rack-oauth2 0.7.0 → 0.8.0.alpha

data/Gemfile.lock

@@ -1,31 +1,28 @@
 PATH
   remote: .
   specs:
-    rack-oauth2 (0.6.9)
+    rack-oauth2 (0.8.0.alpha)
       activesupport (>= 2.3)
       attr_required (>= 0.0.3)
+      httpclient (>= 2.2.0.2)
       i18n
       json (>= 1.4.3)
       rack (>= 1.1)
-      restclient_with_cert
 
 GEM
   remote: http://rubygems.org/
   specs:
     activesupport (3.0.7)
+    addressable (2.2.6)
     attr_required (0.0.3)
+    crack (0.1.8)
     diff-lcs (1.1.2)
-    fakeweb (1.3.0)
+    httpclient (2.2.0.2)
     i18n (0.5.0)
     json (1.5.1)
-    mime-types (1.16)
     rack (1.2.2)
     rake (0.8.7)
     rcov (0.9.9)
-    rest-client (1.6.1)
-      mime-types (>= 1.16)
-    restclient_with_cert (0.0.7)
-      rest-client (>= 1.6)
     rspec (2.5.0)
       rspec-core (~> 2.5.0)
       rspec-expectations (~> 2.5.0)
@@ -34,13 +31,16 @@ GEM
     rspec-expectations (2.5.0)
       diff-lcs (~> 1.1.2)
     rspec-mocks (2.5.0)
+    webmock (1.6.4)
+      addressable (> 2.2.5, ~> 2.2)
+      crack (>= 0.1.7)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
-  fakeweb (>= 1.3)
   rack-oauth2!
   rake (>= 0.8)
   rcov (>= 0.9)
   rspec (<= 2.5, >= 2)
+  webmock (>= 1.6.2)

data/VERSION

@@ -1 +1 @@
-0.7.0
+0.8.0.alpha

data/lib/rack/oauth2.rb

@@ -1,6 +1,6 @@
 require 'rack'
 require 'json'
-require 'restclient_with_cert'
+require 'httpclient'
 require 'active_support/core_ext'
 require 'attr_required'
 require 'attr_optional'

data/lib/rack/oauth2/access_token.rb

@@ -2,14 +2,17 @@ module Rack
   module OAuth2
     class AccessToken
       include AttrRequired, AttrOptional
-      attr_required :access_token, :token_type
+      attr_required :access_token, :token_type, :client
       attr_optional :refresh_token, :expires_in, :scope
+      delegate :get, :post, :put, :delete, :to => :client
 
       def initialize(attributes = {})
         (required_attributes + optional_attributes).each do |key|
           self.send :"#{key}=", attributes[key]
         end
         @token_type = self.class.to_s.split('::').last.underscore.to_sym
+        @client = HTTPClient.new
+        @client.request_filter << Authenticator.new(self)
         attr_missing!
       end
 
@@ -22,26 +25,11 @@ module Rack
           :scope => Array(scope).join(' ')
         }
       end
-
-      def get(url, headers = {}, &block)
-        RestClient.get url, authenticate(headers), &block
-      end
-
-      def post(url, payload, headers = {}, &block)
-        RestClient.post url, payload, authenticate(headers), &block
-      end
-
-      def put(url, payload, headers = {}, &block)
-        RestClient.put url, payload, authenticate(headers), &block
-      end
-
-      def delete(url, headers = {}, &block)
-        RestClient.delete url, authenticate(headers), &block
-      end
     end
   end
 end
 
+require 'rack/oauth2/access_token/authenticator'
 require 'rack/oauth2/access_token/bearer'
 require 'rack/oauth2/access_token/mac'
 require 'rack/oauth2/access_token/legacy'

data/lib/rack/oauth2/access_token/authenticator.rb

@@ -0,0 +1,24 @@
+module Rack
+  module OAuth2
+    class AccessToken
+      class Authenticator
+        def initialize(token)
+          @token = token
+        end
+
+        # Callback called in HTTPClient (before sending a request)
+        # request:: HTTP::Message
+        def filter_request(request)
+          @token.authenticate(request)
+        end
+
+        # Callback called in HTTPClient (after received a response)
+        # response:: HTTP::Message
+        # request::  HTTP::Message
+        def filter_response(response, request)
+          # nothing to do
+        end
+      end
+    end
+  end
+end

data/lib/rack/oauth2/access_token/bearer.rb

@@ -2,9 +2,8 @@ module Rack
   module OAuth2
     class AccessToken
       class Bearer < AccessToken
-        private
-        def authenticate(headers)
-          headers.merge(:AUTHORIZATION => "Bearer #{access_token}")
+        def authenticate(request)
+          request.header["Authorization"] = "Bearer #{access_token}"
         end
       end
     end

data/lib/rack/oauth2/access_token/legacy.rb

@@ -11,9 +11,8 @@ module Rack
           self.access_token
         end
 
-        private
-        def authenticate(headers)
-          headers.merge(:AUTHORIZATION => "OAuth2 #{access_token}")
+        def authenticate(request)
+          request.header["Authorization"] = "OAuth2 #{access_token}"
         end
       end
     end

data/lib/rack/oauth2/access_token/mac.rb

@@ -20,13 +20,12 @@ module Rack
 
         def verify!(request)
           if request.body_hash.present?
-            _body_hash_ = BodyHash.new(
+            BodyHash.new(
               :raw_body  => request.body.read,
               :algorithm => self.mac_algorithm
-            )
-            _body_hash_.verify!(request.body_hash)
+            ).verify!(request.body_hash)
           end
-          _signature_ = Signature.new(
+          Signature.new(
             :secret      => self.mac_key,
             :algorithm   => self.mac_algorithm,
             :nonce       => request.nonce,
@@ -36,60 +35,35 @@ module Rack
             :port        => request.port,
             :body_hash   => request.body_hash,
             :ext         => request.ext
-          )
-          _signature_.verify!(request.signature)
+          ).verify!(request.signature)
         rescue Verifier::VerificationFailed => e
           request.invalid_token! e.message
         end
 
-        def get(url, headers = {}, &block)
-          _headers_ = authenticate(:get, url, headers)
-          RestClient.get url, _headers_, &block
-        end
-
-        def post(url, payload, headers = {}, &block)
-          _headers_ = authenticate(:post, url, headers, payload)
-          RestClient.post url, payload, _headers_, &block
-        end
-
-        def put(url, payload, headers = {}, &block)
-          _headers_ = authenticate(:put, url, headers, payload)
-          RestClient.put url, payload, _headers_, &block
-        end
-
-        def delete(url, headers = {}, &block)
-          _headers_ = authenticate(:delete, url, headers)
-          RestClient.delete url, _headers_, &block
-        end
-
-        private
-
-        def authenticate(method, url, headers = {}, payload = {})
-          _url_ = URI.parse(url)
+        def authenticate(request)
           @nonce = generate_nonce
-          if payload.present?
-            raw_body = RestClient::Payload.generate(payload).to_s
-            _body_hash_ = BodyHash.new(
-              :raw_body => raw_body,
+          if request.contenttype == 'application/x-www-form-urlencoded'
+            @body_hash = BodyHash.new(
+              :raw_body => request.body,
               :algorithm => self.mac_algorithm
-            )
-            @body_hash = _body_hash_.calculate
+            ).calculate
           end
-          _signature_ = Signature.new(
+          @signature = Signature.new(
             :secret      => self.mac_key,
             :algorithm   => self.mac_algorithm,
             :nonce       => self.nonce,
-            :method      => method,
-            :request_uri => _url_.request_uri,
-            :host        => _url_.host,
-            :port        => _url_.port,
+            :method      => request.header.request_method,
+            :request_uri => request.header.create_query_uri,
+            :host        => request.header.request_uri.host,
+            :port        => request.header.request_uri.port,
             :body_hash   => self.body_hash,
             :ext         => self.ext
-          )
-          @signature = _signature_.calculate
-          headers.merge(:AUTHORIZATION => authorization_header)
+          ).calculate
+          request.header['Authorization'] = authorization_header
         end
 
+        private
+
         def authorization_header
           header = "MAC"
           header << " id=\"#{access_token}\","
@@ -102,7 +76,7 @@ module Rack
         def generate_nonce
           [
             (Time.now.utc - @issued_at).to_i,
-            ActiveSupport::SecureRandom.base64(16)
+            ActiveSupport::SecureRandom.hex
           ].join(':')
         end
       end

data/lib/rack/oauth2/client.rb

@@ -51,7 +51,7 @@ module Rack
           :client_secret => self.secret
         )
         handle_response do
-          RestClient.post absolute_uri_for(token_endpoint), Util.compact_hash(params)
+          HTTPClient.new.post absolute_uri_for(token_endpoint), Util.compact_hash(params)
         end
       end
 
@@ -67,6 +67,15 @@ module Rack
 
       def handle_response
         response = yield
+        case response.status
+        when 200..201
+          handle_success_response response
+        else
+          handle_error_response response
+        end
+      end
+
+      def handle_success_response(response)
         token_hash = JSON.parse(response.body).with_indifferent_access
         case token_hash[:token_type]
         when 'bearer'
@@ -81,9 +90,13 @@ module Rack
       rescue JSON::ParserError
         # NOTE: Facebook support (They don't use JSON as token response)
         AccessToken::Legacy.new Rack::Utils.parse_nested_query(response.body).with_indifferent_access
-      rescue RestClient::Exception => e
-        error = JSON.parse(e.http_body).with_indifferent_access
-        raise Error.new(e.http_code, error)
+      end
+
+      def handle_error_response(response)
+        error = JSON.parse(response.body).with_indifferent_access
+        raise Error.new(response.status, error)
+      rescue JSON::ParserError
+        raise Error.new(response.status, :error => 'Unknown', :error_description => resonse.body)
       end
     end
   end

data/rack-oauth2.gemspec

@@ -15,12 +15,12 @@ Gem::Specification.new do |s|
   s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
   s.add_runtime_dependency "rack", ">= 1.1"
   s.add_runtime_dependency "json", ">= 1.4.3"
-  s.add_runtime_dependency "restclient_with_cert"
+  s.add_runtime_dependency "httpclient", ">= 2.2.0.2"
   s.add_runtime_dependency "activesupport", ">= 2.3"
   s.add_runtime_dependency "i18n"
   s.add_runtime_dependency "attr_required", ">= 0.0.3"
   s.add_development_dependency "rake", ">= 0.8"
   s.add_development_dependency "rcov", ">= 0.9"
   s.add_development_dependency "rspec", ">= 2", "<= 2.5"
-  s.add_development_dependency "fakeweb", ">= 1.3"
+  s.add_development_dependency "webmock", ">= 1.6.2"
 end

data/spec/helpers/webmock_helper.rb

@@ -0,0 +1,42 @@
+require 'webmock/rspec'
+
+module WebMockHelper
+  def mock_response(method, endpoint, response_file, options = {})
+    stub_request(method, endpoint).with(
+      request_for(method, options)
+    ).to_return(
+      response_for(response_file, options)
+    )
+  end
+
+  private
+
+  def request_for(method, options = {})
+    request = {}
+    if options[:access_token]
+      options[:params] ||= {}
+      options[:params][:oauth_token] = options[:access_token].to_s
+    end
+    if options[:params]
+      case method
+      when :post, :put
+        request[:body] = options[:params]
+      else
+        request[:query] = options[:params]
+      end
+    end
+    request
+  end
+
+  def response_for(response_file, options = {})
+    response = {}
+    response[:body] = File.new(File.join(File.dirname(__FILE__), '../mock_response', response_file))
+    if options[:status]
+      response[:status] = options[:status]
+    end
+    response
+  end
+end
+
+include WebMockHelper
+WebMock.disable_net_connect!

data/spec/rack/oauth2/access_token/authenticator_spec.rb

@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe Rack::OAuth2::AccessToken::Authenticator do
+  let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
+  let(:request) { HTTP::Message.new_request(:get, URI.parse(resource_endpoint)) }
+  let(:authenticator) { Rack::OAuth2::AccessToken::Authenticator.new(token) }
+
+  shared_examples_for :authenticator do
+    it 'should let the token authenticate the request' do
+      token.should_receive(:authenticate).with(request)
+      authenticator.filter_request(request)
+    end
+  end
+
+  context 'when Legacy token is given' do
+    let(:token) do
+      Rack::OAuth2::AccessToken::Legacy.new(
+        :access_token => 'access_token'
+      )
+    end
+    it_behaves_like :authenticator
+  end
+
+  context 'when Bearer token is given' do
+    let(:token) do
+      Rack::OAuth2::AccessToken::Bearer.new(
+        :access_token => 'access_token'
+      )
+    end
+    it_behaves_like :authenticator
+  end
+
+  context 'when MAC token is given' do
+    let(:token) do
+      Rack::OAuth2::AccessToken::MAC.new(
+        :access_token => 'access_token',
+        :mac_key => 'secret',
+        :mac_algorithm => 'hmac-sha-256'
+      )
+    end
+    it_behaves_like :authenticator
+  end
+end

data/spec/rack/oauth2/access_token/bearer_spec.rb

@@ -7,37 +7,12 @@ describe Rack::OAuth2::AccessToken::Bearer do
     )
   end
   let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
+  let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {:hello => "world"}, {}) }
 
-  [:get, :delete].each do |method|
-    before do
-      fake_response(method, resource_endpoint, 'resources/fake.txt')
-    end
-
-    describe method.to_s.upcase do
-      it 'should have Bearer Authorization header' do
-        RestClient.should_receive(method).with(
-          resource_endpoint,
-          :AUTHORIZATION => 'Bearer access_token'
-        )
-        token.send method, resource_endpoint
-      end
-    end
-  end
-
-  [:post, :put].each do |method|
-    before do
-      fake_response(method, resource_endpoint, 'resources/fake.txt')
-    end
-
-    describe method.to_s.upcase do
-      it 'should have Bearer Authorization header' do
-        RestClient.should_receive(method).with(
-          resource_endpoint,
-          {:key => :value},
-          {:AUTHORIZATION => 'Bearer access_token'}
-        )
-        token.send method, resource_endpoint, {:key => :value}
-      end
+  describe '.authenticate' do
+    it 'should set Authorization header' do
+      request.header.should_receive(:[]=).with('Authorization', 'Bearer access_token')
+      token.authenticate(request)
     end
   end
 end

data/spec/rack/oauth2/access_token/legacy_spec.rb

@@ -7,42 +7,17 @@ describe Rack::OAuth2::AccessToken::Legacy do
     )
   end
   let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
-
-  [:get, :delete].each do |method|
-    before do
-      fake_response(method, resource_endpoint, 'resources/fake.txt')
-    end
-
-    describe method.to_s.upcase do
-      it 'should have OAuth2 Authorization header' do
-        RestClient.should_receive(method).with(
-          resource_endpoint,
-          :AUTHORIZATION => 'OAuth2 access_token'
-        )
-        token.send method, resource_endpoint
-      end
-    end
-  end
-
-  [:post, :put].each do |method|
-    before do
-      fake_response(method, resource_endpoint, 'resources/fake.txt')
-    end
-
-    describe method.to_s.upcase do
-      it 'should have OAuth2 Authorization header' do
-        RestClient.should_receive(method).with(
-          resource_endpoint,
-          {:key => :value},
-          {:AUTHORIZATION => 'OAuth2 access_token'}
-        )
-        token.send method, resource_endpoint, {:key => :value}
-      end
-    end
-  end
+  let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {:hello => "world"}, {}) }
 
   describe '#to_s' do
     subject { token }
     its(:to_s) { should == token.access_token }
   end
+
+  describe '.authenticate' do
+    it 'should set Authorization header' do
+      request.header.should_receive(:[]=).with('Authorization', 'OAuth2 access_token')
+      token.authenticate(request)
+    end
+  end
 end

data/spec/rack/oauth2/access_token/mac_spec.rb

@@ -5,9 +5,12 @@ describe Rack::OAuth2::AccessToken::MAC do
     Rack::OAuth2::AccessToken::MAC.new(
       :access_token => 'access_token',
       :mac_key => 'secret',
-      :mac_algorithm => 'hmac-sha-256'
+      :mac_algorithm => 'hmac-sha-256',
+      :issued_at => issued_at
     )
   end
+  let(:issued_at) { 1305820455 }
+  let(:nonce) { '1000:51e74de734c05613f37520872e68db5f' }
   let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
   subject { token }
 
@@ -26,63 +29,6 @@ describe Rack::OAuth2::AccessToken::MAC do
   end
   its(:generate_nonce) { should be_a String }
 
-  describe 'HTTP methods' do
-    before do
-      token.should_receive(:generate_nonce).and_return("51e74de734c05613f37520872e68db5f")
-    end
-
-    describe :GET do
-      let(:resource_endpoint) { 'https://server.example.com/resources/fake?key=value' }
-      it 'should have MAC Authorization header' do
-        Time.fix(Time.at(1302361200)) do
-          RestClient.should_receive(:get).with(
-            resource_endpoint,
-            :AUTHORIZATION => 'MAC id="access_token", nonce="51e74de734c05613f37520872e68db5f", mac="gMJ8AmvTGmfPFCJCf5DUwNTmT7ksw6GqyoGW2lUIUZ0="'
-          )
-          token.get resource_endpoint
-        end
-      end
-    end
-
-    describe :POST do
-      it 'should have MAC Authorization header' do
-        Time.fix(Time.at(1302361200)) do
-          RestClient.should_receive(:post).with(
-            resource_endpoint,
-            {:key => :value},
-            {:AUTHORIZATION => 'MAC id="access_token", nonce="51e74de734c05613f37520872e68db5f", bodyhash="Vj8DVxGNBe8UXWvd8pZswj6Gyo8vAT+RXlZa/fCfeiM=", mac="7OOseGqNi14lThhRnwhItACXACM4Qp5GleBEuizzUpw="'}
-          )
-          token.post resource_endpoint, :key => :value
-        end
-      end
-    end
-
-    describe :PUT do
-      it 'should have MAC Authorization header' do
-        Time.fix(Time.at(1302361200)) do
-          RestClient.should_receive(:put).with(
-            resource_endpoint,
-            {:key => :value},
-            {:AUTHORIZATION => 'MAC id="access_token", nonce="51e74de734c05613f37520872e68db5f", bodyhash="Vj8DVxGNBe8UXWvd8pZswj6Gyo8vAT+RXlZa/fCfeiM=", mac="lxTg/F29zkE7vBEbAK9VULRpM4IN5uShqHbj2k7e9lA="'}
-          )
-          token.put resource_endpoint, :key => :value
-        end
-      end
-    end
-
-    describe :DELETE do
-      it 'should have MAC Authorization header' do
-        Time.fix(Time.at(1302361200)) do
-          RestClient.should_receive(:delete).with(
-            resource_endpoint,
-            :AUTHORIZATION => 'MAC id="access_token", nonce="51e74de734c05613f37520872e68db5f", mac="JtOibEO1rBQNBGy6hUPT29L2cHSmLP09K+kUL4oEe/g="'
-          )
-          token.delete resource_endpoint
-        end
-      end
-    end
-  end
-
   describe 'verify!' do
     let(:request) { Rack::OAuth2::Server::Resource::MAC::Request.new(env) }
 
@@ -90,16 +36,14 @@ describe Rack::OAuth2::AccessToken::MAC do
       let(:env) do
         Rack::MockRequest.env_for(
           '/protected_resources',
-          'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="51e74de734c05613f37520872e68db5f", mac="#{signature}"}
+          'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}", mac="#{signature}"}
         )
       end
 
       context 'when signature is valid' do
-        let(:signature) { 'jWo6L7w86ZKNlkRYjzQxp/HJpSxZJXq60hfd+yw4si0=' }
+        let(:signature) { 'nbQj0NdvSBKdwvw1yX6wpQ4EwrQKBg/r3lqwJGcthDU=' }
         it do
-          Time.fix(Time.at(1302361200)) do
-            token.verify!(request.setup!).should == :verified
-          end
+          token.verify!(request.setup!).should == :verified
         end
       end
 
@@ -122,7 +66,7 @@ describe Rack::OAuth2::AccessToken::MAC do
           :params => {
             :key1 => 'value1'
           },
-          'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="51e74de734c05613f37520872e68db5f", bodyhash="#{body_hash}", mac="#{signature}"}
+          'HTTP_AUTHORIZATION' => %{MAC id="access_token", nonce="#{nonce}", bodyhash="#{body_hash}", mac="#{signature}"}
         )
       end
       let(:signature) { 'invalid' }
@@ -141,7 +85,7 @@ describe Rack::OAuth2::AccessToken::MAC do
         let(:body_hash) { 'TPzUbFn1S16mpfmwXCi1L+8oZHRxlLX9/D1ZwAV781o=' }
 
         context 'when signature is valid' do
-          let(:signature) { 'xNoae5ETuB9BVFH/vFV8y8S0fXdY41bSq0bekoLClwM=' }
+          let(:signature) { 'ebFlQPMO3WzEZ3ncuIFnVK7IsVt+JEorQEEMJTiz/t8=' }
           it do
             Time.fix(Time.at(1302361200)) do
               token.verify!(request.setup!).should == :verified
@@ -160,4 +104,16 @@ describe Rack::OAuth2::AccessToken::MAC do
       end
     end
   end
+
+  describe '.authenticate' do
+    let(:request) { HTTPClient.new.send(:create_request, :post, URI.parse(resource_endpoint), {}, {:hello => "world"}, {}) }
+    let(:body_hash) { 'PQEeCVAqhFUqD4rhEtAkzCwRVZfjpXfV9JAHkCwiHcU=' }
+    let(:signature) { 'aL2Oh8gWrCAtJ/Xu6XMtJb6ZsYQT+GxQTs/TgJDQ7ZY=' }
+
+    it 'should set Authorization header' do
+      token.should_receive(:generate_nonce).and_return(nonce)
+      request.header.should_receive(:[]=).with('Authorization', "MAC id=\"access_token\", nonce=\"#{nonce}\", bodyhash=\"#{body_hash}\", mac=\"#{signature}\"")
+      token.authenticate(request)
+    end
+  end
 end

data/spec/rack/oauth2/access_token_spec.rb

@@ -1,7 +1,7 @@
 require 'spec_helper'
 
 describe Rack::OAuth2::AccessToken do
-  subject do
+  let :token do
     Rack::OAuth2::AccessToken::Bearer.new(
       :access_token => 'access_token',
       :refresh_token => 'refresh_token',
@@ -9,6 +9,7 @@ describe Rack::OAuth2::AccessToken do
       :scope => [:scope1, :scope2]
     )
   end
+  subject { token }
 
   its(:access_token)  { should == 'access_token' }
   its(:refresh_token) { should == 'refresh_token' }
@@ -45,4 +46,15 @@ describe Rack::OAuth2::AccessToken do
       end.should_not raise_error
     end
   end
+
+  let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
+  [:get, :delete, :post, :put].each do |method|
+    describe method do
+      it 'should delegate to HTTPClient with Authenticator filter' do
+        token.client.should_receive(method).with(resource_endpoint)
+        token.client.request_filter.last.should be_a Rack::OAuth2::AccessToken::Authenticator
+        token.send method, resource_endpoint
+      end
+    end
+  end
 end

data/spec/rack/oauth2/client_spec.rb

@@ -77,7 +77,7 @@ describe Rack::OAuth2::Client do
     context 'when bearer token is given' do
       before  do
         client.authorization_code = 'code'
-        fake_response(
+        mock_response(
           :post,
           'https://server.example.com/oauth2/token',
           'tokens/bearer.json'
@@ -93,7 +93,7 @@ describe Rack::OAuth2::Client do
     context 'when mac token is given' do
       before  do
         client.authorization_code = 'code'
-        fake_response(
+        mock_response(
           :post,
           'https://server.example.com/oauth2/token',
           'tokens/mac.json'
@@ -109,7 +109,7 @@ describe Rack::OAuth2::Client do
     context 'when no-type token is given (JSON)' do
       before  do
         client.authorization_code = 'code'
-        fake_response(
+        mock_response(
           :post,
           'https://server.example.com/oauth2/token',
           'tokens/legacy.json'
@@ -124,7 +124,7 @@ describe Rack::OAuth2::Client do
 
     context 'when no-type token is given (key-value)' do
       before do
-        fake_response(
+        mock_response(
           :post,
           'https://server.example.com/oauth2/token',
           'tokens/legacy.txt'
@@ -137,7 +137,7 @@ describe Rack::OAuth2::Client do
 
       context 'when expires_in is not given' do
         before do
-          fake_response(
+          mock_response(
             :post,
             'https://server.example.com/oauth2/token',
             'tokens/legacy_without_expires_in.txt'
@@ -150,7 +150,7 @@ describe Rack::OAuth2::Client do
     context 'when unknown-type token is given' do
       before  do
         client.authorization_code = 'code'
-        fake_response(
+        mock_response(
           :post,
           'https://server.example.com/oauth2/token',
           'tokens/unknown.json'
@@ -163,7 +163,7 @@ describe Rack::OAuth2::Client do
 
     context 'when error response is given' do
       before do
-        fake_response(
+        mock_response(
           :post,
           'https://server.example.com/oauth2/token',
           'errors/invalid_request.json',

data/spec/spec_helper.rb

@@ -1,23 +1,10 @@
-require 'rack/oauth2'
 require 'rspec'
-require 'fakeweb'
+require 'rack/oauth2'
 require 'helpers/time'
+require 'helpers/webmock_helper'
 
 def simple_app
   lambda do |env|
     [ 200, {'Content-Type' => 'text/plain'}, ["HELLO"] ]
   end
 end
-
-def fake_response(method, endpoint, file_path, options = {})
-  FakeWeb.register_uri(
-    method,
-    endpoint,
-    options.merge(
-      :body => File.read(
-        File.join(File.dirname(__FILE__), 'fake_response', file_path)
-      )
-    )
-  )
-end
-FakeWeb.allow_net_connect = false

metadata

@@ -1,8 +1,8 @@
 --- !ruby/object:Gem::Specification 
 name: rack-oauth2
 version: !ruby/object:Gem::Version 
-  prerelease: 
-  version: 0.7.0
+  prerelease: 6
+  version: 0.8.0.alpha
 platform: ruby
 authors: 
 - nov matake
@@ -10,7 +10,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-05-18 00:00:00 Z
+date: 2011-05-19 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rack
@@ -35,14 +35,14 @@ dependencies:
   type: :runtime
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
-  name: restclient_with_cert
+  name: httpclient
   prerelease: false
   requirement: &id003 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        version: "0"
+        version: 2.2.0.2
   type: :runtime
   version_requirements: *id003
 - !ruby/object:Gem::Dependency 
@@ -115,14 +115,14 @@ dependencies:
   type: :development
   version_requirements: *id009
 - !ruby/object:Gem::Dependency 
-  name: fakeweb
+  name: webmock
   prerelease: false
   requirement: &id010 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        version: "1.3"
+        version: 1.6.2
   type: :development
   version_requirements: *id010
 description: OAuth 2.0 Server & Client Library. Both Bearer and MAC token type are supported.
@@ -146,6 +146,7 @@ files:
 - VERSION
 - lib/rack/oauth2.rb
 - lib/rack/oauth2/access_token.rb
+- lib/rack/oauth2/access_token/authenticator.rb
 - lib/rack/oauth2/access_token/bearer.rb
 - lib/rack/oauth2/access_token/legacy.rb
 - lib/rack/oauth2/access_token/mac.rb
@@ -183,15 +184,17 @@ files:
 - lib/rack/oauth2/server/token/refresh_token.rb
 - lib/rack/oauth2/util.rb
 - rack-oauth2.gemspec
-- spec/fake_response/errors/invalid_request.json
-- spec/fake_response/resources/fake.txt
-- spec/fake_response/tokens/bearer.json
-- spec/fake_response/tokens/legacy.json
-- spec/fake_response/tokens/legacy.txt
-- spec/fake_response/tokens/legacy_without_expires_in.txt
-- spec/fake_response/tokens/mac.json
-- spec/fake_response/tokens/unknown.json
 - spec/helpers/time.rb
+- spec/helpers/webmock_helper.rb
+- spec/mock_response/errors/invalid_request.json
+- spec/mock_response/resources/fake.txt
+- spec/mock_response/tokens/bearer.json
+- spec/mock_response/tokens/legacy.json
+- spec/mock_response/tokens/legacy.txt
+- spec/mock_response/tokens/legacy_without_expires_in.txt
+- spec/mock_response/tokens/mac.json
+- spec/mock_response/tokens/unknown.json
+- spec/rack/oauth2/access_token/authenticator_spec.rb
 - spec/rack/oauth2/access_token/bearer_spec.rb
 - spec/rack/oauth2/access_token/legacy_spec.rb
 - spec/rack/oauth2/access_token/mac/body_hash_spec.rb
@@ -248,15 +251,17 @@ signing_key:
 specification_version: 3
 summary: OAuth 2.0 Server & Client Library - Both Bearer and MAC token type are supported
 test_files: 
-- spec/fake_response/errors/invalid_request.json
-- spec/fake_response/resources/fake.txt
-- spec/fake_response/tokens/bearer.json
-- spec/fake_response/tokens/legacy.json
-- spec/fake_response/tokens/legacy.txt
-- spec/fake_response/tokens/legacy_without_expires_in.txt
-- spec/fake_response/tokens/mac.json
-- spec/fake_response/tokens/unknown.json
 - spec/helpers/time.rb
+- spec/helpers/webmock_helper.rb
+- spec/mock_response/errors/invalid_request.json
+- spec/mock_response/resources/fake.txt
+- spec/mock_response/tokens/bearer.json
+- spec/mock_response/tokens/legacy.json
+- spec/mock_response/tokens/legacy.txt
+- spec/mock_response/tokens/legacy_without_expires_in.txt
+- spec/mock_response/tokens/mac.json
+- spec/mock_response/tokens/unknown.json
+- spec/rack/oauth2/access_token/authenticator_spec.rb
 - spec/rack/oauth2/access_token/bearer_spec.rb
 - spec/rack/oauth2/access_token/legacy_spec.rb
 - spec/rack/oauth2/access_token/mac/body_hash_spec.rb