rack-oauth2 0.5.1 → 0.6.0.alpha

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. data/VERSION +1 -1
  2. data/lib/rack/oauth2.rb +2 -1
  3. data/lib/rack/oauth2/access_token.rb +30 -0
  4. data/lib/rack/oauth2/access_token/bearer.rb +29 -0
  5. data/lib/rack/oauth2/access_token/mac.rb +109 -0
  6. data/lib/rack/oauth2/access_token/mac/body_hash.rb +15 -0
  7. data/lib/rack/oauth2/access_token/mac/signature.rb +49 -0
  8. data/lib/rack/oauth2/access_token/mac/verifier.rb +43 -0
  9. data/lib/rack/oauth2/server/authorize/code.rb +0 -1
  10. data/lib/rack/oauth2/server/resource.rb +55 -1
  11. data/lib/rack/oauth2/server/resource/bearer.rb +12 -39
  12. data/lib/rack/oauth2/server/resource/bearer/error.rb +5 -60
  13. data/lib/rack/oauth2/server/resource/error.rb +81 -0
  14. data/lib/rack/oauth2/server/resource/mac.rb +39 -0
  15. data/lib/rack/oauth2/server/resource/mac/error.rb +24 -0
  16. data/lib/rack/oauth2/server/token.rb +3 -10
  17. data/lib/rack/oauth2/server/token/refresh_token.rb +0 -2
  18. data/lib/rack/oauth2/util.rb +10 -0
  19. data/spec/fake_response/facebook_token_response.txt +1 -0
  20. data/spec/fake_response/resources/fake.txt +1 -0
  21. data/spec/helpers/time.rb +19 -0
  22. data/spec/rack/oauth2/access_token/bearer_spec.rb +43 -0
  23. data/spec/rack/oauth2/access_token/mac/verifier_spec.rb +23 -0
  24. data/spec/rack/oauth2/access_token/mac_spec.rb +163 -0
  25. data/spec/rack/oauth2/access_token_spec.rb +48 -0
  26. data/spec/rack/oauth2/client_spec.rb +18 -6
  27. data/spec/rack/oauth2/server/resource/bearer/error_spec.rb +9 -87
  28. data/spec/rack/oauth2/server/resource/bearer_spec.rb +40 -69
  29. data/spec/rack/oauth2/server/resource/error_spec.rb +147 -0
  30. data/spec/rack/oauth2/server/resource/mac/error_spec.rb +52 -0
  31. data/spec/rack/oauth2/server/resource/mac_spec.rb +92 -0
  32. data/spec/rack/oauth2/server/resource_spec.rb +23 -0
  33. data/spec/rack/oauth2/server/token/authorization_code_spec.rb +1 -2
  34. data/spec/rack/oauth2/server/token/client_credentials_spec.rb +1 -2
  35. data/spec/rack/oauth2/server/token/password_spec.rb +1 -2
  36. data/spec/rack/oauth2/server/token/refresh_token_spec.rb +1 -2
  37. data/spec/rack/oauth2/server/token_spec.rb +1 -2
  38. data/spec/rack/oauth2/util_spec.rb +10 -0
  39. data/spec/spec_helper.rb +1 -0
  40. metadata +38 -6
@@ -0,0 +1,52 @@
1
+ require 'spec_helper.rb'
2
+
3
+ describe Rack::OAuth2::Server::Resource::MAC::Unauthorized do
4
+ let(:error) { Rack::OAuth2::Server::Resource::MAC::Unauthorized.new(:invalid_token) }
5
+
6
+ it { should be_a Rack::OAuth2::Server::Resource::Unauthorized }
7
+
8
+ describe '#scheme' do
9
+ subject { error }
10
+ its(:scheme) { should == :MAC }
11
+ end
12
+
13
+ describe '#finish' do
14
+ it 'should use MAC scheme' do
15
+ status, header, response = error.finish
16
+ header['WWW-Authenticate'].should =~ /^MAC /
17
+ end
18
+ end
19
+ end
20
+
21
+ describe Rack::OAuth2::Server::Resource::MAC::ErrorMethods do
22
+ let(:unauthorized) { Rack::OAuth2::Server::Resource::MAC::Unauthorized }
23
+ let(:redirect_uri) { 'http://client.example.com/callback' }
24
+ let(:default_description) { Rack::OAuth2::Server::Resource::ErrorMethods::DEFAULT_DESCRIPTION }
25
+ let(:env) { Rack::MockRequest.env_for("/authorize?client_id=client_id") }
26
+ let(:request) { Rack::OAuth2::Server::Resource::MAC::Request.new env }
27
+
28
+ describe 'unauthorized!' do
29
+ it do
30
+ expect { request.unauthorized! :invalid_client }.should raise_error unauthorized
31
+ end
32
+ end
33
+
34
+ Rack::OAuth2::Server::Resource::Bearer::ErrorMethods::DEFAULT_DESCRIPTION.keys.each do |error_code|
35
+ method = "#{error_code}!"
36
+ case error_code
37
+ when :invalid_request
38
+ # ignore
39
+ when :insufficient_scope
40
+ # ignore
41
+ else
42
+ describe method do
43
+ it "should raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized with error = :#{error_code}" do
44
+ expect { request.send method }.should raise_error(unauthorized) { |error|
45
+ error.error.should == error_code
46
+ error.description.should == default_description[error_code]
47
+ }
48
+ end
49
+ end
50
+ end
51
+ end
52
+ end
@@ -0,0 +1,92 @@
1
+ require 'spec_helper.rb'
2
+
3
+ describe Rack::OAuth2::Server::Resource::MAC do
4
+ let(:app) do
5
+ Rack::OAuth2::Server::Resource::MAC.new(simple_app) do |request|
6
+ case request.access_token
7
+ when 'valid_token'
8
+ # nothing to do
9
+ when 'insufficient_scope_token'
10
+ request.insufficient_scope!
11
+ else
12
+ request.invalid_token!
13
+ end
14
+ end
15
+ end
16
+ let(:access_token) { env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN] }
17
+ let(:request) { app.call(env) }
18
+ subject { app.call(env) }
19
+
20
+ shared_examples_for :non_mac_request do
21
+ it 'should skip OAuth 2.0 authentication' do
22
+ status, header, response = request
23
+ status.should == 200
24
+ access_token.should be_nil
25
+ end
26
+ end
27
+ shared_examples_for :authenticated_mac_request do
28
+ it 'should be authenticated' do
29
+ status, header, response = request
30
+ status.should == 200
31
+ access_token.should == 'valid_token'
32
+ end
33
+ end
34
+ shared_examples_for :unauthorized_mac_request do
35
+ it 'should be unauthorized' do
36
+ status, header, response = request
37
+ status.should == 401
38
+ header['WWW-Authenticate'].should include 'MAC'
39
+ access_token.should be_nil
40
+ end
41
+ end
42
+ shared_examples_for :bad_mac_request do
43
+ it 'should be unauthorized' do
44
+ status, header, response = request
45
+ status.should == 400
46
+ access_token.should be_nil
47
+ end
48
+ end
49
+
50
+ context 'when no access token is given' do
51
+ let(:env) { Rack::MockRequest.env_for('/protected_resource') }
52
+ it 'should skip OAuth 2.0 authentication' do
53
+ status, header, response = request
54
+ status.should == 200
55
+ access_token.should be_nil
56
+ end
57
+ end
58
+
59
+ context 'when valid_token is given' do
60
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="valid_token"') }
61
+ it_behaves_like :authenticated_mac_request
62
+ end
63
+
64
+ context 'when invalid_token is given' do
65
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="invalid_token"') }
66
+ it_behaves_like :unauthorized_mac_request
67
+
68
+ describe 'realm' do
69
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="invalid_token"') }
70
+
71
+ context 'when specified' do
72
+ let(:realm) { 'server.example.com' }
73
+ let(:app) do
74
+ Rack::OAuth2::Server::Resource::MAC.new(simple_app, realm) do |request|
75
+ request.unauthorized!
76
+ end
77
+ end
78
+ it 'should use specified realm' do
79
+ status, header, response = request
80
+ header['WWW-Authenticate'].should include "MAC realm=\"#{realm}\""
81
+ end
82
+ end
83
+
84
+ context 'otherwize' do
85
+ it 'should use default realm' do
86
+ status, header, response = request
87
+ header['WWW-Authenticate'].should include "MAC realm=\"#{Rack::OAuth2::Server::Resource::DEFAULT_REALM}\""
88
+ end
89
+ end
90
+ end
91
+ end
92
+ end
@@ -0,0 +1,23 @@
1
+ require 'spec_helper.rb'
2
+
3
+ describe Rack::OAuth2::Server::Resource do
4
+ subject { Rack::OAuth2::Server::Resource.new(simple_app, 'realm') }
5
+ its(:realm) { should == 'realm' }
6
+ end
7
+
8
+ describe Rack::OAuth2::Server::Resource::Request do
9
+ let(:env) { Rack::MockRequest.env_for('/protected_resource') }
10
+ let(:request) { Rack::OAuth2::Server::Resource::Request.new(env) }
11
+
12
+ describe '#setup!' do
13
+ it do
14
+ expect { request.setup! }.should raise_error(RuntimeError, 'Define me!')
15
+ end
16
+ end
17
+
18
+ describe '#oauth2?' do
19
+ it do
20
+ expect { request.oauth2? }.should raise_error(RuntimeError, 'Define me!')
21
+ end
22
+ end
23
+ end
@@ -4,8 +4,7 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
4
4
  let(:request) { Rack::MockRequest.new app }
5
5
  let(:app) do
6
6
  Rack::OAuth2::Server::Token.new do |request, response|
7
- response.access_token = 'access_token'
8
- response.token_type = :bearer
7
+ response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
9
8
  end
10
9
  end
11
10
  let(:params) do
@@ -4,8 +4,7 @@ describe Rack::OAuth2::Server::Token::ClientCredentials do
4
4
  let(:request) { Rack::MockRequest.new app }
5
5
  let(:app) do
6
6
  Rack::OAuth2::Server::Token.new do |request, response|
7
- response.access_token = 'access_token'
8
- response.token_type = :bearer
7
+ response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
9
8
  end
10
9
  end
11
10
  let(:params) do
@@ -4,8 +4,7 @@ describe Rack::OAuth2::Server::Token::Password do
4
4
  let(:request) { Rack::MockRequest.new app }
5
5
  let(:app) do
6
6
  Rack::OAuth2::Server::Token.new do |request, response|
7
- response.access_token = 'access_token'
8
- response.token_type = :bearer
7
+ response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
9
8
  end
10
9
  end
11
10
  let(:params) do
@@ -4,8 +4,7 @@ describe Rack::OAuth2::Server::Token::RefreshToken do
4
4
  let(:request) { Rack::MockRequest.new app }
5
5
  let(:app) do
6
6
  Rack::OAuth2::Server::Token.new do |request, response|
7
- response.access_token = 'access_token'
8
- response.token_type = :bearer
7
+ response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
9
8
  end
10
9
  end
11
10
  let(:params) do
@@ -5,8 +5,7 @@ describe Rack::OAuth2::Server::Token do
5
5
  let(:request) { Rack::MockRequest.new app }
6
6
  let(:app) do
7
7
  Rack::OAuth2::Server::Token.new do |request, response|
8
- response.access_token = 'access_token'
9
- response.token_type = :bearer
8
+ response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => 'access_token')
10
9
  end
11
10
  end
12
11
  let(:params) do
@@ -9,6 +9,16 @@ describe Rack::OAuth2::Util do
9
9
  'http://client.example.com/callback'
10
10
  end
11
11
 
12
+ describe '.rfc3986_encode' do
13
+ subject { util.rfc3986_encode '=+ .-/' }
14
+ it { should == '%3D%2B%20.-%2F' }
15
+ end
16
+
17
+ describe '.base64_encode' do
18
+ subject { util.base64_encode '=+ .-/' }
19
+ it { should == 'PSsgLi0v' }
20
+ end
21
+
12
22
  describe '.compact_hash' do
13
23
  subject { util.compact_hash :k1 => 'v1', :k2 => '', :k3 => nil }
14
24
  it { should == {:k1 => 'v1'} }
@@ -4,6 +4,7 @@ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
4
4
  require 'rack/oauth2'
5
5
  require 'rspec'
6
6
  require 'fakeweb'
7
+ require 'helpers/time'
7
8
 
8
9
  def simple_app
9
10
  lambda do |env|
metadata CHANGED
@@ -1,13 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
- hash: 9
5
- prerelease:
4
+ hash: -1851332210
5
+ prerelease: 6
6
6
  segments:
7
7
  - 0
8
- - 5
9
- - 1
10
- version: 0.5.1
8
+ - 6
9
+ - 0
10
+ - alpha
11
+ version: 0.6.0.alpha
11
12
  platform: ruby
12
13
  authors:
13
14
  - nov matake
@@ -15,7 +16,7 @@ autorequire:
15
16
  bindir: bin
16
17
  cert_chain: []
17
18
 
18
- date: 2011-04-15 00:00:00 +09:00
19
+ date: 2011-04-20 00:00:00 +09:00
19
20
  default_executable:
20
21
  dependencies:
21
22
  - !ruby/object:Gem::Dependency
@@ -186,6 +187,12 @@ files:
186
187
  - Rakefile
187
188
  - VERSION
188
189
  - lib/rack/oauth2.rb
190
+ - lib/rack/oauth2/access_token.rb
191
+ - lib/rack/oauth2/access_token/bearer.rb
192
+ - lib/rack/oauth2/access_token/mac.rb
193
+ - lib/rack/oauth2/access_token/mac/body_hash.rb
194
+ - lib/rack/oauth2/access_token/mac/signature.rb
195
+ - lib/rack/oauth2/access_token/mac/verifier.rb
189
196
  - lib/rack/oauth2/client.rb
190
197
  - lib/rack/oauth2/client/error.rb
191
198
  - lib/rack/oauth2/client/grant.rb
@@ -206,6 +213,9 @@ files:
206
213
  - lib/rack/oauth2/server/resource.rb
207
214
  - lib/rack/oauth2/server/resource/bearer.rb
208
215
  - lib/rack/oauth2/server/resource/bearer/error.rb
216
+ - lib/rack/oauth2/server/resource/error.rb
217
+ - lib/rack/oauth2/server/resource/mac.rb
218
+ - lib/rack/oauth2/server/resource/mac/error.rb
209
219
  - lib/rack/oauth2/server/token.rb
210
220
  - lib/rack/oauth2/server/token/authorization_code.rb
211
221
  - lib/rack/oauth2/server/token/client_credentials.rb
@@ -214,8 +224,15 @@ files:
214
224
  - lib/rack/oauth2/server/token/refresh_token.rb
215
225
  - lib/rack/oauth2/util.rb
216
226
  - rack-oauth2.gemspec
227
+ - spec/fake_response/facebook_token_response.txt
217
228
  - spec/fake_response/invalid_request.json
229
+ - spec/fake_response/resources/fake.txt
218
230
  - spec/fake_response/token.json
231
+ - spec/helpers/time.rb
232
+ - spec/rack/oauth2/access_token/bearer_spec.rb
233
+ - spec/rack/oauth2/access_token/mac/verifier_spec.rb
234
+ - spec/rack/oauth2/access_token/mac_spec.rb
235
+ - spec/rack/oauth2/access_token_spec.rb
219
236
  - spec/rack/oauth2/client/error_spec.rb
220
237
  - spec/rack/oauth2/client_spec.rb
221
238
  - spec/rack/oauth2/server/abstract/error_spec.rb
@@ -225,6 +242,10 @@ files:
225
242
  - spec/rack/oauth2/server/authorize_spec.rb
226
243
  - spec/rack/oauth2/server/resource/bearer/error_spec.rb
227
244
  - spec/rack/oauth2/server/resource/bearer_spec.rb
245
+ - spec/rack/oauth2/server/resource/error_spec.rb
246
+ - spec/rack/oauth2/server/resource/mac/error_spec.rb
247
+ - spec/rack/oauth2/server/resource/mac_spec.rb
248
+ - spec/rack/oauth2/server/resource_spec.rb
228
249
  - spec/rack/oauth2/server/token/authorization_code_spec.rb
229
250
  - spec/rack/oauth2/server/token/client_credentials_spec.rb
230
251
  - spec/rack/oauth2/server/token/error_spec.rb
@@ -270,8 +291,15 @@ signing_key:
270
291
  specification_version: 3
271
292
  summary: Rack Middleware for OAuth2 server
272
293
  test_files:
294
+ - spec/fake_response/facebook_token_response.txt
273
295
  - spec/fake_response/invalid_request.json
296
+ - spec/fake_response/resources/fake.txt
274
297
  - spec/fake_response/token.json
298
+ - spec/helpers/time.rb
299
+ - spec/rack/oauth2/access_token/bearer_spec.rb
300
+ - spec/rack/oauth2/access_token/mac/verifier_spec.rb
301
+ - spec/rack/oauth2/access_token/mac_spec.rb
302
+ - spec/rack/oauth2/access_token_spec.rb
275
303
  - spec/rack/oauth2/client/error_spec.rb
276
304
  - spec/rack/oauth2/client_spec.rb
277
305
  - spec/rack/oauth2/server/abstract/error_spec.rb
@@ -281,6 +309,10 @@ test_files:
281
309
  - spec/rack/oauth2/server/authorize_spec.rb
282
310
  - spec/rack/oauth2/server/resource/bearer/error_spec.rb
283
311
  - spec/rack/oauth2/server/resource/bearer_spec.rb
312
+ - spec/rack/oauth2/server/resource/error_spec.rb
313
+ - spec/rack/oauth2/server/resource/mac/error_spec.rb
314
+ - spec/rack/oauth2/server/resource/mac_spec.rb
315
+ - spec/rack/oauth2/server/resource_spec.rb
284
316
  - spec/rack/oauth2/server/token/authorization_code_spec.rb
285
317
  - spec/rack/oauth2/server/token/client_credentials_spec.rb
286
318
  - spec/rack/oauth2/server/token/error_spec.rb