rack-oauth2 0.14.4 → 0.14.5

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    rack-oauth2 (0.14.2)
+    rack-oauth2 (0.14.4)
       activesupport (>= 2.3)
       attr_required (>= 0.0.5)
       httpclient (>= 2.2.0.2)
@@ -12,7 +12,7 @@ PATH
 GEM
   remote: http://rubygems.org/
   specs:
-    activesupport (3.2.1)
+    activesupport (3.2.7)
       i18n (~> 0.6)
       multi_json (~> 1.0)
     addressable (2.2.7)
@@ -26,13 +26,12 @@ GEM
     crack (0.3.1)
     diff-lcs (1.1.3)
     hashie (1.2.0)
-    httpclient (2.2.4)
+    httpclient (2.2.5)
     i18n (0.6.0)
     jruby-openssl (0.7.6.1)
       bouncy-castle-java (>= 1.5.0146.1)
-    json (1.6.5)
-    json (1.6.5-java)
-    multi_json (1.1.0)
+    json (1.7.4)
+    multi_json (1.3.6)
     rack (1.4.1)
     rake (0.9.2.2)
     rspec (2.8.0)

data/README.rdoc

@@ -9,8 +9,8 @@ http://tools.ietf.org/html/draft-ietf-oauth-v2-18
 The OAuth 2.0 Protocol: Bearer Tokens (draft 06)
 http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-06
 
-HTTP Authentication: MAC Access Authentication (draft 00)
-http://www.ietf.org/id/draft-ietf-oauth-v2-http-mac-00.txt
+HTTP Authentication: MAC Access Authentication (draft 01)
+http://www.ietf.org/id/draft-ietf-oauth-v2-http-mac-01.txt
 
 == Installation
 

data/VERSION

@@ -1 +1 @@
-0.14.4
+0.14.5

data/lib/rack/oauth2/access_token/mac.rb

@@ -3,12 +3,12 @@ module Rack
     class AccessToken
       class MAC < AccessToken
         attr_required :mac_key, :mac_algorithm
-        attr_optional :issued_at, :ext
-        attr_reader :nonce, :body_hash, :signature
+        attr_optional :ts, :ext_verifier
+        attr_reader :nonce, :signature, :ext
 
         def initialize(attributes = {})
           super(attributes)
-          @issued_at ||= Time.now.utc
+          @ts ||= Time.now.utc
         end
 
         def token_response
@@ -18,13 +18,16 @@ module Rack
           )
         end
 
-        def verify!(request)
-          if request.body_hash.present?
-            BodyHash.new(
-              :raw_body  => request.body.read,
+        def verify!(request)          
+
+          body = request.body.read
+          if self.ext_verifier.present?
+            self.ext_verifier.new(
+              :raw_body => body,
               :algorithm => self.mac_algorithm
-            ).verify!(request.body_hash)
+            ).verify!(request.ext)
           end
+
           Signature.new(
             :secret      => self.mac_key,
             :algorithm   => self.mac_algorithm,
@@ -33,7 +36,7 @@ module Rack
             :request_uri => request.fullpath,
             :host        => request.host,
             :port        => request.port,
-            :body_hash   => request.body_hash,
+            :ts          => request.ts,
             :ext         => request.ext
           ).verify!(request.signature)
         rescue Verifier::VerificationFailed => e
@@ -42,12 +45,14 @@ module Rack
 
         def authenticate(request)
           @nonce = generate_nonce
-          if request.contenttype == 'application/x-www-form-urlencoded'
-            @body_hash = BodyHash.new(
+
+          if self.ext_verifier.present?
+            @ext = self.ext_verifier.new(
               :raw_body => request.body,
               :algorithm => self.mac_algorithm
             ).calculate
           end
+
           @signature = Signature.new(
             :secret      => self.mac_key,
             :algorithm   => self.mac_algorithm,
@@ -56,26 +61,27 @@ module Rack
             :request_uri => request.header.create_query_uri,
             :host        => request.header.request_uri.host,
             :port        => request.header.request_uri.port,
-            :body_hash   => self.body_hash,
-            :ext         => self.ext
+            :ts          => self.ts,
+            :ext         => @ext
           ).calculate
+
           request.header['Authorization'] = authorization_header
         end
 
         private
 
         def authorization_header
-          header = "MAC"
-          header << " id=\"#{access_token}\","
-          header << " nonce=\"#{nonce}\","
-          header << " bodyhash=\"#{body_hash}\"," if body_hash.present?
-          header << " ext=\"#{ext}\"," if ext.present?
-          header << " mac=\"#{signature}\""
+          header = "MAC id=\"#{access_token}\""
+          header << ", nonce=\"#{nonce}\""
+          header << ", ts=\"#{ts.to_i}\""
+          header << ", mac=\"#{signature}\""
+          header << ", ext=\"#{ext}\"" if @ext.present?
+          header
         end
 
         def generate_nonce
           [
-            (Time.now.utc - @issued_at).to_i,
+            (Time.now.utc - @ts).to_i,
             SecureRandom.hex
           ].join(':')
         end
@@ -85,5 +91,5 @@ module Rack
 end
 
 require 'rack/oauth2/access_token/mac/verifier'
-require 'rack/oauth2/access_token/mac/body_hash'
+require 'rack/oauth2/access_token/mac/sha256_hex_verifier'
 require 'rack/oauth2/access_token/mac/signature'

data/lib/rack/oauth2/access_token/mac/{body_hash.rb → sha256_hex_verifier.rb}

@@ -2,11 +2,13 @@ module Rack
   module OAuth2
     class AccessToken
       class MAC
-        class BodyHash < Verifier
+        class Sha256HexVerifier < Verifier
           attr_optional :raw_body
 
           def calculate
-            Rack::OAuth2::Util.base64_encode hash_generator.digest(raw_body)
+            return nil if raw_body.nil?
+            
+            OpenSSL::Digest::SHA256.new.digest(raw_body).unpack('H*').first
           end
         end
       end

data/lib/rack/oauth2/access_token/mac/signature.rb

@@ -3,8 +3,8 @@ module Rack
     class AccessToken
       class MAC
         class Signature < Verifier
-          attr_required :secret, :nonce, :method, :request_uri, :host, :port
-          attr_optional :body_hash, :ext, :query
+          attr_required :secret, :ts, :nonce, :method, :request_uri, :host, :port
+          attr_optional :ext, :query
 
           def calculate
             Rack::OAuth2::Util.base64_encode OpenSSL::HMAC.digest(
@@ -16,12 +16,12 @@ module Rack
 
           def normalized_request_string
             [
+              ts.to_i,
               nonce,
               method.to_s.upcase,
               request_uri,
               host,
               port,
-              body_hash || '',
               ext || '',
               nil
             ].join("\n")

data/lib/rack/oauth2/access_token/mac/verifier.rb

@@ -18,6 +18,7 @@ module Rack
           end
 
           def verify!(expected)
+            puts "verifying #{expected} = #{self.calculate}"
             if expected == self.calculate
               :verified
             else

data/lib/rack/oauth2/server/resource/mac.rb

@@ -11,13 +11,13 @@ module Rack
           private
 
           class Request < Resource::Request
-            attr_reader :nonce, :body_hash, :ext, :signature
+            attr_reader :nonce, :ts, :ext, :signature
 
             def setup!
               auth_params = Rack::Auth::Digest::Params.parse(@auth_header.params).with_indifferent_access
               @access_token = auth_params[:id]
               @nonce = auth_params[:nonce]
-              @body_hash = auth_params[:bodyhash]
+              @ts = auth_params[:ts]
               @ext = auth_params[:ext]
               @signature = auth_params[:mac]
               self

data/lib/rack/oauth2/util.rb

@@ -51,6 +51,7 @@ module Rack
         rescue
           false
         end
+
       end
     end
   end

data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb

@@ -0,0 +1,18 @@
+require 'spec_helper'
+
+describe Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier do
+
+  # From the example of webtopay wallet API spec
+  # ref) https://www.webtopay.com/wallet/#authentication
+  context 'when example from webtopay wallet API' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier.new(
+        :algorithm => 'hmac-sha-256',
+        :raw_body => 'grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA&redirect_uri=http%3A%2F%2Flocalhost%2Fabc'
+      )
+    end
+    its(:calculate) { should == '21fb73c40b589622d0c78e9cd8900f89d9472aa724d0e5c3eca9ac1cd9d2a6d5' }
+  end
+
+
+end

data/spec/rack/oauth2/access_token/mac/signature_spec.rb

@@ -1,43 +1,59 @@
 require 'spec_helper'
 
 describe Rack::OAuth2::AccessToken::MAC::Signature do
+  # From the example of Webtopay wallet API
+  # ref) https://www.webtopay.com/wallet/
+  context 'when ext is not given' do
+    subject do
+      Rack::OAuth2::AccessToken::MAC::Signature.new(
+        :secret       => 'IrdTc8uQodU7PRpLzzLTW6wqZAO6tAMU',
+        :algorithm    => 'hmac-sha-256',
+        :nonce        => 'dj83hs9s',
+        :ts           => 1336363200,
+        :method       => 'GET',
+        :request_uri  => '/wallet/rest/api/v1/payment/123',
+        :host         => 'www.webtopay.com',
+        :port         => 443
+      )
+    end
+    its(:calculate) { should == 'OZE9fTk2qiRtL1jb01L8lRxC66PTiAGhMDEmboeVeLs=' }
+  end
 
-  # From the example of MAC spec section 1.2
-  # ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-00.pdf
-  context 'when body_hash is given' do
+  # From the example of MAC spec section 1.1
+  # ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-01.pdf
+  context 'when ext is not given' do
     subject do
       Rack::OAuth2::AccessToken::MAC::Signature.new(
-        :secret      => '8yfrufh348h',
-        :algorithm   => 'hmac-sha-1',
-        :nonce       => '273156:di3hvdf8',
-        :method      => 'POST',
-        :request_uri => '/request',
-        :host        => 'example.com',
-        :port        => 80,
-        :body_hash   => 'k9kbtCIy0CkI3/FEfpS/oIDjk6k=',
-        :ext         => nil
+        :secret       => '489dks293j39',
+        :algorithm    => 'hmac-sha-1',
+        :nonce        => 'dj83hs9s',
+        :ts           => 1336363200,
+        :method       => 'GET',
+        :request_uri  => '/resource/1?b=1&a=2',
+        :host         => 'example.com',
+        :port         => 80
       )
     end
-    its(:calculate) { should == 'W7bdMZbv9UWOTadASIQHagZyirA=' }
+    its(:calculate) { should == '6T3zZzy2Emppni6bzL7kdRxUWL4=' }
   end
 
   # From the example of MAC spec section 3.2
-  # ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-00.pdf
-  context 'otherwize' do
+  # ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-01.pdf
+  context 'otherwise' do
     subject do
       Rack::OAuth2::AccessToken::MAC::Signature.new(
         :secret      => '489dks293j39',
         :algorithm   => 'hmac-sha-1',
-        :nonce       => '264095:dj83hs9s',
-        :method      => 'GET',
-        :request_uri => '/resource/1?b=1&a=2',
+        :nonce       => '7d8f3e4a',
+        :ts           => 264095,
+        :method      => 'POST',
+        :request_uri => '/request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q',
         :host        => 'example.com',
         :port        => 80,
-        :body_hash   => nil,
-        :ext         => nil
+        :ext         => 'a,b,c'
       )
     end
-    its(:calculate) { should == 'SLDJd4mg43cjQfElUs3Qub4L6xE=' }
+    its(:calculate) { should == '+txL5oOFHGYjrfdNYH5VEzROaBY=' }
   end
 
 end

data/spec/rack/oauth2/access_token/mac/verifier_spec.rb

@@ -20,4 +20,6 @@ describe Rack::OAuth2::AccessToken::MAC::Verifier do
       expect { verifier.send(:hash_generator) }.should raise_error(StandardError, 'Unsupported Algorithm')
     end
   end
+
+  
 end

data/spec/rack/oauth2/access_token/mac_spec.rb

@@ -1,15 +1,24 @@
 require 'spec_helper'
 
 describe Rack::OAuth2::AccessToken::MAC do
+  let(:ts) { 1305820234 }
   let :token do
     Rack::OAuth2::AccessToken::MAC.new(
       :access_token => 'access_token',
       :mac_key => 'secret',
       :mac_algorithm => 'hmac-sha-256',
-      :issued_at => issued_at
+      :ts => ts
+    )
+  end
+  let :token_with_ext_verifier do
+    Rack::OAuth2::AccessToken::MAC.new(
+      :access_token => 'access_token',
+      :mac_key => 'secret',
+      :mac_algorithm => 'hmac-sha-256',
+      :ts => ts,
+      :ext_verifier => Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier
     )
   end
-  let(:issued_at) { 1305820455 }
   let(:nonce) { '1000:51e74de734c05613f37520872e68db5f' }
   let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
   subject { token }
@@ -32,17 +41,18 @@ describe Rack::OAuth2::AccessToken::MAC do
   describe 'verify!' do
     let(:request) { Rack::OAuth2::Server::Resource::MAC::Request.new(env) }
 
-    context 'when no body_hash is given' do
+    context 'when no ext_verifier is given' do
       let(:env) do
         Rack::MockRequest.env_for(
           '/protected_resources',
-          'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}", mac="#{signature}"}
+          'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}", ts="#{ts}" mac="#{signature}"}
         )
       end
 
       context 'when signature is valid' do
-        let(:signature) { 'nbQj0NdvSBKdwvw1yX6wpQ4EwrQKBg/r3lqwJGcthDU=' }
+        let(:signature) { 'BgooS/voPOZWLwoVfx4+zbC3xAVKW3jtjhKYOfIGZOA=' }
         it do
+
           token.verify!(request.setup!).should == :verified
         end
       end
@@ -58,7 +68,7 @@ describe Rack::OAuth2::AccessToken::MAC do
       end
     end
 
-    context 'when body_hash is given' do
+    context 'when ext_verifier is given' do
       let(:env) do
         Rack::MockRequest.env_for(
           '/protected_resources',
@@ -66,29 +76,30 @@ describe Rack::OAuth2::AccessToken::MAC do
           :params => {
             :key1 => 'value1'
           },
-          'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}", bodyhash="#{body_hash}", mac="#{signature}"}
+          'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}", ts="#{ts}", mac="#{signature}", ext="#{ext}"}
         )
       end
       let(:signature) { 'invalid' }
 
-      context 'when body_hash is invalid' do
-        let(:body_hash) { 'invalid' }
+      context 'when ext is invalid' do
+        let(:ext) { 'invalid' }
         it do
-          expect { token.verify!(request.setup!) }.should raise_error(
+          expect { token_with_ext_verifier.verify!(request.setup!) }.should raise_error(
             Rack::OAuth2::Server::Resource::MAC::Unauthorized,
-            'invalid_token :: BodyHash Invalid'
+            'invalid_token :: Sha256HexVerifier Invalid'
           )
         end
       end
 
-      context 'when body_hash is valid' do
-        let(:body_hash) { 'TPzUbFn1S16mpfmwXCi1L+8oZHRxlLX9/D1ZwAV781o=' }
+      context 'when ext is valid' do
+        let(:ext) { '4cfcd46c59f54b5ea6a5f9b05c28b52fef2864747194b5fdfc3d59c0057bf35a' }
 
         context 'when signature is valid' do
-          let(:signature) { 'ebFlQPMO3WzEZ3ncuIFnVK7IsVt+JEorQEEMJTiz/t8=' }
+          let(:signature) { 'dZYR54n+Lym5qCRRmDqmRZ71rG+bkjSWmqrOv8OjYHk=' }
           it do
             Time.fix(Time.at(1302361200)) do
-              token.verify!(request.setup!).should == :verified
+
+              token_with_ext_verifier.verify!(request.setup!).should == :verified
             end
           end
         end
@@ -107,13 +118,25 @@ describe Rack::OAuth2::AccessToken::MAC do
 
   describe '.authenticate' do
     let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {:hello => "world"}, {}) }
-    let(:body_hash) { 'PQEeCVAqhFUqD4rhEtAkzCwRVZfjpXfV9JAHkCwiHcU=' }
-    let(:signature) { 'aL2Oh8gWrCAtJ/Xu6XMtJb6ZsYQT+GxQTs/TgJDQ7ZY=' }
+    context 'when no ext_verifier is given' do
+      let(:signature) { 'pOBaL6HRawe4tUPmcU4vJEj1f2GJqrbQOlCcdAYgI/s=' }
 
-    it 'should set Authorization header' do
-      token.should_receive(:generate_nonce).and_return(nonce)
-      request.header.should_receive(:[]=).with('Authorization', "MAC id=\"access_token\", nonce=\"#{nonce}\", bodyhash=\"#{body_hash}\", mac=\"#{signature}\"")
-      token.authenticate(request)
+      it 'should set Authorization header' do
+        token.should_receive(:generate_nonce).and_return(nonce)
+        request.header.should_receive(:[]=).with('Authorization', "MAC id=\"access_token\", nonce=\"#{nonce}\", ts=\"#{ts.to_i}\", mac=\"#{signature}\"")
+        token.authenticate(request)
+      end
     end
+
+    context 'when ext_verifier is given' do
+      let(:signature) { 'vgU0fj6rSpwUCAoCOrXlu8pZBR8a5Q5xIVlB4MCvJeM=' }
+      let(:ext) { '3d011e09502a84552a0f8ae112d024cc2c115597e3a577d5f49007902c221dc5' }
+      it 'should set Authorization header with ext_verifier' do
+        token_with_ext_verifier.should_receive(:generate_nonce).and_return(nonce)
+        request.header.should_receive(:[]=).with('Authorization', "MAC id=\"access_token\", nonce=\"#{nonce}\", ts=\"#{ts.to_i}\", mac=\"#{signature}\", ext=\"#{ext}\"")
+        token_with_ext_verifier.authenticate(request)
+      end
+    end
+
   end
 end

data/spec/rack/oauth2/server/resource/mac_spec.rb

@@ -72,12 +72,12 @@ describe Rack::OAuth2::Server::Resource::MAC do
     end
 
     context 'when other required params are invalid' do
-      let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", mac="invalid""') }
+      let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", ts="1305820234", mac="invalid""') }
       it_behaves_like :unauthorized_mac_request
     end
 
     context 'when all required params are valid' do
-      let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", mac="H1laxA3HXmg4jjyhDmWUEGpdZwc6tcA4U9OMAUXtoFs="') }
+      let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", ts="1305820234", mac="26JP6MMZyAHLHeMU8+m+NbVJgZbikp5SlT86/a62pwg="') }
       it_behaves_like :authenticated_mac_request
     end
   end

metadata

@@ -1,165 +1,185 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: rack-oauth2
-version: !ruby/object:Gem::Version 
-  prerelease: false
-  segments: 
-  - 0
-  - 14
-  - 4
-  version: 0.14.4
+version: !ruby/object:Gem::Version
+  version: 0.14.5
+  prerelease: 
 platform: ruby
-authors: 
+authors:
 - nov matake
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2012-02-26 00:00:00 +09:00
-default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2012-08-06 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: rack
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        segments: 
-        - 1
-        - 1
-        version: "1.1"
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '1.1'
   type: :runtime
-  version_requirements: *id001
-- !ruby/object:Gem::Dependency 
-  name: json
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        segments: 
-        - 1
-        - 4
-        - 3
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
         version: 1.4.3
   type: :runtime
-  version_requirements: *id002
-- !ruby/object:Gem::Dependency 
-  name: httpclient
   prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        segments: 
-        - 2
-        - 2
-        - 0
-        - 2
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.4.3
+- !ruby/object:Gem::Dependency
+  name: httpclient
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
         version: 2.2.0.2
   type: :runtime
-  version_requirements: *id003
-- !ruby/object:Gem::Dependency 
-  name: activesupport
   prerelease: false
-  requirement: &id004 !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        segments: 
-        - 2
-        - 3
-        version: "2.3"
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 2.2.0.2
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '2.3'
   type: :runtime
-  version_requirements: *id004
-- !ruby/object:Gem::Dependency 
-  name: i18n
   prerelease: false
-  requirement: &id005 !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        segments: 
-        - 0
-        version: "0"
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '2.3'
+- !ruby/object:Gem::Dependency
+  name: i18n
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :runtime
-  version_requirements: *id005
-- !ruby/object:Gem::Dependency 
-  name: attr_required
   prerelease: false
-  requirement: &id006 !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        segments: 
-        - 0
-        - 0
-        - 5
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: attr_required
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
         version: 0.0.5
   type: :runtime
-  version_requirements: *id006
-- !ruby/object:Gem::Dependency 
-  name: rake
   prerelease: false
-  requirement: &id007 !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        segments: 
-        - 0
-        - 8
-        version: "0.8"
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 0.0.5
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0.8'
   type: :development
-  version_requirements: *id007
-- !ruby/object:Gem::Dependency 
-  name: rcov
   prerelease: false
-  requirement: &id008 !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        segments: 
-        - 0
-        - 9
-        version: "0.9"
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0.8'
+- !ruby/object:Gem::Dependency
+  name: cover_me
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.2.0
   type: :development
-  version_requirements: *id008
-- !ruby/object:Gem::Dependency 
-  name: rspec
   prerelease: false
-  requirement: &id009 !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        segments: 
-        - 2
-        version: "2"
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.2.0
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '2'
   type: :development
-  version_requirements: *id009
-- !ruby/object:Gem::Dependency 
-  name: webmock
   prerelease: false
-  requirement: &id010 !ruby/object:Gem::Requirement 
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        segments: 
-        - 1
-        - 6
-        - 2
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
         version: 1.6.2
   type: :development
-  version_requirements: *id010
-description: OAuth 2.0 Server & Client Library. Both Bearer and MAC token type are supported.
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.6.2
+description: OAuth 2.0 Server & Client Library. Both Bearer and MAC token type are
+  supported.
 email: nov@matake.jp
 executables: []
-
 extensions: []
-
-extra_rdoc_files: 
+extra_rdoc_files:
 - LICENSE
 - README.rdoc
-files: 
+files:
 - .document
 - .gitignore
 - .rspec
@@ -176,7 +196,7 @@ files:
 - lib/rack/oauth2/access_token/bearer.rb
 - lib/rack/oauth2/access_token/legacy.rb
 - lib/rack/oauth2/access_token/mac.rb
-- lib/rack/oauth2/access_token/mac/body_hash.rb
+- lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb
 - lib/rack/oauth2/access_token/mac/signature.rb
 - lib/rack/oauth2/access_token/mac/verifier.rb
 - lib/rack/oauth2/client.rb
@@ -230,7 +250,7 @@ files:
 - spec/rack/oauth2/access_token/authenticator_spec.rb
 - spec/rack/oauth2/access_token/bearer_spec.rb
 - spec/rack/oauth2/access_token/legacy_spec.rb
-- spec/rack/oauth2/access_token/mac/body_hash_spec.rb
+- spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb
 - spec/rack/oauth2/access_token/mac/signature_spec.rb
 - spec/rack/oauth2/access_token/mac/verifier_spec.rb
 - spec/rack/oauth2/access_token/mac_spec.rb
@@ -263,39 +283,32 @@ files:
 - spec/rack/oauth2/server/token_spec.rb
 - spec/rack/oauth2/util_spec.rb
 - spec/spec_helper.rb
-has_rdoc: true
 homepage: http://github.com/nov/rack-oauth2
 licenses: []
-
 post_install_message: 
-rdoc_options: 
+rdoc_options:
 - --charset=UTF-8
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      segments: 
-      - 1
-      - 3
-      - 6
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
       version: 1.3.6
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.3.6
+rubygems_version: 1.8.24
 signing_key: 
 specification_version: 3
 summary: OAuth 2.0 Server & Client Library - Both Bearer and MAC token type are supported
-test_files: 
+test_files:
 - spec/helpers/time.rb
 - spec/helpers/webmock_helper.rb
 - spec/mock_response/errors/invalid_request.json
@@ -310,7 +323,7 @@ test_files:
 - spec/rack/oauth2/access_token/authenticator_spec.rb
 - spec/rack/oauth2/access_token/bearer_spec.rb
 - spec/rack/oauth2/access_token/legacy_spec.rb
-- spec/rack/oauth2/access_token/mac/body_hash_spec.rb
+- spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb
 - spec/rack/oauth2/access_token/mac/signature_spec.rb
 - spec/rack/oauth2/access_token/mac/verifier_spec.rb
 - spec/rack/oauth2/access_token/mac_spec.rb

data/spec/rack/oauth2/access_token/mac/body_hash_spec.rb

@@ -1,13 +0,0 @@
-require 'spec_helper'
-
-describe Rack::OAuth2::AccessToken::MAC::BodyHash do
-  # From the example of MAC spec section 3.2
-  # ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-00.pdf
-  subject do
-    Rack::OAuth2::AccessToken::MAC::BodyHash.new(
-      :algorithm => 'hmac-sha-1',
-      :raw_body => 'hello=world%21'
-    )
-  end
-  its(:calculate) { should == 'k9kbtCIy0CkI3/FEfpS/oIDjk6k=' }
-end