signet 0.1.4 → 0.2.0

data/lib/signet/version.rb

@@ -14,11 +14,11 @@
 
 # Used to prevent the class/module from being loaded more than once
 unless defined? Signet::VERSION
-  module Signet #:nodoc:
-    module VERSION #:nodoc:
+  module Signet
+    module VERSION
       MAJOR = 0
-      MINOR = 1
-      TINY  = 4
+      MINOR = 2
+      TINY  = 0
 
       STRING = [MAJOR, MINOR, TINY].join('.')
     end

data/spec/signet/oauth_1_spec.rb

@@ -350,6 +350,29 @@ describe Signet::OAuth1 do
     parameters['oauth_version'].should == '1.0'
   end
 
+  it 'should not unescape a realm in an authorization header' do
+    parameters = Signet::OAuth1.parse_authorization_header(
+      'OAuth realm="http%3A%2F%2Fsp.example.com%2F", ' +
+      'domain="http%3A%2F%2Fsp.example.com%2F", ' +
+      'oauth_consumer_key="0685bd9184jfhq22", ' +
+      'oauth_token="ad180jjd733klru7", ' +
+      'oauth_signature_method="HMAC-SHA1", ' +
+      'oauth_signature="wOJIO9A2W5mFwDgiDvZbTSMK%2FPY%3D", ' +
+      'oauth_timestamp="137131200", ' +
+      'oauth_nonce="4572616e48616d6d65724c61686176", ' +
+      'oauth_version="1.0"'
+    ).inject({}) { |h,(k,v)| h[k]=v; h }
+    parameters['realm'].should == 'http%3A%2F%2Fsp.example.com%2F'
+    parameters['domain'].should == 'http://sp.example.com/'
+    parameters['oauth_consumer_key'].should == '0685bd9184jfhq22'
+    parameters['oauth_token'].should == 'ad180jjd733klru7'
+    parameters['oauth_signature_method'].should == 'HMAC-SHA1'
+    parameters['oauth_signature'].should == 'wOJIO9A2W5mFwDgiDvZbTSMK/PY='
+    parameters['oauth_timestamp'].should == '137131200'
+    parameters['oauth_nonce'].should == '4572616e48616d6d65724c61686176'
+    parameters['oauth_version'].should == '1.0'
+  end
+
   it 'should raise an error if parsing an authorization header ' +
       'with bogus values' do
     (lambda do
@@ -362,7 +385,7 @@ describe Signet::OAuth1 do
       Signet::OAuth1.parse_authorization_header(
         'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=='
       )
-    end).should raise_error(ArgumentError)
+    end).should raise_error(Signet::ParseError)
   end
 
   it 'should correctly parse a form encoded credential' do
@@ -421,7 +444,7 @@ describe Signet::OAuth1 do
     parameters = {
       "oauth_consumer_key" => "dpf43f3p2l4k3l03",
       "oauth_token" => "nnch734d00sl2jdk",
-      "oauth_signature_method" => "HMAC-BOGUS",
+      "oauth_signature_method" => "HMAC-BOGUS", # Unknown signature method
       "oauth_timestamp" => "1191242096",
       "oauth_nonce" => "kllo9940pd9333jh",
       "oauth_version" => "1.0",

data/spec/signet/oauth_2/client_spec.rb

@@ -0,0 +1,70 @@
+# Copyright (C) 2010 Google Inc.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License");
+#    you may not use this file except in compliance with the License.
+#    You may obtain a copy of the License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+
+require 'spec_helper'
+
+require 'signet/oauth_2/client'
+
+describe Signet::OAuth2::Client, 'unconfigured' do
+  before do
+    @client = Signet::OAuth2::Client.new
+  end
+
+  it 'should have no authorization_uri' do
+    @client.authorization_uri.should == nil
+  end
+
+  it 'should allow the authorization_uri to be set to a String' do
+    @client.authorization_uri = 'https://example.com/authorize'
+    @client.client_id = 's6BhdRkqt3'
+    @client.redirect_uri = 'https://example.client.com/callback'
+    @client.authorization_uri.to_s.should include(
+      'https://example.com/authorize'
+    )
+    @client.authorization_uri.query_values['client_id'].should == 's6BhdRkqt3'
+    @client.authorization_uri.query_values['redirect_uri'].should == (
+      'https://example.client.com/callback'
+    )
+  end
+
+  it 'should allow the authorization_uri to be set to a URI' do
+    @client.authorization_uri =
+      Addressable::URI.parse('https://example.com/authorize')
+    @client.client_id = 's6BhdRkqt3'
+    @client.redirect_uri =
+      Addressable::URI.parse('https://example.client.com/callback')
+    @client.authorization_uri.to_s.should include(
+      'https://example.com/authorize'
+    )
+    @client.authorization_uri.query_values['client_id'].should == 's6BhdRkqt3'
+    @client.authorization_uri.query_values['redirect_uri'].should == (
+      'https://example.client.com/callback'
+    )
+  end
+
+  it 'should have no token_credential_uri' do
+    @client.token_credential_uri.should == nil
+  end
+
+  it 'should allow the token_credential_uri to be set to a String' do
+    @client.token_credential_uri = "https://example.com/token"
+    @client.token_credential_uri.should === "https://example.com/token"
+  end
+
+  it 'should allow the token_credential_uri to be set to a URI' do
+    @client.token_credential_uri =
+      Addressable::URI.parse("https://example.com/token")
+    @client.token_credential_uri.should === "https://example.com/token"
+  end
+end

data/spec/signet/oauth_2_spec.rb

@@ -0,0 +1,164 @@
+# Copyright (C) 2010 Google Inc.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License");
+#    you may not use this file except in compliance with the License.
+#    You may obtain a copy of the License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+
+require 'spec_helper'
+
+require 'signet/oauth_2'
+
+describe Signet::OAuth2 do
+  # This behavior will almost certainly change in subsequent updates.
+  describe 'when parsing an Authorization header' do
+    it 'should correctly handle HTTP Basic auth-scheme' do
+      parameters = Signet::OAuth2.parse_authorization_header(
+        'Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['client_id'].should == 's6BhdRkqt3'
+      parameters['client_secret'].should == 'gX1fBat3bV'
+    end
+
+    it 'should correctly handle OAuth auth-scheme' do
+      parameters = Signet::OAuth2.parse_authorization_header(
+        'OAuth vF9dft4qmT'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['access_token'].should == 'vF9dft4qmT'
+    end
+
+    it 'should correctly handle OAuth auth-scheme with realm' do
+      parameters = Signet::OAuth2.parse_authorization_header(
+        'OAuth vF9dft4qmT, realm="http://sp.example.com/"'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['access_token'].should == 'vF9dft4qmT'
+      parameters['realm'].should == 'http://sp.example.com/'
+    end
+
+    it 'should correctly handle OAuth auth-scheme with multiple auth-params' do
+      parameters = Signet::OAuth2.parse_authorization_header(
+        'OAuth vF9dft4qmT, first="one", second="two"'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['access_token'].should == 'vF9dft4qmT'
+      parameters['first'].should == 'one'
+      parameters['second'].should == 'two'
+    end
+
+    it 'should liberally handle auth-params with single-quoted strings' do
+      parameters = Signet::OAuth2.parse_authorization_header(
+        'OAuth vF9dft4qmT, first=\'one\', second=\'two\''
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['access_token'].should == 'vF9dft4qmT'
+      parameters['first'].should == 'one'
+      parameters['second'].should == 'two'
+    end
+
+    it 'should liberally handle auth-params with unquoted strings' do
+      parameters = Signet::OAuth2.parse_authorization_header(
+        'OAuth vF9dft4qmT, first=one, second=two'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['access_token'].should == 'vF9dft4qmT'
+      parameters['first'].should == 'one'
+      parameters['second'].should == 'two'
+    end
+
+    it 'should not allow unquoted strings that do not match tchar' do
+      (lambda do
+        parameters = Signet::OAuth2.parse_authorization_header(
+          'OAuth vF9dft4qmT, first=one:1'
+        )
+      end).should raise_error(Signet::ParseError)
+    end
+
+    it 'should not parse non-OAuth auth-schemes' do
+      (lambda do
+        Signet::OAuth2.parse_authorization_header(
+          'AuthSub token="GD32CMCL25aZ-v____8B"'
+        )
+      end).should raise_error(Signet::ParseError)
+    end
+  end
+
+  # This behavior will almost certainly change in subsequent updates.
+  describe 'when parsing a WWW-Authenticate header' do
+    it 'should correctly handle OAuth challenge with auth-params' do
+      parameters = Signet::OAuth2.parse_www_authenticate_header(
+        'OAuth realm="http://sp.example.com/", error="expired_token", ' +
+        'error_description="The access token has expired."'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['realm'].should == 'http://sp.example.com/'
+      parameters['error'].should == 'expired_token'
+      parameters['error_description'].should == 'The access token has expired.'
+    end
+
+    it 'should liberally handle auth-params with single-quoted strings' do
+      parameters = Signet::OAuth2.parse_www_authenticate_header(
+        'OAuth realm=\'http://sp.example.com/\', error=\'expired_token\', ' +
+        'error_description=\'The access token has expired.\''
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['realm'].should == 'http://sp.example.com/'
+      parameters['error'].should == 'expired_token'
+      parameters['error_description'].should == 'The access token has expired.'
+    end
+
+    it 'should liberally handle auth-params with token strings' do
+      parameters = Signet::OAuth2.parse_www_authenticate_header(
+        'OAuth realm="http://sp.example.com/", error=expired_token, ' +
+        'error_description="The access token has expired."'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['realm'].should == 'http://sp.example.com/'
+      parameters['error'].should == 'expired_token'
+      parameters['error_description'].should == 'The access token has expired.'
+    end
+
+    it 'should liberally handle out-of-order auth-params' do
+      parameters = Signet::OAuth2.parse_www_authenticate_header(
+        'OAuth error_description=\'The access token has expired.\', ' +
+        'error=\'expired_token\', realm=\'http://sp.example.com/\''
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['realm'].should == 'http://sp.example.com/'
+      parameters['error'].should == 'expired_token'
+      parameters['error_description'].should == 'The access token has expired.'
+    end
+
+    it 'should not allow unquoted strings that do not match tchar' do
+      (lambda do
+        Signet::OAuth2.parse_www_authenticate_header(
+          'OAuth realm=http://sp.example.com/, error=expired_token, ' +
+          'error_description="The access token has expired."'
+        )
+      end).should raise_error(Signet::ParseError)
+    end
+
+    it 'should not parse non-OAuth challenges' do
+      (lambda do
+        Signet::OAuth2.parse_www_authenticate_header(
+          'AuthSub realm="https://www.google.com/accounts/AuthSubRequest"'
+        )
+      end).should raise_error(Signet::ParseError)
+    end
+  end
+
+  describe 'when generating a Basic Authorization header' do
+    it 'should correctly handle client ID and password pairs' do
+      # Example from OAuth 2 spec
+      Signet::OAuth2.generate_basic_authorization_header(
+        's6BhdRkqt3', 'gX1fBat3bV'
+      ).should == 'Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW'
+    end
+
+    it 'should correctly encode using the alogrithm given in RFC 2617' do
+      # Example from RFC 2617
+      Signet::OAuth2.generate_basic_authorization_header(
+        'Aladdin', 'open sesame'
+      ).should == 'Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=='
+    end
+  end
+end

data/spec/signet_spec.rb

@@ -0,0 +1,80 @@
+# Copyright (C) 2010 Google Inc.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License");
+#    you may not use this file except in compliance with the License.
+#    You may obtain a copy of the License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+
+require 'spec_helper'
+
+require 'signet/oauth_2'
+
+describe Signet do
+  describe 'when parsing an auth param list' do
+    it 'should correctly handle commas' do
+      parameters = Signet.parse_auth_param_list(
+        'a="1, 2" , b="3,4",c="5 , 6" ,d="7 ,8"'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['a'].should == '1, 2'
+      parameters['b'].should == '3,4'
+      parameters['c'].should == '5 , 6'
+      parameters['d'].should == '7 ,8'
+    end
+
+    it 'should correctly handle backslash-escaped pairs' do
+      parameters = Signet.parse_auth_param_list(
+        'token="\t\o\k\e\n" sigalg="\s\i\g\a\l\g" data="\d\a\t\a"'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['token'].should == 'token'
+      parameters['sigalg'].should == 'sigalg'
+      parameters['data'].should == 'data'
+    end
+
+    it 'should liberally handle space-separated auth-param lists' do
+      parameters = Signet.parse_auth_param_list(
+        'token="token" sigalg="sigalg" data="data" sig="sig"'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['token'].should == 'token'
+      parameters['sigalg'].should == 'sigalg'
+      parameters['data'].should == 'data'
+      parameters['sig'].should == 'sig'
+    end
+
+    it 'should liberally handle single-quoted auth-param lists' do
+      parameters = Signet.parse_auth_param_list(
+        'token=\'token\' sigalg=\'sigalg\' data=\'data\' sig=\'sig\''
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['token'].should == 'token'
+      parameters['sigalg'].should == 'sigalg'
+      parameters['data'].should == 'data'
+      parameters['sig'].should == 'sig'
+    end
+
+    it 'should liberally handle unquoted auth-param lists' do
+      parameters = Signet.parse_auth_param_list(
+        'token=token sigalg=sigalg data=data sig=sig'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['token'].should == 'token'
+      parameters['sigalg'].should == 'sigalg'
+      parameters['data'].should == 'data'
+      parameters['sig'].should == 'sig'
+    end
+
+    it 'should liberally handle auth-param lists with empty sections' do
+      parameters = Signet.parse_auth_param_list(
+        'token=token, , sigalg=sigalg,, data=data, sig=sig'
+      ).inject({}) { |h,(k,v)| h[k]=v; h }
+      parameters['token'].should == 'token'
+      parameters['sigalg'].should == 'sigalg'
+      parameters['data'].should == 'data'
+      parameters['sig'].should == 'sig'
+    end
+  end
+end

data/tasks/gem.rake

@@ -24,6 +24,7 @@ namespace :gem do
 
     s.add_runtime_dependency("httpadapter", "~> 0.2.0")
     s.add_runtime_dependency("addressable", "~> 2.2.1")
+    s.add_runtime_dependency("json", "~> 1.5.0")
 
     s.add_development_dependency("rake", "~> 0.8.3")
     s.add_development_dependency("rspec", "~> 1.1.11")

data/tasks/spec.rake

@@ -15,11 +15,13 @@ namespace :spec do
       t.rcov = false
     end
     t.rcov_opts = [
+      '--exclude', 'lib\\/compat',
       '--exclude', 'spec',
-      '--exclude', 'compat',
+      '--exclude', '\\.rvm\\/gems',
       '--exclude', '1\\.8\\/gems',
       '--exclude', '1\\.9\\/gems',
-      '--exclude', '\\.rvm'
+      '--exclude', '\\.rvm',
+      '--exclude', '\\/Library\\/Ruby'
     ]
   end
 

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: signet
 version: !ruby/object:Gem::Version 
-  hash: 19
-  prerelease: false
+  hash: 23
+  prerelease: 
   segments: 
   - 0
-  - 1
-  - 4
-  version: 0.1.4
+  - 2
+  - 0
+  version: 0.2.0
 platform: ruby
 authors: 
 - Bob Aman
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-10-21 00:00:00 -07:00
+date: 2011-02-21 00:00:00 -08:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -51,9 +51,25 @@ dependencies:
   type: :runtime
   version_requirements: *id002
 - !ruby/object:Gem::Dependency 
-  name: rake
+  name: json
   prerelease: false
   requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 1
+        - 5
+        - 0
+        version: 1.5.0
+  type: :runtime
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: rake
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -65,11 +81,11 @@ dependencies:
         - 3
         version: 0.8.3
   type: :development
-  version_requirements: *id003
+  version_requirements: *id004
 - !ruby/object:Gem::Dependency 
   name: rspec
   prerelease: false
-  requirement: &id004 !ruby/object:Gem::Requirement 
+  requirement: &id005 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -81,11 +97,11 @@ dependencies:
         - 11
         version: 1.1.11
   type: :development
-  version_requirements: *id004
+  version_requirements: *id005
 - !ruby/object:Gem::Dependency 
   name: launchy
   prerelease: false
-  requirement: &id005 !ruby/object:Gem::Requirement 
+  requirement: &id006 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -97,11 +113,11 @@ dependencies:
         - 2
         version: 0.3.2
   type: :development
-  version_requirements: *id005
+  version_requirements: *id006
 - !ruby/object:Gem::Dependency 
   name: diff-lcs
   prerelease: false
-  requirement: &id006 !ruby/object:Gem::Requirement 
+  requirement: &id007 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -113,11 +129,11 @@ dependencies:
         - 2
         version: 1.1.2
   type: :development
-  version_requirements: *id006
+  version_requirements: *id007
 - !ruby/object:Gem::Dependency 
   name: typhoeus
   prerelease: false
-  requirement: &id007 !ruby/object:Gem::Requirement 
+  requirement: &id008 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -129,7 +145,7 @@ dependencies:
         - 31
         version: 0.1.31
   type: :development
-  version_requirements: *id007
+  version_requirements: *id008
 description: |
   Signet is an OAuth 1.0 / OAuth 2.0 implementation.
 
@@ -148,6 +164,8 @@ files:
 - lib/signet/oauth_1/credential.rb
 - lib/signet/oauth_1/signature_methods/hmac_sha1.rb
 - lib/signet/oauth_1.rb
+- lib/signet/oauth_2/client.rb
+- lib/signet/oauth_2.rb
 - lib/signet/version.rb
 - lib/signet.rb
 - spec/force_compat/digest/hmac.rb
@@ -157,6 +175,9 @@ files:
 - spec/signet/oauth_1/services/google_spec.rb
 - spec/signet/oauth_1/signature_methods/hmac_sha1_spec.rb
 - spec/signet/oauth_1_spec.rb
+- spec/signet/oauth_2/client_spec.rb
+- spec/signet/oauth_2_spec.rb
+- spec/signet_spec.rb
 - spec/spec.opts
 - spec/spec_helper.rb
 - tasks/clobber.rake
@@ -203,7 +224,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
 requirements: []
 
 rubyforge_project: signet
-rubygems_version: 1.3.7
+rubygems_version: 1.4.1
 signing_key: 
 specification_version: 3
 summary: Package Summary