rack-oauth_echo 0.0.1

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--format documentation

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in rack-oauth_echo.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,22 @@
+Copyright (c) 2012 Alberto Bajo
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,29 @@
+# Rack::OAuthEcho
+
+TODO: Write a gem description
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'rack-oauth_echo'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install rack-oauth_echo
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Added some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"

data/lib/rack/oauth_echo/version.rb

@@ -0,0 +1,5 @@
+module Rack
+  module OAuthEcho
+    VERSION = "0.0.1"
+  end
+end

data/lib/rack/oauth_echo.rb

@@ -0,0 +1,45 @@
+require "rack/oauth_echo/version"
+
+module Rack
+  module OAuthEcho
+    class Middleware
+      def initialize(app)
+        @app = app
+      end
+      
+      def call(env)
+        if valid_header?(env)
+          json_response = auth_request(env) if valid_header?(env)
+          if json_response.status == 200
+            env['rack-oauth_echo.user_hash'] = auth_request(env).body
+            @app.call(env)
+          else
+            [json_response.status, {}, "Could not authenticate you."]
+          end
+        else
+          @app.call(env)
+        end
+      end
+      
+      private
+
+        def valid_header?(env)
+          env.has_key?('X-Verify-Credentials-Authorization') ||
+          env.has_key?('X-Auth-Service-Provider')
+        end
+        
+        def auth_request(env)
+          conn = Faraday.new do |conn|
+            conn.response :json, :content_type => /\bjson$/
+            conn.headers['Authorization'] =
+              env['X-Verify-Credentials-Authorization']
+            
+            conn.adapter Faraday.default_adapter
+          end
+          
+          conn.get env['X-Auth-Service-Provider']
+        end
+   
+    end    
+  end
+end

data/rack-oauth_echo.gemspec

@@ -0,0 +1,29 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/rack/oauth_echo/version', __FILE__)
+
+Gem::Specification.new do |gem|
+  gem.authors       = ["Alberto Bajo"]
+  gem.email         = ["albertobajo@gmail.com"]
+  gem.description   = %q{OAuth Echo authentication by a rack middleware}
+  gem.summary       = %q{Rack::OAuthEcho it a small, simple middleware for
+    authenticate OAuth Echo requests.}
+  gem.homepage      = "http://github.com/albertobajo/rack-oauth_echo"
+
+  gem.files         = `git ls-files`.split($\)
+  gem.executables   = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
+  gem.name          = "rack-oauth_echo"
+  gem.require_paths = ["lib"]
+  gem.version       = Rack::OAuthEcho::VERSION
+  
+  gem.add_dependency "faraday_middleware", "~> 0.8.8"
+  gem.add_dependency "rack", "~> 1.4.1"
+  
+  gem.add_development_dependency "fakeweb", "~> 1.3.0"
+  gem.add_development_dependency "json", "~> 1.7.4"
+  gem.add_development_dependency "rack-test", "~> 0.6.1"
+  gem.add_development_dependency "rspec", "~> 2.11.0"
+  gem.add_development_dependency "simple_oauth", "~> 0.1.9"
+  gem.add_development_dependency "spork", "~> 0.9.2"
+  gem.add_development_dependency "vcr", "~> 2.2.4"
+end

data/spec/cassettes/Rack_OAuthEcho_Middleware/OAuth_Echo/invalid_headers/should_return_a_401_status.yml

@@ -0,0 +1,82 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.twitter.com/1/account/verify_credentials.json
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      authorization:
+      - bad header
+      accept-encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      accept:
+      - ! '*/*'
+      user-agent:
+      - Ruby
+  response:
+    status:
+      code: 401
+      message: !binary |-
+        VW5hdXRob3JpemVk
+    headers:
+      !binary "ZGF0ZQ==":
+      - !binary |-
+        TW9uLCAzMCBKdWwgMjAxMiAxMjoyNTowNyBHTVQ=
+      !binary "c3RhdHVz":
+      - !binary |-
+        NDAxIFVuYXV0aG9yaXplZA==
+      !binary "eC1ydW50aW1l":
+      - !binary |-
+        MC4wMDQxMQ==
+      !binary "Y2FjaGUtY29udHJvbA==":
+      - !binary |-
+        bm8tY2FjaGUsIG1heC1hZ2U9MzAw
+      !binary "Y29udGVudC10eXBl":
+      - !binary |-
+        YXBwbGljYXRpb24vanNvbjsgY2hhcnNldD11dGYtOA==
+      !binary "d3d3LWF1dGhlbnRpY2F0ZQ==":
+      - !binary |-
+        T0F1dGggcmVhbG09Imh0dHBzOi8vYXBpLnR3aXR0ZXIuY29tIg==
+      !binary "c2V0LWNvb2tpZQ==":
+      - !binary |-
+        az0xMC4zNi4yMy4xMDIuMTM0MzY1MTEwNzQwMDg3MDsgcGF0aD0vOyBleHBp
+        cmVzPU1vbiwgMDYtQXVnLTEyIDEyOjI1OjA3IEdNVDsgZG9tYWluPS50d2l0
+        dGVyLmNvbQ==
+      - !binary |-
+        Z3Vlc3RfaWQ9djElM0ExMzQzNjUxMTA3NDA1NDQ1NzY7IGRvbWFpbj0udHdp
+        dHRlci5jb207IHBhdGg9LzsgZXhwaXJlcz1UaHUsIDMxLUp1bC0yMDE0IDAw
+        OjI1OjA3IEdNVA==
+      - !binary |-
+        X3R3aXR0ZXJfc2Vzcz1CQWg3Q0NJS1pteGhjMmhKUXpvblFXTjBhVzl1UTI5
+        dWRISnZiR3hsY2pvNlJteGhjMmc2T2tac1lYTm8lMjUwQVNHRnphSHNBQmpv
+        S1FIVnpaV1I3QURvUFkzSmxZWFJsWkY5aGRHd3JDRSUyNTJGUzJOYzRBVG9I
+        YVdRaUpUVmslMjUwQU1UaG1PRGM1TjJSa1ptWmxNbU15WkRCbU1HVm1OREl6
+        TkRrM01UUTEtLTA4MGE3NWVmYmM0NWQwY2Y3NDQxODIwOTk2NzJmZDY2YmFl
+        NmYyM2U7IGRvbWFpbj0udHdpdHRlci5jb207IHBhdGg9LzsgSHR0cE9ubHk=
+      !binary "ZXhwaXJlcw==":
+      - !binary |-
+        TW9uLCAzMCBKdWwgMjAxMiAxMjozMDowNyBHTVQ=
+      !binary "dmFyeQ==":
+      - !binary |-
+        QWNjZXB0LUVuY29kaW5n
+      !binary "Y29udGVudC1lbmNvZGluZw==":
+      - !binary |-
+        Z3ppcA==
+      !binary "Y29udGVudC1sZW5ndGg=":
+      - !binary |-
+        MTAx
+      !binary "c2VydmVy":
+      - !binary |-
+        dGZl
+    body:
+      encoding: ASCII-8BIT
+      string: !binary |-
+        H4sIAAAAAAAAAxXLwQqAIAwA0F+RnUPp2rXfEGLoIkMczS2I6N+r+3s3kAgL
+        TDCz1ewaq0PTjZqWhEruYvMwgNBh1PVzMYwxYEpsTWM4Scp6LUko/wVr93vn
+        Bs8L+8HgvlkAAAA=
+    http_version: !binary |-
+      MS4x
+  recorded_at: Mon, 30 Jul 2012 12:25:06 GMT
+recorded_with: VCR 2.2.4

data/spec/cassettes/Rack_OAuthEcho_Middleware/OAuth_Echo/invalid_headers/should_return_an_error_msg.yml

@@ -0,0 +1,82 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.twitter.com/1/account/verify_credentials.json
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      authorization:
+      - bad header
+      accept-encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      accept:
+      - ! '*/*'
+      user-agent:
+      - Ruby
+  response:
+    status:
+      code: 401
+      message: !binary |-
+        VW5hdXRob3JpemVk
+    headers:
+      !binary "ZGF0ZQ==":
+      - !binary |-
+        TW9uLCAzMCBKdWwgMjAxMiAxMjoyNTowOSBHTVQ=
+      !binary "c3RhdHVz":
+      - !binary |-
+        NDAxIFVuYXV0aG9yaXplZA==
+      !binary "Y29udGVudC10eXBl":
+      - !binary |-
+        YXBwbGljYXRpb24vanNvbjsgY2hhcnNldD11dGYtOA==
+      !binary "Y2FjaGUtY29udHJvbA==":
+      - !binary |-
+        bm8tY2FjaGUsIG1heC1hZ2U9MzAw
+      !binary "eC1ydW50aW1l":
+      - !binary |-
+        MC4wMDM5Mg==
+      !binary "d3d3LWF1dGhlbnRpY2F0ZQ==":
+      - !binary |-
+        T0F1dGggcmVhbG09Imh0dHBzOi8vYXBpLnR3aXR0ZXIuY29tIg==
+      !binary "c2V0LWNvb2tpZQ==":
+      - !binary |-
+        az0xMC4zNC4yNTAuMTE3LjEzNDM2NTExMDkzNDI2Njc7IHBhdGg9LzsgZXhw
+        aXJlcz1Nb24sIDA2LUF1Zy0xMiAxMjoyNTowOSBHTVQ7IGRvbWFpbj0udHdp
+        dHRlci5jb20=
+      - !binary |-
+        Z3Vlc3RfaWQ9djElM0ExMzQzNjUxMTA5MzQ3NTE5NzU7IGRvbWFpbj0udHdp
+        dHRlci5jb207IHBhdGg9LzsgZXhwaXJlcz1UaHUsIDMxLUp1bC0yMDE0IDAw
+        OjI1OjA5IEdNVA==
+      - !binary |-
+        X3R3aXR0ZXJfc2Vzcz1CQWg3Q0RvUFkzSmxZWFJsWkY5aGRHd3JDT1haMk5j
+        NEFTSUtabXhoYzJoSlF6b25RV04wYVc5dVEyOXUlMjUwQWRISnZiR3hsY2pv
+        NlJteGhjMmc2T2tac1lYTm9TR0Z6YUhzQUJqb0tRSFZ6WldSN0FEb0hhV1Fp
+        SlRZdyUyNTBBTVRZeE1qazVNV0pqWmpOaE1qTmhZbU0zWXpZMk9Ua3daalps
+        T0RGai0tODg0NTA4ZDZhMzk5ZTg3MTY5NzAwODM2ZGFjMzExYmE3OWFlMzZl
+        MzsgZG9tYWluPS50d2l0dGVyLmNvbTsgcGF0aD0vOyBIdHRwT25seQ==
+      !binary "ZXhwaXJlcw==":
+      - !binary |-
+        TW9uLCAzMCBKdWwgMjAxMiAxMjozMDowOSBHTVQ=
+      !binary "dmFyeQ==":
+      - !binary |-
+        QWNjZXB0LUVuY29kaW5n
+      !binary "Y29udGVudC1lbmNvZGluZw==":
+      - !binary |-
+        Z3ppcA==
+      !binary "Y29udGVudC1sZW5ndGg=":
+      - !binary |-
+        MTAx
+      !binary "c2VydmVy":
+      - !binary |-
+        dGZl
+    body:
+      encoding: ASCII-8BIT
+      string: !binary |-
+        H4sIAAAAAAAAAxXLwQqAIAwA0F+RnUPp2rXfEGLoIkMczS2I6N+r+3s3kAgL
+        TDCz1ewaq0PTjZqWhEruYvMwgNBh1PVzMYwxYEpsTWM4Scp6LUko/wVr93vn
+        Bs8L+8HgvlkAAAA=
+    http_version: !binary |-
+      MS4x
+  recorded_at: Mon, 30 Jul 2012 12:25:08 GMT
+recorded_with: VCR 2.2.4

data/spec/cassettes/Rack_OAuthEcho_Middleware/OAuth_Echo/valid_headers/should_retrieve_user_hash.yml

@@ -0,0 +1,241 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.twitter.com/1/account/verify_credentials.json
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      accept-encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      accept:
+      - ! '*/*'
+      user-agent:
+      - Ruby
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      date:
+      - Mon, 30 Jul 2012 12:25:03 GMT
+      status:
+      - 200 OK
+      etag:
+      - ! '"9fe80e1f4151f6e94e47c947bedface3"'
+      x-runtime:
+      - '0.04246'
+      pragma:
+      - no-cache
+      cache-control:
+      - no-cache, no-store, must-revalidate, pre-check=0, post-check=0
+      x-access-level:
+      - read-write
+      x-ratelimit-class:
+      - api_identified
+      x-ratelimit-remaining:
+      - '349'
+      x-transaction:
+      - e8d57b0f86c199ce
+      x-ratelimit-reset:
+      - '1343654703'
+      expires:
+      - Tue, 31 Mar 1981 05:00:00 GMT
+      x-frame-options:
+      - SAMEORIGIN
+      x-ratelimit-limit:
+      - '350'
+      x-transaction-mask:
+      - a6183ffa5f8ca943ff1b53b5644ef11440ad50ea
+      x-mid:
+      - bdc5d4ad020e396c56952e513b0a36526fc24d19
+      last-modified:
+      - Mon, 30 Jul 2012 12:25:03 GMT
+      content-type:
+      - application/json; charset=utf-8
+      set-cookie:
+      - k=10.34.126.113.1343651103310940; path=/; expires=Mon, 06-Aug-12 12:25:03
+        GMT; domain=.twitter.com
+      - guest_id=v1%3A134365110331523023; domain=.twitter.com; path=/; expires=Thu,
+        31-Jul-2014 00:25:03 GMT
+      - dnt=; domain=.twitter.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
+      - lang=en; path=/
+      - lang=en; path=/
+      - lang=en; path=/
+      - twid=u%3D16893620%7CIHx9kxnNmH820HabKi2djgPA8rg%3D; domain=.twitter.com; path=/;
+        secure
+      - _twitter_sess=BAh7CSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCGLC2Nc4AToMY3NyZl9p%250AZCIlZDEzMWFhNzY2NDJmNDNlMTljODNmZmY5MTI5NDczNzA6B2lkIiVlOTUy%250ANWIwNjE5NjdhMDQwNTRhNzE5ODk0MTI4NjNjNg%253D%253D--4905d4dcc8a7ddcb016670d5a13a4563aaeee26e;
+        domain=.twitter.com; path=/; HttpOnly
+      vary:
+      - Accept-Encoding
+      content-encoding:
+      - gzip
+      transfer-encoding:
+      - chunked
+      server:
+      - tfe
+    body:
+      encoding: ASCII-8BIT
+      string: !binary |-
+        H4sIAAAAAAAAAwIAAAD//51Uy27bMBD8FYK3ooath20p6iVNk6IoUPTSSwED
+        xEpa20wo0iGpOE2Qf+/StmQ5jxatLpLI5e5wZnYfuayF85YXPJ7nZ+k8ifiI
+        17iEVnmxsWYpFfJiCcrhiGJ50YWNuDIVeGk0nb2QqgRDJw8nhJM1lmBFaWyN
+        VlRGmVDjU3R5dXVJcUsrUdeONlrteZFmtGSUMlupV325LlkJ1c3KUmQtZAMr
+        FK1VYu39xlHK3btYTBYTJ6Ox38pmNa5Ms5jsQt1i4tfY9O94MSlX4w0VGfE7
+        tHIpse7rKek81j2mVwH4IR+tr4RZLh2G8HlEnFRGeyvL1hvrBGoo1SD/c3Lo
+        R/XUXBIzn+cES0NDFfhHVaL1hl3AdSB2heaYz9uW0jkPvnXYkzhNp3TaeLrU
+        Xhg3rOyx8gMs0glvQTsFPpQ/rLq12QogVFIrqVE0WEs47lYWUYsDQNgDLPf4
+        XqHqhehdTC/iQb6denAi3kkoiZfM8nyWZ0lGgXfgiTwK9p6spY1tQI2vN0HS
+        vYeExdsWnRcOAy/P2P8HC/0nimftsz/e49hjRNvrlmXhCJErN4d2CjeBO9Na
+        6Qfyxn/uiLfJ/GsndGlJ85tetijKpxdT2n2e+6h7SE8BCkLTctT0TRaB0ERA
+        iPmPFtn3yrMkZklUzKIijdj7iB76jfJBYbLxizt1NveyQfFgdPDcN6gtDaHO
+        +7x4PM6vJJklZ7M8np9R7nxOPxRn0W8Rh8Y/rHSsUs9KTYbZqF/CmwDEit2Y
+        y+M0PUvS/HR/X3cXEerleZxNp1kSp3k2SwirbXUFw3JBxyDjceUFQ19bxeKM
+        xXmR5EWU9gzFCX+j+ODGpwj4q7fpBnx3pUC8gooI1a1SYWjRlJaaULluicZN
+        93mC4GQCbIjBexosQQ8ya0jIt1jy0zHY5zlwdqoRcYb3gYnzLhs7v0EJev1g
+        2BdgzmioDQNWwaKNomUM9H0na2CGNS0ZEcfsp2FOMtA1SMc2xjK4bUMw1qxB
+        FoxKZ7xpwCpgH97xp6PxQvHe8enu4U+/ARPK9FIVBwAA
+    http_version: '1.1'
+  recorded_at: Mon, 30 Jul 2012 12:25:02 GMT
+- request:
+    method: get
+    uri: https://api.twitter.com/1/account/verify_credentials.json
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      accept-encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      accept:
+      - ! '*/*'
+      user-agent:
+      - Ruby
+  response:
+    status:
+      code: 200
+      message: !binary |-
+        T0s=
+    headers:
+      !binary "ZGF0ZQ==":
+      - !binary |-
+        TW9uLCAzMCBKdWwgMjAxMiAxMjoyNTowNSBHTVQ=
+      !binary "c3RhdHVz":
+      - !binary |-
+        MjAwIE9L
+      !binary "eC1ydW50aW1l":
+      - !binary |-
+        MC4wNDQ4Nw==
+      !binary "eC1hY2Nlc3MtbGV2ZWw=":
+      - !binary |-
+        cmVhZC13cml0ZQ==
+      !binary "eC1yYXRlbGltaXQtY2xhc3M=":
+      - !binary |-
+        YXBpX2lkZW50aWZpZWQ=
+      !binary "eC1taWQ=":
+      - !binary |-
+        MTIzODY5MzJkMmU3YjNjYzAyMzYxMzljNTdiZjAwMjc2OThjMjYyYw==
+      !binary "bGFzdC1tb2RpZmllZA==":
+      - !binary |-
+        TW9uLCAzMCBKdWwgMjAxMiAxMjoyNTowNSBHTVQ=
+      !binary "eC1yYXRlbGltaXQtcmVzZXQ=":
+      - !binary |-
+        MTM0MzY1NDcwMw==
+      !binary "eC10cmFuc2FjdGlvbg==":
+      - !binary |-
+        ZDFiYmE5Njg4NmYyMzhmYQ==
+      !binary "cHJhZ21h":
+      - !binary |-
+        bm8tY2FjaGU=
+      !binary "ZXhwaXJlcw==":
+      - !binary |-
+        VHVlLCAzMSBNYXIgMTk4MSAwNTowMDowMCBHTVQ=
+      !binary "Y2FjaGUtY29udHJvbA==":
+      - !binary |-
+        bm8tY2FjaGUsIG5vLXN0b3JlLCBtdXN0LXJldmFsaWRhdGUsIHByZS1jaGVj
+        az0wLCBwb3N0LWNoZWNrPTA=
+      !binary "ZXRhZw==":
+      - !binary |-
+        IjlmZTgwZTFmNDE1MWY2ZTk0ZTQ3Yzk0N2JlZGZhY2UzIg==
+      !binary "eC1yYXRlbGltaXQtcmVtYWluaW5n":
+      - !binary |-
+        MzQ4
+      !binary "eC1mcmFtZS1vcHRpb25z":
+      - !binary |-
+        U0FNRU9SSUdJTg==
+      !binary "eC1yYXRlbGltaXQtbGltaXQ=":
+      - !binary |-
+        MzUw
+      !binary "Y29udGVudC10eXBl":
+      - !binary |-
+        YXBwbGljYXRpb24vanNvbjsgY2hhcnNldD11dGYtOA==
+      !binary "eC10cmFuc2FjdGlvbi1tYXNr":
+      - !binary |-
+        YTYxODNmZmE1ZjhjYTk0M2ZmMWI1M2I1NjQ0ZWYxMTQ0MGFkNTBlYQ==
+      !binary "c2V0LWNvb2tpZQ==":
+      - !binary |-
+        az0xMC4zNC4yMzQuMTE2LjEzNDM2NTExMDU0NjQ2NDk7IHBhdGg9LzsgZXhw
+        aXJlcz1Nb24sIDA2LUF1Zy0xMiAxMjoyNTowNSBHTVQ7IGRvbWFpbj0udHdp
+        dHRlci5jb20=
+      - !binary |-
+        Z3Vlc3RfaWQ9djElM0ExMzQzNjUxMTA1NDY5NjAwMTU7IGRvbWFpbj0udHdp
+        dHRlci5jb207IHBhdGg9LzsgZXhwaXJlcz1UaHUsIDMxLUp1bC0yMDE0IDAw
+        OjI1OjA1IEdNVA==
+      - !binary |-
+        ZG50PTsgZG9tYWluPS50d2l0dGVyLmNvbTsgcGF0aD0vOyBleHBpcmVzPVRo
+        dSwgMDEtSmFuLTE5NzAgMDA6MDA6MDAgR01U
+      - !binary |-
+        bGFuZz1lbjsgcGF0aD0v
+      - !binary |-
+        bGFuZz1lbjsgcGF0aD0v
+      - !binary |-
+        bGFuZz1lbjsgcGF0aD0v
+      - !binary |-
+        dHdpZD11JTNEMTY4OTM2MjAlN0NJSHg5a3huTm1IODIwSGFiS2kyZGpnUEE4
+        cmclM0Q7IGRvbWFpbj0udHdpdHRlci5jb207IHBhdGg9Lzsgc2VjdXJl
+      - !binary |-
+        X3R3aXR0ZXJfc2Vzcz1CQWg3Q1NJS1pteGhjMmhKUXpvblFXTjBhVzl1UTI5
+        dWRISnZiR3hsY2pvNlJteGhjMmc2T2tac1lYTm8lMjUwQVNHRnphSHNBQmpv
+        S1FIVnpaV1I3QURvUFkzSmxZWFJsWkY5aGRHd3JDTTNLMk5jNEFUb01ZM055
+        Wmw5cCUyNTBBWkNJbE1XSXhZelJpTmpoak1UZzJPVEpqWWprME56QmhPV1ps
+        TkRCak1UZ3lOamM2QjJsa0lpVXpZVFUwJTI1MEFPRFV6TnpreFkyTm1aakF3
+        TkRsaU1HSTBOV1UwWTJFek9UTXpOUSUyNTNEJTI1M0QtLTA0NjgzZGM5ZTdh
+        NjBlZDRjOTE5OTczYzdlNjQ2NTNmZDg2OGIwYjg7IGRvbWFpbj0udHdpdHRl
+        ci5jb207IHBhdGg9LzsgSHR0cE9ubHk=
+      !binary "dmFyeQ==":
+      - !binary |-
+        QWNjZXB0LUVuY29kaW5n
+      !binary "Y29udGVudC1lbmNvZGluZw==":
+      - !binary |-
+        Z3ppcA==
+      !binary "Y29udGVudC1sZW5ndGg=":
+      - !binary |-
+        Nzky
+      !binary "c2VydmVy":
+      - !binary |-
+        dGZl
+    body:
+      encoding: ASCII-8BIT
+      string: !binary |-
+        H4sIAAAAAAAAA51Uy27bMBD8FYK3ooath20p6iVNk6IoUPTSSwEDxEpa20wo
+        0iGpOE2Qf+/StmQ5jxatLpLI5e5wZnYfuayF85YXPJ7nZ+k8ifiI17iEVnmx
+        sWYpFfJiCcrhiGJ50YWNuDIVeGk0nb2QqgRDJw8nhJM1lmBFaWyNVlRGmVDj
+        U3R5dXVJcUsrUdeONlrteZFmtGSUMlupV325LlkJ1c3KUmQtZAMrFK1VYu39
+        xlHK3btYTBYTJ6Ox38pmNa5Ms5jsQt1i4tfY9O94MSlX4w0VGfE7tHIpse7r
+        Kek81j2mVwH4IR+tr4RZLh2G8HlEnFRGeyvL1hvrBGoo1SD/c3LoR/XUXBIz
+        n+cES0NDFfhHVaL1hl3AdSB2heaYz9uW0jkPvnXYkzhNp3TaeLrUXhg3rOyx
+        8gMs0glvQTsFPpQ/rLq12QogVFIrqVE0WEs47lYWUYsDQNgDLPf4XqHqhehd
+        TC/iQb6denAi3kkoiZfM8nyWZ0lGgXfgiTwK9p6spY1tQI2vN0HSvYeExdsW
+        nRcOAy/P2P8HC/0nimftsz/e49hjRNvrlmXhCJErN4d2CjeBO9Na6Qfyxn/u
+        iLfJ/GsndGlJ85tetijKpxdT2n2e+6h7SE8BCkLTctT0TRaB0ERAiPmPFtn3
+        yrMkZklUzKIijdj7iB76jfJBYbLxizt1NveyQfFgdPDcN6gtDaHO+7x4PM6v
+        JJklZ7M8np9R7nxOPxRn0W8Rh8Y/rHSsUs9KTYbZqF/CmwDEit2Yy+M0PUvS
+        /HR/X3cXEerleZxNp1kSp3k2SwirbXUFw3JBxyDjceUFQ19bxeKMxXmR5EWU
+        9gzFCX+j+ODGpwj4q7fpBnx3pUC8gooI1a1SYWjRlJaaULluicZN93mC4GQC
+        bIjBexosQQ8ya0jIt1jy0zHY5zlwdqoRcYb3gYnzLhs7v0EJev1g2Bdgzmio
+        DQNWwaKNomUM9H0na2CGNS0ZEcfsp2FOMtA1SMc2xjK4bUMw1qxBFoxKZ7xp
+        wCpgH97xp6PxQvHe8enu4U+/ARPK9FIVBwAA
+    http_version: !binary |-
+      MS4x
+  recorded_at: Mon, 30 Jul 2012 12:25:04 GMT
+recorded_with: VCR 2.2.4

data/spec/lib/rack/oauth_echo_spec.rb

@@ -0,0 +1,71 @@
+require 'spec_helper'
+
+describe Rack::OAuthEcho::Middleware, vcr: { record: :once } do
+  
+  def app
+    app = lambda { |env| [200, {}, "Hello, World!"] }
+    Rack::OAuthEcho::Middleware.new(app)
+  end
+    
+  describe "OAuth Echo" do    
+    context "valid headers" do    
+      let(:headers) do
+        method = :get
+        uri = "https://api.twitter.com/1/account/verify_credentials.json"
+        params = {}
+        credentials = {
+          consumer_key: "___",
+          consumer_secret: "___",
+          token: "___",
+          token_secret: "___"
+        }
+
+        { 
+          'X-Auth-Service-Provider' => 
+            "https://api.twitter.com/1/account/verify_credentials.json",
+          'X-Verify-Credentials-Authorization' =>
+            SimpleOAuth::Header.new(method, uri, params, credentials).to_s
+        }
+      end
+      
+      before(:each) { get "/", {}, headers }
+
+      it "should retrieve user_hash" do
+        user_hash = last_request.env['rack-oauth_echo.user_hash']
+        user_hash['id'].should eq(16893620)
+        user_hash['screen_name'].should eq("albertobajo")
+      end
+    end
+    
+    context "without headers" do
+      before(:each) { get "/" }
+
+      it "should skip assignment" do
+        last_request.env['rack-oauth_echo.user_hash'].should be_nil
+      end
+    end
+
+    context "invalid headers" do
+      let(:headers) do
+        { 
+          'X-Auth-Service-Provider' => 
+            "https://api.twitter.com/1/account/verify_credentials.json",
+          'X-Verify-Credentials-Authorization' => 'bad header'
+        }
+      end
+      
+      before(:each) { get "/", {}, headers }
+      
+      it "should return a 401 status" do
+        last_response.status.should eq(401)
+      end
+      
+      it "should return an error msg" do
+        last_response.body.include?("Could not authenticate you.").
+          should be_true
+      end
+        
+    end
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,26 @@
+require 'rubygems'
+require 'bundler/setup'
+require 'spork'
+
+require 'fakeweb'
+require 'faraday_middleware'
+require 'rack/test'
+require 'rack/oauth_echo'
+require 'simple_oauth'
+require 'vcr'
+  
+Spork.prefork do  
+  # Requires supporting ruby files with custom matchers and macros, etc,
+  # in spec/support/ and its subdirectories.
+  Dir[Dir.pwd << ("/spec/support/**/*.rb")].each {|f| require f}
+    
+  RSpec.configure do |c|
+    c.include Rack::Test::Methods
+    c.treat_symbols_as_metadata_keys_with_true_values = true
+  end
+end
+
+Spork.each_run do
+  # This code will be run each time you run your specs.
+
+end

data/spec/support/fakeweb.rb

@@ -0,0 +1 @@
+FakeWeb.allow_net_connect = false

data/spec/support/vcr.rb

@@ -0,0 +1,5 @@
+VCR.configure do |c|
+  c.cassette_library_dir = 'spec/cassettes'
+  c.hook_into :fakeweb
+  c.configure_rspec_metadata!
+end

metadata

@@ -0,0 +1,214 @@
+--- !ruby/object:Gem::Specification
+name: rack-oauth_echo
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Alberto Bajo
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-07-30 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: faraday_middleware
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.8.8
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.8.8
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.4.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.4.1
+- !ruby/object:Gem::Dependency
+  name: fakeweb
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.3.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.3.0
+- !ruby/object:Gem::Dependency
+  name: json
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.7.4
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.7.4
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.6.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.6.1
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.11.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.11.0
+- !ruby/object:Gem::Dependency
+  name: simple_oauth
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.9
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.1.9
+- !ruby/object:Gem::Dependency
+  name: spork
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.9.2
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.9.2
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.2.4
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.2.4
+description: OAuth Echo authentication by a rack middleware
+email:
+- albertobajo@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- .rspec
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- lib/rack/oauth_echo.rb
+- lib/rack/oauth_echo/version.rb
+- rack-oauth_echo.gemspec
+- spec/cassettes/Rack_OAuthEcho_Middleware/OAuth_Echo/invalid_headers/should_return_a_401_status.yml
+- spec/cassettes/Rack_OAuthEcho_Middleware/OAuth_Echo/invalid_headers/should_return_an_error_msg.yml
+- spec/cassettes/Rack_OAuthEcho_Middleware/OAuth_Echo/valid_headers/should_retrieve_user_hash.yml
+- spec/lib/rack/oauth_echo_spec.rb
+- spec/spec_helper.rb
+- spec/support/fakeweb.rb
+- spec/support/vcr.rb
+homepage: http://github.com/albertobajo/rack-oauth_echo
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.24
+signing_key: 
+specification_version: 3
+summary: Rack::OAuthEcho it a small, simple middleware for authenticate OAuth Echo
+  requests.
+test_files:
+- spec/cassettes/Rack_OAuthEcho_Middleware/OAuth_Echo/invalid_headers/should_return_a_401_status.yml
+- spec/cassettes/Rack_OAuthEcho_Middleware/OAuth_Echo/invalid_headers/should_return_an_error_msg.yml
+- spec/cassettes/Rack_OAuthEcho_Middleware/OAuth_Echo/valid_headers/should_retrieve_user_hash.yml
+- spec/lib/rack/oauth_echo_spec.rb
+- spec/spec_helper.rb
+- spec/support/fakeweb.rb
+- spec/support/vcr.rb
+has_rdoc: