rack-oauth2 0.6.0.alpha → 0.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/VERSION +1 -1
- data/lib/rack/oauth2/access_token/bearer.rb +1 -1
- data/lib/rack/oauth2/access_token/mac.rb +1 -1
- data/lib/rack/oauth2/server/authorize/token.rb +2 -8
- data/spec/rack/oauth2/access_token/bearer_spec.rb +2 -2
- data/spec/rack/oauth2/access_token/mac_spec.rb +4 -4
- data/spec/rack/oauth2/server/authorize/token_spec.rb +3 -21
- metadata +3 -4
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.6.0
|
1
|
+
0.6.0
|
@@ -84,7 +84,7 @@ module Rack
|
|
84
84
|
:query => Rack::Utils.parse_nested_query(_url_.query)
|
85
85
|
)
|
86
86
|
self.signature = _signature_.calculate
|
87
|
-
headers.merge(:
|
87
|
+
headers.merge(:AUTHORIZATION => authorization_header)
|
88
88
|
end
|
89
89
|
|
90
90
|
def authorization_header
|
@@ -18,16 +18,10 @@ module Rack
|
|
18
18
|
end
|
19
19
|
|
20
20
|
class Response < Authorize::Response
|
21
|
-
attr_required :access_token
|
22
|
-
attr_optional :expires_in, :scope
|
21
|
+
attr_required :access_token
|
23
22
|
|
24
23
|
def protocol_params
|
25
|
-
super.merge
|
26
|
-
:access_token => access_token,
|
27
|
-
:token_type => token_type,
|
28
|
-
:expires_in => expires_in,
|
29
|
-
:scope => Array(scope).join(' ')
|
30
|
-
)
|
24
|
+
super.merge access_token.token_response
|
31
25
|
end
|
32
26
|
|
33
27
|
def protocol_params_location
|
@@ -17,7 +17,7 @@ describe Rack::OAuth2::AccessToken::Bearer do
|
|
17
17
|
it 'should have Bearer Authorization header' do
|
18
18
|
RestClient.should_receive(method).with(
|
19
19
|
resource_endpoint,
|
20
|
-
:
|
20
|
+
:AUTHORIZATION => 'Bearer access_token'
|
21
21
|
)
|
22
22
|
token.send method, resource_endpoint
|
23
23
|
end
|
@@ -34,7 +34,7 @@ describe Rack::OAuth2::AccessToken::Bearer do
|
|
34
34
|
RestClient.should_receive(method).with(
|
35
35
|
resource_endpoint,
|
36
36
|
{:key => :value},
|
37
|
-
{:
|
37
|
+
{:AUTHORIZATION => 'Bearer access_token'}
|
38
38
|
)
|
39
39
|
token.send method, resource_endpoint, {:key => :value}
|
40
40
|
end
|
@@ -37,7 +37,7 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
37
37
|
Time.fix(Time.at(1302361200)) do
|
38
38
|
RestClient.should_receive(:get).with(
|
39
39
|
resource_endpoint,
|
40
|
-
:
|
40
|
+
:AUTHORIZATION => "MAC token=\"access_token\" timestamp=\"1302361200\" nonce=\"51e74de734c05613f37520872e68db5f\" signature=\"yYDSkZMrEbOOqj0anHNLA9ougNA+lxU0zmPiMSPtmJ8=\""
|
41
41
|
)
|
42
42
|
token.get resource_endpoint
|
43
43
|
end
|
@@ -50,7 +50,7 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
50
50
|
RestClient.should_receive(:post).with(
|
51
51
|
resource_endpoint,
|
52
52
|
{:key => :value},
|
53
|
-
{:
|
53
|
+
{:AUTHORIZATION => "MAC token=\"access_token\" timestamp=\"1302361200\" nonce=\"51e74de734c05613f37520872e68db5f\" bodyhash=\"Vj8DVxGNBe8UXWvd8pZswj6Gyo8vAT+RXlZa/fCfeiM=\" signature=\"xRvIiA+rmjhPjULVpyCCgiHEsOkLEHZik4ZaB+cyqgk=\""}
|
54
54
|
)
|
55
55
|
token.post resource_endpoint, :key => :value
|
56
56
|
end
|
@@ -63,7 +63,7 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
63
63
|
RestClient.should_receive(:put).with(
|
64
64
|
resource_endpoint,
|
65
65
|
{:key => :value},
|
66
|
-
{:
|
66
|
+
{:AUTHORIZATION => "MAC token=\"access_token\" timestamp=\"1302361200\" nonce=\"51e74de734c05613f37520872e68db5f\" bodyhash=\"Vj8DVxGNBe8UXWvd8pZswj6Gyo8vAT+RXlZa/fCfeiM=\" signature=\"2lWgkUCtD9lNBlDi5fe9eVDwEwbxfLGAqjgykaSV1ww=\""}
|
67
67
|
)
|
68
68
|
token.put resource_endpoint, :key => :value
|
69
69
|
end
|
@@ -75,7 +75,7 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
75
75
|
Time.fix(Time.at(1302361200)) do
|
76
76
|
RestClient.should_receive(:delete).with(
|
77
77
|
resource_endpoint,
|
78
|
-
:
|
78
|
+
:AUTHORIZATION => "MAC token=\"access_token\" timestamp=\"1302361200\" nonce=\"51e74de734c05613f37520872e68db5f\" signature=\"PX2GhHuo5yYNEs51e4Zlllw8itQ4Te0v+6ZuRCK7k+s=\""
|
79
79
|
)
|
80
80
|
token.delete resource_endpoint
|
81
81
|
end
|
@@ -4,29 +4,26 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
4
4
|
let(:request) { Rack::MockRequest.new app }
|
5
5
|
let(:redirect_uri) { 'http://client.example.com/callback' }
|
6
6
|
let(:access_token) { 'access_token' }
|
7
|
-
let(:token_type) { 'bearer' }
|
8
7
|
let(:response) { request.get("/?response_type=token&client_id=client&redirect_uri=#{redirect_uri}") }
|
9
8
|
|
10
9
|
context "when approved" do
|
11
10
|
let :app do
|
12
11
|
Rack::OAuth2::Server::Authorize.new do |request, response|
|
13
12
|
response.redirect_uri = redirect_uri
|
14
|
-
response.access_token = access_token
|
15
|
-
response.token_type = token_type
|
13
|
+
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token)
|
16
14
|
response.approve!
|
17
15
|
end
|
18
16
|
end
|
19
17
|
|
20
18
|
it 'should redirect with authorization code in fragment' do
|
21
19
|
response.status.should == 302
|
22
|
-
response.location.should == "#{redirect_uri}#access_token=#{access_token}&token_type
|
20
|
+
response.location.should == "#{redirect_uri}#access_token=#{access_token}&token_type=bearer"
|
23
21
|
end
|
24
22
|
|
25
23
|
context 'when redirect_uri is missing' do
|
26
24
|
let :app do
|
27
25
|
Rack::OAuth2::Server::Authorize.new do |request, response|
|
28
|
-
response.access_token = access_token
|
29
|
-
response.token_type = token_type
|
26
|
+
response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token)
|
30
27
|
response.approve!
|
31
28
|
end
|
32
29
|
end
|
@@ -39,7 +36,6 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
39
36
|
let :app do
|
40
37
|
Rack::OAuth2::Server::Authorize.new do |request, response|
|
41
38
|
response.redirect_uri = redirect_uri
|
42
|
-
response.token_type = token_type
|
43
39
|
response.approve!
|
44
40
|
end
|
45
41
|
end
|
@@ -47,20 +43,6 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
47
43
|
expect { response }.should raise_error AttrRequired::AttrMissing
|
48
44
|
end
|
49
45
|
end
|
50
|
-
|
51
|
-
context 'when token_type is missing' do
|
52
|
-
let :app do
|
53
|
-
Rack::OAuth2::Server::Authorize.new do |request, response|
|
54
|
-
response.redirect_uri = redirect_uri
|
55
|
-
response.access_token = access_token
|
56
|
-
response.approve!
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
it do
|
61
|
-
expect { response }.should raise_error AttrRequired::AttrMissing
|
62
|
-
end
|
63
|
-
end
|
64
46
|
end
|
65
47
|
|
66
48
|
context 'when denied' do
|
metadata
CHANGED
@@ -1,14 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
5
|
-
prerelease:
|
4
|
+
hash: 7
|
5
|
+
prerelease:
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 6
|
9
9
|
- 0
|
10
|
-
|
11
|
-
version: 0.6.0.alpha
|
10
|
+
version: 0.6.0
|
12
11
|
platform: ruby
|
13
12
|
authors:
|
14
13
|
- nov matake
|