rack-oauth2 0.6.6 → 0.6.7
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/lib/rack/oauth2/access_token/mac/verifier.rb +2 -1
- data/lib/rack/oauth2/access_token/mac.rb +2 -0
- data/lib/rack/oauth2/server/abstract/error.rb +1 -0
- data/lib/rack/oauth2/server/resource/bearer.rb +3 -3
- data/spec/rack/oauth2/access_token/mac_spec.rb +6 -6
- data/spec/rack/oauth2/server/resource/mac_spec.rb +19 -3
- metadata +54 -2
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.6.
|
|
1
|
+
0.6.7
|
|
@@ -6,7 +6,6 @@ module Rack
|
|
|
6
6
|
include AttrRequired, AttrOptional
|
|
7
7
|
attr_required :algorithm
|
|
8
8
|
|
|
9
|
-
# TODO: rescue this in proper location later
|
|
10
9
|
class VerificationFailed < StandardError; end
|
|
11
10
|
|
|
12
11
|
def initialize(attributes = {})
|
|
@@ -14,6 +13,8 @@ module Rack
|
|
|
14
13
|
self.send :"#{key}=", attributes[key]
|
|
15
14
|
end
|
|
16
15
|
attr_missing!
|
|
16
|
+
rescue AttrRequired::AttrMissing => e
|
|
17
|
+
raise VerificationFailed.new("#{self.class.to_s.split('::').last} Invalid: #{e.message}")
|
|
17
18
|
end
|
|
18
19
|
|
|
19
20
|
def verify!(expected)
|
|
@@ -12,7 +12,7 @@ module Rack
|
|
|
12
12
|
|
|
13
13
|
class Request < Resource::Request
|
|
14
14
|
def setup!
|
|
15
|
-
tokens = [
|
|
15
|
+
tokens = [access_token_in_header, access_token_in_payload].compact
|
|
16
16
|
@access_token = case Array(tokens).size
|
|
17
17
|
when 1
|
|
18
18
|
tokens.first
|
|
@@ -23,10 +23,10 @@ module Rack
|
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
def oauth2?
|
|
26
|
-
(
|
|
26
|
+
(access_token_in_header || access_token_in_payload).present?
|
|
27
27
|
end
|
|
28
28
|
|
|
29
|
-
def
|
|
29
|
+
def access_token_in_header
|
|
30
30
|
if @auth_header.provided? && @auth_header.scheme == :bearer
|
|
31
31
|
@auth_header.params
|
|
32
32
|
else
|
|
@@ -107,8 +107,8 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
|
107
107
|
let(:signature) { 'invalid' }
|
|
108
108
|
it do
|
|
109
109
|
expect { token.verify!(request.setup!) }.should raise_error(
|
|
110
|
-
Rack::OAuth2::
|
|
111
|
-
'Signature Invalid'
|
|
110
|
+
Rack::OAuth2::Server::Resource::MAC::Unauthorized,
|
|
111
|
+
'invalid_token :: Signature Invalid'
|
|
112
112
|
)
|
|
113
113
|
end
|
|
114
114
|
end
|
|
@@ -131,8 +131,8 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
|
131
131
|
let(:body_hash) { 'invalid' }
|
|
132
132
|
it do
|
|
133
133
|
expect { token.verify!(request.setup!) }.should raise_error(
|
|
134
|
-
Rack::OAuth2::
|
|
135
|
-
'BodyHash Invalid'
|
|
134
|
+
Rack::OAuth2::Server::Resource::MAC::Unauthorized,
|
|
135
|
+
'invalid_token :: BodyHash Invalid'
|
|
136
136
|
)
|
|
137
137
|
end
|
|
138
138
|
end
|
|
@@ -152,8 +152,8 @@ describe Rack::OAuth2::AccessToken::MAC do
|
|
|
152
152
|
context 'otherwise' do
|
|
153
153
|
it do
|
|
154
154
|
expect { token.verify!(request.setup!) }.should raise_error(
|
|
155
|
-
Rack::OAuth2::
|
|
156
|
-
'Signature Invalid'
|
|
155
|
+
Rack::OAuth2::Server::Resource::MAC::Unauthorized,
|
|
156
|
+
'invalid_token :: Signature Invalid'
|
|
157
157
|
)
|
|
158
158
|
end
|
|
159
159
|
end
|
|
@@ -5,7 +5,11 @@ describe Rack::OAuth2::Server::Resource::MAC do
|
|
|
5
5
|
Rack::OAuth2::Server::Resource::MAC.new(simple_app) do |request|
|
|
6
6
|
case request.access_token
|
|
7
7
|
when 'valid_token'
|
|
8
|
-
|
|
8
|
+
Rack::OAuth2::AccessToken::MAC.new(
|
|
9
|
+
:access_token => 'valid_token',
|
|
10
|
+
:secret => 'secret',
|
|
11
|
+
:algorithm => 'hmac-sha-256'
|
|
12
|
+
).verify!(request)
|
|
9
13
|
when 'insufficient_scope_token'
|
|
10
14
|
request.insufficient_scope!
|
|
11
15
|
else
|
|
@@ -57,8 +61,20 @@ describe Rack::OAuth2::Server::Resource::MAC do
|
|
|
57
61
|
end
|
|
58
62
|
|
|
59
63
|
context 'when valid_token is given' do
|
|
60
|
-
|
|
61
|
-
|
|
64
|
+
context 'when other required params are missing' do
|
|
65
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="valid_token"') }
|
|
66
|
+
it_behaves_like :unauthorized_mac_request
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
context 'when other required params are invalid' do
|
|
70
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="valid_token", timestamp="1302361200", nonce="51e74de734c05613f37520872e68db5f", signature="invalid""') }
|
|
71
|
+
it_behaves_like :unauthorized_mac_request
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
context 'when all required params are valid' do
|
|
75
|
+
let(:env) { Rack::MockRequest.env_for('/protected_resource', 'HTTP_AUTHORIZATION' => 'MAC token="valid_token", timestamp="1302361200", nonce="51e74de734c05613f37520872e68db5f", signature="0rykQnhMJ3/yoogoDM0R2ReCN7aiFFPQmQTQotBOQaI=""') }
|
|
76
|
+
it_behaves_like :authenticated_mac_request
|
|
77
|
+
end
|
|
62
78
|
end
|
|
63
79
|
|
|
64
80
|
context 'when invalid_token is given' do
|
metadata
CHANGED
|
@@ -1,8 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rack-oauth2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
+
hash: 9
|
|
4
5
|
prerelease:
|
|
5
|
-
|
|
6
|
+
segments:
|
|
7
|
+
- 0
|
|
8
|
+
- 6
|
|
9
|
+
- 7
|
|
10
|
+
version: 0.6.7
|
|
6
11
|
platform: ruby
|
|
7
12
|
authors:
|
|
8
13
|
- nov matake
|
|
@@ -10,7 +15,7 @@ autorequire:
|
|
|
10
15
|
bindir: bin
|
|
11
16
|
cert_chain: []
|
|
12
17
|
|
|
13
|
-
date: 2011-
|
|
18
|
+
date: 2011-05-06 00:00:00 Z
|
|
14
19
|
dependencies:
|
|
15
20
|
- !ruby/object:Gem::Dependency
|
|
16
21
|
name: rack
|
|
@@ -20,6 +25,10 @@ dependencies:
|
|
|
20
25
|
requirements:
|
|
21
26
|
- - ">="
|
|
22
27
|
- !ruby/object:Gem::Version
|
|
28
|
+
hash: 13
|
|
29
|
+
segments:
|
|
30
|
+
- 1
|
|
31
|
+
- 1
|
|
23
32
|
version: "1.1"
|
|
24
33
|
type: :runtime
|
|
25
34
|
version_requirements: *id001
|
|
@@ -31,6 +40,11 @@ dependencies:
|
|
|
31
40
|
requirements:
|
|
32
41
|
- - ">="
|
|
33
42
|
- !ruby/object:Gem::Version
|
|
43
|
+
hash: 1
|
|
44
|
+
segments:
|
|
45
|
+
- 1
|
|
46
|
+
- 4
|
|
47
|
+
- 3
|
|
34
48
|
version: 1.4.3
|
|
35
49
|
type: :runtime
|
|
36
50
|
version_requirements: *id002
|
|
@@ -42,6 +56,9 @@ dependencies:
|
|
|
42
56
|
requirements:
|
|
43
57
|
- - ">="
|
|
44
58
|
- !ruby/object:Gem::Version
|
|
59
|
+
hash: 3
|
|
60
|
+
segments:
|
|
61
|
+
- 0
|
|
45
62
|
version: "0"
|
|
46
63
|
type: :runtime
|
|
47
64
|
version_requirements: *id003
|
|
@@ -53,6 +70,10 @@ dependencies:
|
|
|
53
70
|
requirements:
|
|
54
71
|
- - ">="
|
|
55
72
|
- !ruby/object:Gem::Version
|
|
73
|
+
hash: 5
|
|
74
|
+
segments:
|
|
75
|
+
- 2
|
|
76
|
+
- 3
|
|
56
77
|
version: "2.3"
|
|
57
78
|
type: :runtime
|
|
58
79
|
version_requirements: *id004
|
|
@@ -64,6 +85,9 @@ dependencies:
|
|
|
64
85
|
requirements:
|
|
65
86
|
- - ">="
|
|
66
87
|
- !ruby/object:Gem::Version
|
|
88
|
+
hash: 3
|
|
89
|
+
segments:
|
|
90
|
+
- 0
|
|
67
91
|
version: "0"
|
|
68
92
|
type: :runtime
|
|
69
93
|
version_requirements: *id005
|
|
@@ -75,6 +99,11 @@ dependencies:
|
|
|
75
99
|
requirements:
|
|
76
100
|
- - ">="
|
|
77
101
|
- !ruby/object:Gem::Version
|
|
102
|
+
hash: 25
|
|
103
|
+
segments:
|
|
104
|
+
- 0
|
|
105
|
+
- 0
|
|
106
|
+
- 3
|
|
78
107
|
version: 0.0.3
|
|
79
108
|
type: :runtime
|
|
80
109
|
version_requirements: *id006
|
|
@@ -86,6 +115,10 @@ dependencies:
|
|
|
86
115
|
requirements:
|
|
87
116
|
- - ">="
|
|
88
117
|
- !ruby/object:Gem::Version
|
|
118
|
+
hash: 27
|
|
119
|
+
segments:
|
|
120
|
+
- 0
|
|
121
|
+
- 8
|
|
89
122
|
version: "0.8"
|
|
90
123
|
type: :development
|
|
91
124
|
version_requirements: *id007
|
|
@@ -97,6 +130,10 @@ dependencies:
|
|
|
97
130
|
requirements:
|
|
98
131
|
- - ">="
|
|
99
132
|
- !ruby/object:Gem::Version
|
|
133
|
+
hash: 25
|
|
134
|
+
segments:
|
|
135
|
+
- 0
|
|
136
|
+
- 9
|
|
100
137
|
version: "0.9"
|
|
101
138
|
type: :development
|
|
102
139
|
version_requirements: *id008
|
|
@@ -108,6 +145,9 @@ dependencies:
|
|
|
108
145
|
requirements:
|
|
109
146
|
- - ">="
|
|
110
147
|
- !ruby/object:Gem::Version
|
|
148
|
+
hash: 7
|
|
149
|
+
segments:
|
|
150
|
+
- 2
|
|
111
151
|
version: "2"
|
|
112
152
|
type: :development
|
|
113
153
|
version_requirements: *id009
|
|
@@ -119,6 +159,10 @@ dependencies:
|
|
|
119
159
|
requirements:
|
|
120
160
|
- - ">="
|
|
121
161
|
- !ruby/object:Gem::Version
|
|
162
|
+
hash: 9
|
|
163
|
+
segments:
|
|
164
|
+
- 1
|
|
165
|
+
- 3
|
|
122
166
|
version: "1.3"
|
|
123
167
|
type: :development
|
|
124
168
|
version_requirements: *id010
|
|
@@ -227,12 +271,20 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
227
271
|
requirements:
|
|
228
272
|
- - ">="
|
|
229
273
|
- !ruby/object:Gem::Version
|
|
274
|
+
hash: 3
|
|
275
|
+
segments:
|
|
276
|
+
- 0
|
|
230
277
|
version: "0"
|
|
231
278
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
232
279
|
none: false
|
|
233
280
|
requirements:
|
|
234
281
|
- - ">="
|
|
235
282
|
- !ruby/object:Gem::Version
|
|
283
|
+
hash: 23
|
|
284
|
+
segments:
|
|
285
|
+
- 1
|
|
286
|
+
- 3
|
|
287
|
+
- 6
|
|
236
288
|
version: 1.3.6
|
|
237
289
|
requirements: []
|
|
238
290
|
|