RubyGems - rack-oauth2 - Versions diffs - 0.2.3 → 0.3.0.alpha - Mend

rack-oauth2 0.2.3 → 0.3.0.alpha

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

data/Gemfile +1 -0
data/README.rdoc +1 -0
data/VERSION +1 -1
data/lib/rack/oauth2.rb +1 -7
data/lib/rack/oauth2/server.rb +0 -1
data/lib/rack/oauth2/server/abstract.rb +2 -1
data/lib/rack/oauth2/server/abstract/error.rb +55 -0
data/lib/rack/oauth2/server/abstract/handler.rb +2 -3
data/lib/rack/oauth2/server/abstract/request.rb +2 -3
data/lib/rack/oauth2/server/abstract/response.rb +0 -5
data/lib/rack/oauth2/server/authorize.rb +19 -14
data/lib/rack/oauth2/server/authorize/code.rb +8 -19
data/lib/rack/oauth2/server/authorize/error.rb +60 -0
data/lib/rack/oauth2/server/authorize/token.rb +15 -24
data/lib/rack/oauth2/server/resource.rb +1 -79
data/lib/rack/oauth2/server/resource/bearer.rb +74 -0
data/lib/rack/oauth2/server/resource/bearer/error.rb +80 -0
data/lib/rack/oauth2/server/token.rb +12 -19
data/lib/rack/oauth2/server/token/authorization_code.rb +4 -5
data/lib/rack/oauth2/server/token/error.rb +54 -0
data/lib/rack/oauth2/server/token/password.rb +0 -2
data/lib/rack/oauth2/server/token/refresh_token.rb +1 -1
data/lib/rack/oauth2/server/util.rb +29 -0
data/rack-oauth2.gemspec +1 -1
data/spec/rack/oauth2/server/abstract/error_spec.rb +51 -0
data/spec/rack/oauth2/server/authorize/code_spec.rb +42 -28
data/spec/rack/oauth2/server/authorize/error_spec.rb +103 -0
data/spec/rack/oauth2/server/authorize/token_spec.rb +55 -26
data/spec/rack/oauth2/server/authorize_spec.rb +24 -68
data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +118 -0
data/spec/rack/oauth2/server/resource/bearer_spec.rb +117 -0
data/spec/rack/oauth2/server/token/authorization_code_spec.rb +26 -109
data/spec/rack/oauth2/server/token/error_spec.rb +77 -0
data/spec/rack/oauth2/server/token/password_spec.rb +27 -47
data/spec/rack/oauth2/server/token/refresh_token_spec.rb +22 -43
data/spec/rack/oauth2/server/token_spec.rb +77 -116
data/spec/rack/oauth2/server/util_spec.rb +75 -16
data/spec/spec_helper.rb +0 -12
metadata +25 -29
data/lib/rack/oauth2/server/authorize/code_and_token.rb +0 -62
data/lib/rack/oauth2/server/error.rb +0 -73
data/lib/rack/oauth2/server/error/authorize.rb +0 -54
data/lib/rack/oauth2/server/error/resource.rb +0 -50
data/lib/rack/oauth2/server/error/token.rb +0 -59
data/lib/rack/oauth2/server/token/assertion.rb +0 -29
data/spec/rack/oauth2/server/authorize/code_and_token_spec.rb +0 -53
data/spec/rack/oauth2/server/error/authorize_spec.rb +0 -102
data/spec/rack/oauth2/server/error/resource_spec.rb +0 -69
data/spec/rack/oauth2/server/error/token_spec.rb +0 -115
data/spec/rack/oauth2/server/error_spec.rb +0 -107
data/spec/rack/oauth2/server/resource_spec.rb +0 -141
data/spec/rack/oauth2/server/token/assertion_spec.rb +0 -56

data/Gemfile CHANGED Viewed

	@@ -1 +1,2 @@
1	+ source 'http://rubygems.org'
1 2	gemspec

data/README.rdoc CHANGED Viewed

@@ -14,6 +14,7 @@ http://tools.ietf.org/html/draft-ietf-oauth-v2-10
 * View RDoc on RDoc.info (http://rdoc.info/github/nov/rack-oauth2)
 * View Source on GitHub (http://github.com/nov/rack-oauth2)
 * Report Issues on GitHub (http://github.com/nov/rack-oauth2/issues)
+* Facebook Page (http://www.facebook.com/pages/RackOAuth2/141477809244105)
 == Usage

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.2.3
1	+ 0.3.0.alpha

data/lib/rack/oauth2.rb CHANGED Viewed

@@ -3,10 +3,4 @@ require 'json'
 require 'active_support/core_ext'
 require 'attr_required'
 require 'attr_optional'
-require 'rack/oauth2/server'
-module Rack
-  module OAuth2
-    ACCESS_TOKEN = "rack.oauth2.oauth_token"
-  end
-end
+require 'rack/oauth2/server'

data/lib/rack/oauth2/server.rb CHANGED Viewed

@@ -1,5 +1,4 @@
 require 'rack/oauth2/server/util'
-require 'rack/oauth2/server/error'
 require 'rack/oauth2/server/abstract'
 require 'rack/oauth2/server/authorize'
 require 'rack/oauth2/server/token'

data/lib/rack/oauth2/server/abstract.rb CHANGED Viewed

@@ -1,3 +1,4 @@
 require 'rack/oauth2/server/abstract/handler'
 require 'rack/oauth2/server/abstract/request'
-require 'rack/oauth2/server/abstract/response'
+require 'rack/oauth2/server/abstract/response'
+require 'rack/oauth2/server/abstract/error'

data/lib/rack/oauth2/server/abstract/error.rb ADDED Viewed

@@ -0,0 +1,55 @@
+module Rack
+  module OAuth2
+    module Server
+      module Abstract
+        class Error < StandardError
+          attr_accessor :status, :error, :description, :uri
+          def initialize(status, error, description = nil, options = {})
+            @status      = status
+            @error       = error
+            @description = description
+            @uri         = options[:uri]
+          end
+          def protocol_params
+            {
+              :error             => error,
+              :error_description => description,
+              :error_uri         => uri
+            }
+          end
+          def finish
+            response = Rack::Response.new
+            response.status = status
+            yield response if block_given?
+            unless response.redirect?
+              response.header['Content-Type'] = 'application/json'
+              response.write Util.compact_hash(protocol_params).to_json
+            end
+            response.finish
+          end
+        end
+        class BadRequest < Error
+          def initialize(error = :bad_request, description = nil, options = {})
+            super 400, error, description, options
+          end
+        end
+        class Unauthorized < Error
+          def initialize(error = :unauthorized, description = nil, options = {})
+            super 401, error, description, options
+          end
+        end
+        class Forbidden < Error
+          def initialize(error = :forbidden, description = nil, options = {})
+            super 403, error, description, options
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/server/abstract/handler.rb CHANGED Viewed

@@ -3,10 +3,9 @@ module Rack
     module Server
       module Abstract
         class Handler
-          attr_accessor :realm, :authenticator, :request, :response
+          attr_accessor :authenticator, :request, :response
-          def initialize(realm = nil, &authenticator)
-            @realm = realm
+          def initialize(&authenticator)
             @authenticator = authenticator
           end

data/lib/rack/oauth2/server/abstract/request.rb CHANGED Viewed

@@ -15,14 +15,13 @@ module Rack
           def attr_missing_with_error_handling!
             if params['client_id'].present? && @client_id != params['client_id']
-              invalid_client!("Multiple client credentials are provided.")
+              invalid_request! 'Multiple client credentials are provided.'
             end
             attr_missing_without_error_handling!
           rescue AttrRequired::AttrMissing => e
-            invalid_request!(e.message, :state => @state, :redirect_uri => @redirect_uri)
+            invalid_request! e.message, :state => @state, :redirect_uri => @redirect_uri
           end
           alias_method_chain :attr_missing!, :error_handling
         end
       end
     end

data/lib/rack/oauth2/server/abstract/response.rb CHANGED Viewed

@@ -8,11 +8,6 @@ module Rack
           def initialize(request)
             super([], 200, {})
           end
-          def finish
-            attr_missing!
-            super
-          end
         end
       end
     end

data/lib/rack/oauth2/server/authorize.rb CHANGED Viewed

@@ -2,16 +2,14 @@ module Rack
   module OAuth2
     module Server
       class Authorize < Abstract::Handler
         def call(env)
           request = Request.new(env)
-          request.profile.new(@realm, &@authenticator).call(env).finish
-        rescue Error => e
+          request.profile.new(&@authenticator).call(env).finish
+        rescue Rack::OAuth2::Server::Abstract::Error => e
           e.finish
         end
         class Request < Abstract::Request
-          include Error::Authorize
           attr_required :response_type
           attr_optional :redirect_uri, :state
@@ -27,36 +25,43 @@ module Rack
               Code
             when 'token'
               Token
-            when 'code_and_token'
-              CodeAndToken
             when ''
               attr_missing!
             else
-              unsupported_response_type!("'#{params['response_type']}' isn't supported.")
+              unsupported_response_type! "#{CGI.escape params['response_type']} isn't supported."
             end
           end
         end
         class Response < Abstract::Response
           attr_required :redirect_uri
-          attr_optional :state, :approved
+          attr_optional :state, :approval
           def initialize(request)
             @state = request.state
-            @redirect_uri = Util.parse_uri(request.redirect_uri) if request.redirect_uri
             super
           end
           def approved?
-            @approved
+            @approval
           end
           def approve!
-            @approved = true
+            @approval = true
+          end
+          def protocol_params
+            {:state => state}
           end
-        end
+          def finish
+            if approved?
+              attr_missing!
+              redirect Util.redirect_uri(redirect_uri, protocol_params_location, protocol_params)
+            end
+            super
+          end
+        end
       end
     end
   end
@@ -64,4 +69,4 @@ end
 require 'rack/oauth2/server/authorize/code'
 require 'rack/oauth2/server/authorize/token'
-require 'rack/oauth2/server/authorize/code_and_token'
+require 'rack/oauth2/server/authorize/error'

data/lib/rack/oauth2/server/authorize/code.rb CHANGED Viewed

@@ -5,8 +5,8 @@ module Rack
         class Code < Abstract::Handler
           def call(env)
-            @request  = Request.new(env)
-            @response = Response.new(request)
+            @request  = Request.new env
+            @response = Response.new request
             super
           end
@@ -21,25 +21,14 @@ module Rack
           class Response < Authorize::Response
             attr_required :code
-            def finish
-              if approved?
-                params = {
-                  :code => code,
-                  :state => state
-                }.delete_if do |key, value|
-                  value.blank?
-                end
-                redirect_uri.query = if redirect_uri.query
-                  [redirect_uri.query, params.to_query].join('&')
-                else
-                  params.to_query
-                end
-                redirect redirect_uri.to_s
-              end
-              super
+            def protocol_params
+              super.merge(:code => code)
             end
-          end
+            def protocol_params_location
+              :query
+            end
+          end
         end
       end
     end

data/lib/rack/oauth2/server/authorize/error.rb ADDED Viewed

@@ -0,0 +1,60 @@
+module Rack
+  module OAuth2
+    module Server
+      class Authorize
+        class BadRequest < Abstract::BadRequest
+          attr_accessor :redirect_uri, :state, :protocol_params_location
+          def protocol_params
+            super.merge(:state => state)
+          end
+          def finish
+            if redirect_uri.present? && protocol_params_location.present?
+              super do |response|
+                response.redirect Util.redirect_uri(redirect_uri, protocol_params_location, protocol_params)
+              end
+            else
+              raise self
+            end
+          end
+        end
+        module ErrorMethods
+          DEFAULT_DESCRIPTION = {
+            :invalid_request => "The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.",
+            :unauthorized_client => "The client is not authorized to use the requested response type.",
+            :access_denied => "The end-user or authorization server denied the request.",
+            :unsupported_response_type => "The requested response type is not supported by the authorization server.",
+            :invalid_scope => "The requested scope is invalid, unknown, or malformed."
+          }
+          def self.included(klass)
+            DEFAULT_DESCRIPTION.each do |error, default_description|
+              klass.class_eval <<-ERROR
+                def #{error}!(description = "#{default_description}", options = {})
+                  bad_request! :#{error}, description, options.merge(:redirect => true)
+                end
+              ERROR
+            end
+          end
+          def bad_request!(error = :bad_request, description = nil, options = {})
+            exception = BadRequest.new error, description, options
+            exception.protocol_params_location = case response_type
+            when :code
+              :query
+            when :token
+              :fragment
+            end
+            exception.state = state
+            exception.redirect_uri = redirect_uri if options[:redirect]
+            raise exception
+          end
+        end
+        Request.send :include, ErrorMethods
+      end
+    end
+  end
+end

data/lib/rack/oauth2/server/authorize/token.rb CHANGED Viewed

@@ -3,10 +3,9 @@ module Rack
     module Server
       class Authorize
         class Token < Abstract::Handler
           def call(env)
-            @request  = Request.new(env)
-            @response = Response.new(request)
+            @request  = Request.new env
+            @response = Response.new request
             super
           end
@@ -19,30 +18,22 @@ module Rack
           end
           class Response < Authorize::Response
-            attr_required :access_token
-            attr_optional :expires_in, :scope
+            attr_required :access_token, :token_type
+            attr_optional :refresh_token, :expires_in, :scope
-            def finish
-              if approved?
-                params = {
-                  :access_token => access_token,
-                  :expires_in => expires_in,
-                  :scope => Array(scope).join(' '),
-                  :state => state
-                }.delete_if do |key, value|
-                  value.blank?
-                end
-                redirect_uri.fragment = if redirect_uri.fragment
-                  [redirect_uri.fragment, params.to_query].join('&')
-                else
-                  params.to_query
-                end
-                redirect redirect_uri.to_s
-              end
-              super
+            def protocol_params
+              super.merge(
+                :access_token => access_token,
+                :expires_in => expires_in,
+                :refresh_token => refresh_token,
+                :scope => Array(scope).join(' ')
+              )
             end
-          end
+            def protocol_params_location
+              :fragment
+            end
+          end
         end
       end
     end

data/lib/rack/oauth2/server/resource.rb CHANGED Viewed

@@ -1,79 +1 @@
-require 'rack/auth/abstract/request'
-module Rack
-  module OAuth2
-    module Server
-      class Resource < Abstract::Handler
-        def initialize(app, realm = nil, &authenticator)
-          @app = app
-          super(realm, &authenticator)
-        end
-        def call(env)
-          request = Request.new(env, realm)
-          if request.oauth2?
-            authenticate!(request)
-            env[ACCESS_TOKEN] = request.access_token
-          end
-          @app.call(env)
-        rescue Error => e
-          e.realm = realm
-          e.finish
-        end
-        private
-        def authenticate!(request)
-          @authenticator.call(request)
-        end
-        class Request < Rack::Request
-          include Error::Resource
-          attr_accessor :realm
-          def initialize(env, realm = nil)
-            @env = env
-            @realm = realm
-            @auth_header = Rack::Auth::AbstractRequest.new(env)
-          end
-          def oauth2?
-            access_token.present?
-          end
-          def access_token
-            tokens = [access_token_in_haeder, access_token_in_payload].compact
-            case Array(tokens).size
-            when 0
-              nil
-            when 1
-              tokens.first
-            else
-              invalid_request!('Both Authorization header and payload includes oauth_token.', :realm => realm)
-            end
-          end
-          def access_token_in_haeder
-            if @auth_header.provided? && @auth_header.scheme == :oauth && @auth_header.params !~ /oauth_signature_method/
-              @auth_header.params
-            else
-              nil
-            end
-          end
-          def access_token_in_payload
-            if params['oauth_token'] && !params['oauth_signature_method']
-              params['oauth_token']
-            else
-              nil # This is OAuth1 request
-            end
-          end
-        end
-      end
-    end
-  end
-end
+require 'rack/oauth2/server/resource/bearer'