signet 0.14.1 → 0.16.1

data/lib/signet/oauth_1/signature_methods/plaintext.rb

@@ -1,6 +1,6 @@
 require "signet"
 
-module Signet #:nodoc:
+module Signet # :nodoc:
   module OAuth1
     module PLAINTEXT
       def self.generate_signature \

data/lib/signet/oauth_1/signature_methods/rsa_sha1.rb

@@ -3,7 +3,7 @@ require "base64"
 require "openssl"
 require "signet"
 
-module Signet #:nodoc:
+module Signet # :nodoc:
   module OAuth1
     module RSASHA1
       def self.generate_signature \
@@ -11,7 +11,7 @@ module Signet #:nodoc:
 
 
         private_key = OpenSSL::PKey::RSA.new client_credential_secret
-        signature = private_key.sign OpenSSL::Digest::SHA1.new, base_string
+        signature = private_key.sign OpenSSL::Digest.new("SHA1"), base_string
         # using strict_encode64 because the encode64 method adds newline characters after ever 60 chars
         Base64.strict_encode64(signature).strip
       end

data/lib/signet/oauth_1.rb

@@ -3,7 +3,7 @@ require "signet"
 
 require "securerandom"
 
-module Signet #:nodoc:
+module Signet # :nodoc:
   module OAuth1
     OUT_OF_BAND = "oob".freeze
 
@@ -49,9 +49,8 @@ module Signet #:nodoc:
     #
     # @return [String] A random nonce.
     def self.generate_nonce
-      SecureRandom.random_bytes(16).unpack("H*").join ""
+      SecureRandom.random_bytes(16).unpack("H*").join
     end
-    # rubocop:disable Metrics/MethodLength
 
     ##
     # Processes an options <code>Hash</code> to find a credential key value.
@@ -65,7 +64,7 @@ module Signet #:nodoc:
     # @return [String] The credential key value.
     def self.extract_credential_key_option credential_type, options
       # Normalize key to String to allow indifferent access.
-      options = options.each_with_object({}) { |(k, v), accu| accu[k.to_s] = v; }
+      options = options.to_h.transform_keys(&:to_s)
       credential_key = "#{credential_type}_credential_key"
       credential = "#{credential_type}_credential"
       if options[credential_key]
@@ -107,7 +106,7 @@ module Signet #:nodoc:
     # @return [String] The credential secret value.
     def self.extract_credential_secret_option credential_type, options
       # Normalize key to String to allow indifferent access.
-      options = options.each_with_object({}) { |(k, v), accu| accu[k.to_s] = v; }
+      options = options.to_h.transform_keys(&:to_s)
       credential_secret = "#{credential_type}_credential_secret"
       credential = "#{credential_type}_credential"
       if options[credential_secret]
@@ -136,7 +135,6 @@ module Signet #:nodoc:
       end
       credential_secret
     end
-    # rubocop:enable Metrics/MethodLength
 
     ##
     # Normalizes a set of OAuth parameters according to the algorithm given
@@ -214,7 +212,7 @@ module Signet #:nodoc:
         realm = realm.gsub '"', '\"'
         parameter_list.unshift "realm=\"#{realm}\""
       end
-      "OAuth " + parameter_list.join(", ")
+      "OAuth #{parameter_list.join ', '}"
     end
 
     ##
@@ -228,7 +226,7 @@ module Signet #:nodoc:
       when /^OAuth$/i
         # Other token types may be supported eventually
         pairs = Signet.parse_auth_param_list(field_value[/^OAuth\s+(.*)$/i, 1])
-        return (pairs.each_with_object [] do |(k, v), accu|
+        (pairs.each_with_object [] do |(k, v), accu|
           if k != "realm"
             k = unencode k
             v = unencode v
@@ -274,24 +272,18 @@ module Signet #:nodoc:
       # be a temporary credential secret when obtaining a token credential
       # for the first time
       base_string = generate_base_string method, uri, parameters
-      parameters = parameters.each_with_object({}) { |(k, v), h| h[k.to_s] = v; }
+      parameters = parameters.to_h.transform_keys(&:to_s)
       signature_method = parameters["oauth_signature_method"]
       case signature_method
       when "HMAC-SHA1"
         require "signet/oauth_1/signature_methods/hmac_sha1"
-        return Signet::OAuth1::HMACSHA1.generate_signature(
-          base_string, client_credential_secret, token_credential_secret
-        )
+        Signet::OAuth1::HMACSHA1.generate_signature base_string, client_credential_secret, token_credential_secret
       when "RSA-SHA1"
         require "signet/oauth_1/signature_methods/rsa_sha1"
-        return Signet::OAuth1::RSASHA1.generate_signature(
-          base_string, client_credential_secret, token_credential_secret
-        )
+        Signet::OAuth1::RSASHA1.generate_signature base_string, client_credential_secret, token_credential_secret
       when "PLAINTEXT"
         require "signet/oauth_1/signature_methods/plaintext"
-        return Signet::OAuth1::PLAINTEXT.generate_signature(
-          base_string, client_credential_secret, token_credential_secret
-        )
+        Signet::OAuth1::PLAINTEXT.generate_signature base_string, client_credential_secret, token_credential_secret
       else
         raise NotImplementedError,
               "Unsupported signature method: #{signature_method}"
@@ -396,7 +388,7 @@ module Signet #:nodoc:
       raise ArgumentError, "Missing :client_credential_key parameter." if client_credential_key.nil?
       raise ArgumentError, "Missing :temporary_credential_key parameter." if temporary_credential_key.nil?
       raise ArgumentError, "Missing :verifier parameter." if options[:verifier].nil?
-      parameters = [
+      [
         ["oauth_consumer_key", client_credential_key],
         ["oauth_token", temporary_credential_key],
         ["oauth_signature_method", options[:signature_method]],
@@ -405,8 +397,6 @@ module Signet #:nodoc:
         ["oauth_verifier", options[:verifier]],
         ["oauth_version", "1.0"]
       ]
-      # No additional parameters allowed here
-      parameters
     end
 
     ##

data/lib/signet/oauth_2/client.rb

@@ -110,9 +110,6 @@ module Signet
         @access_type          = nil
         update! options
       end
-      # rubocop:disable Metrics/AbcSize
-      # rubocop:disable Metrics/CyclomaticComplexity
-      # rubocop:disable Metrics/PerceivedComplexity
 
       ##
       # Updates an OAuth 2.0 client.
@@ -202,13 +199,10 @@ module Signet
         self.signing_key = options[:signing_key] if options.key? :signing_key
         self.extension_parameters = options[:extension_parameters] || {}
         self.additional_parameters = options[:additional_parameters] || {}
-        self.access_type = options.fetch(:access_type) { :offline }
+        self.access_type = options.fetch :access_type, :offline
         update_token! options
         self
       end
-      # rubocop:enable Metrics/AbcSize
-      # rubocop:enable Metrics/CyclomaticComplexity
-      # rubocop:enable Metrics/PerceivedComplexity
 
       ##
       # Updates an OAuth 2.0 client.
@@ -261,10 +255,6 @@ module Signet
 
         self
       end
-      # rubocop:disable Metrics/AbcSize
-      # rubocop:disable Metrics/CyclomaticComplexity
-      # rubocop:disable Metrics/MethodLength
-      # rubocop:disable Metrics/PerceivedComplexity
 
       ##
       # Returns the authorization URI that the user should be redirected to.
@@ -290,9 +280,7 @@ module Signet
         options[:state] = state unless options[:state]
         options.merge!(additional_parameters.merge(options[:additional_parameters] || {}))
         options.delete :additional_parameters
-        options = Hash[options.map do |key, option|
-          [key.to_s, option]
-        end]
+        options = options.transform_keys(&:to_s)
         uri = Addressable::URI.parse(
           ::Signet::OAuth2.generate_authorization_uri(
             @authorization_uri, options
@@ -304,10 +292,6 @@ module Signet
         end
         uri
       end
-      # rubocop:enable Metrics/AbcSize
-      # rubocop:enable Metrics/CyclomaticComplexity
-      # rubocop:enable Metrics/MethodLength
-      # rubocop:enable Metrics/PerceivedComplexity
 
       ##
       # Sets the authorization URI for this client.
@@ -423,7 +407,7 @@ module Signet
           end
           @scope = new_scope
         when String
-          @scope = new_scope.split " "
+          @scope = new_scope.split
         when nil
           @scope = nil
         else
@@ -793,12 +777,12 @@ module Signet
       # @param [String, Integer, nil] new_expires_in
       #   The access token lifetime.
       def expires_in= new_expires_in
-        if !new_expires_in.nil?
-          @issued_at = Time.now
-          @expires_at = @issued_at + new_expires_in.to_i
-        else
+        if new_expires_in.nil?
           @expires_at = nil
           @issued_at = nil
+        else
+          @issued_at = Time.now
+          @expires_at = @issued_at + new_expires_in.to_i
         end
       end
 
@@ -896,13 +880,13 @@ module Signet
       end
 
       def grant_type= new_grant_type
-        case new_grant_type
-        when "authorization_code", "refresh_token",
-            "password", "client_credentials"
-          @grant_type = new_grant_type
-        else
-          @grant_type = Addressable::URI.parse new_grant_type
-        end
+        @grant_type =
+          case new_grant_type
+          when "authorization_code", "refresh_token", "password", "client_credentials"
+            new_grant_type
+          else
+            Addressable::URI.parse new_grant_type
+          end
       end
 
       def to_jwt options = {}
@@ -922,8 +906,6 @@ module Signet
         assertion["sub"] = sub unless sub.nil?
         JWT.encode assertion, signing_key, signing_algorithm
       end
-      # rubocop:disable Style/MethodDefParentheses
-      # rubocop:disable Metrics/AbcSize
 
       ##
       # Serialize the client object to JSON.
@@ -931,7 +913,7 @@ module Signet
       # @note A serialized client contains sensitive information. Persist or transmit with care.
       #
       # @return [String] A serialized JSON representation of the client.
-      def to_json(*)
+      def to_json *_args
         MultiJson.dump(
           "authorization_uri"    => authorization_uri ? authorization_uri.to_s : nil,
           "token_credential_uri" => token_credential_uri ? token_credential_uri.to_s : nil,
@@ -956,10 +938,6 @@ module Signet
           "extension_parameters" => extension_parameters
         )
       end
-      # rubocop:enable Style/MethodDefParentheses
-      # rubocop:disable Metrics/CyclomaticComplexity
-      # rubocop:disable Metrics/MethodLength
-      # rubocop:disable Metrics/PerceivedComplexity
 
       ##
       # Generates a request for token credentials.
@@ -994,8 +972,8 @@ module Signet
           end
           parameters.merge! extension_parameters
         end
-        parameters["client_id"] = client_id unless client_id.nil?
-        parameters["client_secret"] = client_secret unless client_secret.nil?
+        parameters["client_id"] = client_id if !options[:use_basic_auth] && !client_id.nil?
+        parameters["client_secret"] = client_secret if !options[:use_basic_auth] && !client_secret.nil?
         if options[:scope]
           parameters["scope"] = options[:scope]
         elsif options[:use_configured_scope] && !scope.nil?
@@ -1005,8 +983,6 @@ module Signet
         additional.each { |k, v| parameters[k.to_s] = v }
         parameters
       end
-      # rubocop:enable Metrics/CyclomaticComplexity
-      # rubocop:enable Metrics/PerceivedComplexity
 
       def fetch_access_token options = {}
         raise ArgumentError, "Missing token endpoint URI." if token_credential_uri.nil?
@@ -1014,10 +990,18 @@ module Signet
         options = deep_hash_normalize options
 
         client = options[:connection] ||= Faraday.default_connection
-        url = Addressable::URI.parse(token_credential_uri).normalize.to_s
+        url = Addressable::URI.parse token_credential_uri
         parameters = generate_access_token_request options
         if client.is_a? Faraday::Connection
-          response = client.post url,
+          if options[:use_basic_auth]
+            # The Basic Auth middleware usage differs before and after Faraday v2
+            if Gem::Version.new(Faraday::VERSION).segments.first >= 2
+              client.request :authorization, :basic, client_id, client_secret
+            else
+              client.request :basic_auth, client_id, client_secret
+            end
+          end
+          response = client.post url.normalize.to_s,
                                  Addressable::URI.form_encode(parameters),
                                  "Content-Type" => "application/x-www-form-urlencoded"
           status = response.status.to_i
@@ -1025,7 +1009,11 @@ module Signet
           content_type = response.headers["Content-type"]
         else
           # Hurley
-          response = client.post url, parameters
+          if options[:use_basic_auth]
+            url.user = client_id
+            url.password = client_secret
+          end
+          response = client.post url.normalize.to_s, parameters
           status = response.status_code.to_i
           body = response.body
           content_type = response.header[:content_type]
@@ -1035,20 +1023,16 @@ module Signet
 
         message = "  Server message:\n#{response.body.to_s.strip}" unless body.to_s.strip.empty?
         if [400, 401, 403].include? status
-          message = "Authorization failed." + message
-          raise ::Signet::AuthorizationError.new(
-            message, response: response
-          )
+          message = "Authorization failed.#{message}"
+          raise ::Signet::AuthorizationError.new message, response: response
         elsif status.to_s[0] == "5"
-          message = "Remote server error." + message
+          message = "Remote server error.#{message}"
           raise ::Signet::RemoteServerError, message
         else
-          message = "Unexpected status code: #{response.status}." + message
+          message = "Unexpected status code: #{response.status}.#{message}"
           raise ::Signet::UnexpectedStatusError, message
         end
       end
-      # rubocop:enable Metrics/AbcSize
-      # rubocop:enable Metrics/MethodLength
 
       def fetch_access_token! options = {}
         token_hash = fetch_access_token options
@@ -1068,9 +1052,6 @@ module Signet
       def refresh! options = {}
         fetch_access_token! options
       end
-      # rubocop:disable Metrics/AbcSize
-      # rubocop:disable Metrics/MethodLength
-      # rubocop:disable Metrics/PerceivedComplexity
 
       ##
       # Generates an authenticated request for protected resources.
@@ -1137,9 +1118,6 @@ module Signet
         request["Cache-Control"] = "no-store"
         request
       end
-      # rubocop:enable Metrics/AbcSize
-      # rubocop:enable Metrics/MethodLength
-      # rubocop:enable Metrics/PerceivedComplexity
 
       ##
       # Transmits a request for a protected resource.

data/lib/signet/oauth_2.rb

@@ -16,7 +16,7 @@ require "base64"
 require "signet"
 require "multi_json"
 
-module Signet #:nodoc:
+module Signet # :nodoc:
   ##
   # An implementation of http://tools.ietf.org/html/draft-ietf-oauth-v2-10
   #
@@ -28,10 +28,10 @@ module Signet #:nodoc:
       case auth_scheme
       when /^Basic$/i
         # HTTP Basic is allowed in OAuth 2
-        return parse_basic_credentials(field_value[/^Basic\s+(.*)$/i, 1])
+        parse_basic_credentials(field_value[/^Basic\s+(.*)$/i, 1])
       when /^OAuth$/i
         # Other token types may be supported eventually
-        return parse_bearer_credentials(field_value[/^OAuth\s+(.*)$/i, 1])
+        parse_bearer_credentials(field_value[/^OAuth\s+(.*)$/i, 1])
       else
         raise ParseError,
               "Parsing non-OAuth Authorization headers is out of scope."
@@ -43,7 +43,7 @@ module Signet #:nodoc:
       case auth_scheme
       when /^OAuth$/i
         # Other token types may be supported eventually
-        return parse_oauth_challenge(field_value[/^OAuth\s+(.*)$/i, 1])
+        parse_oauth_challenge(field_value[/^OAuth\s+(.*)$/i, 1])
       else
         raise ParseError,
               "Parsing non-OAuth WWW-Authenticate headers is out of scope."
@@ -76,9 +76,9 @@ module Signet #:nodoc:
       raise TypeError, "Expected String, got #{body.class}." unless body.is_a? String
       case content_type
       when %r{^application/json.*}
-        return MultiJson.load body
+        MultiJson.load body
       when %r{^application/x-www-form-urlencoded.*}
-        return Hash[Addressable::URI.form_unencode(body)]
+        Hash[Addressable::URI.form_unencode(body)]
       else
         raise ArgumentError, "Invalid content type '#{content_type}'"
       end
@@ -100,9 +100,8 @@ module Signet #:nodoc:
         raise ArgumentError,
               "A client identifier may not contain a ':' character."
       end
-      "Basic " + Base64.encode64(
-        client_id + ":" + client_password
-      ).delete("\n")
+      token = Base64.encode64("#{client_id}:#{client_password}").delete("\n")
+      "Basic #{token}"
     end
 
     ##
@@ -121,11 +120,8 @@ module Signet #:nodoc:
       # TODO: escaping?
       header = "Bearer #{access_token}"
       if auth_params && !auth_params.empty?
-        header += (", " +
-          (auth_params.each_with_object [] do |(key, value), accu|
-            accu << "#{key}=\"#{value}\""
-          end).join(", ")
-                  )
+        additional_headers = auth_params.map { |key, value| "#{key}=\"#{value}\"" }
+        header = ([header] + additional_headers).join ", "
       end
       header
     end

data/lib/signet/version.rb

@@ -13,5 +13,5 @@
 #    limitations under the License.
 
 module Signet
-  VERSION = "0.14.1".freeze
+  VERSION = "0.16.1".freeze
 end

data/lib/signet.rb

@@ -14,9 +14,7 @@
 
 require "signet/version"
 
-module Signet #:nodoc:
-  # rubocop:disable Metrics/AbcSize
-  # rubocop:disable Metrics/MethodLength
+module Signet # :nodoc:
   def self.parse_auth_param_list auth_param_string
     # Production rules from:
     # http://tools.ietf.org/html/draft-ietf-httpbis-p1-messaging-12
@@ -54,11 +52,12 @@ module Signet #:nodoc:
     # Now parse the auth-param pair strings & turn them into key-value pairs.
     (auth_param_pairs.each_with_object [] do |pair, accu|
       name, value = pair.split "=", 2
-      if value =~ /^".*"$/
+      case value
+      when /^".*"$/
         value = value.gsub(/^"(.*)"$/, '\1').gsub(/\\(.)/, '\1')
-      elsif value =~ /^'.*'$/
+      when /^'.*'$/
         value = value.gsub(/^'(.*)'$/, '\1').gsub(/\\(.)/, '\1')
-      elsif value =~ %r{[\(\)<>@,;:\\\"/\[\]?={}]}
+      when %r{[()<>@,;:\\"/\[\]?={}]}
         # Certain special characters are not allowed
         raise ParseError,
               "Unexpected characters in auth param " \
@@ -68,6 +67,4 @@ module Signet #:nodoc:
       accu << [name, value]
     end)
   end
-  # rubocop:enable Metrics/AbcSize
-  # rubocop:enable Metrics/MethodLength
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: signet
 version: !ruby/object:Gem::Version
-  version: 0.14.1
+  version: 0.16.1
 platform: ruby
 authors:
 - Bob Aman
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-01-27 00:00:00.000000000 Z
+date: 2022-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -17,34 +17,34 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: '2.8'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.3'
+        version: '2.8'
 - !ruby/object:Gem::Dependency
   name: faraday
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.17.3
+        version: 0.17.5
     - - "<"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.17.3
+        version: 0.17.5
     - - "<"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: jwt
   requirement: !ruby/object:Gem::Requirement
@@ -85,14 +85,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.3'
+        version: 1.25.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.3'
+        version: 1.25.1
 - !ruby/object:Gem::Dependency
   name: kramdown
   requirement: !ruby/object:Gem::Requirement
@@ -127,14 +127,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '13.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '13.0'
+- !ruby/object:Gem::Dependency
+  name: redcarpet
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -192,11 +206,12 @@ extensions: []
 extra_rdoc_files:
 - README.md
 files:
+- ".yardopts"
 - CHANGELOG.md
-- Gemfile
+- CODE_OF_CONDUCT.md
 - LICENSE
 - README.md
-- Rakefile
+- SECURITY.md
 - lib/signet.rb
 - lib/signet/errors.rb
 - lib/signet/oauth_1.rb
@@ -209,26 +224,11 @@ files:
 - lib/signet/oauth_2.rb
 - lib/signet/oauth_2/client.rb
 - lib/signet/version.rb
-- signet.gemspec
-- spec/signet/oauth_1/client_spec.rb
-- spec/signet/oauth_1/credential_spec.rb
-- spec/signet/oauth_1/server_spec.rb
-- spec/signet/oauth_1/signature_methods/hmac_sha1_spec.rb
-- spec/signet/oauth_1/signature_methods/plaintext_spec.rb
-- spec/signet/oauth_1/signature_methods/rsa_sha1_spec.rb
-- spec/signet/oauth_1_spec.rb
-- spec/signet/oauth_2/client_spec.rb
-- spec/signet/oauth_2_spec.rb
-- spec/signet_spec.rb
-- spec/spec.opts
-- spec/spec_helper.rb
-- spec/spec_helper_spec.rb
-- website/index.html
 homepage: https://github.com/googleapis/signet
 licenses:
 - Apache-2.0
 metadata:
-  changelog_uri: https://github.com/googleapis/signet/blob/master/CHANGELOG.md
+  changelog_uri: https://github.com/googleapis/signet/blob/main/CHANGELOG.md
   source_code_uri: https://github.com/googleapis/signet
   bug_tracker_uri: https://github.com/googleapis/signet/issues
 post_install_message: 
@@ -241,14 +241,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.4.0
+      version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: 1.3.5
 requirements: []
-rubygems_version: 3.2.6
+rubygems_version: 3.3.5
 signing_key: 
 specification_version: 4
 summary: Signet is an OAuth 1.0 / OAuth 2.0 implementation.

data/Gemfile

@@ -1,8 +0,0 @@
-source "https://rubygems.org"
-
-gemspec
-
-gem "bundler", ">= 1.15"
-gem "gems", "~> 1.2"
-gem "hurley"
-gem "jruby-openssl", platforms: :jruby