rack-oauth2 0.4.6 → 0.5.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,6 +1,7 @@
1
1
  = rack-oauth2
2
2
 
3
- Rack Middleware for OAuth2 server. Experimental OAuth2 client library is also included.
3
+ Rack Middleware for OAuth2 server.
4
+ OAuth2 client library is also included.
4
5
 
5
6
  This gem is based on OAuth 2.0 draft v.13
6
7
  http://tools.ietf.org/html/draft-ietf-oauth-v2-13
@@ -11,10 +12,9 @@ http://tools.ietf.org/html/draft-ietf-oauth-v2-13
11
12
 
12
13
  == Resources
13
14
 
14
- * View RDoc on RDoc.info (http://rdoc.info/github/nov/rack-oauth2)
15
15
  * View Source on GitHub (http://github.com/nov/rack-oauth2)
16
16
  * Report Issues on GitHub (http://github.com/nov/rack-oauth2/issues)
17
- * Facebook Page (http://www.facebook.com/pages/RackOAuth2/141477809244105)
17
+ * Subscribe Update Info (http://www.facebook.com/pages/RackOAuth2/141477809244105)
18
18
 
19
19
  == Sample Server Application (Rails3)
20
20
 
@@ -29,7 +29,7 @@ http://github.com/nov/rack-oauth2-sample
29
29
  Authorization Request (request_type: 'code' and 'token')
30
30
  https://gist.github.com/862393
31
31
 
32
- Token Request (grant_type: 'client_credentials', 'password' and 'authorization_code')
32
+ Token Request (grant_type: 'client_credentials', 'password', 'authorization_code' and 'refresh_token')
33
33
  https://gist.github.com/883541
34
34
 
35
35
  Resource Request (request both for resource owner resource and for client resource)
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.4.6
1
+ 0.5.0
@@ -3,13 +3,14 @@ module Rack
3
3
  module Server
4
4
  module Abstract
5
5
  class Error < StandardError
6
- attr_accessor :status, :error, :description, :uri
6
+ attr_accessor :status, :error, :description, :uri, :realm
7
7
 
8
8
  def initialize(status, error, description = nil, options = {})
9
9
  @status = status
10
10
  @error = error
11
11
  @description = description
12
12
  @uri = options[:uri]
13
+ @realm = options[:realm]
13
14
  end
14
15
 
15
16
  def protocol_params
@@ -3,10 +3,13 @@ module Rack
3
3
  module Server
4
4
  module Resource
5
5
  class Bearer < Abstract::Handler
6
- ACCESS_TOKEN = 'rack.oauth2.bearer.oauth_token'
6
+ ACCESS_TOKEN = 'rack.oauth2.bearer_token'
7
+ DEFAULT_REALM = 'Bearer Token Required'
8
+ attr_accessor :realm
7
9
 
8
- def initialize(app, &authenticator)
10
+ def initialize(app, realm = nil,&authenticator)
9
11
  @app = app
12
+ @realm = realm
10
13
  super(&authenticator)
11
14
  end
12
15
 
@@ -18,6 +21,7 @@ module Rack
18
21
  end
19
22
  @app.call(env)
20
23
  rescue Rack::OAuth2::Server::Abstract::Error => e
24
+ e.realm ||= realm
21
25
  e.finish
22
26
  end
23
27
 
@@ -58,11 +62,7 @@ module Rack
58
62
  end
59
63
 
60
64
  def access_token_in_payload
61
- if params['oauth_token'] && !params['oauth_signature_method']
62
- params['oauth_token']
63
- else
64
- nil # This is OAuth1 request
65
- end
65
+ params['bearer_token']
66
66
  end
67
67
  end
68
68
  end
@@ -9,13 +9,12 @@ module Rack
9
9
  class Unauthorized < Abstract::Unauthorized
10
10
  def finish
11
11
  super do |response|
12
- response.header['WWW-Authenticate'] = if ErrorMethods::DEFAULT_DESCRIPTION.keys.include?(error)
13
- header = "Bearer error=\"#{error}\""
14
- header += " error_description=\"#{description}\"" if description.present?
15
- header += " error_uri=\"#{uri}\"" if uri.present?
16
- header
17
- else
18
- 'Bearer'
12
+ self.realm ||= DEFAULT_REALM
13
+ header = response.header['WWW-Authenticate'] = "Bearer realm=\"#{realm}\""
14
+ if ErrorMethods::DEFAULT_DESCRIPTION.keys.include?(error)
15
+ header << " error=\"#{error}\""
16
+ header << " error_description=\"#{description}\"" if description.present?
17
+ header << " error_uri=\"#{uri}\"" if uri.present?
19
18
  end
20
19
  end
21
20
  end
@@ -3,7 +3,7 @@ Gem::Specification.new do |s|
3
3
  s.version = File.read("VERSION")
4
4
  s.required_rubygems_version = Gem::Requirement.new(">= 1.3.6") if s.respond_to? :required_rubygems_version=
5
5
  s.authors = ["nov matake"]
6
- s.description = %q{Rack Middleware for OAuth2 server. Experimental OAuth2 client library is also included.}
6
+ s.description = %q{Rack Middleware for OAuth2 server. OAuth2 client library is also included.}
7
7
  s.summary = %q{Rack Middleware for OAuth2 server}
8
8
  s.email = "nov@matake.jp"
9
9
  s.extra_rdoc_files = ["LICENSE", "README.rdoc"]
@@ -1,4 +1,5 @@
1
1
  {
2
2
  "access_token":"access_token",
3
+ "token_type":"bearer",
3
4
  "expires_in":3600
4
5
  }
@@ -67,6 +67,12 @@ describe Rack::OAuth2::Client do
67
67
  it { should be_instance_of Rack::OAuth2::Client::Grant::Password }
68
68
  end
69
69
 
70
+ describe '#refresh_token=' do
71
+ before { client.refresh_token = 'refresh_token' }
72
+ subject { client.instance_variable_get('@grant') }
73
+ it { should be_instance_of Rack::OAuth2::Client::Grant::RefreshToken }
74
+ end
75
+
70
76
  describe '#access_token!' do
71
77
  before do
72
78
  client.authorization_code = 'code'
@@ -79,6 +85,7 @@ describe Rack::OAuth2::Client do
79
85
  it do
80
86
  client.access_token!.should == {
81
87
  'access_token' => 'access_token',
88
+ 'token_type' => 'bearer',
82
89
  'expires_in' => 3600
83
90
  }
84
91
  end
@@ -16,6 +16,7 @@ end
16
16
 
17
17
  describe Rack::OAuth2::Server::Resource::Bearer::Unauthorized do
18
18
  let(:error) { Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:invalid_token) }
19
+ let(:realm) { Rack::OAuth2::Server::Resource::Bearer::DEFAULT_REALM }
19
20
 
20
21
  it { should be_a Rack::OAuth2::Server::Abstract::Unauthorized }
21
22
  describe '#finish' do
@@ -23,7 +24,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::Unauthorized do
23
24
  status, header, response = error.finish
24
25
  status.should == 401
25
26
  header['Content-Type'].should == 'application/json'
26
- header['WWW-Authenticate'].should == 'Bearer error="invalid_token"'
27
+ header['WWW-Authenticate'].should == "Bearer realm=\"#{realm}\" error=\"invalid_token\""
27
28
  response.body.should == ['{"error":"invalid_token"}']
28
29
  end
29
30
  end
@@ -33,7 +34,18 @@ describe Rack::OAuth2::Server::Resource::Bearer::Unauthorized do
33
34
 
34
35
  it 'should have error_code in body but not in WWW-Authenticate header' do
35
36
  status, header, response = error.finish
36
- header['WWW-Authenticate'].should == 'Bearer'
37
+ header['WWW-Authenticate'].should == "Bearer realm=\"#{realm}\""
38
+ response.body.first.should include '"error":"something"'
39
+ end
40
+ end
41
+
42
+ context 'when realm is specified' do
43
+ let(:realm) { 'server.example.com' }
44
+ let(:error) { Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:something, nil, :realm => realm) }
45
+
46
+ it 'should use given realm' do
47
+ status, header, response = error.finish
48
+ header['WWW-Authenticate'].should == "Bearer realm=\"#{realm}\""
37
49
  response.body.first.should include '"error":"something"'
38
50
  end
39
51
  end
@@ -59,7 +59,7 @@ describe Rack::OAuth2::Server::Resource::Bearer do
59
59
  end
60
60
 
61
61
  context 'when token is in params' do
62
- let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:oauth_token => 'valid_token'}) }
62
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:bearer_token => 'valid_token'}) }
63
63
  it_behaves_like :authenticated_request
64
64
  end
65
65
  end
@@ -71,7 +71,7 @@ describe Rack::OAuth2::Server::Resource::Bearer do
71
71
  end
72
72
 
73
73
  context 'when token is in params' do
74
- let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:oauth_token => 'invalid_token'}) }
74
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:bearer_token => 'invalid_token'}) }
75
75
  it_behaves_like :unauthorized_request
76
76
  end
77
77
  end
@@ -82,7 +82,7 @@ describe Rack::OAuth2::Server::Resource::Bearer do
82
82
  Rack::MockRequest.env_for(
83
83
  '/protected_resource',
84
84
  'HTTP_AUTHORIZATION' => 'Bearer valid_token',
85
- :params => {:oauth_token => 'valid_token'}
85
+ :params => {:bearer_token => 'valid_token'}
86
86
  )
87
87
  end
88
88
  it_behaves_like :bad_request
@@ -114,4 +114,28 @@ describe Rack::OAuth2::Server::Resource::Bearer do
114
114
  it_behaves_like :non_oauth2_request
115
115
  end
116
116
  end
117
+
118
+ describe 'realm' do
119
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'Bearer invalid_token') }
120
+
121
+ context 'when specified' do
122
+ let(:realm) { 'server.example.com' }
123
+ let(:app) do
124
+ Rack::OAuth2::Server::Resource::Bearer.new(simple_app, realm) do |request|
125
+ request.unauthorized!
126
+ end
127
+ end
128
+ it 'should use specified realm' do
129
+ status, header, response = request
130
+ header['WWW-Authenticate'].should include "Bearer realm=\"#{realm}\""
131
+ end
132
+ end
133
+
134
+ context 'otherwize' do
135
+ it 'should use default realm' do
136
+ status, header, response = request
137
+ header['WWW-Authenticate'].should include "Bearer realm=\"#{Rack::OAuth2::Server::Resource::Bearer::DEFAULT_REALM}\""
138
+ end
139
+ end
140
+ end
117
141
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- hash: 3
4
+ hash: 11
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
- - 4
9
- - 6
10
- version: 0.4.6
8
+ - 5
9
+ - 0
10
+ version: 0.5.0
11
11
  platform: ruby
12
12
  authors:
13
13
  - nov matake
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-03-26 00:00:00 +09:00
18
+ date: 2011-04-01 00:00:00 +09:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency
@@ -167,7 +167,7 @@ dependencies:
167
167
  version: "1.3"
168
168
  type: :development
169
169
  version_requirements: *id010
170
- description: Rack Middleware for OAuth2 server. Experimental OAuth2 client library is also included.
170
+ description: Rack Middleware for OAuth2 server. OAuth2 client library is also included.
171
171
  email: nov@matake.jp
172
172
  executables: []
173
173