RubyGems - rack-oauth2 - Versions diffs - 0.8.3 → 0.8.4 - Mend

rack-oauth2 0.8.3 → 0.8.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

data/README.rdoc +2 -2
data/VERSION +1 -1
data/lib/rack/oauth2/server/abstract/error.rb +12 -0
data/lib/rack/oauth2/server/authorize.rb +1 -0
data/lib/rack/oauth2/server/authorize/error.rb +19 -3
data/lib/rack/oauth2/server/authorize/token.rb +5 -1
data/lib/rack/oauth2/server/token.rb +4 -1
data/lib/rack/oauth2/server/token/authorization_code.rb +2 -1
data/spec/rack/oauth2/server/authorize/token_spec.rb +17 -2
data/spec/rack/oauth2/server/token/authorization_code_spec.rb +8 -2
metadata +59 -3

data/README.rdoc CHANGED Viewed

@@ -3,8 +3,8 @@
 OAuth 2.0 Server & Client Library.
 Both Bearer and MAC token type are supported.
-The OAuth 2.0 Authorization Protocol (draft 15)
-http://tools.ietf.org/html/draft-ietf-oauth-v2-15
+The OAuth 2.0 Authorization Protocol (draft 18)
+http://tools.ietf.org/html/draft-ietf-oauth-v2-18
 The OAuth 2.0 Protocol: Bearer Tokens (draft 06)
 http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-06

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.8.3
1	+ 0.8.4

data/lib/rack/oauth2/server/abstract/error.rb CHANGED Viewed

@@ -51,6 +51,18 @@ module Rack
             super 403, error, description, options
           end
         end
+        class ServerError < Error
+          def initialize(error = :forbidden, description = nil, options = {})
+            super 500, error, description, options
+          end
+        end
+        class TemporarilyUnavailable < Error
+          def initialize(error = :forbidden, description = nil, options = {})
+            super 503, error, description, options
+          end
+        end
       end
     end
   end

data/lib/rack/oauth2/server/authorize.rb CHANGED Viewed

@@ -31,6 +31,7 @@ module Rack
             when ''
               attr_missing!
             else
+              # TODO: support extensions
               unsupported_response_type!
             end
           end

data/lib/rack/oauth2/server/authorize/error.rb CHANGED Viewed

@@ -2,8 +2,10 @@ module Rack
   module OAuth2
     module Server
       class Authorize
-        class BadRequest < Abstract::BadRequest
-          attr_accessor :redirect_uri, :state, :protocol_params_location
+        module ErrorHandler
+          def self.included(klass)
+            klass.send :attr_accessor, :redirect_uri, :state, :protocol_params_location
+          end
           def protocol_params
             super.merge(:state => state)
@@ -20,13 +22,27 @@ module Rack
           end
         end
+        class BadRequest < Abstract::BadRequest
+          include ErrorHandler
+        end
+        class ServerError < Abstract::ServerError
+          include ErrorHandler
+        end
+        class TemporarilyUnavailable < Abstract::TemporarilyUnavailable
+          include ErrorHandler
+        end
         module ErrorMethods
           DEFAULT_DESCRIPTION = {
             :invalid_request => "The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.",
             :unauthorized_client => "The client is not authorized to use the requested response type.",
             :access_denied => "The end-user or authorization server denied the request.",
             :unsupported_response_type => "The requested response type is not supported by the authorization server.",
-            :invalid_scope => "The requested scope is invalid, unknown, or malformed."
+            :invalid_scope => "The requested scope is invalid, unknown, or malformed.",
+            :server_error => "Internal Server Error",
+            :temporarily_unavailable => "Service Unavailable"
           }
           def self.included(klass)

data/lib/rack/oauth2/server/authorize/token.rb CHANGED Viewed

@@ -21,7 +21,11 @@ module Rack
             attr_required :access_token
             def protocol_params
-              super.merge access_token.token_response
+              super.merge(
+                access_token.token_response.delete_if do |k, v|
+                  k == :refresh_token
+                end
+              )
             end
             def protocol_params_location

data/lib/rack/oauth2/server/token.rb CHANGED Viewed

@@ -40,6 +40,7 @@ module Rack
             when ''
               attr_missing!
             else
+              # TODO: support extensions
               unsupported_grant_type!("'#{params['grant_type']}' isn't supported.")
             end
           end
@@ -55,7 +56,9 @@ module Rack
           def finish
             attr_missing!
             write Util.compact_hash(protocol_params).to_json
-            header['Content-Type'] = "application/json"
+            header['Content-Type'] = 'application/json'
+            header['Cache-Control'] = 'no-store'
+            header['Pragma'] = 'no-cache'
             super
           end
         end

data/lib/rack/oauth2/server/token/authorization_code.rb CHANGED Viewed

@@ -10,7 +10,8 @@ module Rack
           end
           class Request < Token::Request
-            attr_required :code, :redirect_uri
+            attr_required :code
+            attr_optional :redirect_uri
             def initialize(env)
               super

data/spec/rack/oauth2/server/authorize/token_spec.rb CHANGED Viewed

@@ -7,10 +7,11 @@ describe Rack::OAuth2::Server::Authorize::Token do
   let(:response)     { request.get("/?response_type=token&client_id=client&redirect_uri=#{redirect_uri}") }
   context "when approved" do
+    let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token) }
     let :app do
       Rack::OAuth2::Server::Authorize.new do |request, response|
         response.redirect_uri = redirect_uri
-        response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token)
+        response.access_token = bearer_token
         response.approve!
       end
     end
@@ -20,10 +21,24 @@ describe Rack::OAuth2::Server::Authorize::Token do
       response.location.should == "#{redirect_uri}#access_token=#{access_token}&token_type=bearer"
     end
+    context 'when refresh_token is given' do
+      let :bearer_token do
+        Rack::OAuth2::AccessToken::Bearer.new(
+          :access_token => access_token,
+          :refresh_token => 'refresh'
+        )
+      end
+      it 'should remove refresh_token from response' do
+        response.status.should == 302
+        response.location.should == "#{redirect_uri}#access_token=#{access_token}&token_type=bearer"
+      end
+    end
     context 'when redirect_uri is missing' do
       let :app do
         Rack::OAuth2::Server::Authorize.new do |request, response|
-          response.access_token = Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token)
+          response.access_token = bearer_token
           response.approve!
         end
       end

data/spec/rack/oauth2/server/token/authorization_code_spec.rb CHANGED Viewed

@@ -15,14 +15,20 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
       :redirect_uri => 'http://client.example.com/callback'
     }
   end
-  subject { request.post('/', :params => params) }
+  let(:response) { request.post('/', :params => params) }
+  subject { response }
   its(:status)       { should == 200 }
   its(:content_type) { should == 'application/json' }
   its(:body)         { should include '"access_token":"access_token"' }
   its(:body)         { should include '"token_type":"bearer"' }
-  [:code, :redirect_uri].each do |required|
+  it 'should prevent to be cached' do
+    response.header['Cache-Control'].should == 'no-store'
+    response.header['Pragma'].should == 'no-cache'
+  end
+  [:code].each do |required|
     context "when #{required} is missing" do
       before do
         params.delete_if do |key, value|

metadata CHANGED Viewed

@@ -1,8 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: rack-oauth2
 version: !ruby/object:Gem::Version
+  hash: 55
   prerelease:
-  version: 0.8.3
+  segments:
+  - 0
+  - 8
+  - 4
+  version: 0.8.4
 platform: ruby
 authors:
 - nov matake
@@ -10,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
-date: 2011-06-28 00:00:00 Z
+date: 2011-07-15 00:00:00 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -20,6 +25,10 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 13
+        segments:
+        - 1
+        - 1
         version: "1.1"
   type: :runtime
   version_requirements: *id001
@@ -31,6 +40,11 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 1
+        segments:
+        - 1
+        - 4
+        - 3
         version: 1.4.3
   type: :runtime
   version_requirements: *id002
@@ -42,6 +56,12 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 123
+        segments:
+        - 2
+        - 2
+        - 0
+        - 2
         version: 2.2.0.2
   type: :runtime
   version_requirements: *id003
@@ -53,6 +73,10 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 5
+        segments:
+        - 2
+        - 3
         version: "2.3"
   type: :runtime
   version_requirements: *id004
@@ -64,6 +88,9 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 3
+        segments:
+        - 0
         version: "0"
   type: :runtime
   version_requirements: *id005
@@ -75,6 +102,11 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 25
+        segments:
+        - 0
+        - 0
+        - 3
         version: 0.0.3
   type: :runtime
   version_requirements: *id006
@@ -86,6 +118,10 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 27
+        segments:
+        - 0
+        - 8
         version: "0.8"
   type: :development
   version_requirements: *id007
@@ -97,6 +133,10 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 25
+        segments:
+        - 0
+        - 9
         version: "0.9"
   type: :development
   version_requirements: *id008
@@ -108,6 +148,9 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 7
+        segments:
+        - 2
         version: "2"
   type: :development
   version_requirements: *id009
@@ -119,6 +162,11 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
+        hash: 11
+        segments:
+        - 1
+        - 6
+        - 2
         version: 1.6.2
   type: :development
   version_requirements: *id010
@@ -233,17 +281,25 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
+      hash: 3
+      segments:
+      - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
+      hash: 23
+      segments:
+      - 1
+      - 3
+      - 6
       version: 1.3.6
 requirements: []
 rubyforge_project:
-rubygems_version: 1.7.2
+rubygems_version: 1.8.5
 signing_key:
 specification_version: 3
 summary: OAuth 2.0 Server & Client Library - Both Bearer and MAC token type are supported