rack-oauth2 0.14.4 → 0.14.5
Sign up to get free protection for your applications and to get access to all the features.
- data/Gemfile.lock +5 -6
- data/README.rdoc +2 -2
- data/VERSION +1 -1
- data/lib/rack/oauth2/access_token/mac.rb +27 -21
- data/lib/rack/oauth2/access_token/mac/{body_hash.rb → sha256_hex_verifier.rb} +4 -2
- data/lib/rack/oauth2/access_token/mac/signature.rb +3 -3
- data/lib/rack/oauth2/access_token/mac/verifier.rb +1 -0
- data/lib/rack/oauth2/server/resource/mac.rb +2 -2
- data/lib/rack/oauth2/util.rb +1 -0
- data/spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb +18 -0
- data/spec/rack/oauth2/access_token/mac/signature_spec.rb +37 -21
- data/spec/rack/oauth2/access_token/mac/verifier_spec.rb +2 -0
- data/spec/rack/oauth2/access_token/mac_spec.rb +44 -21
- data/spec/rack/oauth2/server/resource/mac_spec.rb +2 -2
- metadata +165 -152
- data/spec/rack/oauth2/access_token/mac/body_hash_spec.rb +0 -13
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
rack-oauth2 (0.14.
|
4
|
+
rack-oauth2 (0.14.4)
|
5
5
|
activesupport (>= 2.3)
|
6
6
|
attr_required (>= 0.0.5)
|
7
7
|
httpclient (>= 2.2.0.2)
|
@@ -12,7 +12,7 @@ PATH
|
|
12
12
|
GEM
|
13
13
|
remote: http://rubygems.org/
|
14
14
|
specs:
|
15
|
-
activesupport (3.2.
|
15
|
+
activesupport (3.2.7)
|
16
16
|
i18n (~> 0.6)
|
17
17
|
multi_json (~> 1.0)
|
18
18
|
addressable (2.2.7)
|
@@ -26,13 +26,12 @@ GEM
|
|
26
26
|
crack (0.3.1)
|
27
27
|
diff-lcs (1.1.3)
|
28
28
|
hashie (1.2.0)
|
29
|
-
httpclient (2.2.
|
29
|
+
httpclient (2.2.5)
|
30
30
|
i18n (0.6.0)
|
31
31
|
jruby-openssl (0.7.6.1)
|
32
32
|
bouncy-castle-java (>= 1.5.0146.1)
|
33
|
-
json (1.
|
34
|
-
|
35
|
-
multi_json (1.1.0)
|
33
|
+
json (1.7.4)
|
34
|
+
multi_json (1.3.6)
|
36
35
|
rack (1.4.1)
|
37
36
|
rake (0.9.2.2)
|
38
37
|
rspec (2.8.0)
|
data/README.rdoc
CHANGED
@@ -9,8 +9,8 @@ http://tools.ietf.org/html/draft-ietf-oauth-v2-18
|
|
9
9
|
The OAuth 2.0 Protocol: Bearer Tokens (draft 06)
|
10
10
|
http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-06
|
11
11
|
|
12
|
-
HTTP Authentication: MAC Access Authentication (draft
|
13
|
-
http://www.ietf.org/id/draft-ietf-oauth-v2-http-mac-
|
12
|
+
HTTP Authentication: MAC Access Authentication (draft 01)
|
13
|
+
http://www.ietf.org/id/draft-ietf-oauth-v2-http-mac-01.txt
|
14
14
|
|
15
15
|
== Installation
|
16
16
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.14.
|
1
|
+
0.14.5
|
@@ -3,12 +3,12 @@ module Rack
|
|
3
3
|
class AccessToken
|
4
4
|
class MAC < AccessToken
|
5
5
|
attr_required :mac_key, :mac_algorithm
|
6
|
-
attr_optional :
|
7
|
-
attr_reader :nonce, :
|
6
|
+
attr_optional :ts, :ext_verifier
|
7
|
+
attr_reader :nonce, :signature, :ext
|
8
8
|
|
9
9
|
def initialize(attributes = {})
|
10
10
|
super(attributes)
|
11
|
-
@
|
11
|
+
@ts ||= Time.now.utc
|
12
12
|
end
|
13
13
|
|
14
14
|
def token_response
|
@@ -18,13 +18,16 @@ module Rack
|
|
18
18
|
)
|
19
19
|
end
|
20
20
|
|
21
|
-
def verify!(request)
|
22
|
-
|
23
|
-
|
24
|
-
|
21
|
+
def verify!(request)
|
22
|
+
|
23
|
+
body = request.body.read
|
24
|
+
if self.ext_verifier.present?
|
25
|
+
self.ext_verifier.new(
|
26
|
+
:raw_body => body,
|
25
27
|
:algorithm => self.mac_algorithm
|
26
|
-
).verify!(request.
|
28
|
+
).verify!(request.ext)
|
27
29
|
end
|
30
|
+
|
28
31
|
Signature.new(
|
29
32
|
:secret => self.mac_key,
|
30
33
|
:algorithm => self.mac_algorithm,
|
@@ -33,7 +36,7 @@ module Rack
|
|
33
36
|
:request_uri => request.fullpath,
|
34
37
|
:host => request.host,
|
35
38
|
:port => request.port,
|
36
|
-
:
|
39
|
+
:ts => request.ts,
|
37
40
|
:ext => request.ext
|
38
41
|
).verify!(request.signature)
|
39
42
|
rescue Verifier::VerificationFailed => e
|
@@ -42,12 +45,14 @@ module Rack
|
|
42
45
|
|
43
46
|
def authenticate(request)
|
44
47
|
@nonce = generate_nonce
|
45
|
-
|
46
|
-
|
48
|
+
|
49
|
+
if self.ext_verifier.present?
|
50
|
+
@ext = self.ext_verifier.new(
|
47
51
|
:raw_body => request.body,
|
48
52
|
:algorithm => self.mac_algorithm
|
49
53
|
).calculate
|
50
54
|
end
|
55
|
+
|
51
56
|
@signature = Signature.new(
|
52
57
|
:secret => self.mac_key,
|
53
58
|
:algorithm => self.mac_algorithm,
|
@@ -56,26 +61,27 @@ module Rack
|
|
56
61
|
:request_uri => request.header.create_query_uri,
|
57
62
|
:host => request.header.request_uri.host,
|
58
63
|
:port => request.header.request_uri.port,
|
59
|
-
:
|
60
|
-
:ext =>
|
64
|
+
:ts => self.ts,
|
65
|
+
:ext => @ext
|
61
66
|
).calculate
|
67
|
+
|
62
68
|
request.header['Authorization'] = authorization_header
|
63
69
|
end
|
64
70
|
|
65
71
|
private
|
66
72
|
|
67
73
|
def authorization_header
|
68
|
-
header = "MAC"
|
69
|
-
header << "
|
70
|
-
header << "
|
71
|
-
header << "
|
72
|
-
header << " ext=\"#{ext}\"
|
73
|
-
header
|
74
|
+
header = "MAC id=\"#{access_token}\""
|
75
|
+
header << ", nonce=\"#{nonce}\""
|
76
|
+
header << ", ts=\"#{ts.to_i}\""
|
77
|
+
header << ", mac=\"#{signature}\""
|
78
|
+
header << ", ext=\"#{ext}\"" if @ext.present?
|
79
|
+
header
|
74
80
|
end
|
75
81
|
|
76
82
|
def generate_nonce
|
77
83
|
[
|
78
|
-
(Time.now.utc - @
|
84
|
+
(Time.now.utc - @ts).to_i,
|
79
85
|
SecureRandom.hex
|
80
86
|
].join(':')
|
81
87
|
end
|
@@ -85,5 +91,5 @@ module Rack
|
|
85
91
|
end
|
86
92
|
|
87
93
|
require 'rack/oauth2/access_token/mac/verifier'
|
88
|
-
require 'rack/oauth2/access_token/mac/
|
94
|
+
require 'rack/oauth2/access_token/mac/sha256_hex_verifier'
|
89
95
|
require 'rack/oauth2/access_token/mac/signature'
|
@@ -2,11 +2,13 @@ module Rack
|
|
2
2
|
module OAuth2
|
3
3
|
class AccessToken
|
4
4
|
class MAC
|
5
|
-
class
|
5
|
+
class Sha256HexVerifier < Verifier
|
6
6
|
attr_optional :raw_body
|
7
7
|
|
8
8
|
def calculate
|
9
|
-
|
9
|
+
return nil if raw_body.nil?
|
10
|
+
|
11
|
+
OpenSSL::Digest::SHA256.new.digest(raw_body).unpack('H*').first
|
10
12
|
end
|
11
13
|
end
|
12
14
|
end
|
@@ -3,8 +3,8 @@ module Rack
|
|
3
3
|
class AccessToken
|
4
4
|
class MAC
|
5
5
|
class Signature < Verifier
|
6
|
-
attr_required :secret, :nonce, :method, :request_uri, :host, :port
|
7
|
-
attr_optional :
|
6
|
+
attr_required :secret, :ts, :nonce, :method, :request_uri, :host, :port
|
7
|
+
attr_optional :ext, :query
|
8
8
|
|
9
9
|
def calculate
|
10
10
|
Rack::OAuth2::Util.base64_encode OpenSSL::HMAC.digest(
|
@@ -16,12 +16,12 @@ module Rack
|
|
16
16
|
|
17
17
|
def normalized_request_string
|
18
18
|
[
|
19
|
+
ts.to_i,
|
19
20
|
nonce,
|
20
21
|
method.to_s.upcase,
|
21
22
|
request_uri,
|
22
23
|
host,
|
23
24
|
port,
|
24
|
-
body_hash || '',
|
25
25
|
ext || '',
|
26
26
|
nil
|
27
27
|
].join("\n")
|
@@ -11,13 +11,13 @@ module Rack
|
|
11
11
|
private
|
12
12
|
|
13
13
|
class Request < Resource::Request
|
14
|
-
attr_reader :nonce, :
|
14
|
+
attr_reader :nonce, :ts, :ext, :signature
|
15
15
|
|
16
16
|
def setup!
|
17
17
|
auth_params = Rack::Auth::Digest::Params.parse(@auth_header.params).with_indifferent_access
|
18
18
|
@access_token = auth_params[:id]
|
19
19
|
@nonce = auth_params[:nonce]
|
20
|
-
@
|
20
|
+
@ts = auth_params[:ts]
|
21
21
|
@ext = auth_params[:ext]
|
22
22
|
@signature = auth_params[:mac]
|
23
23
|
self
|
data/lib/rack/oauth2/util.rb
CHANGED
@@ -0,0 +1,18 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier do
|
4
|
+
|
5
|
+
# From the example of webtopay wallet API spec
|
6
|
+
# ref) https://www.webtopay.com/wallet/#authentication
|
7
|
+
context 'when example from webtopay wallet API' do
|
8
|
+
subject do
|
9
|
+
Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier.new(
|
10
|
+
:algorithm => 'hmac-sha-256',
|
11
|
+
:raw_body => 'grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA&redirect_uri=http%3A%2F%2Flocalhost%2Fabc'
|
12
|
+
)
|
13
|
+
end
|
14
|
+
its(:calculate) { should == '21fb73c40b589622d0c78e9cd8900f89d9472aa724d0e5c3eca9ac1cd9d2a6d5' }
|
15
|
+
end
|
16
|
+
|
17
|
+
|
18
|
+
end
|
@@ -1,43 +1,59 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe Rack::OAuth2::AccessToken::MAC::Signature do
|
4
|
+
# From the example of Webtopay wallet API
|
5
|
+
# ref) https://www.webtopay.com/wallet/
|
6
|
+
context 'when ext is not given' do
|
7
|
+
subject do
|
8
|
+
Rack::OAuth2::AccessToken::MAC::Signature.new(
|
9
|
+
:secret => 'IrdTc8uQodU7PRpLzzLTW6wqZAO6tAMU',
|
10
|
+
:algorithm => 'hmac-sha-256',
|
11
|
+
:nonce => 'dj83hs9s',
|
12
|
+
:ts => 1336363200,
|
13
|
+
:method => 'GET',
|
14
|
+
:request_uri => '/wallet/rest/api/v1/payment/123',
|
15
|
+
:host => 'www.webtopay.com',
|
16
|
+
:port => 443
|
17
|
+
)
|
18
|
+
end
|
19
|
+
its(:calculate) { should == 'OZE9fTk2qiRtL1jb01L8lRxC66PTiAGhMDEmboeVeLs=' }
|
20
|
+
end
|
4
21
|
|
5
|
-
# From the example of MAC spec section 1.
|
6
|
-
# ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-
|
7
|
-
context 'when
|
22
|
+
# From the example of MAC spec section 1.1
|
23
|
+
# ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-01.pdf
|
24
|
+
context 'when ext is not given' do
|
8
25
|
subject do
|
9
26
|
Rack::OAuth2::AccessToken::MAC::Signature.new(
|
10
|
-
:secret
|
11
|
-
:algorithm
|
12
|
-
:nonce
|
13
|
-
:
|
14
|
-
:
|
15
|
-
:
|
16
|
-
:
|
17
|
-
:
|
18
|
-
:ext => nil
|
27
|
+
:secret => '489dks293j39',
|
28
|
+
:algorithm => 'hmac-sha-1',
|
29
|
+
:nonce => 'dj83hs9s',
|
30
|
+
:ts => 1336363200,
|
31
|
+
:method => 'GET',
|
32
|
+
:request_uri => '/resource/1?b=1&a=2',
|
33
|
+
:host => 'example.com',
|
34
|
+
:port => 80
|
19
35
|
)
|
20
36
|
end
|
21
|
-
its(:calculate) { should == '
|
37
|
+
its(:calculate) { should == '6T3zZzy2Emppni6bzL7kdRxUWL4=' }
|
22
38
|
end
|
23
39
|
|
24
40
|
# From the example of MAC spec section 3.2
|
25
|
-
# ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-
|
26
|
-
context '
|
41
|
+
# ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-01.pdf
|
42
|
+
context 'otherwise' do
|
27
43
|
subject do
|
28
44
|
Rack::OAuth2::AccessToken::MAC::Signature.new(
|
29
45
|
:secret => '489dks293j39',
|
30
46
|
:algorithm => 'hmac-sha-1',
|
31
|
-
:nonce => '
|
32
|
-
:
|
33
|
-
:
|
47
|
+
:nonce => '7d8f3e4a',
|
48
|
+
:ts => 264095,
|
49
|
+
:method => 'POST',
|
50
|
+
:request_uri => '/request?b5=%3D%253D&a3=a&c%40=&a2=r%20b&c2&a3=2+q',
|
34
51
|
:host => 'example.com',
|
35
52
|
:port => 80,
|
36
|
-
:
|
37
|
-
:ext => nil
|
53
|
+
:ext => 'a,b,c'
|
38
54
|
)
|
39
55
|
end
|
40
|
-
its(:calculate) { should == '
|
56
|
+
its(:calculate) { should == '+txL5oOFHGYjrfdNYH5VEzROaBY=' }
|
41
57
|
end
|
42
58
|
|
43
59
|
end
|
@@ -1,15 +1,24 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
3
|
describe Rack::OAuth2::AccessToken::MAC do
|
4
|
+
let(:ts) { 1305820234 }
|
4
5
|
let :token do
|
5
6
|
Rack::OAuth2::AccessToken::MAC.new(
|
6
7
|
:access_token => 'access_token',
|
7
8
|
:mac_key => 'secret',
|
8
9
|
:mac_algorithm => 'hmac-sha-256',
|
9
|
-
:
|
10
|
+
:ts => ts
|
11
|
+
)
|
12
|
+
end
|
13
|
+
let :token_with_ext_verifier do
|
14
|
+
Rack::OAuth2::AccessToken::MAC.new(
|
15
|
+
:access_token => 'access_token',
|
16
|
+
:mac_key => 'secret',
|
17
|
+
:mac_algorithm => 'hmac-sha-256',
|
18
|
+
:ts => ts,
|
19
|
+
:ext_verifier => Rack::OAuth2::AccessToken::MAC::Sha256HexVerifier
|
10
20
|
)
|
11
21
|
end
|
12
|
-
let(:issued_at) { 1305820455 }
|
13
22
|
let(:nonce) { '1000:51e74de734c05613f37520872e68db5f' }
|
14
23
|
let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
|
15
24
|
subject { token }
|
@@ -32,17 +41,18 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
32
41
|
describe 'verify!' do
|
33
42
|
let(:request) { Rack::OAuth2::Server::Resource::MAC::Request.new(env) }
|
34
43
|
|
35
|
-
context 'when no
|
44
|
+
context 'when no ext_verifier is given' do
|
36
45
|
let(:env) do
|
37
46
|
Rack::MockRequest.env_for(
|
38
47
|
'/protected_resources',
|
39
|
-
'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}", mac="#{signature}"}
|
48
|
+
'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}", ts="#{ts}" mac="#{signature}"}
|
40
49
|
)
|
41
50
|
end
|
42
51
|
|
43
52
|
context 'when signature is valid' do
|
44
|
-
let(:signature) { '
|
53
|
+
let(:signature) { 'BgooS/voPOZWLwoVfx4+zbC3xAVKW3jtjhKYOfIGZOA=' }
|
45
54
|
it do
|
55
|
+
|
46
56
|
token.verify!(request.setup!).should == :verified
|
47
57
|
end
|
48
58
|
end
|
@@ -58,7 +68,7 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
58
68
|
end
|
59
69
|
end
|
60
70
|
|
61
|
-
context 'when
|
71
|
+
context 'when ext_verifier is given' do
|
62
72
|
let(:env) do
|
63
73
|
Rack::MockRequest.env_for(
|
64
74
|
'/protected_resources',
|
@@ -66,29 +76,30 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
66
76
|
:params => {
|
67
77
|
:key1 => 'value1'
|
68
78
|
},
|
69
|
-
'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}",
|
79
|
+
'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}", ts="#{ts}", mac="#{signature}", ext="#{ext}"}
|
70
80
|
)
|
71
81
|
end
|
72
82
|
let(:signature) { 'invalid' }
|
73
83
|
|
74
|
-
context 'when
|
75
|
-
let(:
|
84
|
+
context 'when ext is invalid' do
|
85
|
+
let(:ext) { 'invalid' }
|
76
86
|
it do
|
77
|
-
expect {
|
87
|
+
expect { token_with_ext_verifier.verify!(request.setup!) }.should raise_error(
|
78
88
|
Rack::OAuth2::Server::Resource::MAC::Unauthorized,
|
79
|
-
'invalid_token ::
|
89
|
+
'invalid_token :: Sha256HexVerifier Invalid'
|
80
90
|
)
|
81
91
|
end
|
82
92
|
end
|
83
93
|
|
84
|
-
context 'when
|
85
|
-
let(:
|
94
|
+
context 'when ext is valid' do
|
95
|
+
let(:ext) { '4cfcd46c59f54b5ea6a5f9b05c28b52fef2864747194b5fdfc3d59c0057bf35a' }
|
86
96
|
|
87
97
|
context 'when signature is valid' do
|
88
|
-
let(:signature) { '
|
98
|
+
let(:signature) { 'dZYR54n+Lym5qCRRmDqmRZ71rG+bkjSWmqrOv8OjYHk=' }
|
89
99
|
it do
|
90
100
|
Time.fix(Time.at(1302361200)) do
|
91
|
-
|
101
|
+
|
102
|
+
token_with_ext_verifier.verify!(request.setup!).should == :verified
|
92
103
|
end
|
93
104
|
end
|
94
105
|
end
|
@@ -107,13 +118,25 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
107
118
|
|
108
119
|
describe '.authenticate' do
|
109
120
|
let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {:hello => "world"}, {}) }
|
110
|
-
|
111
|
-
|
121
|
+
context 'when no ext_verifier is given' do
|
122
|
+
let(:signature) { 'pOBaL6HRawe4tUPmcU4vJEj1f2GJqrbQOlCcdAYgI/s=' }
|
112
123
|
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
124
|
+
it 'should set Authorization header' do
|
125
|
+
token.should_receive(:generate_nonce).and_return(nonce)
|
126
|
+
request.header.should_receive(:[]=).with('Authorization', "MAC id=\"access_token\", nonce=\"#{nonce}\", ts=\"#{ts.to_i}\", mac=\"#{signature}\"")
|
127
|
+
token.authenticate(request)
|
128
|
+
end
|
117
129
|
end
|
130
|
+
|
131
|
+
context 'when ext_verifier is given' do
|
132
|
+
let(:signature) { 'vgU0fj6rSpwUCAoCOrXlu8pZBR8a5Q5xIVlB4MCvJeM=' }
|
133
|
+
let(:ext) { '3d011e09502a84552a0f8ae112d024cc2c115597e3a577d5f49007902c221dc5' }
|
134
|
+
it 'should set Authorization header with ext_verifier' do
|
135
|
+
token_with_ext_verifier.should_receive(:generate_nonce).and_return(nonce)
|
136
|
+
request.header.should_receive(:[]=).with('Authorization', "MAC id=\"access_token\", nonce=\"#{nonce}\", ts=\"#{ts.to_i}\", mac=\"#{signature}\", ext=\"#{ext}\"")
|
137
|
+
token_with_ext_verifier.authenticate(request)
|
138
|
+
end
|
139
|
+
end
|
140
|
+
|
118
141
|
end
|
119
142
|
end
|
@@ -72,12 +72,12 @@ describe Rack::OAuth2::Server::Resource::MAC do
|
|
72
72
|
end
|
73
73
|
|
74
74
|
context 'when other required params are invalid' do
|
75
|
-
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", mac="invalid""') }
|
75
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", ts="1305820234", mac="invalid""') }
|
76
76
|
it_behaves_like :unauthorized_mac_request
|
77
77
|
end
|
78
78
|
|
79
79
|
context 'when all required params are valid' do
|
80
|
-
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", mac="
|
80
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC id="valid_token", nonce="51e74de734c05613f37520872e68db5f", ts="1305820234", mac="26JP6MMZyAHLHeMU8+m+NbVJgZbikp5SlT86/a62pwg="') }
|
81
81
|
it_behaves_like :authenticated_mac_request
|
82
82
|
end
|
83
83
|
end
|
metadata
CHANGED
@@ -1,165 +1,185 @@
|
|
1
|
-
--- !ruby/object:Gem::Specification
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-oauth2
|
3
|
-
version: !ruby/object:Gem::Version
|
4
|
-
|
5
|
-
|
6
|
-
- 0
|
7
|
-
- 14
|
8
|
-
- 4
|
9
|
-
version: 0.14.4
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.14.5
|
5
|
+
prerelease:
|
10
6
|
platform: ruby
|
11
|
-
authors:
|
7
|
+
authors:
|
12
8
|
- nov matake
|
13
9
|
autorequire:
|
14
10
|
bindir: bin
|
15
11
|
cert_chain: []
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
dependencies:
|
20
|
-
- !ruby/object:Gem::Dependency
|
12
|
+
date: 2012-08-06 00:00:00.000000000 Z
|
13
|
+
dependencies:
|
14
|
+
- !ruby/object:Gem::Dependency
|
21
15
|
name: rack
|
22
|
-
|
23
|
-
|
24
|
-
requirements:
|
25
|
-
- -
|
26
|
-
- !ruby/object:Gem::Version
|
27
|
-
|
28
|
-
- 1
|
29
|
-
- 1
|
30
|
-
version: "1.1"
|
16
|
+
requirement: !ruby/object:Gem::Requirement
|
17
|
+
none: false
|
18
|
+
requirements:
|
19
|
+
- - ! '>='
|
20
|
+
- !ruby/object:Gem::Version
|
21
|
+
version: '1.1'
|
31
22
|
type: :runtime
|
32
|
-
version_requirements: *id001
|
33
|
-
- !ruby/object:Gem::Dependency
|
34
|
-
name: json
|
35
23
|
prerelease: false
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
24
|
+
version_requirements: !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ! '>='
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '1.1'
|
30
|
+
- !ruby/object:Gem::Dependency
|
31
|
+
name: json
|
32
|
+
requirement: !ruby/object:Gem::Requirement
|
33
|
+
none: false
|
34
|
+
requirements:
|
35
|
+
- - ! '>='
|
36
|
+
- !ruby/object:Gem::Version
|
44
37
|
version: 1.4.3
|
45
38
|
type: :runtime
|
46
|
-
version_requirements: *id002
|
47
|
-
- !ruby/object:Gem::Dependency
|
48
|
-
name: httpclient
|
49
39
|
prerelease: false
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
40
|
+
version_requirements: !ruby/object:Gem::Requirement
|
41
|
+
none: false
|
42
|
+
requirements:
|
43
|
+
- - ! '>='
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
version: 1.4.3
|
46
|
+
- !ruby/object:Gem::Dependency
|
47
|
+
name: httpclient
|
48
|
+
requirement: !ruby/object:Gem::Requirement
|
49
|
+
none: false
|
50
|
+
requirements:
|
51
|
+
- - ! '>='
|
52
|
+
- !ruby/object:Gem::Version
|
59
53
|
version: 2.2.0.2
|
60
54
|
type: :runtime
|
61
|
-
version_requirements: *id003
|
62
|
-
- !ruby/object:Gem::Dependency
|
63
|
-
name: activesupport
|
64
55
|
prerelease: false
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
56
|
+
version_requirements: !ruby/object:Gem::Requirement
|
57
|
+
none: false
|
58
|
+
requirements:
|
59
|
+
- - ! '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: 2.2.0.2
|
62
|
+
- !ruby/object:Gem::Dependency
|
63
|
+
name: activesupport
|
64
|
+
requirement: !ruby/object:Gem::Requirement
|
65
|
+
none: false
|
66
|
+
requirements:
|
67
|
+
- - ! '>='
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '2.3'
|
73
70
|
type: :runtime
|
74
|
-
version_requirements: *id004
|
75
|
-
- !ruby/object:Gem::Dependency
|
76
|
-
name: i18n
|
77
71
|
prerelease: false
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
72
|
+
version_requirements: !ruby/object:Gem::Requirement
|
73
|
+
none: false
|
74
|
+
requirements:
|
75
|
+
- - ! '>='
|
76
|
+
- !ruby/object:Gem::Version
|
77
|
+
version: '2.3'
|
78
|
+
- !ruby/object:Gem::Dependency
|
79
|
+
name: i18n
|
80
|
+
requirement: !ruby/object:Gem::Requirement
|
81
|
+
none: false
|
82
|
+
requirements:
|
83
|
+
- - ! '>='
|
84
|
+
- !ruby/object:Gem::Version
|
85
|
+
version: '0'
|
85
86
|
type: :runtime
|
86
|
-
version_requirements: *id005
|
87
|
-
- !ruby/object:Gem::Dependency
|
88
|
-
name: attr_required
|
89
87
|
prerelease: false
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
88
|
+
version_requirements: !ruby/object:Gem::Requirement
|
89
|
+
none: false
|
90
|
+
requirements:
|
91
|
+
- - ! '>='
|
92
|
+
- !ruby/object:Gem::Version
|
93
|
+
version: '0'
|
94
|
+
- !ruby/object:Gem::Dependency
|
95
|
+
name: attr_required
|
96
|
+
requirement: !ruby/object:Gem::Requirement
|
97
|
+
none: false
|
98
|
+
requirements:
|
99
|
+
- - ! '>='
|
100
|
+
- !ruby/object:Gem::Version
|
98
101
|
version: 0.0.5
|
99
102
|
type: :runtime
|
100
|
-
version_requirements: *id006
|
101
|
-
- !ruby/object:Gem::Dependency
|
102
|
-
name: rake
|
103
103
|
prerelease: false
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
104
|
+
version_requirements: !ruby/object:Gem::Requirement
|
105
|
+
none: false
|
106
|
+
requirements:
|
107
|
+
- - ! '>='
|
108
|
+
- !ruby/object:Gem::Version
|
109
|
+
version: 0.0.5
|
110
|
+
- !ruby/object:Gem::Dependency
|
111
|
+
name: rake
|
112
|
+
requirement: !ruby/object:Gem::Requirement
|
113
|
+
none: false
|
114
|
+
requirements:
|
115
|
+
- - ! '>='
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: '0.8'
|
112
118
|
type: :development
|
113
|
-
version_requirements: *id007
|
114
|
-
- !ruby/object:Gem::Dependency
|
115
|
-
name: rcov
|
116
119
|
prerelease: false
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
none: false
|
122
|
+
requirements:
|
123
|
+
- - ! '>='
|
124
|
+
- !ruby/object:Gem::Version
|
125
|
+
version: '0.8'
|
126
|
+
- !ruby/object:Gem::Dependency
|
127
|
+
name: cover_me
|
128
|
+
requirement: !ruby/object:Gem::Requirement
|
129
|
+
none: false
|
130
|
+
requirements:
|
131
|
+
- - ! '>='
|
132
|
+
- !ruby/object:Gem::Version
|
133
|
+
version: 1.2.0
|
125
134
|
type: :development
|
126
|
-
version_requirements: *id008
|
127
|
-
- !ruby/object:Gem::Dependency
|
128
|
-
name: rspec
|
129
135
|
prerelease: false
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
136
|
+
version_requirements: !ruby/object:Gem::Requirement
|
137
|
+
none: false
|
138
|
+
requirements:
|
139
|
+
- - ! '>='
|
140
|
+
- !ruby/object:Gem::Version
|
141
|
+
version: 1.2.0
|
142
|
+
- !ruby/object:Gem::Dependency
|
143
|
+
name: rspec
|
144
|
+
requirement: !ruby/object:Gem::Requirement
|
145
|
+
none: false
|
146
|
+
requirements:
|
147
|
+
- - ! '>='
|
148
|
+
- !ruby/object:Gem::Version
|
149
|
+
version: '2'
|
137
150
|
type: :development
|
138
|
-
version_requirements: *id009
|
139
|
-
- !ruby/object:Gem::Dependency
|
140
|
-
name: webmock
|
141
151
|
prerelease: false
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
|
152
|
+
version_requirements: !ruby/object:Gem::Requirement
|
153
|
+
none: false
|
154
|
+
requirements:
|
155
|
+
- - ! '>='
|
156
|
+
- !ruby/object:Gem::Version
|
157
|
+
version: '2'
|
158
|
+
- !ruby/object:Gem::Dependency
|
159
|
+
name: webmock
|
160
|
+
requirement: !ruby/object:Gem::Requirement
|
161
|
+
none: false
|
162
|
+
requirements:
|
163
|
+
- - ! '>='
|
164
|
+
- !ruby/object:Gem::Version
|
150
165
|
version: 1.6.2
|
151
166
|
type: :development
|
152
|
-
|
153
|
-
|
167
|
+
prerelease: false
|
168
|
+
version_requirements: !ruby/object:Gem::Requirement
|
169
|
+
none: false
|
170
|
+
requirements:
|
171
|
+
- - ! '>='
|
172
|
+
- !ruby/object:Gem::Version
|
173
|
+
version: 1.6.2
|
174
|
+
description: OAuth 2.0 Server & Client Library. Both Bearer and MAC token type are
|
175
|
+
supported.
|
154
176
|
email: nov@matake.jp
|
155
177
|
executables: []
|
156
|
-
|
157
178
|
extensions: []
|
158
|
-
|
159
|
-
extra_rdoc_files:
|
179
|
+
extra_rdoc_files:
|
160
180
|
- LICENSE
|
161
181
|
- README.rdoc
|
162
|
-
files:
|
182
|
+
files:
|
163
183
|
- .document
|
164
184
|
- .gitignore
|
165
185
|
- .rspec
|
@@ -176,7 +196,7 @@ files:
|
|
176
196
|
- lib/rack/oauth2/access_token/bearer.rb
|
177
197
|
- lib/rack/oauth2/access_token/legacy.rb
|
178
198
|
- lib/rack/oauth2/access_token/mac.rb
|
179
|
-
- lib/rack/oauth2/access_token/mac/
|
199
|
+
- lib/rack/oauth2/access_token/mac/sha256_hex_verifier.rb
|
180
200
|
- lib/rack/oauth2/access_token/mac/signature.rb
|
181
201
|
- lib/rack/oauth2/access_token/mac/verifier.rb
|
182
202
|
- lib/rack/oauth2/client.rb
|
@@ -230,7 +250,7 @@ files:
|
|
230
250
|
- spec/rack/oauth2/access_token/authenticator_spec.rb
|
231
251
|
- spec/rack/oauth2/access_token/bearer_spec.rb
|
232
252
|
- spec/rack/oauth2/access_token/legacy_spec.rb
|
233
|
-
- spec/rack/oauth2/access_token/mac/
|
253
|
+
- spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb
|
234
254
|
- spec/rack/oauth2/access_token/mac/signature_spec.rb
|
235
255
|
- spec/rack/oauth2/access_token/mac/verifier_spec.rb
|
236
256
|
- spec/rack/oauth2/access_token/mac_spec.rb
|
@@ -263,39 +283,32 @@ files:
|
|
263
283
|
- spec/rack/oauth2/server/token_spec.rb
|
264
284
|
- spec/rack/oauth2/util_spec.rb
|
265
285
|
- spec/spec_helper.rb
|
266
|
-
has_rdoc: true
|
267
286
|
homepage: http://github.com/nov/rack-oauth2
|
268
287
|
licenses: []
|
269
|
-
|
270
288
|
post_install_message:
|
271
|
-
rdoc_options:
|
289
|
+
rdoc_options:
|
272
290
|
- --charset=UTF-8
|
273
|
-
require_paths:
|
291
|
+
require_paths:
|
274
292
|
- lib
|
275
|
-
required_ruby_version: !ruby/object:Gem::Requirement
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
|
283
|
-
requirements:
|
284
|
-
- -
|
285
|
-
- !ruby/object:Gem::Version
|
286
|
-
segments:
|
287
|
-
- 1
|
288
|
-
- 3
|
289
|
-
- 6
|
293
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
294
|
+
none: false
|
295
|
+
requirements:
|
296
|
+
- - ! '>='
|
297
|
+
- !ruby/object:Gem::Version
|
298
|
+
version: '0'
|
299
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
300
|
+
none: false
|
301
|
+
requirements:
|
302
|
+
- - ! '>='
|
303
|
+
- !ruby/object:Gem::Version
|
290
304
|
version: 1.3.6
|
291
305
|
requirements: []
|
292
|
-
|
293
306
|
rubyforge_project:
|
294
|
-
rubygems_version: 1.
|
307
|
+
rubygems_version: 1.8.24
|
295
308
|
signing_key:
|
296
309
|
specification_version: 3
|
297
310
|
summary: OAuth 2.0 Server & Client Library - Both Bearer and MAC token type are supported
|
298
|
-
test_files:
|
311
|
+
test_files:
|
299
312
|
- spec/helpers/time.rb
|
300
313
|
- spec/helpers/webmock_helper.rb
|
301
314
|
- spec/mock_response/errors/invalid_request.json
|
@@ -310,7 +323,7 @@ test_files:
|
|
310
323
|
- spec/rack/oauth2/access_token/authenticator_spec.rb
|
311
324
|
- spec/rack/oauth2/access_token/bearer_spec.rb
|
312
325
|
- spec/rack/oauth2/access_token/legacy_spec.rb
|
313
|
-
- spec/rack/oauth2/access_token/mac/
|
326
|
+
- spec/rack/oauth2/access_token/mac/sha256_hex_verifier_spec.rb
|
314
327
|
- spec/rack/oauth2/access_token/mac/signature_spec.rb
|
315
328
|
- spec/rack/oauth2/access_token/mac/verifier_spec.rb
|
316
329
|
- spec/rack/oauth2/access_token/mac_spec.rb
|
@@ -1,13 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
describe Rack::OAuth2::AccessToken::MAC::BodyHash do
|
4
|
-
# From the example of MAC spec section 3.2
|
5
|
-
# ref) http://tools.ietf.org/pdf/draft-ietf-oauth-v2-http-mac-00.pdf
|
6
|
-
subject do
|
7
|
-
Rack::OAuth2::AccessToken::MAC::BodyHash.new(
|
8
|
-
:algorithm => 'hmac-sha-1',
|
9
|
-
:raw_body => 'hello=world%21'
|
10
|
-
)
|
11
|
-
end
|
12
|
-
its(:calculate) { should == 'k9kbtCIy0CkI3/FEfpS/oIDjk6k=' }
|
13
|
-
end
|