rack-oauth2 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/VERSION +1 -1
- data/lib/rack/oauth2/server.rb +1 -0
- data/lib/rack/oauth2/server/abstract/handler.rb +4 -0
- data/lib/rack/oauth2/server/abstract/response.rb +19 -0
- data/lib/rack/oauth2/server/authorization.rb +5 -5
- data/lib/rack/oauth2/server/authorization/code.rb +4 -0
- data/lib/rack/oauth2/server/authorization/code_and_token.rb +4 -0
- data/lib/rack/oauth2/server/authorization/token.rb +4 -0
- data/lib/rack/oauth2/server/error.rb +4 -12
- data/lib/rack/oauth2/server/token.rb +5 -2
- data/lib/rack/oauth2/server/util.rb +20 -0
- data/rack-oauth2.gemspec +3 -2
- data/spec/rack/oauth2/server/authorization/token_spec.rb +2 -2
- data/spec/rack/oauth2/server/authorization_spec.rb +51 -17
- data/spec/rack/oauth2/server/token_spec.rb +47 -6
- metadata +5 -4
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.0.
|
1
|
+
0.0.4
|
data/lib/rack/oauth2/server.rb
CHANGED
@@ -7,6 +7,10 @@ module Rack
|
|
7
7
|
class Handler < Rack::Auth::AbstractHandler
|
8
8
|
attr_accessor :request, :response
|
9
9
|
|
10
|
+
def initialize(realm = '', &authenticator)
|
11
|
+
super(nil, realm, &authenticator)
|
12
|
+
end
|
13
|
+
|
10
14
|
def call(env)
|
11
15
|
@authenticator.call(@request, @response) if @authenticator
|
12
16
|
env['rack.oauth2.request'] = @request
|
@@ -6,6 +6,25 @@ module Rack
|
|
6
6
|
def initialize(request)
|
7
7
|
super([], 200, {})
|
8
8
|
end
|
9
|
+
|
10
|
+
def required_params
|
11
|
+
[]
|
12
|
+
end
|
13
|
+
|
14
|
+
def verify_required_params!
|
15
|
+
missing_params = []
|
16
|
+
required_params.each do |key|
|
17
|
+
missing_params << key unless self.send(key)
|
18
|
+
end
|
19
|
+
unless missing_params.blank?
|
20
|
+
raise "Setup '#{missing_params.join('\', \'')}' first!"
|
21
|
+
end
|
22
|
+
end
|
23
|
+
|
24
|
+
def finish
|
25
|
+
verify_required_params!
|
26
|
+
super
|
27
|
+
end
|
9
28
|
end
|
10
29
|
end
|
11
30
|
end
|
@@ -5,7 +5,7 @@ module Rack
|
|
5
5
|
|
6
6
|
def call(env)
|
7
7
|
request = Request.new(env)
|
8
|
-
request.profile.new(@
|
8
|
+
request.profile.new(@realm, &@authenticator).call(env).finish
|
9
9
|
rescue Error => e
|
10
10
|
e.finish
|
11
11
|
end
|
@@ -15,7 +15,7 @@ module Rack
|
|
15
15
|
|
16
16
|
def initialize(env)
|
17
17
|
super
|
18
|
-
@redirect_uri =
|
18
|
+
@redirect_uri = Util.parse_uri(params['redirect_uri']) if params['redirect_uri']
|
19
19
|
@state = params['state']
|
20
20
|
rescue URI::InvalidURIError
|
21
21
|
# NOTE: can't redirect in this case.
|
@@ -23,7 +23,7 @@ module Rack
|
|
23
23
|
end
|
24
24
|
|
25
25
|
def required_params
|
26
|
-
super + [:response_type, :client_id
|
26
|
+
super + [:response_type, :client_id]
|
27
27
|
end
|
28
28
|
|
29
29
|
def profile
|
@@ -44,8 +44,8 @@ module Rack
|
|
44
44
|
attr_accessor :redirect_uri, :state, :approved
|
45
45
|
|
46
46
|
def initialize(request)
|
47
|
-
@redirect_uri = request.redirect_uri
|
48
|
-
@state
|
47
|
+
@redirect_uri = Util.parse_uri(request.redirect_uri) if request.redirect_uri
|
48
|
+
@state = request.state
|
49
49
|
super
|
50
50
|
end
|
51
51
|
|
@@ -11,7 +11,7 @@ module Rack
|
|
11
11
|
@description = description
|
12
12
|
@uri = options[:uri]
|
13
13
|
@state = options[:state]
|
14
|
-
@redirect_uri = options[:redirect_uri]
|
14
|
+
@redirect_uri = Util.parse_uri(options[:redirect_uri]) if options[:redirect_uri]
|
15
15
|
end
|
16
16
|
|
17
17
|
def finish
|
@@ -24,21 +24,13 @@ module Rack
|
|
24
24
|
value.blank?
|
25
25
|
end
|
26
26
|
if redirect_uri
|
27
|
-
|
28
|
-
|
29
|
-
redirect_uri
|
30
|
-
when String
|
31
|
-
URI.parse(redirect_uri)
|
32
|
-
else
|
33
|
-
raise "Invalid redirect_uri is given. String or URI::Generic is require."
|
34
|
-
end
|
35
|
-
_redirect_uri_.query = if _redirect_uri_.query
|
36
|
-
[_redirect_uri_.query, params.to_query].join('&')
|
27
|
+
redirect_uri.query = if redirect_uri.query
|
28
|
+
[redirect_uri.query, params.to_query].join('&')
|
37
29
|
else
|
38
30
|
params.to_query
|
39
31
|
end
|
40
32
|
response = Rack::Response.new
|
41
|
-
response.redirect
|
33
|
+
response.redirect redirect_uri.to_s
|
42
34
|
response.finish
|
43
35
|
else
|
44
36
|
[code, {'Content-Type' => 'application/json'}, params.to_json]
|
@@ -2,11 +2,10 @@ module Rack
|
|
2
2
|
module OAuth2
|
3
3
|
module Server
|
4
4
|
class Token < Abstract::Handler
|
5
|
-
attr_accessor :grant_type, :optional_authentication
|
6
5
|
|
7
6
|
def call(env)
|
8
7
|
request = Request.new(env)
|
9
|
-
request.profile.new(@
|
8
|
+
request.profile.new(@realm, &@authenticator).call(env).finish
|
10
9
|
rescue Error => e
|
11
10
|
e.finish
|
12
11
|
end
|
@@ -43,6 +42,10 @@ module Rack
|
|
43
42
|
class Response < Abstract::Response
|
44
43
|
attr_accessor :access_token, :expires_in, :refresh_token, :scope
|
45
44
|
|
45
|
+
def required_params
|
46
|
+
super + [:access_token]
|
47
|
+
end
|
48
|
+
|
46
49
|
def finish
|
47
50
|
response = {:access_token => access_token}
|
48
51
|
response[:expires_in] = expires_in if expires_in
|
@@ -0,0 +1,20 @@
|
|
1
|
+
module Rack
|
2
|
+
module OAuth2
|
3
|
+
module Server
|
4
|
+
module Util
|
5
|
+
class << self
|
6
|
+
def parse_uri(uri)
|
7
|
+
case uri
|
8
|
+
when URI::Generic
|
9
|
+
uri
|
10
|
+
when String
|
11
|
+
URI.parse(uri)
|
12
|
+
else
|
13
|
+
raise "Invalid format of URI is given."
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
data/rack-oauth2.gemspec
CHANGED
@@ -5,11 +5,11 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{rack-oauth2}
|
8
|
-
s.version = "0.0.
|
8
|
+
s.version = "0.0.4"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["nov matake"]
|
12
|
-
s.date = %q{2010-09-
|
12
|
+
s.date = %q{2010-09-16}
|
13
13
|
s.description = %q{Rack Middleware for OAuth2 Client & Server, currently working on server code first.}
|
14
14
|
s.email = %q{nov@matake.jp}
|
15
15
|
s.extra_rdoc_files = [
|
@@ -41,6 +41,7 @@ Gem::Specification.new do |s|
|
|
41
41
|
"lib/rack/oauth2/server/token/authorization_code.rb",
|
42
42
|
"lib/rack/oauth2/server/token/password.rb",
|
43
43
|
"lib/rack/oauth2/server/token/refresh_token.rb",
|
44
|
+
"lib/rack/oauth2/server/util.rb",
|
44
45
|
"rack-oauth2.gemspec",
|
45
46
|
"spec/rack/oauth2/server/authorization/code_and_token_spec.rb",
|
46
47
|
"spec/rack/oauth2/server/authorization/code_spec.rb",
|
@@ -6,7 +6,7 @@ describe Rack::OAuth2::Server::Authorization::Token do
|
|
6
6
|
|
7
7
|
before do
|
8
8
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Token directly
|
9
|
-
@app = Rack::OAuth2::Server::Authorization.new
|
9
|
+
@app = Rack::OAuth2::Server::Authorization.new do |request, response|
|
10
10
|
response.approve!
|
11
11
|
response.access_token = "access_token"
|
12
12
|
end
|
@@ -25,7 +25,7 @@ describe Rack::OAuth2::Server::Authorization::Token do
|
|
25
25
|
|
26
26
|
before do
|
27
27
|
# NOTE: for some reason, test fails when called Rack::OAuth2::Server::Authorization::Code directly
|
28
|
-
@app = Rack::OAuth2::Server::Authorization.new
|
28
|
+
@app = Rack::OAuth2::Server::Authorization.new do |request, response|
|
29
29
|
raise Rack::OAuth2::Server::Unauthorized.new(:access_denied, 'User rejected the requested access.', :redirect_uri => request.redirect_uri)
|
30
30
|
end
|
31
31
|
@request = Rack::MockRequest.new @app
|
@@ -1,17 +1,21 @@
|
|
1
1
|
require 'spec_helper.rb'
|
2
2
|
|
3
3
|
describe Rack::OAuth2::Server::Authorization do
|
4
|
+
it "should support realm" do
|
5
|
+
app = Rack::OAuth2::Server::Authorization.new("server.example.com")
|
6
|
+
app.realm.should == "server.example.com"
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
describe Rack::OAuth2::Server::Authorization::Request do
|
4
11
|
|
5
12
|
before do
|
6
|
-
@app = Rack::OAuth2::Server::Authorization.new(simple_app)
|
13
|
+
@app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
|
14
|
+
response.code = "authorization_code"
|
15
|
+
end
|
7
16
|
@request = Rack::MockRequest.new @app
|
8
17
|
end
|
9
18
|
|
10
|
-
it "should support realm" do
|
11
|
-
app = Rack::OAuth2::Server::Authorization.new(simple_app, "server.example.com")
|
12
|
-
app.realm.should == "server.example.com"
|
13
|
-
end
|
14
|
-
|
15
19
|
context "when any required parameters are missing" do
|
16
20
|
it "should return invalid_request error" do
|
17
21
|
assert_error_response(:json, :invalid_request) do
|
@@ -21,16 +25,7 @@ describe Rack::OAuth2::Server::Authorization do
|
|
21
25
|
@request.get('/?response_type=code')
|
22
26
|
end
|
23
27
|
assert_error_response(:json, :invalid_request) do
|
24
|
-
@request.get('/?
|
25
|
-
end
|
26
|
-
assert_error_response(:json, :invalid_request) do
|
27
|
-
@request.get('/?response_type=code&redirect_uri=http://client.example.com/callback')
|
28
|
-
end
|
29
|
-
assert_error_response(:json, :invalid_request) do
|
30
|
-
@request.get('/?client_id=client&redirect_uri=http://client.example.com/callback')
|
31
|
-
end
|
32
|
-
assert_error_response(:json, :invalid_request) do
|
33
|
-
@request.get('/?response_type=code&redirect_uri=http://client.example.com/callback')
|
28
|
+
@request.get('/?client_id=client')
|
34
29
|
end
|
35
30
|
end
|
36
31
|
end
|
@@ -45,9 +40,48 @@ describe Rack::OAuth2::Server::Authorization do
|
|
45
40
|
|
46
41
|
context "when all required parameters are valid" do
|
47
42
|
it "should succeed" do
|
48
|
-
response = @request.get('/?response_type=code&client_id=client
|
43
|
+
response = @request.get('/?response_type=code&client_id=client')
|
49
44
|
response.status.should == 200
|
50
45
|
end
|
51
46
|
end
|
52
47
|
|
48
|
+
end
|
49
|
+
|
50
|
+
describe Rack::OAuth2::Server::Authorization::Response do
|
51
|
+
|
52
|
+
context "when required response params are missing" do
|
53
|
+
|
54
|
+
before do
|
55
|
+
@app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
|
56
|
+
response.approve!
|
57
|
+
# code is missing
|
58
|
+
end
|
59
|
+
@request = Rack::MockRequest.new @app
|
60
|
+
end
|
61
|
+
|
62
|
+
it "should raise an error" do
|
63
|
+
lambda do
|
64
|
+
@request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback")
|
65
|
+
end.should raise_error(StandardError)
|
66
|
+
end
|
67
|
+
|
68
|
+
end
|
69
|
+
|
70
|
+
context "when required response params are given" do
|
71
|
+
|
72
|
+
before do
|
73
|
+
@app = Rack::OAuth2::Server::Authorization.new(simple_app) do |request, response|
|
74
|
+
response.approve!
|
75
|
+
response.code = "authorization_code"
|
76
|
+
end
|
77
|
+
@request = Rack::MockRequest.new @app
|
78
|
+
end
|
79
|
+
|
80
|
+
it "should succeed" do
|
81
|
+
response = @request.get("/?response_type=code&client_id=client&redirect_uri=http://client.example.com/callback")
|
82
|
+
response.status.should == 302
|
83
|
+
end
|
84
|
+
|
85
|
+
end
|
86
|
+
|
53
87
|
end
|
@@ -1,17 +1,21 @@
|
|
1
1
|
require 'spec_helper.rb'
|
2
2
|
|
3
3
|
describe Rack::OAuth2::Server::Token do
|
4
|
+
it "should support realm" do
|
5
|
+
app = Rack::OAuth2::Server::Token.new("server.example.com")
|
6
|
+
app.realm.should == "server.example.com"
|
7
|
+
end
|
8
|
+
end
|
9
|
+
|
10
|
+
describe Rack::OAuth2::Server::Token::Request do
|
4
11
|
|
5
12
|
before do
|
6
|
-
@app = Rack::OAuth2::Server::Token.new
|
13
|
+
@app = Rack::OAuth2::Server::Token.new do |request, response|
|
14
|
+
response.access_token = "access_token"
|
15
|
+
end
|
7
16
|
@request = Rack::MockRequest.new @app
|
8
17
|
end
|
9
18
|
|
10
|
-
it "should support realm" do
|
11
|
-
app = Rack::OAuth2::Server::Token.new(simple_app, "server.example.com")
|
12
|
-
app.realm.should == "server.example.com"
|
13
|
-
end
|
14
|
-
|
15
19
|
context "when any required parameters are missing" do
|
16
20
|
it "should return invalid_request error" do
|
17
21
|
assert_error_response(:json, :invalid_request) do
|
@@ -56,4 +60,41 @@ describe Rack::OAuth2::Server::Token do
|
|
56
60
|
end
|
57
61
|
end
|
58
62
|
|
63
|
+
end
|
64
|
+
|
65
|
+
describe Rack::OAuth2::Server::Token::Response do
|
66
|
+
|
67
|
+
context "when required response params are missing" do
|
68
|
+
|
69
|
+
before do
|
70
|
+
@app = Rack::OAuth2::Server::Token.new do |request, response|
|
71
|
+
# access_token is missing
|
72
|
+
end
|
73
|
+
@request = Rack::MockRequest.new @app
|
74
|
+
end
|
75
|
+
|
76
|
+
it "should raise an error" do
|
77
|
+
lambda do
|
78
|
+
@request.get("/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback")
|
79
|
+
end.should raise_error(StandardError)
|
80
|
+
end
|
81
|
+
|
82
|
+
end
|
83
|
+
|
84
|
+
context "when required response params are given" do
|
85
|
+
|
86
|
+
before do
|
87
|
+
@app = Rack::OAuth2::Server::Token.new do |request, response|
|
88
|
+
response.access_token = "access_token"
|
89
|
+
end
|
90
|
+
@request = Rack::MockRequest.new @app
|
91
|
+
end
|
92
|
+
|
93
|
+
it "should succeed" do
|
94
|
+
response = @request.get("/?grant_type=authorization_code&client_id=client&code=authorization_code&redirect_uri=http://client.example.com/callback")
|
95
|
+
response.status.should == 200
|
96
|
+
end
|
97
|
+
|
98
|
+
end
|
99
|
+
|
59
100
|
end
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 23
|
5
5
|
prerelease: false
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 0
|
9
|
-
-
|
10
|
-
version: 0.0.
|
9
|
+
- 4
|
10
|
+
version: 0.0.4
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- nov matake
|
@@ -15,7 +15,7 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2010-09-
|
18
|
+
date: 2010-09-16 00:00:00 +09:00
|
19
19
|
default_executable:
|
20
20
|
dependencies:
|
21
21
|
- !ruby/object:Gem::Dependency
|
@@ -96,6 +96,7 @@ files:
|
|
96
96
|
- lib/rack/oauth2/server/token/authorization_code.rb
|
97
97
|
- lib/rack/oauth2/server/token/password.rb
|
98
98
|
- lib/rack/oauth2/server/token/refresh_token.rb
|
99
|
+
- lib/rack/oauth2/server/util.rb
|
99
100
|
- rack-oauth2.gemspec
|
100
101
|
- spec/rack/oauth2/server/authorization/code_and_token_spec.rb
|
101
102
|
- spec/rack/oauth2/server/authorization/code_spec.rb
|