rack-oauth2 0.4.6 → 0.5.0

data/README.rdoc

@@ -1,6 +1,7 @@
 = rack-oauth2
 
-Rack Middleware for OAuth2 server. Experimental OAuth2 client library is also included.
+Rack Middleware for OAuth2 server.
+OAuth2 client library is also included.
 
 This gem is based on OAuth 2.0 draft v.13
 http://tools.ietf.org/html/draft-ietf-oauth-v2-13
@@ -11,10 +12,9 @@ http://tools.ietf.org/html/draft-ietf-oauth-v2-13
 
 == Resources
 
-* View RDoc on RDoc.info (http://rdoc.info/github/nov/rack-oauth2)
 * View Source on GitHub (http://github.com/nov/rack-oauth2)
 * Report Issues on GitHub (http://github.com/nov/rack-oauth2/issues)
-* Facebook Page (http://www.facebook.com/pages/RackOAuth2/141477809244105)
+* Subscribe Update Info (http://www.facebook.com/pages/RackOAuth2/141477809244105)
 
 == Sample Server Application (Rails3)
 
@@ -29,7 +29,7 @@ http://github.com/nov/rack-oauth2-sample
 Authorization Request (request_type: 'code' and 'token')
 https://gist.github.com/862393
 
-Token Request (grant_type: 'client_credentials', 'password' and 'authorization_code')
+Token Request (grant_type: 'client_credentials', 'password', 'authorization_code' and 'refresh_token')
 https://gist.github.com/883541
 
 Resource Request (request both for resource owner resource and for client resource)

data/VERSION

@@ -1 +1 @@
-0.4.6
+0.5.0

data/lib/rack/oauth2/server/abstract/error.rb

@@ -3,13 +3,14 @@ module Rack
     module Server
       module Abstract
         class Error < StandardError
-          attr_accessor :status, :error, :description, :uri
+          attr_accessor :status, :error, :description, :uri, :realm
 
           def initialize(status, error, description = nil, options = {})
             @status      = status
             @error       = error
             @description = description
             @uri         = options[:uri]
+            @realm       = options[:realm]
           end
 
           def protocol_params

data/lib/rack/oauth2/server/resource/bearer.rb

@@ -3,10 +3,13 @@ module Rack
     module Server
       module Resource
         class Bearer < Abstract::Handler
-          ACCESS_TOKEN = 'rack.oauth2.bearer.oauth_token'
+          ACCESS_TOKEN = 'rack.oauth2.bearer_token'
+          DEFAULT_REALM = 'Bearer Token Required'
+          attr_accessor :realm
 
-          def initialize(app, &authenticator)
+          def initialize(app, realm = nil,&authenticator)
             @app = app
+            @realm = realm
             super(&authenticator)
           end
 
@@ -18,6 +21,7 @@ module Rack
             end
             @app.call(env)
           rescue Rack::OAuth2::Server::Abstract::Error => e
+            e.realm ||= realm
             e.finish
           end
 
@@ -58,11 +62,7 @@ module Rack
             end
 
             def access_token_in_payload
-              if params['oauth_token'] && !params['oauth_signature_method']
-                params['oauth_token']
-              else
-                nil # This is OAuth1 request
-              end
+              params['bearer_token']
             end
           end
         end

data/lib/rack/oauth2/server/resource/bearer/error.rb

@@ -9,13 +9,12 @@ module Rack
           class Unauthorized < Abstract::Unauthorized
             def finish
               super do |response|
-                response.header['WWW-Authenticate'] = if ErrorMethods::DEFAULT_DESCRIPTION.keys.include?(error)
-                  header = "Bearer error=\"#{error}\""
-                  header += " error_description=\"#{description}\"" if description.present?
-                  header += " error_uri=\"#{uri}\""                 if uri.present?
-                  header
-                else
-                  'Bearer'
+                self.realm ||= DEFAULT_REALM
+                header = response.header['WWW-Authenticate'] = "Bearer realm=\"#{realm}\""
+                if ErrorMethods::DEFAULT_DESCRIPTION.keys.include?(error)
+                  header << " error=\"#{error}\""
+                  header << " error_description=\"#{description}\"" if description.present?
+                  header << " error_uri=\"#{uri}\""                 if uri.present?
                 end
               end
             end

data/rack-oauth2.gemspec

@@ -3,7 +3,7 @@ Gem::Specification.new do |s|
   s.version = File.read("VERSION")
   s.required_rubygems_version = Gem::Requirement.new(">= 1.3.6") if s.respond_to? :required_rubygems_version=
   s.authors = ["nov matake"]
-  s.description = %q{Rack Middleware for OAuth2 server. Experimental OAuth2 client library is also included.}
+  s.description = %q{Rack Middleware for OAuth2 server. OAuth2 client library is also included.}
   s.summary = %q{Rack Middleware for OAuth2 server}
   s.email = "nov@matake.jp"
   s.extra_rdoc_files = ["LICENSE", "README.rdoc"]

data/spec/fake_response/token.json

@@ -1,4 +1,5 @@
 {
   "access_token":"access_token",
+  "token_type":"bearer",
   "expires_in":3600
 }

data/spec/rack/oauth2/client_spec.rb

@@ -67,6 +67,12 @@ describe Rack::OAuth2::Client do
     it { should be_instance_of Rack::OAuth2::Client::Grant::Password }
   end
 
+  describe '#refresh_token=' do
+    before  { client.refresh_token = 'refresh_token' }
+    subject { client.instance_variable_get('@grant') }
+    it { should be_instance_of Rack::OAuth2::Client::Grant::RefreshToken }
+  end
+
   describe '#access_token!' do
     before  do
       client.authorization_code = 'code'
@@ -79,6 +85,7 @@ describe Rack::OAuth2::Client do
     it do
       client.access_token!.should == {
         'access_token' => 'access_token',
+        'token_type' => 'bearer',
         'expires_in' => 3600
       }
     end

data/spec/rack/oauth2/server/resource/bearer/error_spec.rb

@@ -16,6 +16,7 @@ end
 
 describe Rack::OAuth2::Server::Resource::Bearer::Unauthorized do
   let(:error) { Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:invalid_token) }
+  let(:realm) { Rack::OAuth2::Server::Resource::Bearer::DEFAULT_REALM }
 
   it { should be_a Rack::OAuth2::Server::Abstract::Unauthorized }
   describe '#finish' do
@@ -23,7 +24,7 @@ describe Rack::OAuth2::Server::Resource::Bearer::Unauthorized do
       status, header, response = error.finish
       status.should == 401
       header['Content-Type'].should == 'application/json'
-      header['WWW-Authenticate'].should == 'Bearer error="invalid_token"'
+      header['WWW-Authenticate'].should == "Bearer realm=\"#{realm}\" error=\"invalid_token\""
       response.body.should == ['{"error":"invalid_token"}']
     end
   end
@@ -33,7 +34,18 @@ describe Rack::OAuth2::Server::Resource::Bearer::Unauthorized do
 
     it 'should have error_code in body but not in WWW-Authenticate header' do
       status, header, response = error.finish
-      header['WWW-Authenticate'].should == 'Bearer'
+      header['WWW-Authenticate'].should == "Bearer realm=\"#{realm}\""
+      response.body.first.should include '"error":"something"'
+    end
+  end
+
+  context 'when realm is specified' do
+    let(:realm) { 'server.example.com' }
+    let(:error) { Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:something, nil, :realm => realm) }
+
+    it 'should use given realm' do
+      status, header, response = error.finish
+      header['WWW-Authenticate'].should == "Bearer realm=\"#{realm}\""
       response.body.first.should include '"error":"something"'
     end
   end

data/spec/rack/oauth2/server/resource/bearer_spec.rb

@@ -59,7 +59,7 @@ describe Rack::OAuth2::Server::Resource::Bearer do
     end
 
     context 'when token is in params' do
-      let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:oauth_token => 'valid_token'}) }
+      let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:bearer_token => 'valid_token'}) }
       it_behaves_like :authenticated_request
     end
   end
@@ -71,7 +71,7 @@ describe Rack::OAuth2::Server::Resource::Bearer do
     end
 
     context 'when token is in params' do
-      let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:oauth_token => 'invalid_token'}) }
+      let(:env) { Rack::MockRequest.env_for('/protected_resource', :params => {:bearer_token => 'invalid_token'}) }
       it_behaves_like :unauthorized_request
     end
   end
@@ -82,7 +82,7 @@ describe Rack::OAuth2::Server::Resource::Bearer do
         Rack::MockRequest.env_for(
           '/protected_resource',
           'HTTP_AUTHORIZATION' => 'Bearer valid_token',
-          :params => {:oauth_token => 'valid_token'}
+          :params => {:bearer_token => 'valid_token'}
         )
       end
       it_behaves_like :bad_request
@@ -114,4 +114,28 @@ describe Rack::OAuth2::Server::Resource::Bearer do
       it_behaves_like :non_oauth2_request
     end
   end
+
+  describe 'realm' do
+    let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'Bearer invalid_token') }
+
+    context 'when specified' do
+      let(:realm) { 'server.example.com' }
+      let(:app) do
+        Rack::OAuth2::Server::Resource::Bearer.new(simple_app, realm) do |request|
+          request.unauthorized!
+        end
+      end
+      it 'should use specified realm' do
+        status, header, response = request
+        header['WWW-Authenticate'].should include "Bearer realm=\"#{realm}\""
+      end
+    end
+
+    context 'otherwize' do
+      it 'should use default realm' do
+        status, header, response = request
+        header['WWW-Authenticate'].should include "Bearer realm=\"#{Rack::OAuth2::Server::Resource::Bearer::DEFAULT_REALM}\""
+      end
+    end
+  end
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: rack-oauth2
 version: !ruby/object:Gem::Version 
-  hash: 3
+  hash: 11
   prerelease: 
   segments: 
   - 0
-  - 4
-  - 6
-  version: 0.4.6
+  - 5
+  - 0
+  version: 0.5.0
 platform: ruby
 authors: 
 - nov matake
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-03-26 00:00:00 +09:00
+date: 2011-04-01 00:00:00 +09:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -167,7 +167,7 @@ dependencies:
         version: "1.3"
   type: :development
   version_requirements: *id010
-description: Rack Middleware for OAuth2 server. Experimental OAuth2 client library is also included.
+description: Rack Middleware for OAuth2 server. OAuth2 client library is also included.
 email: nov@matake.jp
 executables: []