rack-oauth2 0.9.5 → 0.10.0.alpha
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile.lock +1 -2
- data/VERSION +1 -1
- data/lib/rack/oauth2/server/authorize.rb +9 -4
- data/lib/rack/oauth2/util.rb +7 -2
- data/spec/rack/oauth2/server/authorize_spec.rb +52 -4
- metadata +3 -3
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
rack-oauth2 (0.9.
|
|
4
|
+
rack-oauth2 (0.9.5)
|
|
5
5
|
activesupport (>= 2.3)
|
|
6
6
|
attr_required (>= 0.0.3)
|
|
7
7
|
httpclient (>= 2.2.0.2)
|
|
@@ -24,7 +24,6 @@ GEM
|
|
|
24
24
|
jruby-openssl (0.7.4)
|
|
25
25
|
bouncy-castle-java
|
|
26
26
|
json (1.5.4)
|
|
27
|
-
json (1.5.4-java)
|
|
28
27
|
multi_json (1.0.3)
|
|
29
28
|
rack (1.3.2)
|
|
30
29
|
rake (0.9.2)
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.10.0.alpha
|
|
@@ -46,15 +46,20 @@ module Rack
|
|
|
46
46
|
@state = params['state']
|
|
47
47
|
end
|
|
48
48
|
|
|
49
|
-
def verify_redirect_uri!(pre_registered)
|
|
49
|
+
def verify_redirect_uri!(pre_registered, allow_partial_match = false)
|
|
50
50
|
@verified_redirect_uri = if redirect_uri.present?
|
|
51
|
-
|
|
51
|
+
verified = Array(pre_registered).any? do |_pre_registered_|
|
|
52
|
+
Util.uri_match?(_pre_registered_, redirect_uri, allow_partial_match)
|
|
53
|
+
end
|
|
54
|
+
if verified
|
|
52
55
|
redirect_uri
|
|
53
56
|
else
|
|
54
|
-
bad_request!
|
|
57
|
+
bad_request! 'Invalid redirect_uri is given'
|
|
55
58
|
end
|
|
56
|
-
|
|
59
|
+
elsif pre_registered.present?
|
|
57
60
|
pre_registered
|
|
61
|
+
else
|
|
62
|
+
bad_request! 'No redirect_uri is given'
|
|
58
63
|
end
|
|
59
64
|
self.verified_redirect_uri.to_s
|
|
60
65
|
end
|
data/lib/rack/oauth2/util.rb
CHANGED
|
@@ -40,14 +40,19 @@ module Rack
|
|
|
40
40
|
redirect_uri.to_s
|
|
41
41
|
end
|
|
42
42
|
|
|
43
|
-
def uri_match?(base, given)
|
|
43
|
+
def uri_match?(base, given, allow_partial_match = true)
|
|
44
44
|
base = parse_uri(base)
|
|
45
45
|
given = parse_uri(given)
|
|
46
46
|
base.path = '/' if base.path.blank?
|
|
47
47
|
given.path = '/' if given.path.blank?
|
|
48
|
+
path_match = if allow_partial_match
|
|
49
|
+
/^#{base.path}/ =~ given.path
|
|
50
|
+
else
|
|
51
|
+
base.path == given.path
|
|
52
|
+
end
|
|
48
53
|
[:scheme, :host, :port].all? do |key|
|
|
49
54
|
base.send(key) == given.send(key)
|
|
50
|
-
end &&
|
|
55
|
+
end && path_match
|
|
51
56
|
rescue
|
|
52
57
|
false
|
|
53
58
|
end
|
|
@@ -42,25 +42,73 @@ describe Rack::OAuth2::Server::Authorize do
|
|
|
42
42
|
describe Rack::OAuth2::Server::Authorize::Request do
|
|
43
43
|
let(:env) { Rack::MockRequest.env_for("/authorize?client_id=client&redirect_uri=#{redirect_uri}") }
|
|
44
44
|
let(:request) { Rack::OAuth2::Server::Authorize::Request.new env }
|
|
45
|
-
let(:pre_registered) { 'http://client.example.com' }
|
|
46
45
|
|
|
47
46
|
describe '#varified_redirect_uri' do
|
|
48
|
-
context 'when
|
|
49
|
-
|
|
47
|
+
context 'when an Array of pre-registered URIs are given' do
|
|
48
|
+
context 'when given redirect_uri is valid against one of them' do
|
|
49
|
+
let :pre_registered do
|
|
50
|
+
[
|
|
51
|
+
redirect_uri,
|
|
52
|
+
'http://ja.client.example.com/callback',
|
|
53
|
+
'http://en.client.example.com/callback'
|
|
54
|
+
]
|
|
55
|
+
end
|
|
56
|
+
it 'should be valid' do
|
|
57
|
+
request.verify_redirect_uri!(pre_registered).should == redirect_uri
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
context 'otherwise' do
|
|
62
|
+
let :pre_registered do
|
|
63
|
+
[
|
|
64
|
+
'http://ja.client.example.com/callback',
|
|
65
|
+
'http://en.client.example.com/callback'
|
|
66
|
+
]
|
|
67
|
+
end
|
|
68
|
+
it do
|
|
69
|
+
expect do
|
|
70
|
+
request.verify_redirect_uri!(pre_registered)
|
|
71
|
+
end.should raise_error Rack::OAuth2::Server::Authorize::BadRequest
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
context 'when exact mathed redirect_uri is given' do
|
|
77
|
+
let(:pre_registered) { redirect_uri }
|
|
78
|
+
it 'should be valid' do
|
|
50
79
|
request.verify_redirect_uri!(pre_registered).should == redirect_uri
|
|
51
80
|
end
|
|
52
81
|
end
|
|
53
82
|
|
|
83
|
+
context 'when partially mathed redirect_uri is given' do
|
|
84
|
+
let(:pre_registered) { 'http://client.example.com' }
|
|
85
|
+
|
|
86
|
+
context 'when partial matching allowed' do
|
|
87
|
+
it 'should be valid' do
|
|
88
|
+
request.verify_redirect_uri!(pre_registered, :allow_partial_match).should == redirect_uri
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
context 'otherwise' do
|
|
93
|
+
it do
|
|
94
|
+
expect do
|
|
95
|
+
request.verify_redirect_uri!(pre_registered)
|
|
96
|
+
end.should raise_error Rack::OAuth2::Server::Authorize::BadRequest
|
|
97
|
+
end
|
|
98
|
+
end
|
|
99
|
+
end
|
|
100
|
+
|
|
54
101
|
context 'when invalid redirect_uri is given' do
|
|
55
102
|
let(:pre_registered) { 'http://client2.example.com' }
|
|
56
103
|
it do
|
|
57
104
|
expect do
|
|
58
|
-
request.verify_redirect_uri!(pre_registered)
|
|
105
|
+
request.verify_redirect_uri!(pre_registered)
|
|
59
106
|
end.should raise_error Rack::OAuth2::Server::Authorize::BadRequest
|
|
60
107
|
end
|
|
61
108
|
end
|
|
62
109
|
|
|
63
110
|
context 'when redirect_uri is missing' do
|
|
111
|
+
let(:pre_registered) { redirect_uri }
|
|
64
112
|
let(:env) { Rack::MockRequest.env_for("/authorize?client_id=client") }
|
|
65
113
|
it 'should use pre-registered redirect_uri' do
|
|
66
114
|
request.verify_redirect_uri!(pre_registered).should == pre_registered
|
metadata
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-oauth2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
prerelease:
|
|
5
|
-
version: 0.
|
|
4
|
+
prerelease: 7
|
|
5
|
+
version: 0.10.0.alpha
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
8
8
|
- nov matake
|
|
@@ -10,7 +10,7 @@ autorequire:
|
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
12
|
|
|
13
|
-
date: 2011-09-
|
|
13
|
+
date: 2011-09-13 00:00:00 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: rack
|