signet 0.11.0 → 0.14.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ee45b6d3e6075bfd1d1e5b2fae2830e0f981b2e70e7bb075422e51e20b12f4e8
-  data.tar.gz: 3f019f83eda28d4e0a2b80da812c181f605eae19ecc5b138f9ceee2cfd686fbc
+  metadata.gz: c94f4ee9a5ea982bba69826873be998a4cbf833af8c70920fd2384558efe33e5
+  data.tar.gz: 211e019a051159858a4e18cbe64efe9989a13df08b2d449e67ac4057f91f4332
 SHA512:
-  metadata.gz: 4e9f7704e31e89ecb6b8b24c6f09d1d13615cdfc7ba2d165384ab854be0f33c175bc38db7fd138070fdafff73d33676b96d8e1403b10128e811c25311cd15bf8
-  data.tar.gz: 399c408f37ef1cd30d0e0d31dab9d80ebed8a917e659d252905f4d162511edf2f88d72e27cf8b0792794245ce8e06ae769c473aa94f4c559dcea9e222e221785
+  metadata.gz: d8e5ac7a7977d89976275a4988e62139622436dea9f539a934b99e94f32832e57c8c522a91647449f9b5ea199fa561ad62680803f7d1dbe5b40946087b95dae4
+  data.tar.gz: 2b6476b3b89d09d66c0274fa9bd1b5da6aebb68932e7e15325cf34ccca14b5d5f5a16f76a22330bbcb9f6b66882e016eeccb54977e7a87cc4ce6f32568361808

data/CHANGELOG.md

@@ -1,27 +1,63 @@
-## 0.11.0 (2018-10-08)
+# Release History
+
+## [0.14.1](https://www.github.com/googleapis/signet/compare/v0.14.0...v0.14.1) (2021-01-27)
+
+
+### Bug Fixes
+
+* Fix OAuth1 signature with duplicate query param names ([9f5b81a](https://www.github.com/googleapis/signet/commit/9f5b81a60625a6e6f0e5bca24c67b90e73d7479b))
+
+## 0.14.0 / 2020-03-31
+
+* Support for fetching ID tokens from google oauth2 endpoint.
+
+## 0.13.2 / 2020-03-25
+
+Rerelease of 0.13.1.
+
+## 0.13.1 / 2020-03-24
+
+* Update github url
+
+## 0.13.0 / 2020-02-24
+
+* Support Faraday 1.x
+
+## 0.12.0 / 2019-10-08
+
+* This version now requires Ruby 2.4.
+* Support array values of the "aud" field.
+* Normalize the version constant to match related gems.
+
+## 0.11.0 / 2018-10-08
+
 * Add constant time comparison for oauth signatures.
 
-## 0.10.0 (2018-09-21)
+## 0.10.0 / 2018-09-21
+
 * Add UnexpectedStatusError class for http status errors that are not handled.
 
-## 0.9.2 (2018-09-12)
+## 0.9.2 / 2018-09-12
+
 * Update issued_at correctly when it is set simultaneously with expires_in.
 
-## 0.9.1 (2018-08-29)
+## 0.9.1 / 2018-08-29
+
 * Warn on EOL ruby versions.
 * Fix DateTime normalization.
 
-## 0.9.0 (2018-08-20)
+## 0.9.0 / 2018-08-20
+
 * Add RemoteServerError class for 5xx level errors.
 * Allow to_json to be called with arguments
 * Expires_in now sets and reflects current expires_at value
 * Expires_within(0) now returns false when expires_at is nil.
 
-## 0.8.1 (2017-10-13)
+## 0.8.1 / 2017-10-13
 
 * Restore support for Ruby 1.9.3
 
-## 0.8.0 (2017-10-12)
+## 0.8.0 / 2017-10-12
 
 * Ensure the "expires_at" attribute is recalculated on refresh (chutzimir)
 * Fix warnings on Ruby 2.4 (koic)
@@ -29,20 +65,20 @@
 * Provide signature verification algorithm for compatibility with ruby-jwt 2.0 (jurriaan)
 * Signet::OAuth2::Client#decoded_id_token can take a keyfinder block (mvastola)
 
-## 0.7.3 (2016-06-20)
+## 0.7.3 / 2016-06-20
 
 * Fix timestamp parsing on 32-bit systems
 * Fix expiration check when issue/expiry times are nil
 
-## 0.7.2 (2015-12-21)
+## 0.7.2 / 2015-12-21
 
 * Don't assume Faraday form encoding middleware is present
 
-## 0.7.1 (2015-12-17)
+## 0.7.1 / 2015-12-17
 
 * Fix an issue with date parsing
 
-## 0.7 (2015-12-06)
+## 0.7 / 2015-12-06
 
 * No longer overwrite SSL environment variables.
 * Tighten up date & URL (de)serialization for OAuth2 client
@@ -51,7 +87,7 @@
 * Add expires_within(sec) method to oauth2 client to facilitate proactive
   refreshes
 
-## 0.6.1 (2015-06-08)
+## 0.6.1 / 2015-06-08
 
 * Fix language warnings for unused & shadowed variables ((@blowmage)[])
 * Update SSL cert path for OSX ((@gambaroff)[])
@@ -59,14 +95,14 @@
 * Fix incorrect parameter name in OAuth2 client docs ((@samuelreh)[])
 * Fix symbolization of URL parameter keys ((@swifthand)[])
 
-## 0.6.0 (2014-12-05)
+## 0.6.0 / 2014-12-05
 
 * Drop support for ruby versions < 1.9.3
 * Update gem dependencies and lock down versions tighter
 * Allow form encoded responses when exchanging OAuth 2 authorization codes
 * Normalize options keys for indifferent access
 
-## 0.5.1 (2014-06-08)
+## 0.5.1 / 2014-06-08
 
 * Allow Hash objects to be used to initialize authorization URI
 * Added PLAINTEXT and RSA-SHA1 signature methods to OAuth 1 support
@@ -74,7 +110,7 @@
 * The `approval_prompt` option no longer defaults to `:force`
 * The `approval_prompt` and `prompt` are now mutually exclusive.
 
-## 0.5.0 (2013-05-31)
+## 0.5.0 / 2013-05-31
 
 * Switched to faraday 0.9.0
 * Added `expires_at` option

data/Gemfile

@@ -1,7 +1,8 @@
-source 'https://rubygems.org'
+source "https://rubygems.org"
 
 gemspec
 
-gem 'jruby-openssl', :platforms => :jruby
-gem 'hurley'
-gem 'bundler', '~> 1.15'
+gem "bundler", ">= 1.15"
+gem "gems", "~> 1.2"
+gem "hurley"
+gem "jruby-openssl", platforms: :jruby

data/README.md

@@ -1,14 +1,13 @@
 # Signet
 
 <dl>
-  <dt>Homepage</dt><dd><a href="http://code.google.com/p/oauth-signet/">http://code.google.com/p/oauth-signet/</a></dd>
+  <dt>Homepage</dt><dd><a href="https://github.com/googleapis/signet/">https://github.com/googleapis/signet/</a></dd>
   <dt>Author</dt><dd><a href="mailto:bobaman@google.com">Bob Aman</a></dd>
   <dt>Copyright</dt><dd>Copyright © 2010 Google, Inc.</dd>
   <dt>License</dt><dd>Apache 2.0</dd>
 </dl>
 
 [![Gem Version](https://badge.fury.io/rb/signet.svg)](https://badge.fury.io/rb/signet)
-[![Build Status](https://secure.travis-ci.org/google/signet.png)](http://travis-ci.org/google/signet)
 
 ## Description
 
@@ -59,10 +58,9 @@ client.fetch_access_token!
 Be sure `https://rubygems.org` is in your gem sources.
 
 ## Supported Ruby Versions
-This library is currently supported on Ruby 1.9+.  
-However, Ruby 2.4 or later is strongly recommended, as earlier releases have
-reached or are nearing end-of-life. After March 31, 2019, Google will provide
-official support only for Ruby versions that are considered current and
+
+This library requires Ruby 2.4 or later.
+In general, this library supports Ruby versions that are considered current and
 supported by Ruby Core (that is, Ruby versions that are either in normal
 maintenance or in security maintenance).
 See https://www.ruby-lang.org/en/downloads/branches/ for further details.

data/Rakefile

@@ -1,42 +1,112 @@
-lib_dir = File.expand_path(File.join(File.dirname(__FILE__), "lib"))
-$:.unshift(lib_dir)
-$:.uniq!
-
-require 'rubygems'
-require 'rake'
+require "rubygems"
+require "json"
+require "rake"
 require "bundler/gem_tasks"
 
-require File.join(File.dirname(__FILE__), 'lib/signet', 'version')
-
-PKG_DISPLAY_NAME   = 'Signet'
-PKG_NAME           = PKG_DISPLAY_NAME.downcase
-PKG_VERSION        = Signet::VERSION::STRING
-PKG_FILE_NAME      = "#{PKG_NAME}-#{PKG_VERSION}"
-
-RELEASE_NAME       = "REL #{PKG_VERSION}"
-
-PKG_AUTHOR         = "Bob Aman"
-PKG_AUTHOR_EMAIL   = "bobaman@google.com"
-PKG_HOMEPAGE       = "http://code.google.com/p/oauth-signet/"
-PKG_DESCRIPTION    = <<-TEXT
-Signet is an OAuth 1.0 / OAuth 2.0 implementation.
-TEXT
-PKG_SUMMARY        = PKG_DESCRIPTION
-
-PKG_FILES = FileList[
-    "lib/**/*", "spec/**/*", "vendor/**/*",
-    "tasks/**/*", "website/**/*",
-    "[A-Z]*", "Rakefile"
-].exclude(/database\.yml/).exclude(/[_\.]git$/).exclude(/Gemfile\.lock/)
-
-RCOV_ENABLED = !!(RUBY_PLATFORM != 'java' && RUBY_VERSION =~ /^1\.8/)
-if RCOV_ENABLED
-  task :default => 'spec:rcov'
-else
-  task :default => 'spec:normal'
+task :release_gem, :tag do |_t, args|
+  tag = args[:tag]
+  raise "You must provide a tag to release." if tag.nil?
+
+  # Verify the tag format "vVERSION"
+  m = tag.match /v(?<version>\S*)/
+  raise "Tag #{tag} does not match the expected format." if m.nil?
+
+  version = m[:version]
+  raise "You must provide a version." if version.nil?
+
+  api_token = ENV["RUBYGEMS_API_TOKEN"]
+
+  require "gems"
+  if api_token
+    ::Gems.configure do |config|
+      config.key = api_token
+    end
+  end
+
+  Bundler.with_clean_env do
+    sh "rm -rf pkg"
+    sh "bundle update"
+    sh "bundle exec rake build"
+  end
+
+  path_to_be_pushed = "pkg/signet-#{version}.gem"
+  gem_was_published = nil
+  if File.file? path_to_be_pushed
+    begin
+      response = ::Gems.push File.new(path_to_be_pushed)
+      puts response
+      raise unless response.include? "Successfully registered gem:"
+      gem_was_published = true
+      puts "Successfully built and pushed signet for version #{version}"
+    rescue StandardError => e
+      gem_was_published = false
+      puts "Error while releasing signet version #{version}: #{e.message}"
+    end
+  else
+    raise "Cannot build signet for version #{version}"
+  end
+
+  Rake::Task["kokoro:publish_docs"].invoke if gem_was_published
+end
+
+task :ci do
+  header "Using Ruby - #{RUBY_VERSION}"
+  sh "bundle exec rubocop"
+  sh "bundle exec rspec"
 end
 
-WINDOWS = (RUBY_PLATFORM =~ /mswin|win32|mingw|bccwin|cygwin/) rescue false
-SUDO = WINDOWS ? '' : ('sudo' unless ENV['SUDOLESS'])
+namespace :kokoro do
+  task :load_env_vars do
+    service_account = "#{ENV['KOKORO_GFILE_DIR']}/service-account.json"
+    ENV["GOOGLE_APPLICATION_CREDENTIALS"] = service_account
+    filename = "#{ENV['KOKORO_GFILE_DIR']}/env_vars.json"
+    env_vars = JSON.parse File.read(filename)
+    env_vars.each { |k, v| ENV[k] = v }
+  end
 
-Dir['tasks/**/*.rake'].each { |rake| load rake }
+  task :presubmit do
+    Rake::Task["ci"].invoke
+  end
+
+  task :continuous do
+    Rake::Task["ci"].invoke
+  end
+
+  task :nightly do
+    Rake::Task["ci"].invoke
+  end
+
+  task :release do
+    version = "0.1.0"
+    Bundler.with_clean_env do
+      version = `bundle exec gem list`
+                .split("\n").select { |line| line.include? "signet" }
+                .first.split("(").last.split(")").first || "0.1.0"
+    end
+    Rake::Task["kokoro:load_env_vars"].invoke
+    Rake::Task["release_gem"].invoke "v#{version}"
+  end
+
+  task :post do
+    require_relative "rakelib/link_checker.rb"
+
+    link_checker = LinkChecker.new
+    link_checker.run
+    exit link_checker.exit_status
+  end
+
+  task :publish_docs do
+    require_relative "rakelib/devsite_builder.rb"
+
+    DevsiteBuilder.new(__dir__).publish
+  end
+end
+
+def header str, token = "#"
+  line_length = str.length + 8
+  puts ""
+  puts token * line_length
+  puts "#{token * 3} #{str} #{token * 3}"
+  puts token * line_length
+  puts ""
+end

data/lib/signet.rb

@@ -12,13 +12,15 @@
 #    See the License for the specific language governing permissions and
 #    limitations under the License.
 
-require 'signet/version'
+require "signet/version"
 
 module Signet #:nodoc:
-  def self.parse_auth_param_list(auth_param_string)
+  # rubocop:disable Metrics/AbcSize
+  # rubocop:disable Metrics/MethodLength
+  def self.parse_auth_param_list auth_param_string
     # Production rules from:
     # http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-12
-    token = /[-!#$\%&'*+.^_`|~0-9a-zA-Z]+/
+    token = /[-!#{$OUTPUT_RECORD_SEPARATOR}%&'*+.^_`|~0-9a-zA-Z]+/
     d_qdtext = /[\s\x21\x23-\x5B\x5D-\x7E\x80-\xFF]/n
     d_quoted_pair = /\\[\s\x21-\x7E\x80-\xFF]/n
     d_qs = /"(?:#{d_qdtext}|#{d_quoted_pair})*"/
@@ -36,10 +38,10 @@ module Signet #:nodoc:
     #
     # This would be way easier in Ruby 1.9, but we want backwards
     # compatibility.
-    while (match = remainder.match(auth_param))
+    while (match = remainder.match auth_param)
       if match.pre_match && match.pre_match !~ /^[\s,]*$/
         raise ParseError,
-          "Unexpected auth param format: '#{auth_param_string}'."
+              "Unexpected auth param format: '#{auth_param_string}'."
       end
       auth_param_pairs << match.captures[0] # Appending pair
       remainder = match.post_match
@@ -47,24 +49,25 @@ module Signet #:nodoc:
     end
     if last_match.post_match && last_match.post_match !~ /^[\s,]*$/
       raise ParseError,
-        "Unexpected auth param format: '#{auth_param_string}'."
+            "Unexpected auth param format: '#{auth_param_string}'."
     end
     # Now parse the auth-param pair strings & turn them into key-value pairs.
-    return (auth_param_pairs.inject([]) do |accu, pair|
-      name, value = pair.split('=', 2)
+    (auth_param_pairs.each_with_object [] do |pair, accu|
+      name, value = pair.split "=", 2
       if value =~ /^".*"$/
         value = value.gsub(/^"(.*)"$/, '\1').gsub(/\\(.)/, '\1')
       elsif value =~ /^'.*'$/
         value = value.gsub(/^'(.*)'$/, '\1').gsub(/\\(.)/, '\1')
-      elsif value =~ /[\(\)<>@,;:\\\"\/\[\]?={}]/
+      elsif value =~ %r{[\(\)<>@,;:\\\"/\[\]?={}]}
         # Certain special characters are not allowed
-        raise ParseError, (
-          "Unexpected characters in auth param " +
-          "list: '#{auth_param_string}'."
-        )
+        raise ParseError,
+              "Unexpected characters in auth param " \
+              "list: '#{auth_param_string}'."
+
       end
       accu << [name, value]
-      accu
     end)
   end
+  # rubocop:enable Metrics/AbcSize
+  # rubocop:enable Metrics/MethodLength
 end

data/lib/signet/errors.rb

@@ -12,7 +12,7 @@
 #    See the License for the specific language governing permissions and
 #    limitations under the License.
 
-require 'addressable/uri'
+require "addressable/uri"
 
 module Signet
   ##
@@ -66,14 +66,14 @@ module Signet
     #   - <code>:uri</code> -
     #     A URI identifying a human-readable web page with additional
     #     information about the error, indended for the resource owner.
-    def initialize(message, options={})
-      super(message)
+    def initialize message, options = {}
+      super message
       @options = options
       @request = options[:request]
       @response = options[:response]
       @code = options[:code]
       @description = options[:description]
-      @uri = Addressable::URI.parse(options[:uri])
+      @uri = Addressable::URI.parse options[:uri]
     end
 
     ##

data/lib/signet/oauth_1.rb

@@ -1,11 +1,11 @@
-require 'addressable/uri'
-require 'signet'
+require "addressable/uri"
+require "signet"
 
-require 'securerandom'
+require "securerandom"
 
 module Signet #:nodoc:
   module OAuth1
-    OUT_OF_BAND = 'oob'
+    OUT_OF_BAND = "oob".freeze
 
     ##
     # Converts a value to a percent-encoded <code>String</code> according to
@@ -15,9 +15,9 @@ module Signet #:nodoc:
     # @param [Symbol, #to_str] value The value to be encoded.
     #
     # @return [String] The percent-encoded value.
-    def self.encode(value)
-      value = value.to_s if value.kind_of?(Symbol)
-      return Addressable::URI.encode_component(
+    def self.encode value
+      value = value.to_s if value.is_a? Symbol
+      Addressable::URI.encode_component(
         value,
         Addressable::URI::CharacterClasses::UNRESERVED
       )
@@ -30,8 +30,8 @@ module Signet #:nodoc:
     #   The percent-encoded <code>String</code> to be unencoded.
     #
     # @return [String] The unencoded value.
-    def self.unencode(value)
-      return Addressable::URI.unencode_component(value)
+    def self.unencode value
+      Addressable::URI.unencode_component value
     end
 
     ##
@@ -39,8 +39,8 @@ module Signet #:nodoc:
     # value.
     #
     # @return [String] The current timestamp.
-    def self.generate_timestamp()
-      return Time.now.to_i.to_s
+    def self.generate_timestamp
+      Time.now.to_i.to_s
     end
 
     ##
@@ -48,9 +48,10 @@ module Signet #:nodoc:
     # value.
     #
     # @return [String] A random nonce.
-    def self.generate_nonce()
-      return SecureRandom.random_bytes(16).unpack('H*').join('')
+    def self.generate_nonce
+      SecureRandom.random_bytes(16).unpack("H*").join ""
     end
+    # rubocop:disable Metrics/MethodLength
 
     ##
     # Processes an options <code>Hash</code> to find a credential key value.
@@ -62,36 +63,36 @@ module Signet #:nodoc:
     #   or <code>:access</code>.
     #
     # @return [String] The credential key value.
-    def self.extract_credential_key_option(credential_type, options)
+    def self.extract_credential_key_option credential_type, options
       # Normalize key to String to allow indifferent access.
-      options = options.inject({}) { |accu, (k, v)| accu[k.to_s] = v; accu }
+      options = options.each_with_object({}) { |(k, v), accu| accu[k.to_s] = v; }
       credential_key = "#{credential_type}_credential_key"
       credential = "#{credential_type}_credential"
       if options[credential_key]
         credential_key = options[credential_key]
       elsif options[credential]
-        require 'signet/oauth_1/credential'
-        if !options[credential].respond_to?(:key)
+        require "signet/oauth_1/credential"
+        unless options[credential].respond_to? :key
           raise TypeError,
-            "Expected Signet::OAuth1::Credential, " +
-            "got #{options[credential].class}."
+                "Expected Signet::OAuth1::Credential, " \
+                "got #{options[credential].class}."
         end
         credential_key = options[credential].key
       elsif options["client"]
-        require 'signet/oauth_1/client'
-        if !options["client"].kind_of?(::Signet::OAuth1::Client)
+        require "signet/oauth_1/client"
+        unless options["client"].is_a? ::Signet::OAuth1::Client
           raise TypeError,
-            "Expected Signet::OAuth1::Client, got #{options["client"].class}."
+                "Expected Signet::OAuth1::Client, got #{options['client'].class}."
         end
-        credential_key = options["client"].send(credential_key)
+        credential_key = options["client"].send credential_key
       else
         credential_key = nil
       end
-      if credential_key != nil && !credential_key.kind_of?(String)
+      if !credential_key.nil? && !credential_key.is_a?(String)
         raise TypeError,
-          "Expected String, got #{credential_key.class}."
+              "Expected String, got #{credential_key.class}."
       end
-      return credential_key
+      credential_key
     end
 
     ##
@@ -104,37 +105,38 @@ module Signet #:nodoc:
     #   or <code>:access</code>.
     #
     # @return [String] The credential secret value.
-    def self.extract_credential_secret_option(credential_type, options)
+    def self.extract_credential_secret_option credential_type, options
       # Normalize key to String to allow indifferent access.
-      options = options.inject({}) { |accu, (k, v)| accu[k.to_s] = v; accu }
+      options = options.each_with_object({}) { |(k, v), accu| accu[k.to_s] = v; }
       credential_secret = "#{credential_type}_credential_secret"
       credential = "#{credential_type}_credential"
       if options[credential_secret]
         credential_secret = options[credential_secret]
       elsif options[credential]
-        require 'signet/oauth_1/credential'
-        if !options[credential].respond_to?(:secret)
+        require "signet/oauth_1/credential"
+        unless options[credential].respond_to? :secret
           raise TypeError,
-            "Expected Signet::OAuth1::Credential, " +
-            "got #{options[credential].class}."
+                "Expected Signet::OAuth1::Credential, " \
+                "got #{options[credential].class}."
         end
         credential_secret = options[credential].secret
       elsif options["client"]
-        require 'signet/oauth_1/client'
-        if !options["client"].kind_of?(::Signet::OAuth1::Client)
+        require "signet/oauth_1/client"
+        unless options["client"].is_a? ::Signet::OAuth1::Client
           raise TypeError,
-            "Expected Signet::OAuth1::Client, got #{options["client"].class}."
+                "Expected Signet::OAuth1::Client, got #{options['client'].class}."
         end
-        credential_secret = options["client"].send(credential_secret)
+        credential_secret = options["client"].send credential_secret
       else
         credential_secret = nil
       end
-      if credential_secret != nil && !credential_secret.kind_of?(String)
+      if !credential_secret.nil? && !credential_secret.is_a?(String)
         raise TypeError,
-          "Expected String, got #{credential_secret.class}."
+              "Expected String, got #{credential_secret.class}."
       end
-      return credential_secret
+      credential_secret
     end
+    # rubocop:enable Metrics/MethodLength
 
     ##
     # Normalizes a set of OAuth parameters according to the algorithm given
@@ -145,16 +147,14 @@ module Signet #:nodoc:
     # @param [Enumerable] parameters The OAuth parameter list.
     #
     # @return [String] The normalized parameter list.
-    def self.normalize_parameters(parameters)
-      if !parameters.kind_of?(Enumerable)
-        raise TypeError, "Expected Enumerable, got #{parameters.class}."
-      end
+    def self.normalize_parameters parameters
+      raise TypeError, "Expected Enumerable, got #{parameters.class}." unless parameters.is_a? Enumerable
       parameter_list = parameters.map do |k, v|
         next if k == "oauth_signature"
         # This is probably the wrong place to try to exclude the realm
-        "#{self.encode(k)}=#{self.encode(v)}"
+        "#{encode k}=#{encode v}"
       end
-      return parameter_list.compact.sort.join("&")
+      parameter_list.compact.sort.join "&"
     end
 
     ##
@@ -167,29 +167,27 @@ module Signet #:nodoc:
     # @param [Enumerable] parameters The OAuth parameter list.
     #
     # @return [String] The signature base string.
-    def self.generate_base_string(method, uri, parameters)
-      if !parameters.kind_of?(Enumerable)
-        raise TypeError, "Expected Enumerable, got #{parameters.class}."
-      end
+    def self.generate_base_string method, uri, parameters
+      raise TypeError, "Expected Enumerable, got #{parameters.class}." unless parameters.is_a? Enumerable
       method = method.to_s.upcase
-      parsed_uri = Addressable::URI.parse(uri)
+      parsed_uri = Addressable::URI.parse uri
       uri = Addressable::URI.new(
-        :scheme => parsed_uri.normalized_scheme,
-        :authority => parsed_uri.normalized_authority,
-        :path => parsed_uri.path,
-        :query => parsed_uri.query,
-        :fragment => parsed_uri.fragment
+        scheme:    parsed_uri.normalized_scheme,
+        authority: parsed_uri.normalized_authority,
+        path:      parsed_uri.path,
+        query:     parsed_uri.query,
+        fragment:  parsed_uri.fragment
       )
-      uri_parameters = uri.query_values.to_a
+      uri_parameters = uri.query_values(Array) || []
       uri = uri.omit(:query, :fragment).to_s
       merged_parameters =
         uri_parameters.concat(parameters.map { |k, v| [k, v] })
-      parameter_string = self.normalize_parameters(merged_parameters)
-      return [
-        self.encode(method),
-        self.encode(uri),
-        self.encode(parameter_string)
-      ].join('&')
+      parameter_string = normalize_parameters merged_parameters
+      [
+        encode(method),
+        encode(uri),
+        encode(parameter_string)
+      ].join("&")
     end
 
     ##
@@ -201,48 +199,45 @@ module Signet #:nodoc:
     #   The <code>Authorization</code> realm.  See RFC 2617.
     #
     # @return [String] The <code>Authorization</code> header.
-    def self.generate_authorization_header(parameters, realm=nil)
-      if !parameters.kind_of?(Enumerable) || parameters.kind_of?(String)
+    def self.generate_authorization_header parameters, realm = nil
+      if !parameters.is_a?(Enumerable) || parameters.is_a?(String)
         raise TypeError, "Expected Enumerable, got #{parameters.class}."
       end
       parameter_list = parameters.map do |k, v|
-        if k == 'realm'
+        if k == "realm"
           raise ArgumentError,
-            'The "realm" parameter must be specified as a separate argument.'
+                'The "realm" parameter must be specified as a separate argument.'
         end
-        "#{self.encode(k)}=\"#{self.encode(v)}\""
+        "#{encode k}=\"#{encode v}\""
       end
       if realm
-        realm = realm.gsub('"', '\"')
-        parameter_list.unshift("realm=\"#{realm}\"")
+        realm = realm.gsub '"', '\"'
+        parameter_list.unshift "realm=\"#{realm}\""
       end
-      return 'OAuth ' + parameter_list.join(", ")
+      "OAuth " + parameter_list.join(", ")
     end
 
     ##
     # Parses an <code>Authorization</code> header into its component
     # parameters.  Parameter keys and values are decoded according to the
     # rules given in RFC 5849.
-    def self.parse_authorization_header(field_value)
-      if !field_value.kind_of?(String)
-        raise TypeError, "Expected String, got #{field_value.class}."
-      end
+    def self.parse_authorization_header field_value
+      raise TypeError, "Expected String, got #{field_value.class}." unless field_value.is_a? String
       auth_scheme = field_value[/^([-._0-9a-zA-Z]+)/, 1]
       case auth_scheme
       when /^OAuth$/i
         # Other token types may be supported eventually
         pairs = Signet.parse_auth_param_list(field_value[/^OAuth\s+(.*)$/i, 1])
-        return (pairs.inject([]) do |accu, (k, v)|
-          if k != 'realm'
-            k = self.unencode(k)
-            v = self.unencode(v)
+        return (pairs.each_with_object [] do |(k, v), accu|
+          if k != "realm"
+            k = unencode k
+            v = unencode v
           end
           accu << [k, v]
-          accu
         end)
       else
         raise ParseError,
-          'Parsing non-OAuth Authorization headers is out of scope.'
+              "Parsing non-OAuth Authorization headers is out of scope."
       end
     end
 
@@ -253,11 +248,9 @@ module Signet #:nodoc:
     # @param [String] body The response body.
     #
     # @return [Signet::OAuth1::Credential] The OAuth credentials.
-    def self.parse_form_encoded_credentials(body)
-      if !body.kind_of?(String)
-        raise TypeError, "Expected String, got #{body.class}."
-      end
-      return Signet::OAuth1::Credential.new(
+    def self.parse_form_encoded_credentials body
+      raise TypeError, "Expected String, got #{body.class}." unless body.is_a? String
+      Signet::OAuth1::Credential.new(
         Addressable::URI.form_unencode(body)
       )
     end
@@ -275,33 +268,33 @@ module Signet #:nodoc:
     #   The token credential secret.  Omitted when unavailable.
     #
     # @return [String] The signature.
-    def self.sign_parameters(method, uri, parameters,
-        client_credential_secret, token_credential_secret=nil)
+    def self.sign_parameters method, uri, parameters,
+                             client_credential_secret, token_credential_secret = nil
       # Technically, the token_credential_secret parameter here may actually
       # be a temporary credential secret when obtaining a token credential
       # for the first time
-      base_string = self.generate_base_string(method, uri, parameters)
-      parameters = parameters.inject({}) { |h,(k,v)| h[k.to_s]=v; h }
-      signature_method = parameters['oauth_signature_method']
+      base_string = generate_base_string method, uri, parameters
+      parameters = parameters.each_with_object({}) { |(k, v), h| h[k.to_s] = v; }
+      signature_method = parameters["oauth_signature_method"]
       case signature_method
-      when 'HMAC-SHA1'
-        require 'signet/oauth_1/signature_methods/hmac_sha1'
+      when "HMAC-SHA1"
+        require "signet/oauth_1/signature_methods/hmac_sha1"
         return Signet::OAuth1::HMACSHA1.generate_signature(
           base_string, client_credential_secret, token_credential_secret
         )
-      when 'RSA-SHA1'
-        require 'signet/oauth_1/signature_methods/rsa_sha1'
+      when "RSA-SHA1"
+        require "signet/oauth_1/signature_methods/rsa_sha1"
         return Signet::OAuth1::RSASHA1.generate_signature(
           base_string, client_credential_secret, token_credential_secret
         )
-      when 'PLAINTEXT'
-        require 'signet/oauth_1/signature_methods/plaintext'
+      when "PLAINTEXT"
+        require "signet/oauth_1/signature_methods/plaintext"
         return Signet::OAuth1::PLAINTEXT.generate_signature(
           base_string, client_credential_secret, token_credential_secret
         )
       else
         raise NotImplementedError,
-          "Unsupported signature method: #{signature_method}"
+              "Unsupported signature method: #{signature_method}"
       end
     end
 
@@ -322,22 +315,20 @@ module Signet #:nodoc:
     #
     # @return [Array]
     #   The parameter list as an <code>Array</code> of key/value pairs.
-    def self.unsigned_temporary_credential_parameters(options={})
+    def self.unsigned_temporary_credential_parameters options = {}
       options = {
-        :callback => ::Signet::OAuth1::OUT_OF_BAND,
-        :signature_method => 'HMAC-SHA1',
-        :additional_parameters => []
+        callback:              ::Signet::OAuth1::OUT_OF_BAND,
+        signature_method:      "HMAC-SHA1",
+        additional_parameters: []
       }.merge(options)
       client_credential_key =
-        self.extract_credential_key_option(:client, options)
-      if client_credential_key == nil
-        raise ArgumentError, "Missing :client_credential_key parameter."
-      end
+        extract_credential_key_option :client, options
+      raise ArgumentError, "Missing :client_credential_key parameter." if client_credential_key.nil?
       parameters = [
         ["oauth_consumer_key", client_credential_key],
         ["oauth_signature_method", options[:signature_method]],
-        ["oauth_timestamp", self.generate_timestamp()],
-        ["oauth_nonce", self.generate_nonce()],
+        ["oauth_timestamp", generate_timestamp],
+        ["oauth_nonce", generate_nonce],
         ["oauth_version", "1.0"],
         ["oauth_callback", options[:callback]]
       ]
@@ -345,7 +336,7 @@ module Signet #:nodoc:
       options[:additional_parameters].each do |key, value|
         parameters << [key, value]
       end
-      return parameters
+      parameters
     end
 
     ##
@@ -356,28 +347,24 @@ module Signet #:nodoc:
     #   The base authorization URI.
     #
     # @return [String] The authorization URI to redirect the user to.
-    def self.generate_authorization_uri(authorization_uri, options={})
+    def self.generate_authorization_uri authorization_uri, options = {}
       options = {
-        :callback => nil,
-        :additional_parameters => {}
+        callback:              nil,
+        additional_parameters: {}
       }.merge(options)
       temporary_credential_key =
-        self.extract_credential_key_option(:temporary, options)
+        extract_credential_key_option :temporary, options
       parsed_uri = Addressable::URI.parse(authorization_uri).dup
       query_values = parsed_uri.query_values || {}
       if options[:additional_parameters]
         query_values = query_values.merge(
-          options[:additional_parameters].inject({}) { |h,(k,v)| h[k]=v; h }
+          options[:additional_parameters].each_with_object({}) { |(k, v), h| h[k] = v; }
         )
       end
-      if temporary_credential_key
-        query_values['oauth_token'] = temporary_credential_key
-      end
-      if options[:callback]
-        query_values['oauth_callback'] = options[:callback]
-      end
+      query_values["oauth_token"] = temporary_credential_key if temporary_credential_key
+      query_values["oauth_callback"] = options[:callback] if options[:callback]
       parsed_uri.query_values = query_values
-      return parsed_uri.normalize.to_s
+      parsed_uri.normalize.to_s
     end
 
     ##
@@ -397,35 +384,29 @@ module Signet #:nodoc:
     #
     # @return [Array]
     #   The parameter list as an <code>Array</code> of key/value pairs.
-    def self.unsigned_token_credential_parameters(options={})
+    def self.unsigned_token_credential_parameters options = {}
       options = {
-        :signature_method => 'HMAC-SHA1',
-        :verifier => nil
+        signature_method: "HMAC-SHA1",
+        verifier:         nil
       }.merge(options)
       client_credential_key =
-        self.extract_credential_key_option(:client, options)
+        extract_credential_key_option :client, options
       temporary_credential_key =
-        self.extract_credential_key_option(:temporary, options)
-      if client_credential_key == nil
-        raise ArgumentError, "Missing :client_credential_key parameter."
-      end
-      if temporary_credential_key == nil
-        raise ArgumentError, "Missing :temporary_credential_key parameter."
-      end
-      if options[:verifier] == nil
-        raise ArgumentError, "Missing :verifier parameter."
-      end
+        extract_credential_key_option :temporary, options
+      raise ArgumentError, "Missing :client_credential_key parameter." if client_credential_key.nil?
+      raise ArgumentError, "Missing :temporary_credential_key parameter." if temporary_credential_key.nil?
+      raise ArgumentError, "Missing :verifier parameter." if options[:verifier].nil?
       parameters = [
         ["oauth_consumer_key", client_credential_key],
         ["oauth_token", temporary_credential_key],
         ["oauth_signature_method", options[:signature_method]],
-        ["oauth_timestamp", self.generate_timestamp()],
-        ["oauth_nonce", self.generate_nonce()],
+        ["oauth_timestamp", generate_timestamp],
+        ["oauth_nonce", generate_nonce],
         ["oauth_verifier", options[:verifier]],
         ["oauth_version", "1.0"]
       ]
       # No additional parameters allowed here
-      return parameters
+      parameters
     end
 
     ##
@@ -445,35 +426,29 @@ module Signet #:nodoc:
     #
     # @return [Array]
     #   The parameter list as an <code>Array</code> of key/value pairs.
-    def self.unsigned_resource_parameters(options={})
+    def self.unsigned_resource_parameters options = {}
       options = {
-        :signature_method => 'HMAC-SHA1',
-        :two_legged => false
+        signature_method: "HMAC-SHA1",
+        two_legged:       false
       }.merge(options)
       client_credential_key =
-        self.extract_credential_key_option(:client, options)
-      if client_credential_key == nil
-        raise ArgumentError, "Missing :client_credential_key parameter."
-      end
+        extract_credential_key_option :client, options
+      raise ArgumentError, "Missing :client_credential_key parameter." if client_credential_key.nil?
       unless options[:two_legged]
         token_credential_key =
-          self.extract_credential_key_option(:token, options)
-        if token_credential_key == nil
-          raise ArgumentError, "Missing :token_credential_key parameter."
-        end
+          extract_credential_key_option :token, options
+        raise ArgumentError, "Missing :token_credential_key parameter." if token_credential_key.nil?
       end
       parameters = [
         ["oauth_consumer_key", client_credential_key],
         ["oauth_signature_method", options[:signature_method]],
-        ["oauth_timestamp", self.generate_timestamp()],
-        ["oauth_nonce", self.generate_nonce()],
+        ["oauth_timestamp", generate_timestamp],
+        ["oauth_nonce", generate_nonce],
         ["oauth_version", "1.0"]
       ]
-      unless options[:two_legged]
-        parameters << ["oauth_token", token_credential_key]
-      end
+      parameters << ["oauth_token", token_credential_key] unless options[:two_legged]
       # No additional parameters allowed here
-      return parameters
+      parameters
     end
   end
 end