rockoauth 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0081b3bf71486478b9f762a2f5979873c5127188
-  data.tar.gz: b37c6e24f0db4c94433434ebe00d1b85be3b7918
+  metadata.gz: 978641dedf53babddc14831506f6f5b645d716c9
+  data.tar.gz: 264bbbaff1ab004f2a3a3db28289cd034f77b4b0
 SHA512:
-  metadata.gz: 5c728f55b464f77e08da65dc544415715d949e3bea3f45f3a64e28efc8e01a4e87c6e481960f64e3d469f542b98d7f70a56072164fe963cd49c22ee8da71f0f5
-  data.tar.gz: 882574b6393c884f22f46c07c367676ffba3bf4334a0d7f5b7156334e963452a6211c6c6fd8baf8b29d7385ce9616a33b173feb0eedf7f8228a8f7159b90baeb
+  metadata.gz: ad48d4a0ed1b412b3301dc6b700bc1d9d0866170015d64e7e1b51ae9d5618b2069b095684b9a532efb7f1fb8f5a3ddb1bf301da4e66ef832444f8e331f91823a
+  data.tar.gz: 9e6efa558adb2db2b0c2697f08166cf4a52a677693905dca41127b60a7ad5864d761cf45ec2e39ab0b5bacfd64c30c84e6ebc5b500d5009172b874b29d9d7605

data/History.txt

@@ -1,3 +1,8 @@
+=== 0.1.1 / 2015-02-04
+
+* Elimiated bug preventing request objects from Rails which have parsed JSON data from being used.
+* Updated documentation and Travis CI configurations
+
 === 0.1.0 / 2014-07-08
 
 * Forked from songkick-oauth2-provider

data/{README.rdoc → README.md}

@@ -1,4 +1,8 @@
-= RockOAuth Oauth 2 Provider
+[![Gem Version](https://badge.fury.io/rb/rockoauth.png)](https://rubygems.org/gems/rockoauth)
+[![Build Status](https://secure.travis-ci.org/rocketmade/rockoauth.png?branch=master)](http://travis-ci.org/rocketmade/rockoauth)
+[![Code Climate](https://codeclimate.com/github/rocketmade/rockoauth.png)](https://codeclimate.com/github/rocketmade/rockoauth)
+
+# RockOAuth Oauth 2 Provider
 
 This gem provides a toolkit for adding OAuth2 provider capabilities to a Ruby
 web app. It handles most of the protocol for you: it is designed to provide
@@ -9,20 +13,34 @@ authenticating your users and letting them grant access to client apps.
 It is also designed to be usable within any web frontend, at least those of
 Rails and Sinatra. Its API uses Rack request-environment hashes rather than
 framework-specific request objects, though you can pass those in and their
-<tt>request.env</tt> property will be used internally.
+`request.env` property will be used internally.
 
 It stores the clients and authorizations using ActiveRecord.
 
-It is forked from songkick-oauth2-provider[https://github.com/songkick/oauth2-provider].
+It is forked from [songkick-oauth2-provider](https://github.com/songkick/oauth2-provider).
 With much appreciation for their excellent work.
 
-=== Installation
+## Installation
+
+```bash
+gem install rockoauth
+```
+
+## Supported versions
 
-  gem install rockoauth
+This gem is tested on:
 
-=== A note on versioning
+- Ruby
+  - 1.9.3
+  - 2.0.0
+  - 2.1.0
+- Active Record
+  - 4.0
+  - 4.1
 
-This library is based on draft-10[http://tools.ietf.org/html/draft-ietf-oauth-v2-10],
+### A note on versioning
+
+This library is based on [draft-10](http://tools.ietf.org/html/draft-ietf-oauth-v2-10),
 which was current when we began writing it. Having observed the development of
 the OAuth 2.0 spec over time, we have decided not to upgrade to later drafts
 until the spec is finalized. There is not enough meaningful change going on to
@@ -31,268 +49,277 @@ turbulence and make it hard to reason about exactly what semantics the library
 supports.
 
 During draft state, the gem version will indicate which draft it implements
-using the minor version, for example <tt>0.10.2</tt> means the second bug-fix
+using the minor version, for example `0.10.2` means the second bug-fix
 release for draft 10.
 
+## Terminology
 
-== Terminology
-
-* <b>Client</b>: A third-party software system that integrates with the provider.
+- __Client__: A third-party software system that integrates with the provider.
   Twitter and Facebook call this an "app".
-* <b>Client Owner</b>: The entity which owns a <b>client</b>, i.e. the
+- __Client Owner__: The entity which owns a __client__, i.e. the
   individual or company responsible for the client application.
-* <b>Resource Owner</b>: This will almost certainly be a User. It's the entity
-  which has the data that the <b>client</b> is asking permission to see.
-* <b>Authorization</b>: When a <b>resource owner</b> grants access to a
-  <b>client</b> (i.e., a user grants access to a company's app), an
+- __Resource Owner__: This will almost certainly be a User. It's the entity
+  which has the data that the __client__ is asking permission to see.
+- __Authorization__: When a __resource owner__ grants access to a
+  __client__ (i.e., a user grants access to a company's app), an
   authorization is created. This can typically be revoked by the user at any
   time (which is the strength and flexibility of the OAuth architecture).
-* <b>Access Token</b>: An opaque string representing an <b>authorization</b>.
-  A <b>client</b> is given an access token when a <b>resource owner</b> grants
+- __Access Token__: An opaque string representing an __authorization__.
+  A __client__ is given an access token when a __resource owner__ grants
   it access to resources. The access token must be included in all requests for
   protected resources.
 
+## Usage
 
-== Usage
-
-A basic example is in <tt>example/application.rb</tt>. To implement OAuth, you
+A basic example is in [`example/application.rb`](example/application.rb). To implement OAuth, you
 need to provide four things:
 
-* Some UI to register client applications
-* The OAuth request endpoint
-* A flow for logged-in users to grant access to clients
-* Resources protected by access tokens
+- Some UI to register client applications
+- The OAuth request endpoint
+- A flow for logged-in users to grant access to clients
+- Resources protected by access tokens
 
+###  Declare your app's name
 
-===  Declare your app's name
-
-Declare your app's name somewhere (for example in Rails, in <tt>application.rb</tt>
+Declare your app's name somewhere (for example in Rails, in `application.rb`
 or an initializer):
 
-  require 'rockoauth/provider'
-  RockOAuth::Provider.realm = 'My OAuth app'
-
+```ruby
+require 'rockoauth/provider'
+RockOAuth::Provider.realm = 'My OAuth app'
+```
 
-=== HTTPS
+### HTTPS
 
 Your application should ensure that any endpoint that receives or returns OAuth
-data is only accessible over a secure transport such as the <tt>https:</tt>
-protocol. <tt>RockOAuth::Provider</tt> can enforce this to make it easier
+data is only accessible over a secure transport such as the `https:`
+protocol. `RockOAuth::Provider` can enforce this to make it easier
 to keep your users' data secure.
 
-You can set <tt>RockOAuth::Provider.enforce_ssl = true</tt> in the same
+You can set `RockOAuth::Provider.enforce_ssl = true` in the same
 place that you declared your app name above. This will result in the following
 behavior:
 
-* The <tt>RockOAuth::Provider.parse</tt> method will produce error
+- The `RockOAuth::Provider.parse` method will produce error
   responses and will not process the incoming request unless the request was
-  made using the <tt>https:</tt> protocol.
-* An access token constructed using <tt>RockOAuth::Provider.access_token</tt>
-  will return <tt>false</tt> for <tt>#valid?</tt> unless the request was made
-  using the <tt>https:</tt> protocol.
-* Any access token received over an insecure connection is immediately destroyed
+  made using the `https:` protocol.
+- An access token constructed using `RockOAuth::Provider.access_token`
+  will return `false` for `#valid?` unless the request was made
+  using the `https:` protocol.
+- Any access token received over an insecure connection is immediately destroyed
   to prevent eavesdroppers getting access to the user's resources. A client
   making an insecure request will have to send the user through the
   authorization process again to get a new token.
 
+### Schema
 
-=== Schema
-
-Add the <tt>RockOAuth::Provider</tt> tables to your app's schema. This is
-done using <tt>RockOAuth::Model::Schema.migrate</tt>, which will run all
+Add the `RockOAuth::Provider` tables to your app's schema. This is
+done using `RockOAuth::Model::Schema.migrate`, which will run all
 the gem's migrations that have not yet been applied to your database.
 
-  RockOAuth::Model::Schema.migrate
-  I, [2012-10-31T14:52:33.801428 #7002]  INFO -- : Migrating to RockoauthSchemaOriginalSchema (20120828112156)
-  ==  Rockoauth2SchemaOriginalSchema: migrating =============================
-  -- create_table(:oauth2_clients)
-     -> 0.0029s
-  -- add_index(:oauth2_clients, [:client_id])
-     -> 0.0009s
-  ...
+```ruby
+RockOAuth::Model::Schema.migrate
+I, [2012-10-31T14:52:33.801428 #7002]  INFO -- : Migrating to RockoauthSchemaOriginalSchema (20120828112156)
+==  Rockoauth2SchemaOriginalSchema: migrating =============================
+-- create_table(:oauth2_clients)
+   -> 0.0029s
+-- add_index(:oauth2_clients, [:client_id])
+   -> 0.0009s
+...
+```
 
-To rollback migrations, use <tt>RockOAuth::Model::Schema.rollback</tt>.
+To rollback migrations, use `RockOAuth::Model::Schema.rollback`.
 
-
-=== Model Mixins
+### Model Mixins
 
 There are two mixins you need to put in your code,
-<tt>RockOAuth::Model::ClientOwner</tt> for whichever model will own the
-"apps", and <tt>RockOAuth::Model::ResourceOwner</tt> for whichever model
+`RockOAuth::Model::ClientOwner` for whichever model will own the
+"apps", and `RockOAuth::Model::ResourceOwner` for whichever model
 is the innocent, unassuming entity who will selectively share their data. It's
-possible that this is the same model, such as User:
+possible that this is the same model, such as `User`:
 
-  class User < ActiveRecord::Base
-    include RockOAuth::Model::ResourceOwner
-    include RockOAuth::Model::ClientOwner
-    has_many :interesting_pieces_of_data
-  end
+```ruby
+class User < ActiveRecord::Base
+  include RockOAuth::Model::ResourceOwner
+  include RockOAuth::Model::ClientOwner
+  has_many :interesting_pieces_of_data
+end
+```
 
 Or they might go into two different models:
 
-  class User < ActiveRecord::Base
-    include RockOAuth::Model::ResourceOwner
-    has_many :interesting_pieces_of_data
-  end
+```ruby
+class User < ActiveRecord::Base
+  include RockOAuth::Model::ResourceOwner
+  has_many :interesting_pieces_of_data
+end
 
-  class Company < ActiveRecord::Base
-    include RockOAuth::Model::ClientOwner
-    belongs_to :user
-  end
+class Company < ActiveRecord::Base
+  include RockOAuth::Model::ClientOwner
+  belongs_to :user
+end
+```
 
 To see the methods and associations that these two mixins add to your models,
-take a look at <b>lib/oauth2/model/client_owner.rb</b> and
-<b>lib/oauth2/model/resource_owner.rb</b>.
-
+take a look at ['lib/rockoauth/model/client_owner.rb'](lib/rockoauth/model/client_owner.rb) and
+['lib/rockoauth/model/resource_owner.rb'](lib/rockoauth/model/resource_owner.rb).
 
-=== Registering client applications
+### Registering client applications
 
-Clients are modeled by the <tt>RockOAuth::Model::Client</tt> class, which
+Clients are modeled by the `RockOAuth::Model::Client` class, which
 is an ActiveRecord model. You just need to implement a UI for creating them, for
 example in a Sinatra app:
 
-  get '/oauth/apps/new' do
-    @client = RockOAuth::Model::Client.new
-    erb :new_client
-  end
+```ruby
+get '/oauth/apps/new' do
+  @client = RockOAuth::Model::Client.new
+  erb :new_client
+end
 
-  post '/oauth/apps' do
-    @client = RockOAuth::Model::Client.new(params)
-    @client.save ? erb(:show_client) : erb(:new_client)
-  end
+post '/oauth/apps' do
+  @client = RockOAuth::Model::Client.new(params)
+  @client.save ? erb(:show_client) : erb(:new_client)
+end
+```
 
-Client applications must have a <tt>name</tt> and a <tt>redirect_uri</tt>:
+Client applications must have a `name` and a `redirect_uri`:
 provide fields for editing these but do not allow the other fields to be edited,
 since they are the client's access credentials. When you've created the client,
 you should show its details to the user registering the client: its
-<tt>name</tt>, <tt>redirect_uri</tt>, <tt>client_id</tt> and
-<tt>client_secret</tt> (the last two are generated for you).
-<tt>client_secret</tt> is not stored in plain text so you can only read it when
+`name`, `redirect_uri`, `client_id` and
+`client_secret` (the last two are generated for you).
+`client_secret` is not stored in plain text so you can only read it when
 you initially create the client object.
 
-
-=== OAuth request endpoint
+### OAuth request endpoint
 
 This is a path that your application exposes in order for clients to communicate
 with your application. It is also the page that the client will send users to
 so they can authenticate and grant access. Many requests to this endpoint will
 be protocol-level requests that do not involve the user, and
-<tt>RockOAuth::Provider</tt> gives you a generic way to handle all that.
+`RockOAuth::Provider` gives you a generic way to handle all that.
 
 You should use this to get the right response, status code and headers to send
-to the client. In the event that <tt>RockOAuth::Provider</tt> does not
+to the client. In the event that `RockOAuth::Provider` does not
 provide a response, you should render a page that lets the user begin to
 authenticate and grant access. This can happen in two cases:
 
-* The client makes a valid Authorization request. In this case you should
+- The client makes a valid Authorization request. In this case you should
   display a login flow to the user so they can authenticate and grant access to
   the client.
-* The client makes an invalid Authorization request and the provider cannot
+- The client makes an invalid Authorization request and the provider cannot
   redirect back to the client. In this case you should display an error page
-  to the user, possibly including the value of <tt>@oauth2.error_description</tt>.
+  to the user, possibly including the value of `@oauth2.error_description`.
 
 This endpoint must be accessible via GET and POST. In this example we will
-expose the OAuth service through the path <tt>/oauth/authorize</tt>. We check if
-there is a logged-in resource owner and give this to <tt>OAuth::Provider</tt>,
+expose the OAuth service through the path `/oauth/authorize`. We check if
+there is a logged-in resource owner and give this to `OAuth::Provider`,
 since we may be able to immediately redirect if the user has already authorized
 the client:
 
-  [:get, :post].each do |method|
-    __send__ method, '/oauth/authorize' do
-      @owner  = User.find_by_id(session[:user_id])
-      @oauth2 = RockOAuth::Provider.parse(@owner, env)
-
-      if @oauth2.redirect?
-        redirect @oauth2.redirect_uri, @oauth2.response_status
-      end
-
-      headers @oauth2.response_headers
-      status  @oauth2.response_status
-
-      if body = @oauth2.response_body
-        body
-      elsif @oauth2.valid?
-        erb :login
-      else
-        erb :error
-      end
+```ruby
+[:get, :post].each do |method|
+  __send__ method, '/oauth/authorize' do
+    @owner  = User.find_by_id(session[:user_id])
+    @oauth2 = RockOAuth::Provider.parse(@owner, env)
+
+    if @oauth2.redirect?
+      redirect @oauth2.redirect_uri, @oauth2.response_status
+    end
+
+    headers @oauth2.response_headers
+    status  @oauth2.response_status
+
+    if body = @oauth2.response_body
+      body
+    elsif @oauth2.valid?
+      erb :login
+    else
+      erb :error
     end
   end
+end
+```
 
 There is a set of parameters that you will need to hold on to for when your app
 needs to redirect back to the client. You could store them in the session, or
 pass them through forms as the user completes the flow. For example to embed
 them in the login form, do this:
 
-  <% @oauth2.params.each do |key, value| %>
-    <input type="hidden" name="<%= key %>" value="<%= value %>">
-  <% end %>
+```erb
+<% @oauth2.params.each do |key, value| %>
+  <input type="hidden" name="<%= key %>" value="<%= value %>">
+<% end %>
+```
 
 You may also want to use scopes to provide granular access to your domain using
-<i>scopes</i>. The <tt>@oauth2</tt> object exposes the scopes the client has
+_scopes_. The `@oauth2` object exposes the scopes the client has
 asked for so you can display them to the user:
 
-  <p>The application <%= @oauth2.client.name %> wants the following permissions:</p>
+```erb
+<p>The application <%= @oauth2.client.name %> wants the following permissions:</p>
 
-  <ul>
-    <% @oauth2.scopes.each do |scope| %>
-      <li><%= PERMISSION_UI_STRINGS[scope] %></li>
-    <% end %>
-  </ul>
+<ul>
+  <% @oauth2.scopes.each do |scope| %>
+    <li><%= PERMISSION_UI_STRINGS[scope] %></li>
+  <% end %>
+</ul>
+```
 
-You can also use the method <tt>@oauth2.unauthorized_scopes</tt> to get the list
+You can also use the method `@oauth2.unauthorized_scopes` to get the list
 of scopes the user has not already granted to the client, in the case where the
 client already has some authorization. If no prior authorization exists between
-the user and the client, <tt>@oauth2.unauthorized_scopes</tt> just returns all
+the user and the client, `@oauth2.unauthorized_scopes` just returns all
 the scopes the client has asked for.
 
-
-=== Granting access to clients
+### Granting access to clients
 
 Once the user has authenticated you should show them a page to let them grant
 or deny access to the client application. This is straightforward; let's say the
 user checks a box before posting a form to indicate their intent:
 
-  post '/oauth/allow' do
-    @user = User.find_by_id(session[:user_id])
-    @auth = RockOAuth::Provider::Authorization.new(@user, params)
+```ruby
+post '/oauth/allow' do
+  @user = User.find_by_id(session[:user_id])
+  @auth = RockOAuth::Provider::Authorization.new(@user, params)
 
-    if params['allow'] == '1'
-      @auth.grant_access!
-    else
-      @auth.deny_access!
-    end
-    redirect @auth.redirect_uri, @auth.response_status
+  if params['allow'] == '1'
+    @auth.grant_access!
+  else
+    @auth.deny_access!
   end
+  redirect @auth.redirect_uri, @auth.response_status
+end
+```
 
 After granting or denying access, we just redirect back to the client using a
-URI that <tt>RockOAuth::Provider</tt> will provide for you.
-
+URI that `RockOAuth::Provider` will provide for you.
 
-=== Using password credentials
+### Using password credentials
 
 If you like, OAuth lets you use a user's login credentials to authenticate with
 a provider. In this case the client application must request these credentials
 directly from the user and then post them to the exchange endpoint. On the
-provider side you can handle this using the <tt>handle_passwords</tt> and
-<tt>grant_access!</tt> API methods, for example:
-
-  RockOAuth::Provider.handle_passwords do |client, username, password, scopes|
-    user = User.find_by_username(username)
-    if user.authenticate?(password)
-      user.grant_access!(client, :scopes => scopes, :duration => 1.day)
-    else
-      nil
-    end
+provider side you can handle this using the `handle_passwords` and
+`grant_access!` API methods, for example:
+
+```ruby
+RockOAuth::Provider.handle_passwords do |client, username, password, scopes|
+  user = User.find_by_username(username)
+  if user.authenticate?(password)
+    user.grant_access!(client, :scopes => scopes, :duration => 1.day)
+  else
+    nil
   end
+end
+```
 
-The block receives the <tt>Client</tt> making the request, the username,
-password and a <tt>Set</tt> of the requested scopes. It must return
-<tt>user.grant_access!(client)</tt> if you want to allow access, otherwise it
-should return <tt>nil</tt>.
+The block receives the `Client` making the request, the username,
+password and a `Set` of the requested scopes. It must return
+`user.grant_access!(client)` if you want to allow access, otherwise it
+should return `nil`.
 
-
-=== Using assertions
+### Using assertions
 
 Assertions provide a way to access your OAuth services using user credentials
 from another service. When using assertions, the user will not authenticate on
@@ -306,79 +333,83 @@ would then pass this token to your OAuth endpoint and exchange it for an access
 token from your site. You will typically create an account in your database to
 represent this, then have that new account grant access to the client.
 
-To use assertions, you must tell <tt>RockOAuth::Provider</tt> how to
+To use assertions, you must tell `RockOAuth::Provider` how to
 handle assertions based on their type. An assertion type must be a valid URI.
 For the Facebook example we'd do the following. The block yields the
-<tt>Client</tt> object making the exchange request, the value of the assertion,
-which in this example will be a Facebook access token, and a <tt>Set</tt> of
+`Client` object making the exchange request, the value of the assertion,
+which in this example will be a Facebook access token, and a `Set` of
 requested scopes.
 
-  RockOAuth::Provider.handle_assertions 'https://graph.facebook.com/me' do |client, assertion, scopes|
-    facebook = URI.parse('https://graph.facebook.com/me?access_token=' + assertion)
-    response = Net::HTTP.get_response(facebook)
+```ruby
+RockOAuth::Provider.handle_assertions 'https://graph.facebook.com/me' do |client, assertion, scopes|
+  facebook = URI.parse('https://graph.facebook.com/me?access_token=' + assertion)
+  response = Net::HTTP.get_response(facebook)
 
-    user_data = JSON.parse(response.body)
-    account   = User.from_facebook_data(user_data)
+  user_data = JSON.parse(response.body)
+  account   = User.from_facebook_data(user_data)
 
-    account.grant_access!(client, :scopes => scopes)
-  end
+  account.grant_access!(client, :scopes => scopes)
+end
+```
 
 This code should run when your app boots, not during a request handler - think
-of it as configuration for <tt>RockOAuth::Provider</tt>. The framework
+of it as configuration for `RockOAuth::Provider`. The framework
 will invoke it when a client attempts to use assertions with your OAuth endpoint.
 
-The final call in your handler should be to <tt>grant_access!</tt>; this returns
-an <tt>Authorization</tt> object that the framework then uses to complete the
+The final call in your handler should be to `grant_access!`; this returns
+an `Authorization` object that the framework then uses to complete the
 response to the client. If you want to deny the request for whatever reason, the
-block must return <tt>nil</tt>. If a client tries to use an assertion type you
+block must return `nil`. If a client tries to use an assertion type you
 have no handler for, the client will get an error response.
 
-
-=== Protecting resources with access tokens
+### Protecting resources with access tokens
 
 To protect the user's resources you need to check for access tokens. This is
 simple, for example a call to get a user's notes:
 
-  get '/user/:username/notes' do
-    user  = User.find_by_username(params[:username])
-    token = RockOAuth::Provider.access_token(user, ['read_notes'], env)
+```ruby
+get '/user/:username/notes' do
+  user  = User.find_by_username(params[:username])
+  token = RockOAuth::Provider.access_token(user, ['read_notes'], env)
 
-    headers token.response_headers
-    status  token.response_status
+  headers token.response_headers
+  status  token.response_status
 
-    if token.valid?
-      JSON.unparse('notes' => user.notes)
-    else
-      JSON.unparse('error' => 'No notes for you!')
-    end
+  if token.valid?
+    JSON.unparse('notes' => user.notes)
+  else
+    JSON.unparse('error' => 'No notes for you!')
   end
+end
+```
 
-<tt>RockOAuth::Provider.access_token()</tt> takes a
-<tt>ResourceOwner</tt>, a list of scopes required to access the resource, and a
+`RockOAuth::Provider.access_token()` takes a
+`ResourceOwner`, a list of scopes required to access the resource, and a
 request environment object. If the token was not granted for the required scopes,
 has expired or is simply invalid, headers and a status code are set to indicate
-this to the client. <tt>token.valid?</tt> is the call you should use to
+this to the client. `token.valid?` is the call you should use to
 determine whether to serve the request or not.
 
 It is also common to provide a dynamic resource for getting some basic data
 about a user by supplying their access token. This can be done by passing
-<tt>:implicit</tt> as the resource owner:
-
-  get '/me' do
-    token = RockOAuth::Provider.access_token(:implicit, [], env)
-    if token.valid?
-      JSON.unparse('username' => token.owner.username)
-    else
-      JSON.unparse('error' => 'Keep out!')
-    end
+`:implicit` as the resource owner:
+
+```ruby
+get '/me' do
+  token = RockOAuth::Provider.access_token(:implicit, [], env)
+  if token.valid?
+    JSON.unparse('username' => token.owner.username)
+  else
+    JSON.unparse('error' => 'Keep out!')
   end
+end
+```
 
-<tt>token.owner</tt> returns the <tt>ResourceOwner</tt> that issued the token.
+`token.owner` returns the `ResourceOwner` that issued the token.
 A token represents the fact that a single owner gave a single client a set of
 permissions.
 
-
-== License
+## License
 
 Copyright (c) 2014 Rocketmade.com
 
@@ -400,7 +431,6 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 THE SOFTWARE.
 
-
 Copyright (c) 2010-2012 Songkick.com
 
 Permission is hereby granted, free of charge, to any person obtaining a copy

data/lib/rockoauth/router.rb

@@ -3,8 +3,8 @@ module RockOAuth
 
     # Public methods in the namespace take either Rack env objects, or Request
     # objects from Rails/Sinatra and an optional params hash which it then
-    # coerces to Rack requests. This is for backward compatibility; originally
-    # it only took request objects.
+    # coerces to Rack requests if they are not already. This is for backward
+    # compatibility; originally it only took request objects.
 
     class << self
       def parse(resource_owner, env)
@@ -48,6 +48,8 @@ module RockOAuth
       private
 
       def request_from(env_or_request)
+        return env_or_request if env_or_request.is_a?(Rack::Request)
+
         env = env_or_request.respond_to?(:env) ? env_or_request.env : env_or_request
         env = Rack::MockRequest.env_for(env['REQUEST_URI'] || '', :input => env['RAW_POST_DATA']).merge(env)
         Rack::Request.new(env)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rockoauth
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Daniel Evans
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-07-09 00:00:00.000000000 Z
+date: 2015-02-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -156,10 +156,10 @@ email: evans.daniel.n@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files:
-- README.rdoc
+- README.md
 files:
 - History.txt
-- README.rdoc
+- README.md
 - example/README.rdoc
 - example/application.rb
 - example/config.ru
@@ -216,7 +216,7 @@ metadata: {}
 post_install_message: 
 rdoc_options:
 - "--main"
-- README.rdoc
+- README.md
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement