roauth 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. data/.gitignore +1 -0
  2. data/VERSION +1 -1
  3. data/lib/roauth.rb +37 -27
  4. data/roauth.gemspec +4 -4
  5. metadata +6 -4
data/.gitignore CHANGED
@@ -1 +1,2 @@
1
1
  pkg
2
+ *.gem
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.0.2
1
+ 0.0.3
data/lib/roauth.rb CHANGED
@@ -5,28 +5,31 @@ require "uri"
5
5
  module ROAuth
6
6
  class UnsupportedSignatureMethod < Exception; end
7
7
  class MissingOAuthParams < Exception; end
8
-
8
+
9
9
  # Supported {signature methods}[http://oauth.net/core/1.0/#signing_process];
10
10
  SIGNATURE_METHODS = {"HMAC-SHA1" => OpenSSL::Digest::Digest.new("sha1")}
11
- OAUTH_PARAMS = [:consumer_key, :token, :signature_method, :version, :nonce, :timestamp]
12
-
11
+ OAUTH_PARAMS = [:consumer_key, :token, :signature_method, :version, :nonce, :timestamp, :body_hash, :callback]
12
+
13
13
  # Return an {OAuth "Authorization" HTTP header}[http://oauth.net/core/1.0/#auth_header] from request data
14
- def header(oauth, uri, params = {}, http_method = :get)
14
+ def header(oauth, uri, params = {}, http_method = :get)
15
+ oauth = oauth.dup
15
16
  oauth[:signature_method] ||= "HMAC-SHA1"
16
17
  oauth[:version] ||= "1.0" # Assumed version, according to the spec
17
18
  oauth[:nonce] ||= Base64.encode64(OpenSSL::Random.random_bytes(32)).gsub(/\W/, '')
18
19
  oauth[:timestamp] ||= Time.now.to_i
19
20
  oauth[:token] ||= oauth.delete(:access_key)
20
21
  oauth[:token_secret] ||= oauth.delete(:access_secret)
21
-
22
+
22
23
  sig_params = oauth_params(oauth)
23
24
  sig_params[:oauth_signature] = escape(
24
25
  signature(oauth, uri, sig_params.merge(params), http_method)
25
- )
26
-
27
- %{OAuth } + sig_params.map {|key, value| [key, value].join("=") }.join(", ")
26
+ )
27
+ sorted_sig_params = sig_params.sort_by{|k,v| [k.to_s, v.to_s] }
28
+ authorization_params = sorted_sig_params.map {|key, value| [key, "\"#{value}\""].join("=") }.join(", ")
29
+
30
+ %{OAuth } + authorization_params
28
31
  end
29
-
32
+
30
33
  def parse(header)
31
34
  header = header.dup
32
35
  header = header.gsub!(/^OAuth\s/, "")
@@ -34,59 +37,66 @@ module ROAuth
34
37
  header = header.inject({}) {|hash, item|
35
38
  key, value = item.split("=")
36
39
  key.gsub!(/^oauth_/, "")
40
+ value.gsub!(/(^"|"$)/, "")
37
41
  hash[key.to_sym] = unescape(value)
38
42
  hash
39
43
  }
40
44
  header[:access_key] = header[:token]
41
45
  header
42
46
  end
43
-
47
+
44
48
  def verify(oauth, header, uri, params = {}, http_method = :get)
45
49
  header = header.is_a?(String) ? parse(header) : header.dup
46
-
50
+
47
51
  client_signature = header.delete(:signature)
48
52
  oauth[:consumer_key] ||= header[:consumer_key]
49
53
  oauth[:token] ||= header[:token]
50
54
  oauth[:token_secret] ||= oauth.delete(:access_secret)
51
55
  oauth[:signature_method] ||= "HMAC-SHA1"
52
56
  oauth[:version] ||= "1.0"
53
-
57
+
54
58
  sig_params = params.dup
55
59
  sig_params.merge!(oauth_params(header))
56
-
60
+
57
61
  client_signature == signature(oauth, uri, sig_params, http_method)
58
62
  end
59
-
63
+
60
64
  protected
61
65
  def oauth_params(oauth)
62
- oauth = oauth.to_a.select {|key, value|
63
- OAUTH_PARAMS.include?(key)
66
+ oauth = oauth.to_a.select {|key, value|
67
+ OAUTH_PARAMS.include?(key)
64
68
  }
65
- oauth.inject({}) {|hash, (key, value)|
69
+ oauth.inject({}) {|hash, (key, value)|
66
70
  hash["oauth_#{key}"] = escape(value)
67
71
  hash
68
72
  }
69
73
  end
70
-
71
- def signature(oauth, uri, params, http_method = :get)
74
+
75
+ def signature(oauth, uri, params, http_method = :get)
76
+ uri = URI.parse(uri)
77
+ uri.query = nil
78
+ uri = uri.to_s
79
+
72
80
  sig_base = http_method.to_s.upcase + "&" + escape(uri) + "&" + normalize(params)
73
81
  digest = SIGNATURE_METHODS[oauth[:signature_method]]
74
82
  secret = "#{escape(oauth[:consumer_secret])}&#{escape(oauth[:token_secret])}"
75
-
83
+
76
84
  Base64.encode64(OpenSSL::HMAC.digest(digest, secret, sig_base)).chomp.gsub(/\n/, "")
77
85
  end
78
-
86
+
79
87
  # Escape characters in a string according to the {OAuth spec}[http://oauth.net/core/1.0/]
80
88
  def escape(value)
81
- URI::escape(value.to_s, /[^a-zA-Z0-9\-\.\_\~]/) # Unreserved characters -- must not be encoded
89
+ URI.escape(value.to_s, /[^a-zA-Z0-9\-\.\_\~]/) # Unreserved characters -- must not be encoded
82
90
  end
83
-
91
+
84
92
  def unescape(value)
85
- URI::unescape(value)
93
+ URI.unescape(value)
86
94
  end
87
-
95
+
88
96
  # Normalize a string of parameters based on the {OAuth spec}[http://oauth.net/core/1.0/#rfc.section.9.1.1]
89
97
  def normalize(params)
98
+ # Stringify keys - so we can compare them
99
+ params.keys.each {|key| params[key.to_s] = params.delete(key) }
90
100
  params.sort.map do |key, values|
91
101
  if values.is_a?(Array)
92
102
  # Multiple values were provided for a single key
@@ -98,6 +108,6 @@ module ROAuth
98
108
  [escape(key), escape(values)] * "%3D"
99
109
  end
100
110
  end * "%26"
101
- end
111
+ end
102
112
  extend self
103
- end
113
+ end
data/roauth.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{roauth}
8
- s.version = "0.0.2"
8
+ s.version = "0.0.3"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Alex MacCaw"]
12
- s.date = %q{2010-03-18}
12
+ s.date = %q{2010-08-16}
13
13
  s.description = %q{Simple Ruby OAuth library}
14
14
  s.email = %q{info@eribium.org}
15
15
  s.extra_rdoc_files = [
@@ -28,14 +28,14 @@ Gem::Specification.new do |s|
28
28
  s.homepage = %q{http://github.com/maccman/roauth}
29
29
  s.rdoc_options = ["--charset=UTF-8"]
30
30
  s.require_paths = ["lib"]
31
- s.rubygems_version = %q{1.3.6}
31
+ s.rubygems_version = %q{1.3.7}
32
32
  s.summary = %q{Simple Ruby OAuth library}
33
33
 
34
34
  if s.respond_to? :specification_version then
35
35
  current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
36
36
  s.specification_version = 3
37
37
 
38
- if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
38
+ if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
39
39
  else
40
40
  end
41
41
  else
metadata CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
5
5
  segments:
6
6
  - 0
7
7
  - 0
8
- - 2
9
- version: 0.0.2
8
+ - 3
9
+ version: 0.0.3
10
10
  platform: ruby
11
11
  authors:
12
12
  - Alex MacCaw
@@ -14,7 +14,7 @@ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
16
 
17
- date: 2010-03-18 00:00:00 +00:00
17
+ date: 2010-08-16 00:00:00 +01:00
18
18
  default_executable:
19
19
  dependencies: []
20
20
 
@@ -45,6 +45,7 @@ rdoc_options:
45
45
  require_paths:
46
46
  - lib
47
47
  required_ruby_version: !ruby/object:Gem::Requirement
48
+ none: false
48
49
  requirements:
49
50
  - - ">="
50
51
  - !ruby/object:Gem::Version
@@ -52,6 +53,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
52
53
  - 0
53
54
  version: "0"
54
55
  required_rubygems_version: !ruby/object:Gem::Requirement
56
+ none: false
55
57
  requirements:
56
58
  - - ">="
57
59
  - !ruby/object:Gem::Version
@@ -61,7 +63,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
61
63
  requirements: []
62
64
 
63
65
  rubyforge_project:
64
- rubygems_version: 1.3.6
66
+ rubygems_version: 1.3.7
65
67
  signing_key:
66
68
  specification_version: 3
67
69
  summary: Simple Ruby OAuth library