
+
response.approve!
|
57
|
+
# code is missing
|
58
|
+
end
|
59
|
+
@request = Rack::MockRequest.new @app
|
60
|
+
end
|
61
|
+
|
62
|
+
it "should raise an error" do
|
63
|
+
lambda do
|
64
|
+
@request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback")
|
65
|
+
end.should raise_error(StandardError)
|
66
|
+
end
|
67
|
+
|
68
|
+
end
|
69
|
+
|
70
|
+
context "when required response params are given" do
|
71
|
+
|
72
|
+
before do
|
73
|
+
@app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
|
74
|
+
response.approve!
|
75
|
+
response.code = "authorization_code"
|
76
|
+
end
|
77
|
+
@request = Rack::MockRequest.new @app
|
78
|
+
end
|
79
|
+
|
80
|
+
it "should succeed" do
|
81
|
+
response = @request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback")
|
82
|
+
response.status.should == 302
|
83
|
+
end
|
84
|
+
|
85
|
+
end
|
86
|
+
|
53
87
|
end
|
@@ -1,17 +1,21 @@
|
|
1
1
|
require 'spec_helper.rb'
|
2
2
|
|
3
3
|
describe Rack::OAuth2::Server::Token do
|
4
|
+
it "should support realm" do
|
5
|
+
app = Rack::OAuth2::Server::Token.new("server.example.com")
|
6
|
+
app.realm.should == "server.example.com"
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
describe Rack::OAuth2::Server::Token::Request do
|
4
11
|
|
5
12
|
before do
|
6
|
-
@app = Rack::OAuth2::Server::Token.new
|
13
|
+
@app = Rack::OAuth2::Server::Token.new do |request, response|
|
14
|
+
response.access_token = "access_token"
|
15
|
+
end
|
7
16
|
@request = Rack::MockRequest.new @app
|
8
17
|
end
|
9
18
|
|
10
|
-
it "should support realm" do
|
11
|
-
app = Rack::OAuth2::Server::Token.new(simple_app, "server.example.com")
|
12
|
-
app.realm.should == "server.example.com"
|
13
|
-
end
|
14
|
-
|
15
19
|
context "when any required parameters are missing" do
|
16
20
|
it "should return invalid_request error" do
|
17
21
|
assert_error_response(:json, :invalid_request) do
|
@@ -56,4 +60,41 @@ describe Rack::OAuth2::Server::Token do
|
|
56
60
|
end
|
57
61
|
end
|
58
62
|
|
63
|
+
end
|
64
|
+
|
65
|
+
describe Rack::OAuth2::Server::Token::Response do
|
66
|
+
|
67
|
+
context "when required response params are missing" do
|
68
|
+
|
69
|
+
before do
|
70
|
+
@app = Rack::OAuth2::Server::Token.new do |request, response|
|
71
|
+
# access_token is missing
|
72
|
+
end
|
73
|
+
@request = Rack::MockRequest.new @app
|
74
|
+
end
|
75
|
+
|
76
|
+
it "should raise an error" do
|
77
|
+
lambda do
|
78
|
+
@request.get("/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback")
|
79
|
+
end.should raise_error(StandardError)
|
80
|
+
end
|
81
|
+
|
82
|
+
end
|
83
|
+
|
84
|
+
context "when required response params are given" do
|
85
|
+
|
86
|
+
before do
|
87
|
+
@app = Rack::OAuth2::Server::Token.new do |request, response|
|
88
|
+
response.access_token = "access_token"
|
89
|
+
end
|
90
|
+
@request = Rack::MockRequest.new @app
|
91
|
+
end
|
92
|
+
|
93
|
+
it "should succeed" do
|
94
|
+
response = @request.get("/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback")
|
95
|
+
response.status.should == 200
|
96
|
+
end
|
97
|
+
|
98
|
+
end
|
99
|
+
|
59
100
|
end
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 23
|
5
5
|
prerelease: false
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 0
|
9
|
-
-
|
10
|
-
version: 0.0.
|
9
|
+
- 4
|
10
|
+
version: 0.0.4
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- nov matake
|
@@ -15,7 +15,7 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2010-09-
|
18
|
+
date: 2010-09-16 00:00:00 +09:00
|
19
19
|
default_executable:
|
20
20
|
dependencies:
|
21
21
|
- !ruby/object:Gem::Dependency
|
@@ -96,6 +96,7 @@ files:
|
|
96
96
|
- lib/rack/oauth2/server/token/authorization_code.rb
|
97
97
|
- lib/rack/oauth2/server/token/password.rb
|
98
98
|
- lib/rack/oauth2/server/token/refresh_token.rb
|
99
|
+
- lib/rack/oauth2/server/util.rb
|
99
100
|
- rack-oauth2.gemspec
|
100
101
|
- spec/rack/oauth2/server/authorization/code_and_token_spec.rb
|
101
102
|
- spec/rack/oauth2/server/authorization/code_spec.rb
|