rack-oauth2 0.8.3 → 0.8.4
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +2 -2
- data/VERSION +1 -1
- data/lib/rack/oauth2/server/abstract/error.rb +12 -0
- data/lib/rack/oauth2/server/authorize.rb +1 -0
- data/lib/rack/oauth2/server/authorize/error.rb +19 -3
- data/lib/rack/oauth2/server/authorize/token.rb +5 -1
- data/lib/rack/oauth2/server/token.rb +4 -1
- data/lib/rack/oauth2/server/token/authorization_code.rb +2 -1
- data/spec/rack/oauth2/server/authorize/token_spec.rb +17 -2
- data/spec/rack/oauth2/server/token/authorization_code_spec.rb +8 -2
- metadata +59 -3
data/README.rdoc
CHANGED
@@ -3,8 +3,8 @@
|
|
3
3
|
OAuth 2.0 Server & Client Library.
|
4
4
|
Both Bearer and MAC token type are supported.
|
5
5
|
|
6
|
-
The OAuth 2.0 Authorization Protocol (draft
|
7
|
-
http://tools.ietf.org/html/draft-ietf-oauth-v2-
|
6
|
+
The OAuth 2.0 Authorization Protocol (draft 18)
|
7
|
+
http://tools.ietf.org/html/draft-ietf-oauth-v2-18
|
8
8
|
|
9
9
|
The OAuth 2.0 Protocol: Bearer Tokens (draft 06)
|
10
10
|
http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-06
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.8.
|
1
|
+
0.8.4
|
@@ -51,6 +51,18 @@ module Rack
|
|
51
51
|
super 403, error, description, options
|
52
52
|
end
|
53
53
|
end
|
54
|
+
|
55
|
+
class ServerError < Error
|
56
|
+
def initialize(error = :forbidden, description = nil, options = {})
|
57
|
+
super 500, error, description, options
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
class TemporarilyUnavailable < Error
|
62
|
+
def initialize(error = :forbidden, description = nil, options = {})
|
63
|
+
super 503, error, description, options
|
64
|
+
end
|
65
|
+
end
|
54
66
|
end
|
55
67
|
end
|
56
68
|
end
|
@@ -2,8 +2,10 @@ module Rack
|
|
2
2
|
module OAuth2
|
3
3
|
module Server
|
4
4
|
class Authorize
|
5
|
-
|
6
|
-
|
5
|
+
module ErrorHandler
|
6
|
+
def self.included(klass)
|
7
|
+
klass.send :attr_accessor, :redirect_uri, :state, :protocol_params_location
|
8
|
+
end
|
7
9
|
|
8
10
|
def protocol_params
|
9
11
|
super.merge(:state => state)
|
@@ -20,13 +22,27 @@ module Rack
|
|
20
22
|
end
|
21
23
|
end
|
22
24
|
|
25
|
+
class BadRequest < Abstract::BadRequest
|
26
|
+
include ErrorHandler
|
27
|
+
end
|
28
|
+
|
29
|
+
class ServerError < Abstract::ServerError
|
30
|
+
include ErrorHandler
|
31
|
+
end
|
32
|
+
|
33
|
+
class TemporarilyUnavailable < Abstract::TemporarilyUnavailable
|
34
|
+
include ErrorHandler
|
35
|
+
end
|
36
|
+
|
23
37
|
module ErrorMethods
|
24
38
|
DEFAULT_DESCRIPTION = {
|
25
39
|
:invalid_request => "The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.",
|
26
40
|
:unauthorized_client => "The client is not authorized to use the requested response type.",
|
27
41
|
:access_denied => "The end-user or authorization server denied the request.",
|
28
42
|
:unsupported_response_type => "The requested response type is not supported by the authorization server.",
|
29
|
-
:invalid_scope => "The requested scope is invalid, unknown, or malformed."
|
43
|
+
:invalid_scope => "The requested scope is invalid, unknown, or malformed.",
|
44
|
+
:server_error => "Internal Server Error",
|
45
|
+
:temporarily_unavailable => "Service Unavailable"
|
30
46
|
}
|
31
47
|
|
32
48
|
def self.included(klass)
|
@@ -21,7 +21,11 @@ module Rack
|
|
21
21
|
attr_required :access_token
|
22
22
|
|
23
23
|
def protocol_params
|
24
|
-
super.merge
|
24
|
+
super.merge(
|
25
|
+
access_token.token_response.delete_if do |k, v|
|
26
|
+
k == :refresh_token
|
27
|
+
end
|
28
|
+
)
|
25
29
|
end
|
26
30
|
|
27
31
|
def protocol_params_location
|
@@ -40,6 +40,7 @@ module Rack
|
|
40
40
|
when ''
|
41
41
|
attr_missing!
|
42
42
|
else
|
43
|
+
# TODO: support extensions
|
43
44
|
unsupported_grant_type!("'#{params['grant_type']}' isn't supported.")
|
44
45
|
end
|
45
46
|
end
|
@@ -55,7 +56,9 @@ module Rack
|
|
55
56
|
def finish
|
56
57
|
attr_missing!
|
57
58
|
write Util.compact_hash(protocol_params).to_json
|
58
|
-
header['Content-Type'] =
|
59
|
+
header['Content-Type'] = 'application/json'
|
60
|
+
header['Cache-Control'] = 'no-store'
|
61
|
+
header['Pragma'] = 'no-cache'
|
59
62
|
super
|
60
63
|
end
|
61
64
|
end
|
@@ -7,10 +7,11 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
7
7
|
let(:response) { request.get("/?response_type=token&client_id=client&redirect_uri=#{redirect_uri}") }
|
8
8
|
|
9
9
|
context "when approved" do
|
10
|
+
let(:bearer_token) { Rack::OAuth2::AccessToken::Bearer.new(:access_token => access_token) }
|
10
11
|
let :app do
|
11
12
|
Rack::OAuth2::Server::Authorize.new do |request, response|
|
12
13
|
response.redirect_uri = redirect_uri
|
13
|
-
response.access_token =
|
14
|
+
response.access_token = bearer_token
|
14
15
|
response.approve!
|
15
16
|
end
|
16
17
|
end
|
@@ -20,10 +21,24 @@ describe Rack::OAuth2::Server::Authorize::Token do
|
|
20
21
|
response.location.should == "#{redirect_uri}#access_token=#{access_token}&token_type=bearer"
|
21
22
|
end
|
22
23
|
|
24
|
+
context 'when refresh_token is given' do
|
25
|
+
let :bearer_token do
|
26
|
+
Rack::OAuth2::AccessToken::Bearer.new(
|
27
|
+
:access_token => access_token,
|
28
|
+
:refresh_token => 'refresh'
|
29
|
+
)
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'should remove refresh_token from response' do
|
33
|
+
response.status.should == 302
|
34
|
+
response.location.should == "#{redirect_uri}#access_token=#{access_token}&token_type=bearer"
|
35
|
+
end
|
36
|
+
end
|
37
|
+
|
23
38
|
context 'when redirect_uri is missing' do
|
24
39
|
let :app do
|
25
40
|
Rack::OAuth2::Server::Authorize.new do |request, response|
|
26
|
-
response.access_token =
|
41
|
+
response.access_token = bearer_token
|
27
42
|
response.approve!
|
28
43
|
end
|
29
44
|
end
|
@@ -15,14 +15,20 @@ describe Rack::OAuth2::Server::Token::AuthorizationCode do
|
|
15
15
|
:redirect_uri => 'http://client.example.com/callback'
|
16
16
|
}
|
17
17
|
end
|
18
|
-
|
18
|
+
let(:response) { request.post('/', :params => params) }
|
19
|
+
subject { response }
|
19
20
|
|
20
21
|
its(:status) { should == 200 }
|
21
22
|
its(:content_type) { should == 'application/json' }
|
22
23
|
its(:body) { should include '"access_token":"access_token"' }
|
23
24
|
its(:body) { should include '"token_type":"bearer"' }
|
24
25
|
|
25
|
-
|
26
|
+
it 'should prevent to be cached' do
|
27
|
+
response.header['Cache-Control'].should == 'no-store'
|
28
|
+
response.header['Pragma'].should == 'no-cache'
|
29
|
+
end
|
30
|
+
|
31
|
+
[:code].each do |required|
|
26
32
|
context "when #{required} is missing" do
|
27
33
|
before do
|
28
34
|
params.delete_if do |key, value|
|
metadata
CHANGED
@@ -1,8 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
+
hash: 55
|
4
5
|
prerelease:
|
5
|
-
|
6
|
+
segments:
|
7
|
+
- 0
|
8
|
+
- 8
|
9
|
+
- 4
|
10
|
+
version: 0.8.4
|
6
11
|
platform: ruby
|
7
12
|
authors:
|
8
13
|
- nov matake
|
@@ -10,7 +15,7 @@ autorequire:
|
|
10
15
|
bindir: bin
|
11
16
|
cert_chain: []
|
12
17
|
|
13
|
-
date: 2011-
|
18
|
+
date: 2011-07-15 00:00:00 Z
|
14
19
|
dependencies:
|
15
20
|
- !ruby/object:Gem::Dependency
|
16
21
|
name: rack
|
@@ -20,6 +25,10 @@ dependencies:
|
|
20
25
|
requirements:
|
21
26
|
- - ">="
|
22
27
|
- !ruby/object:Gem::Version
|
28
|
+
hash: 13
|
29
|
+
segments:
|
30
|
+
- 1
|
31
|
+
- 1
|
23
32
|
version: "1.1"
|
24
33
|
type: :runtime
|
25
34
|
version_requirements: *id001
|
@@ -31,6 +40,11 @@ dependencies:
|
|
31
40
|
requirements:
|
32
41
|
- - ">="
|
33
42
|
- !ruby/object:Gem::Version
|
43
|
+
hash: 1
|
44
|
+
segments:
|
45
|
+
- 1
|
46
|
+
- 4
|
47
|
+
- 3
|
34
48
|
version: 1.4.3
|
35
49
|
type: :runtime
|
36
50
|
version_requirements: *id002
|
@@ -42,6 +56,12 @@ dependencies:
|
|
42
56
|
requirements:
|
43
57
|
- - ">="
|
44
58
|
- !ruby/object:Gem::Version
|
59
|
+
hash: 123
|
60
|
+
segments:
|
61
|
+
- 2
|
62
|
+
- 2
|
63
|
+
- 0
|
64
|
+
- 2
|
45
65
|
version: 2.2.0.2
|
46
66
|
type: :runtime
|
47
67
|
version_requirements: *id003
|
@@ -53,6 +73,10 @@ dependencies:
|
|
53
73
|
requirements:
|
54
74
|
- - ">="
|
55
75
|
- !ruby/object:Gem::Version
|
76
|
+
hash: 5
|
77
|
+
segments:
|
78
|
+
- 2
|
79
|
+
- 3
|
56
80
|
version: "2.3"
|
57
81
|
type: :runtime
|
58
82
|
version_requirements: *id004
|
@@ -64,6 +88,9 @@ dependencies:
|
|
64
88
|
requirements:
|
65
89
|
- - ">="
|
66
90
|
- !ruby/object:Gem::Version
|
91
|
+
hash: 3
|
92
|
+
segments:
|
93
|
+
- 0
|
67
94
|
version: "0"
|
68
95
|
type: :runtime
|
69
96
|
version_requirements: *id005
|
@@ -75,6 +102,11 @@ dependencies:
|
|
75
102
|
requirements:
|
76
103
|
- - ">="
|
77
104
|
- !ruby/object:Gem::Version
|
105
|
+
hash: 25
|
106
|
+
segments:
|
107
|
+
- 0
|
108
|
+
- 0
|
109
|
+
- 3
|
78
110
|
version: 0.0.3
|
79
111
|
type: :runtime
|
80
112
|
version_requirements: *id006
|
@@ -86,6 +118,10 @@ dependencies:
|
|
86
118
|
requirements:
|
87
119
|
- - ">="
|
88
120
|
- !ruby/object:Gem::Version
|
121
|
+
hash: 27
|
122
|
+
segments:
|
123
|
+
- 0
|
124
|
+
- 8
|
89
125
|
version: "0.8"
|
90
126
|
type: :development
|
91
127
|
version_requirements: *id007
|
@@ -97,6 +133,10 @@ dependencies:
|
|
97
133
|
requirements:
|
98
134
|
- - ">="
|
99
135
|
- !ruby/object:Gem::Version
|
136
|
+
hash: 25
|
137
|
+
segments:
|
138
|
+
- 0
|
139
|
+
- 9
|
100
140
|
version: "0.9"
|
101
141
|
type: :development
|
102
142
|
version_requirements: *id008
|
@@ -108,6 +148,9 @@ dependencies:
|
|
108
148
|
requirements:
|
109
149
|
- - ">="
|
110
150
|
- !ruby/object:Gem::Version
|
151
|
+
hash: 7
|
152
|
+
segments:
|
153
|
+
- 2
|
111
154
|
version: "2"
|
112
155
|
type: :development
|
113
156
|
version_requirements: *id009
|
@@ -119,6 +162,11 @@ dependencies:
|
|
119
162
|
requirements:
|
120
163
|
- - ">="
|
121
164
|
- !ruby/object:Gem::Version
|
165
|
+
hash: 11
|
166
|
+
segments:
|
167
|
+
- 1
|
168
|
+
- 6
|
169
|
+
- 2
|
122
170
|
version: 1.6.2
|
123
171
|
type: :development
|
124
172
|
version_requirements: *id010
|
@@ -233,17 +281,25 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
233
281
|
requirements:
|
234
282
|
- - ">="
|
235
283
|
- !ruby/object:Gem::Version
|
284
|
+
hash: 3
|
285
|
+
segments:
|
286
|
+
- 0
|
236
287
|
version: "0"
|
237
288
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
238
289
|
none: false
|
239
290
|
requirements:
|
240
291
|
- - ">="
|
241
292
|
- !ruby/object:Gem::Version
|
293
|
+
hash: 23
|
294
|
+
segments:
|
295
|
+
- 1
|
296
|
+
- 3
|
297
|
+
- 6
|
242
298
|
version: 1.3.6
|
243
299
|
requirements: []
|
244
300
|
|
245
301
|
rubyforge_project:
|
246
|
-
rubygems_version: 1.
|
302
|
+
rubygems_version: 1.8.5
|
247
303
|
signing_key:
|
248
304
|
specification_version: 3
|
249
305
|
summary: OAuth 2.0 Server & Client Library - Both Bearer and MAC token type are supported
|