rack-oauth2 0.0.3 → 0.0.4

data/VERSION

@@ -1 +1 @@
-0.0.3
+0.0.4

data/lib/rack/oauth2/server.rb

@@ -1,3 +1,4 @@
+require 'rack/oauth2/server/util'
 require 'rack/oauth2/server/error'
 require 'rack/oauth2/server/abstract'
 require 'rack/oauth2/server/authorization'

data/lib/rack/oauth2/server/abstract/handler.rb

@@ -7,6 +7,10 @@ module Rack
         class Handler < Rack::Auth::AbstractHandler
           attr_accessor :request, :response
 
+          def initialize(realm = '', &authenticator)
+            super(nil, realm, &authenticator)
+          end
+
           def call(env)
             @authenticator.call(@request, @response) if @authenticator
             env['rack.oauth2.request'] = @request

data/lib/rack/oauth2/server/abstract/response.rb

@@ -6,6 +6,25 @@ module Rack
           def initialize(request)
             super([], 200, {})
           end
+
+          def required_params
+            []
+          end
+
+          def verify_required_params!
+            missing_params = []
+            required_params.each do |key|
+              missing_params << key unless self.send(key)
+            end
+            unless missing_params.blank?
+              raise "Setup '#{missing_params.join('\', \'')}' first!"
+            end
+          end
+
+          def finish
+            verify_required_params!
+            super
+          end
         end
       end
     end

data/lib/rack/oauth2/server/authorization.rb

@@ -5,7 +5,7 @@ module Rack
 
         def call(env)
           request = Request.new(env)
-          request.profile.new(@app, @realm, &@authenticator).call(env).finish
+          request.profile.new(@realm, &@authenticator).call(env).finish
         rescue Error => e
           e.finish
         end
@@ -15,7 +15,7 @@ module Rack
 
           def initialize(env)
             super
-            @redirect_uri = URI.parse(params['redirect_uri'])
+            @redirect_uri = Util.parse_uri(params['redirect_uri']) if params['redirect_uri']
             @state        = params['state']
           rescue URI::InvalidURIError
             # NOTE: can't redirect in this case.
@@ -23,7 +23,7 @@ module Rack
           end
 
           def required_params
-            super + [:response_type, :client_id, :redirect_uri]
+            super + [:response_type, :client_id]
           end
 
           def profile
@@ -44,8 +44,8 @@ module Rack
           attr_accessor :redirect_uri, :state, :approved
 
           def initialize(request)
-            @redirect_uri = request.redirect_uri
-            @state = request.state
+            @redirect_uri = Util.parse_uri(request.redirect_uri) if request.redirect_uri
+            @state        = request.state
             super
           end
 

data/lib/rack/oauth2/server/authorization/code.rb

@@ -20,6 +20,10 @@ module Rack
           class Response < Authorization::Response
             attr_accessor :code
 
+            def required_params
+              super + [:code]
+            end
+
             def finish
               if approved?
                 params = {

data/lib/rack/oauth2/server/authorization/code_and_token.rb

@@ -20,6 +20,10 @@ module Rack
           class Response < Authorization::Response
             attr_accessor :code, :access_token, :expires_in, :scope
 
+            def required_params
+              super + [:code, :access_token]
+            end
+
             def finish
               if approved?
                 # append query params

data/lib/rack/oauth2/server/authorization/token.rb

@@ -20,6 +20,10 @@ module Rack
           class Response < Authorization::Response
             attr_accessor :access_token, :expires_in, :scope
 
+            def required_params
+              super + [:access_token]
+            end
+
             def finish
               if approved?
                 params = {

data/lib/rack/oauth2/server/error.rb

@@ -11,7 +11,7 @@ module Rack
           @description  = description
           @uri          = options[:uri]
           @state        = options[:state]
-          @redirect_uri = options[:redirect_uri]
+          @redirect_uri = Util.parse_uri(options[:redirect_uri]) if options[:redirect_uri]
         end
 
         def finish
@@ -24,21 +24,13 @@ module Rack
             value.blank?
           end
           if redirect_uri
-            _redirect_uri_ = case redirect_uri
-            when URI::Generic
-              redirect_uri
-            when String
-              URI.parse(redirect_uri)
-            else
-              raise "Invalid redirect_uri is given. String or URI::Generic is require."
-            end
-            _redirect_uri_.query = if _redirect_uri_.query
-              [_redirect_uri_.query, params.to_query].join('&')
+            redirect_uri.query = if redirect_uri.query
+              [redirect_uri.query, params.to_query].join('&')
             else
               params.to_query
             end
             response = Rack::Response.new
-            response.redirect _redirect_uri_.to_s
+            response.redirect redirect_uri.to_s
             response.finish
           else
             [code, {'Content-Type' => 'application/json'}, params.to_json]

data/lib/rack/oauth2/server/token.rb

@@ -2,11 +2,10 @@ module Rack
   module OAuth2
     module Server
       class Token < Abstract::Handler
-        attr_accessor :grant_type, :optional_authentication
 
         def call(env)
           request = Request.new(env)
-          request.profile.new(@app, @realm, &@authenticator).call(env).finish
+          request.profile.new(@realm, &@authenticator).call(env).finish
         rescue Error => e
           e.finish
         end
@@ -43,6 +42,10 @@ module Rack
         class Response < Abstract::Response
           attr_accessor :access_token, :expires_in, :refresh_token, :scope
 
+          def required_params
+            super + [:access_token]
+          end
+
           def finish
             response = {:access_token => access_token}
             response[:expires_in] = expires_in if expires_in

data/lib/rack/oauth2/server/util.rb

@@ -0,0 +1,20 @@
+module Rack
+  module OAuth2
+    module Server
+      module Util
+        class << self
+          def parse_uri(uri)
+            case uri
+            when URI::Generic
+              uri
+            when String
+              URI.parse(uri)
+            else
+              raise "Invalid format of URI is given."
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/rack-oauth2.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{rack-oauth2}
-  s.version = "0.0.3"
+  s.version = "0.0.4"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["nov matake"]
-  s.date = %q{2010-09-15}
+  s.date = %q{2010-09-16}
   s.description = %q{Rack Middleware for OAuth2 Client & Server, currently working on server code first.}
   s.email = %q{nov@matake.jp}
   s.extra_rdoc_files = [
@@ -41,6 +41,7 @@ Gem::Specification.new do |s|
      "lib/rack/oauth2/server/token/authorization_code.rb",
      "lib/rack/oauth2/server/token/password.rb",
      "lib/rack/oauth2/server/token/refresh_token.rb",
+     "lib/rack/oauth2/server/util.rb",
      "rack-oauth2.gemspec",
      "spec/rack/oauth2/server/authorization/code_and_token_spec.rb",
      "spec/rack/oauth2/server/authorization/code_spec.rb",

data/spec/rack/oauth2/server/authorization/token_spec.rb

@@ -6,7 +6,7 @@ describe Rack::OAuth2::Server::Authorization::Token do
 
     before do
       # NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Token directly
-      @app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
+      @app = Rack::OAuth2::Server::Authorization.new do |request, response|
         response.approve!
         response.access_token = "access_token"
       end
@@ -25,7 +25,7 @@ describe Rack::OAuth2::Server::Authorization::Token do
 
     before do
       # NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
-      @app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
+      @app = Rack::OAuth2::Server::Authorization.new do |request, response|
         raise Rack::OAuth2::Server::Unauthorized.new(:access_denied, 'User rejected the requested access.', :redirect_uri => request.redirect_uri)
       end
       @request = Rack::MockRequest.new @app

data/spec/rack/oauth2/server/authorization_spec.rb

@@ -1,17 +1,21 @@
 require 'spec_helper.rb'
 
 describe Rack::OAuth2::Server::Authorization do
+  it "should support realm" do
+    app = Rack::OAuth2::Server::Authorization.new("server.example.com")
+    app.realm.should == "server.example.com"
+  end
+end
+
+describe Rack::OAuth2::Server::Authorization::Request do
 
   before do
-    @app = Rack::OAuth2::Server::Authorization.new(simple_app)
+    @app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
+      response.code = "authorization_code"
+    end
     @request = Rack::MockRequest.new @app
   end
 
-  it "should support realm" do
-    app = Rack::OAuth2::Server::Authorization.new(simple_app, "server.example.com")
-    app.realm.should == "server.example.com"
-  end
-
   context "when any required parameters are missing" do
     it "should return invalid_request error" do
       assert_error_response(:json, :invalid_request) do
@@ -21,16 +25,7 @@ describe Rack::OAuth2::Server::Authorization do
         @request.get('/?response_type=code')
       end
       assert_error_response(:json, :invalid_request) do
-        @request.get('/?response_type=code&client_id=client')
-      end
-      assert_error_response(:json, :invalid_request) do
-        @request.get('/?response_type=code&redirect_uri=http://client.example.com/callback')
-      end
-      assert_error_response(:json, :invalid_request) do
-        @request.get('/?client_id=client&redirect_uri=http://client.example.com/callback')
-      end
-      assert_error_response(:json, :invalid_request) do
-        @request.get('/?response_type=code&redirect_uri=http://client.example.com/callback')
+        @request.get('/?client_id=client')
       end
     end
   end
@@ -45,9 +40,48 @@ describe Rack::OAuth2::Server::Authorization do
 
   context "when all required parameters are valid" do
     it "should succeed" do
-      response = @request.get('/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback')
+      response = @request.get('/?response_type=code&client_id=client')
       response.status.should == 200
     end
   end
 
+end
+
+describe Rack::OAuth2::Server::Authorization::Response do
+
+  context "when required response params are missing" do
+
+    before do
+      @app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
+        response.approve!
+        # code is missing
+      end
+      @request = Rack::MockRequest.new @app
+    end
+
+    it "should raise an error" do
+      lambda do
+        @request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback")
+      end.should raise_error(StandardError)
+    end
+
+  end
+
+  context "when required response params are given" do
+
+    before do
+      @app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
+        response.approve!
+        response.code = "authorization_code"
+      end
+      @request = Rack::MockRequest.new @app
+    end
+
+    it "should succeed" do
+      response = @request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback")
+      response.status.should == 302
+    end
+
+  end
+
 end

data/spec/rack/oauth2/server/token_spec.rb

@@ -1,17 +1,21 @@
 require 'spec_helper.rb'
 
 describe Rack::OAuth2::Server::Token do
+  it "should support realm" do
+    app = Rack::OAuth2::Server::Token.new("server.example.com")
+    app.realm.should == "server.example.com"
+  end
+end
+
+describe Rack::OAuth2::Server::Token::Request do
 
   before do
-    @app = Rack::OAuth2::Server::Token.new(simple_app)
+    @app = Rack::OAuth2::Server::Token.new do |request, response|
+      response.access_token = "access_token"
+    end
     @request = Rack::MockRequest.new @app
   end
 
-  it "should support realm" do
-    app = Rack::OAuth2::Server::Token.new(simple_app, "server.example.com")
-    app.realm.should == "server.example.com"
-  end
-
   context "when any required parameters are missing" do
     it "should return invalid_request error" do
       assert_error_response(:json, :invalid_request) do
@@ -56,4 +60,41 @@ describe Rack::OAuth2::Server::Token do
     end
   end
 
+end
+
+describe Rack::OAuth2::Server::Token::Response do
+
+  context "when required response params are missing" do
+
+    before do
+      @app = Rack::OAuth2::Server::Token.new do |request, response|
+        # access_token is missing
+      end
+      @request = Rack::MockRequest.new @app
+    end
+
+    it "should raise an error" do
+      lambda do
+        @request.get("/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback")
+      end.should raise_error(StandardError)
+    end
+
+  end
+
+  context "when required response params are given" do
+
+    before do
+      @app = Rack::OAuth2::Server::Token.new do |request, response|
+        response.access_token = "access_token"
+      end
+      @request = Rack::MockRequest.new @app
+    end
+
+    it "should succeed" do
+      response = @request.get("/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback")
+      response.status.should == 200
+    end
+
+  end
+
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: rack-oauth2
 version: !ruby/object:Gem::Version 
-  hash: 25
+  hash: 23
   prerelease: false
   segments: 
   - 0
   - 0
-  - 3
-  version: 0.0.3
+  - 4
+  version: 0.0.4
 platform: ruby
 authors: 
 - nov matake
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-09-15 00:00:00 +09:00
+date: 2010-09-16 00:00:00 +09:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -96,6 +96,7 @@ files:
 - lib/rack/oauth2/server/token/authorization_code.rb
 - lib/rack/oauth2/server/token/password.rb
 - lib/rack/oauth2/server/token/refresh_token.rb
+- lib/rack/oauth2/server/util.rb
 - rack-oauth2.gemspec
 - spec/rack/oauth2/server/authorization/code_and_token_spec.rb
 - spec/rack/oauth2/server/authorization/code_spec.rb