rack-oauth2 0.6.4 → 0.6.5
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/lib/rack/oauth2/access_token/bearer.rb +0 -17
- data/lib/rack/oauth2/access_token/legacy.rb +17 -0
- data/lib/rack/oauth2/access_token.rb +18 -1
- data/lib/rack/oauth2/client.rb +4 -2
- data/spec/fake_response/tokens/legacy_without_expires_in.txt +1 -0
- data/spec/fake_response/tokens/unknown.json +6 -0
- data/spec/rack/oauth2/access_token/legacy_spec.rb +43 -0
- data/spec/rack/oauth2/client_spec.rb +34 -15
- metadata +10 -3
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.6.
|
|
1
|
+
0.6.5
|
|
@@ -2,24 +2,7 @@ module Rack
|
|
|
2
2
|
module OAuth2
|
|
3
3
|
class AccessToken
|
|
4
4
|
class Bearer < AccessToken
|
|
5
|
-
def get(url, headers = {}, &block)
|
|
6
|
-
RestClient.get url, authenticate(headers), &block
|
|
7
|
-
end
|
|
8
|
-
|
|
9
|
-
def post(url, payload, headers = {}, &block)
|
|
10
|
-
RestClient.post url, payload, authenticate(headers), &block
|
|
11
|
-
end
|
|
12
|
-
|
|
13
|
-
def put(url, payload, headers = {}, &block)
|
|
14
|
-
RestClient.put url, payload, authenticate(headers), &block
|
|
15
|
-
end
|
|
16
|
-
|
|
17
|
-
def delete(url, headers = {}, &block)
|
|
18
|
-
RestClient.delete url, authenticate(headers), &block
|
|
19
|
-
end
|
|
20
|
-
|
|
21
5
|
private
|
|
22
|
-
|
|
23
6
|
def authenticate(headers)
|
|
24
7
|
headers.merge(:AUTHORIZATION => "Bearer #{access_token}")
|
|
25
8
|
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
module Rack
|
|
2
|
+
module OAuth2
|
|
3
|
+
class AccessToken
|
|
4
|
+
class Legacy < AccessToken
|
|
5
|
+
def initialize(attributes = {})
|
|
6
|
+
super
|
|
7
|
+
self.expires_in = self.expires_in.try(:to_i)
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
private
|
|
11
|
+
def authenticate(headers)
|
|
12
|
+
headers.merge(:AUTHORIZATION => "OAuth2 #{access_token}")
|
|
13
|
+
end
|
|
14
|
+
end
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -22,9 +22,26 @@ module Rack
|
|
|
22
22
|
:scope => Array(scope).join(' ')
|
|
23
23
|
}
|
|
24
24
|
end
|
|
25
|
+
|
|
26
|
+
def get(url, headers = {}, &block)
|
|
27
|
+
RestClient.get url, authenticate(headers), &block
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def post(url, payload, headers = {}, &block)
|
|
31
|
+
RestClient.post url, payload, authenticate(headers), &block
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def put(url, payload, headers = {}, &block)
|
|
35
|
+
RestClient.put url, payload, authenticate(headers), &block
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def delete(url, headers = {}, &block)
|
|
39
|
+
RestClient.delete url, authenticate(headers), &block
|
|
40
|
+
end
|
|
25
41
|
end
|
|
26
42
|
end
|
|
27
43
|
end
|
|
28
44
|
|
|
29
45
|
require 'rack/oauth2/access_token/bearer'
|
|
30
|
-
require 'rack/oauth2/access_token/mac'
|
|
46
|
+
require 'rack/oauth2/access_token/mac'
|
|
47
|
+
require 'rack/oauth2/access_token/legacy'
|
data/lib/rack/oauth2/client.rb
CHANGED
|
@@ -73,12 +73,14 @@ module Rack
|
|
|
73
73
|
AccessToken::Bearer.new(token_hash)
|
|
74
74
|
when 'mac'
|
|
75
75
|
AccessToken::MAC.new(token_hash)
|
|
76
|
+
when nil
|
|
77
|
+
AccessToken::Legacy.new(token_hash)
|
|
76
78
|
else
|
|
77
|
-
|
|
79
|
+
raise 'Unknown Token Type'
|
|
78
80
|
end
|
|
79
81
|
rescue JSON::ParserError
|
|
80
82
|
# NOTE: Facebook support (They don't use JSON as token response)
|
|
81
|
-
Rack::Utils.parse_nested_query(response.body).with_indifferent_access
|
|
83
|
+
AccessToken::Legacy.new Rack::Utils.parse_nested_query(response.body).with_indifferent_access
|
|
82
84
|
rescue RestClient::Exception => e
|
|
83
85
|
error = JSON.parse(e.http_body).with_indifferent_access
|
|
84
86
|
raise Error.new(e.http_code, error)
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
access_token=access_token
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe Rack::OAuth2::AccessToken::Legacy do
|
|
4
|
+
let :token do
|
|
5
|
+
Rack::OAuth2::AccessToken::Legacy.new(
|
|
6
|
+
:access_token => 'access_token'
|
|
7
|
+
)
|
|
8
|
+
end
|
|
9
|
+
let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
|
|
10
|
+
|
|
11
|
+
[:get, :delete].each do |method|
|
|
12
|
+
before do
|
|
13
|
+
fake_response(method, resource_endpoint, 'resources/fake.txt')
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
describe method.to_s.upcase do
|
|
17
|
+
it 'should have OAuth2 Authorization header' do
|
|
18
|
+
RestClient.should_receive(method).with(
|
|
19
|
+
resource_endpoint,
|
|
20
|
+
:AUTHORIZATION => 'OAuth2 access_token'
|
|
21
|
+
)
|
|
22
|
+
token.send method, resource_endpoint
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
[:post, :put].each do |method|
|
|
28
|
+
before do
|
|
29
|
+
fake_response(method, resource_endpoint, 'resources/fake.txt')
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
describe method.to_s.upcase do
|
|
33
|
+
it 'should have OAuth2 Authorization header' do
|
|
34
|
+
RestClient.should_receive(method).with(
|
|
35
|
+
resource_endpoint,
|
|
36
|
+
{:key => :value},
|
|
37
|
+
{:AUTHORIZATION => 'OAuth2 access_token'}
|
|
38
|
+
)
|
|
39
|
+
token.send method, resource_endpoint, {:key => :value}
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
end
|
|
@@ -106,7 +106,7 @@ describe Rack::OAuth2::Client do
|
|
|
106
106
|
its(:expires_in) { should == 3600 }
|
|
107
107
|
end
|
|
108
108
|
|
|
109
|
-
context 'when
|
|
109
|
+
context 'when no-type token is given (JSON)' do
|
|
110
110
|
before do
|
|
111
111
|
client.authorization_code = 'code'
|
|
112
112
|
fake_response(
|
|
@@ -115,17 +115,14 @@ describe Rack::OAuth2::Client do
|
|
|
115
115
|
'tokens/legacy.json'
|
|
116
116
|
)
|
|
117
117
|
end
|
|
118
|
-
it { should be_instance_of
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
'expires_in' => 3600
|
|
124
|
-
}
|
|
125
|
-
end
|
|
118
|
+
it { should be_instance_of Rack::OAuth2::AccessToken::Legacy }
|
|
119
|
+
its(:token_type) { should == :legacy }
|
|
120
|
+
its(:access_token) { should == 'access_token' }
|
|
121
|
+
its(:refresh_token) { should == 'refresh_token' }
|
|
122
|
+
its(:expires_in) { should == 3600 }
|
|
126
123
|
end
|
|
127
124
|
|
|
128
|
-
context 'when
|
|
125
|
+
context 'when no-type token is given (key-value)' do
|
|
129
126
|
before do
|
|
130
127
|
fake_response(
|
|
131
128
|
:post,
|
|
@@ -133,12 +130,34 @@ describe Rack::OAuth2::Client do
|
|
|
133
130
|
'tokens/legacy.txt'
|
|
134
131
|
)
|
|
135
132
|
end
|
|
136
|
-
it { should be_instance_of
|
|
133
|
+
it { should be_instance_of Rack::OAuth2::AccessToken::Legacy }
|
|
134
|
+
its(:token_type) { should == :legacy }
|
|
135
|
+
its(:access_token) { should == 'access_token' }
|
|
136
|
+
its(:expires_in) { should == 3600 }
|
|
137
|
+
|
|
138
|
+
context 'when expires_in is not given' do
|
|
139
|
+
before do
|
|
140
|
+
fake_response(
|
|
141
|
+
:post,
|
|
142
|
+
'https://server.example.com/oauth2/token',
|
|
143
|
+
'tokens/legacy_without_expires_in.txt'
|
|
144
|
+
)
|
|
145
|
+
end
|
|
146
|
+
its(:expires_in) { should be_nil }
|
|
147
|
+
end
|
|
148
|
+
end
|
|
149
|
+
|
|
150
|
+
context 'when unknown-type token is given' do
|
|
151
|
+
before do
|
|
152
|
+
client.authorization_code = 'code'
|
|
153
|
+
fake_response(
|
|
154
|
+
:post,
|
|
155
|
+
'https://server.example.com/oauth2/token',
|
|
156
|
+
'tokens/unknown.json'
|
|
157
|
+
)
|
|
158
|
+
end
|
|
137
159
|
it do
|
|
138
|
-
client.access_token
|
|
139
|
-
'access_token' => 'access_token',
|
|
140
|
-
'expires_in' => '3600' # NOTE: String not Integer
|
|
141
|
-
}
|
|
160
|
+
expect { client.access_token! }.should raise_error(StandardError, 'Unknown Token Type')
|
|
142
161
|
end
|
|
143
162
|
end
|
|
144
163
|
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-oauth2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 13
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 6
|
|
9
|
-
-
|
|
10
|
-
version: 0.6.
|
|
9
|
+
- 5
|
|
10
|
+
version: 0.6.5
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- nov matake
|
|
@@ -188,6 +188,7 @@ files:
|
|
|
188
188
|
- lib/rack/oauth2.rb
|
|
189
189
|
- lib/rack/oauth2/access_token.rb
|
|
190
190
|
- lib/rack/oauth2/access_token/bearer.rb
|
|
191
|
+
- lib/rack/oauth2/access_token/legacy.rb
|
|
191
192
|
- lib/rack/oauth2/access_token/mac.rb
|
|
192
193
|
- lib/rack/oauth2/access_token/mac/body_hash.rb
|
|
193
194
|
- lib/rack/oauth2/access_token/mac/signature.rb
|
|
@@ -228,9 +229,12 @@ files:
|
|
|
228
229
|
- spec/fake_response/tokens/bearer.json
|
|
229
230
|
- spec/fake_response/tokens/legacy.json
|
|
230
231
|
- spec/fake_response/tokens/legacy.txt
|
|
232
|
+
- spec/fake_response/tokens/legacy_without_expires_in.txt
|
|
231
233
|
- spec/fake_response/tokens/mac.json
|
|
234
|
+
- spec/fake_response/tokens/unknown.json
|
|
232
235
|
- spec/helpers/time.rb
|
|
233
236
|
- spec/rack/oauth2/access_token/bearer_spec.rb
|
|
237
|
+
- spec/rack/oauth2/access_token/legacy_spec.rb
|
|
234
238
|
- spec/rack/oauth2/access_token/mac/verifier_spec.rb
|
|
235
239
|
- spec/rack/oauth2/access_token/mac_spec.rb
|
|
236
240
|
- spec/rack/oauth2/access_token_spec.rb
|
|
@@ -297,9 +301,12 @@ test_files:
|
|
|
297
301
|
- spec/fake_response/tokens/bearer.json
|
|
298
302
|
- spec/fake_response/tokens/legacy.json
|
|
299
303
|
- spec/fake_response/tokens/legacy.txt
|
|
304
|
+
- spec/fake_response/tokens/legacy_without_expires_in.txt
|
|
300
305
|
- spec/fake_response/tokens/mac.json
|
|
306
|
+
- spec/fake_response/tokens/unknown.json
|
|
301
307
|
- spec/helpers/time.rb
|
|
302
308
|
- spec/rack/oauth2/access_token/bearer_spec.rb
|
|
309
|
+
- spec/rack/oauth2/access_token/legacy_spec.rb
|
|
303
310
|
- spec/rack/oauth2/access_token/mac/verifier_spec.rb
|
|
304
311
|
- spec/rack/oauth2/access_token/mac_spec.rb
|
|
305
312
|
- spec/rack/oauth2/access_token_spec.rb
|