rack-oauth2 0.6.6 → 0.6.7

Sign up to get free protection for your applications and to get access to all the features.
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.6.6
1
+ 0.6.7
@@ -6,7 +6,6 @@ module Rack
6
6
  include AttrRequired, AttrOptional
7
7
  attr_required :algorithm
8
8
 
9
- # TODO: rescue this in proper location later
10
9
  class VerificationFailed < StandardError; end
11
10
 
12
11
  def initialize(attributes = {})
@@ -14,6 +13,8 @@ module Rack
14
13
  self.send :"#{key}=", attributes[key]
15
14
  end
16
15
  attr_missing!
16
+ rescue AttrRequired::AttrMissing => e
17
+ raise VerificationFailed.new("#{self.class.to_s.split('::').last} Invalid: #{e.message}")
17
18
  end
18
19
 
19
20
  def verify!(expected)
@@ -34,6 +34,8 @@ module Rack
34
34
  :query => request.GET
35
35
  )
36
36
  _signature_.verify!(request.signature)
37
+ rescue Verifier::VerificationFailed => e
38
+ request.invalid_token! e.message
37
39
  end
38
40
 
39
41
  def get(url, headers = {}, &block)
@@ -11,6 +11,7 @@ module Rack
11
11
  @description = description
12
12
  @uri = options[:uri]
13
13
  @realm = options[:realm]
14
+ super [error, description].compact.join(' :: ')
14
15
  end
15
16
 
16
17
  def protocol_params
@@ -12,7 +12,7 @@ module Rack
12
12
 
13
13
  class Request < Resource::Request
14
14
  def setup!
15
- tokens = [access_token_in_haeder, access_token_in_payload].compact
15
+ tokens = [access_token_in_header, access_token_in_payload].compact
16
16
  @access_token = case Array(tokens).size
17
17
  when 1
18
18
  tokens.first
@@ -23,10 +23,10 @@ module Rack
23
23
  end
24
24
 
25
25
  def oauth2?
26
- (access_token_in_haeder || access_token_in_payload).present?
26
+ (access_token_in_header || access_token_in_payload).present?
27
27
  end
28
28
 
29
- def access_token_in_haeder
29
+ def access_token_in_header
30
30
  if @auth_header.provided? && @auth_header.scheme == :bearer
31
31
  @auth_header.params
32
32
  else
@@ -107,8 +107,8 @@ describe Rack::OAuth2::AccessToken::MAC do
107
107
  let(:signature) { 'invalid' }
108
108
  it do
109
109
  expect { token.verify!(request.setup!) }.should raise_error(
110
- Rack::OAuth2::AccessToken::MAC::Verifier::VerificationFailed,
111
- 'Signature Invalid'
110
+ Rack::OAuth2::Server::Resource::MAC::Unauthorized,
111
+ 'invalid_token :: Signature Invalid'
112
112
  )
113
113
  end
114
114
  end
@@ -131,8 +131,8 @@ describe Rack::OAuth2::AccessToken::MAC do
131
131
  let(:body_hash) { 'invalid' }
132
132
  it do
133
133
  expect { token.verify!(request.setup!) }.should raise_error(
134
- Rack::OAuth2::AccessToken::MAC::Verifier::VerificationFailed,
135
- 'BodyHash Invalid'
134
+ Rack::OAuth2::Server::Resource::MAC::Unauthorized,
135
+ 'invalid_token :: BodyHash Invalid'
136
136
  )
137
137
  end
138
138
  end
@@ -152,8 +152,8 @@ describe Rack::OAuth2::AccessToken::MAC do
152
152
  context 'otherwise' do
153
153
  it do
154
154
  expect { token.verify!(request.setup!) }.should raise_error(
155
- Rack::OAuth2::AccessToken::MAC::Verifier::VerificationFailed,
156
- 'Signature Invalid'
155
+ Rack::OAuth2::Server::Resource::MAC::Unauthorized,
156
+ 'invalid_token :: Signature Invalid'
157
157
  )
158
158
  end
159
159
  end
@@ -5,7 +5,11 @@ describe Rack::OAuth2::Server::Resource::MAC do
5
5
  Rack::OAuth2::Server::Resource::MAC.new(simple_app) do |request|
6
6
  case request.access_token
7
7
  when 'valid_token'
8
- # nothing to do
8
+ Rack::OAuth2::AccessToken::MAC.new(
9
+ :access_token => 'valid_token',
10
+ :secret => 'secret',
11
+ :algorithm => 'hmac-sha-256'
12
+ ).verify!(request)
9
13
  when 'insufficient_scope_token'
10
14
  request.insufficient_scope!
11
15
  else
@@ -57,8 +61,20 @@ describe Rack::OAuth2::Server::Resource::MAC do
57
61
  end
58
62
 
59
63
  context 'when valid_token is given' do
60
- let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="valid_token"') }
61
- it_behaves_like :authenticated_mac_request
64
+ context 'when other required params are missing' do
65
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="valid_token"') }
66
+ it_behaves_like :unauthorized_mac_request
67
+ end
68
+
69
+ context 'when other required params are invalid' do
70
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="valid_token", timestamp="1302361200", nonce="51e74de734c05613f37520872e68db5f", signature="invalid""') }
71
+ it_behaves_like :unauthorized_mac_request
72
+ end
73
+
74
+ context 'when all required params are valid' do
75
+ let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="valid_token", timestamp="1302361200", nonce="51e74de734c05613f37520872e68db5f", signature="0rykQnhMJ3/yoogoDM0R2ReCN7aiFFPQmQTQotBOQaI=""') }
76
+ it_behaves_like :authenticated_mac_request
77
+ end
62
78
  end
63
79
 
64
80
  context 'when invalid_token is given' do
metadata CHANGED
@@ -1,8 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-oauth2
3
3
  version: !ruby/object:Gem::Version
4
+ hash: 9
4
5
  prerelease:
5
- version: 0.6.6
6
+ segments:
7
+ - 0
8
+ - 6
9
+ - 7
10
+ version: 0.6.7
6
11
  platform: ruby
7
12
  authors:
8
13
  - nov matake
@@ -10,7 +15,7 @@ autorequire:
10
15
  bindir: bin
11
16
  cert_chain: []
12
17
 
13
- date: 2011-04-24 00:00:00 Z
18
+ date: 2011-05-06 00:00:00 Z
14
19
  dependencies:
15
20
  - !ruby/object:Gem::Dependency
16
21
  name: rack
@@ -20,6 +25,10 @@ dependencies:
20
25
  requirements:
21
26
  - - ">="
22
27
  - !ruby/object:Gem::Version
28
+ hash: 13
29
+ segments:
30
+ - 1
31
+ - 1
23
32
  version: "1.1"
24
33
  type: :runtime
25
34
  version_requirements: *id001
@@ -31,6 +40,11 @@ dependencies:
31
40
  requirements:
32
41
  - - ">="
33
42
  - !ruby/object:Gem::Version
43
+ hash: 1
44
+ segments:
45
+ - 1
46
+ - 4
47
+ - 3
34
48
  version: 1.4.3
35
49
  type: :runtime
36
50
  version_requirements: *id002
@@ -42,6 +56,9 @@ dependencies:
42
56
  requirements:
43
57
  - - ">="
44
58
  - !ruby/object:Gem::Version
59
+ hash: 3
60
+ segments:
61
+ - 0
45
62
  version: "0"
46
63
  type: :runtime
47
64
  version_requirements: *id003
@@ -53,6 +70,10 @@ dependencies:
53
70
  requirements:
54
71
  - - ">="
55
72
  - !ruby/object:Gem::Version
73
+ hash: 5
74
+ segments:
75
+ - 2
76
+ - 3
56
77
  version: "2.3"
57
78
  type: :runtime
58
79
  version_requirements: *id004
@@ -64,6 +85,9 @@ dependencies:
64
85
  requirements:
65
86
  - - ">="
66
87
  - !ruby/object:Gem::Version
88
+ hash: 3
89
+ segments:
90
+ - 0
67
91
  version: "0"
68
92
  type: :runtime
69
93
  version_requirements: *id005
@@ -75,6 +99,11 @@ dependencies:
75
99
  requirements:
76
100
  - - ">="
77
101
  - !ruby/object:Gem::Version
102
+ hash: 25
103
+ segments:
104
+ - 0
105
+ - 0
106
+ - 3
78
107
  version: 0.0.3
79
108
  type: :runtime
80
109
  version_requirements: *id006
@@ -86,6 +115,10 @@ dependencies:
86
115
  requirements:
87
116
  - - ">="
88
117
  - !ruby/object:Gem::Version
118
+ hash: 27
119
+ segments:
120
+ - 0
121
+ - 8
89
122
  version: "0.8"
90
123
  type: :development
91
124
  version_requirements: *id007
@@ -97,6 +130,10 @@ dependencies:
97
130
  requirements:
98
131
  - - ">="
99
132
  - !ruby/object:Gem::Version
133
+ hash: 25
134
+ segments:
135
+ - 0
136
+ - 9
100
137
  version: "0.9"
101
138
  type: :development
102
139
  version_requirements: *id008
@@ -108,6 +145,9 @@ dependencies:
108
145
  requirements:
109
146
  - - ">="
110
147
  - !ruby/object:Gem::Version
148
+ hash: 7
149
+ segments:
150
+ - 2
111
151
  version: "2"
112
152
  type: :development
113
153
  version_requirements: *id009
@@ -119,6 +159,10 @@ dependencies:
119
159
  requirements:
120
160
  - - ">="
121
161
  - !ruby/object:Gem::Version
162
+ hash: 9
163
+ segments:
164
+ - 1
165
+ - 3
122
166
  version: "1.3"
123
167
  type: :development
124
168
  version_requirements: *id010
@@ -227,12 +271,20 @@ required_ruby_version: !ruby/object:Gem::Requirement
227
271
  requirements:
228
272
  - - ">="
229
273
  - !ruby/object:Gem::Version
274
+ hash: 3
275
+ segments:
276
+ - 0
230
277
  version: "0"
231
278
  required_rubygems_version: !ruby/object:Gem::Requirement
232
279
  none: false
233
280
  requirements:
234
281
  - - ">="
235
282
  - !ruby/object:Gem::Version
283
+ hash: 23
284
+ segments:
285
+ - 1
286
+ - 3
287
+ - 6
236
288
  version: 1.3.6
237
289
  requirements: []
238
290