simple_oauth 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.gitignore +2 -0
- data/Gemfile.lock +2 -2
- data/Rakefile +1 -0
- data/lib/simple_oauth.rb +2 -117
- data/lib/simple_oauth/core_ext/object.rb +10 -0
- data/lib/simple_oauth/header.rb +110 -0
- data/lib/simple_oauth/version.rb +8 -0
- data/simple_oauth.gemspec +3 -4
- data/test/simple_oauth_test.rb +4 -3
- metadata +16 -15
data/Gemfile.lock
CHANGED
data/Rakefile
CHANGED
data/lib/simple_oauth.rb
CHANGED
@@ -2,120 +2,5 @@ require 'base64'
|
|
2
2
|
require 'cgi'
|
3
3
|
require 'openssl'
|
4
4
|
require 'uri'
|
5
|
-
|
6
|
-
|
7
|
-
module Version
|
8
|
-
MAJOR = 0
|
9
|
-
MINOR = 1
|
10
|
-
PATCH = 2
|
11
|
-
STRING = [MAJOR, MINOR, PATCH].join('.')
|
12
|
-
end
|
13
|
-
|
14
|
-
class Header
|
15
|
-
ATTRIBUTE_KEYS = [:consumer_key, :nonce, :signature_method, :timestamp, :token, :version]
|
16
|
-
|
17
|
-
def self.default_options
|
18
|
-
{
|
19
|
-
:nonce => OpenSSL::Random.random_bytes(16).unpack('H*')[0],
|
20
|
-
:signature_method => 'HMAC-SHA1',
|
21
|
-
:timestamp => Time.now.to_i.to_s,
|
22
|
-
:version => '1.0'
|
23
|
-
}
|
24
|
-
end
|
25
|
-
|
26
|
-
def self.encode(value)
|
27
|
-
URI.encode(value.to_s, /[^a-z0-9\-\.\_\~]/i)
|
28
|
-
end
|
29
|
-
|
30
|
-
def self.decode(value)
|
31
|
-
URI.decode(value.to_s)
|
32
|
-
end
|
33
|
-
|
34
|
-
def self.parse(header)
|
35
|
-
header.to_s.sub(/^OAuth\s/, '').split(', ').inject({}) do |attributes, pair|
|
36
|
-
match = pair.match(/^(\w+)\=\"([^\"]*)\"$/)
|
37
|
-
attributes.merge(match[1].sub(/^oauth_/, '').to_sym => decode(match[2]))
|
38
|
-
end
|
39
|
-
end
|
40
|
-
|
41
|
-
attr_reader :method, :params, :options
|
42
|
-
|
43
|
-
def initialize(method, url, params, oauth = {})
|
44
|
-
@method = method.to_s.upcase
|
45
|
-
@uri = URI.parse(url).tap do |uri|
|
46
|
-
uri.scheme = uri.scheme.downcase
|
47
|
-
uri.normalize!
|
48
|
-
uri.fragment = nil
|
49
|
-
end
|
50
|
-
@params = params
|
51
|
-
@options = oauth.is_a?(Hash) ? self.class.default_options.merge(oauth) : self.class.parse(oauth)
|
52
|
-
end
|
53
|
-
|
54
|
-
def url
|
55
|
-
@uri.dup.tap{|u| u.query = nil }.to_s
|
56
|
-
end
|
57
|
-
|
58
|
-
def to_s
|
59
|
-
"OAuth #{normalized_attributes}"
|
60
|
-
end
|
61
|
-
|
62
|
-
def valid?(secrets = {})
|
63
|
-
original_options = options.dup
|
64
|
-
options.merge!(secrets)
|
65
|
-
valid = options[:signature] == signature
|
66
|
-
options.replace(original_options)
|
67
|
-
valid
|
68
|
-
end
|
69
|
-
|
70
|
-
def signed_attributes
|
71
|
-
attributes.merge(:oauth_signature => signature)
|
72
|
-
end
|
73
|
-
|
74
|
-
private
|
75
|
-
def normalized_attributes
|
76
|
-
signed_attributes.sort_by{|k,v| k.to_s }.map{|k,v| %(#{k}="#{self.class.encode(v)}") }.join(', ')
|
77
|
-
end
|
78
|
-
|
79
|
-
def attributes
|
80
|
-
ATTRIBUTE_KEYS.inject({}){|a,k| options.key?(k) ? a.merge(:"oauth_#{k}" => options[k]) : a }
|
81
|
-
end
|
82
|
-
|
83
|
-
def signature
|
84
|
-
send(options[:signature_method].downcase.tr('-', '_') + '_signature')
|
85
|
-
end
|
86
|
-
|
87
|
-
def hmac_sha1_signature
|
88
|
-
Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1.new, secret, signature_base)).chomp.gsub(/\n/, '')
|
89
|
-
end
|
90
|
-
|
91
|
-
def secret
|
92
|
-
options.values_at(:consumer_secret, :token_secret).map{|v| self.class.encode(v) }.join('&')
|
93
|
-
end
|
94
|
-
|
95
|
-
def signature_base
|
96
|
-
[method, url, normalized_params].map{|v| self.class.encode(v) }.join('&')
|
97
|
-
end
|
98
|
-
|
99
|
-
def normalized_params
|
100
|
-
signature_params.map{|p| p.map{|v| self.class.encode(v) } }.sort.map{|p| p.join('=') }.join('&')
|
101
|
-
end
|
102
|
-
|
103
|
-
def signature_params
|
104
|
-
attributes.to_a + params.to_a + url_params
|
105
|
-
end
|
106
|
-
|
107
|
-
def url_params
|
108
|
-
CGI.parse(@uri.query || '').inject([]){|p,(k,vs)| p + vs.map{|v| [k, v] } }
|
109
|
-
end
|
110
|
-
|
111
|
-
def rsa_sha1_signature
|
112
|
-
Base64.encode64(private_key.sign(OpenSSL::Digest::SHA1.new, signature_base)).chomp.gsub(/\n/, '')
|
113
|
-
end
|
114
|
-
|
115
|
-
def private_key
|
116
|
-
OpenSSL::PKey::RSA.new(options[:consumer_secret])
|
117
|
-
end
|
118
|
-
|
119
|
-
alias_method :plaintext_signature, :secret
|
120
|
-
end
|
121
|
-
end
|
5
|
+
require File.expand_path('../simple_oauth/core_ext/object', __FILE__)
|
6
|
+
require File.expand_path('../simple_oauth/header', __FILE__)
|
@@ -0,0 +1,110 @@
|
|
1
|
+
module SimpleOAuth
|
2
|
+
class Header
|
3
|
+
ATTRIBUTE_KEYS = [:consumer_key, :nonce, :signature_method, :timestamp, :token, :version] unless defined? ::SimpleOAuth::Header::ATTRIBUTE_KEYS
|
4
|
+
|
5
|
+
def self.default_options
|
6
|
+
{
|
7
|
+
:nonce => OpenSSL::Random.random_bytes(16).unpack('H*')[0],
|
8
|
+
:signature_method => 'HMAC-SHA1',
|
9
|
+
:timestamp => Time.now.to_i.to_s,
|
10
|
+
:version => '1.0'
|
11
|
+
}
|
12
|
+
end
|
13
|
+
|
14
|
+
def self.encode(value)
|
15
|
+
URI.encode(value.to_s, /[^a-z0-9\-\.\_\~]/i)
|
16
|
+
end
|
17
|
+
|
18
|
+
def self.decode(value)
|
19
|
+
URI.decode(value.to_s)
|
20
|
+
end
|
21
|
+
|
22
|
+
def self.parse(header)
|
23
|
+
header.to_s.sub(/^OAuth\s/, '').split(', ').inject({}) do |attributes, pair|
|
24
|
+
match = pair.match(/^(\w+)\=\"([^\"]*)\"$/)
|
25
|
+
attributes.merge(match[1].sub(/^oauth_/, '').to_sym => decode(match[2]))
|
26
|
+
end
|
27
|
+
end
|
28
|
+
|
29
|
+
attr_reader :method, :params, :options
|
30
|
+
|
31
|
+
def initialize(method, url, params, oauth = {})
|
32
|
+
@method = method.to_s.upcase
|
33
|
+
@uri = URI.parse(url).tap do |uri|
|
34
|
+
uri.scheme = uri.scheme.downcase
|
35
|
+
uri.normalize!
|
36
|
+
uri.fragment = nil
|
37
|
+
end
|
38
|
+
@params = params
|
39
|
+
@options = oauth.is_a?(Hash) ? self.class.default_options.merge(oauth) : self.class.parse(oauth)
|
40
|
+
end
|
41
|
+
|
42
|
+
def url
|
43
|
+
@uri.dup.tap{|u| u.query = nil }.to_s
|
44
|
+
end
|
45
|
+
|
46
|
+
def to_s
|
47
|
+
"OAuth #{normalized_attributes}"
|
48
|
+
end
|
49
|
+
|
50
|
+
def valid?(secrets = {})
|
51
|
+
original_options = options.dup
|
52
|
+
options.merge!(secrets)
|
53
|
+
valid = options[:signature] == signature
|
54
|
+
options.replace(original_options)
|
55
|
+
valid
|
56
|
+
end
|
57
|
+
|
58
|
+
def signed_attributes
|
59
|
+
attributes.merge(:oauth_signature => signature)
|
60
|
+
end
|
61
|
+
|
62
|
+
private
|
63
|
+
|
64
|
+
def normalized_attributes
|
65
|
+
signed_attributes.sort_by{|k,v| k.to_s }.map{|k,v| %(#{k}="#{self.class.encode(v)}") }.join(', ')
|
66
|
+
end
|
67
|
+
|
68
|
+
def attributes
|
69
|
+
ATTRIBUTE_KEYS.inject({}){|a,k| options.key?(k) ? a.merge(:"oauth_#{k}" => options[k]) : a }
|
70
|
+
end
|
71
|
+
|
72
|
+
def signature
|
73
|
+
send(options[:signature_method].downcase.tr('-', '_') + '_signature')
|
74
|
+
end
|
75
|
+
|
76
|
+
def hmac_sha1_signature
|
77
|
+
Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA1.new, secret, signature_base)).chomp.gsub(/\n/, '')
|
78
|
+
end
|
79
|
+
|
80
|
+
def secret
|
81
|
+
options.values_at(:consumer_secret, :token_secret).map{|v| self.class.encode(v) }.join('&')
|
82
|
+
end
|
83
|
+
alias_method :plaintext_signature, :secret
|
84
|
+
|
85
|
+
def signature_base
|
86
|
+
[method, url, normalized_params].map{|v| self.class.encode(v) }.join('&')
|
87
|
+
end
|
88
|
+
|
89
|
+
def normalized_params
|
90
|
+
signature_params.map{|p| p.map{|v| self.class.encode(v) } }.sort.map{|p| p.join('=') }.join('&')
|
91
|
+
end
|
92
|
+
|
93
|
+
def signature_params
|
94
|
+
attributes.to_a + params.to_a + url_params
|
95
|
+
end
|
96
|
+
|
97
|
+
def url_params
|
98
|
+
CGI.parse(@uri.query || '').inject([]){|p,(k,vs)| p + vs.map{|v| [k, v] } }
|
99
|
+
end
|
100
|
+
|
101
|
+
def rsa_sha1_signature
|
102
|
+
Base64.encode64(private_key.sign(OpenSSL::Digest::SHA1.new, signature_base)).chomp.gsub(/\n/, '')
|
103
|
+
end
|
104
|
+
|
105
|
+
def private_key
|
106
|
+
OpenSSL::PKey::RSA.new(options[:consumer_secret])
|
107
|
+
end
|
108
|
+
|
109
|
+
end
|
110
|
+
end
|
@@ -0,0 +1,8 @@
|
|
1
|
+
module SimpleOAuth
|
2
|
+
module Version
|
3
|
+
MAJOR = 0 unless defined? ::SimpleOAuth::Version::MAJOR
|
4
|
+
MINOR = 1 unless defined? ::SimpleOAuth::Version::MINOR
|
5
|
+
PATCH = 3 unless defined? ::SimpleOAuth::Version::PATCH
|
6
|
+
STRING = [MAJOR, MINOR, PATCH].join('.') unless defined? ::SimpleOAuth::Version::STRING
|
7
|
+
end
|
8
|
+
end
|
data/simple_oauth.gemspec
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
# -*- encoding: utf-8 -*-
|
2
|
-
require File.expand_path('../lib/simple_oauth', __FILE__)
|
2
|
+
require File.expand_path('../lib/simple_oauth/version', __FILE__)
|
3
3
|
|
4
4
|
Gem::Specification.new do |spec|
|
5
5
|
spec.add_development_dependency('mocha', '>= 0')
|
@@ -11,9 +11,8 @@ Gem::Specification.new do |spec|
|
|
11
11
|
spec.homepage = 'http://github.com/laserlemon/simple_oauth'
|
12
12
|
spec.name = 'simple_oauth'
|
13
13
|
spec.rdoc_options = ['--charset=UTF-8']
|
14
|
-
spec.
|
15
|
-
spec.
|
16
|
-
spec.summary = 'Simply builds and verifies OAuth headers'
|
14
|
+
spec.required_rubygems_version = Gem::Requirement.new('>= 1.3.6') if spec.respond_to? :required_rubygems_version=
|
15
|
+
spec.summary = spec.description
|
17
16
|
spec.test_files = `git ls-files -- test/**/*_test.rb`.split("\n")
|
18
17
|
spec.version = SimpleOAuth::Version::STRING
|
19
18
|
end
|
data/test/simple_oauth_test.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
1
2
|
require 'helper'
|
2
3
|
|
3
4
|
class SimpleOAuthTest < Test::Unit::TestCase
|
@@ -236,7 +237,7 @@ class SimpleOAuthTest < Test::Unit::TestCase
|
|
236
237
|
|
237
238
|
# The signature parameters should be sorted and the keys/values URL encoded
|
238
239
|
# first.
|
239
|
-
assert_equal signature_params.sort_by
|
240
|
+
assert_equal signature_params.sort_by{|p| p.to_s}, pairs.map{|k, v| [URI.decode(k), URI.decode(v)]}
|
240
241
|
end
|
241
242
|
|
242
243
|
def test_signature_params
|
@@ -249,8 +250,8 @@ class SimpleOAuthTest < Test::Unit::TestCase
|
|
249
250
|
# parameters into an array of key value pairs.
|
250
251
|
signature_params = header.send(:signature_params)
|
251
252
|
assert_kind_of Array, signature_params
|
252
|
-
assert_equal [:attribute, 'param', 'url_param', 'url_param'], signature_params.map
|
253
|
-
assert_equal ['ATTRIBUTE', 'PARAM', '1', '2'], signature_params.map
|
253
|
+
assert_equal [:attribute, 'param', 'url_param', 'url_param'], signature_params.map{|p| p.first}
|
254
|
+
assert_equal ['ATTRIBUTE', 'PARAM', '1', '2'], signature_params.map{|p| p.last}
|
254
255
|
end
|
255
256
|
|
256
257
|
def test_url_params
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: simple_oauth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 29
|
5
5
|
prerelease: false
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 1
|
9
|
-
-
|
10
|
-
version: 0.1.
|
9
|
+
- 3
|
10
|
+
version: 0.1.3
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Steve Richert
|
@@ -15,12 +15,10 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2010-11-
|
18
|
+
date: 2010-11-30 00:00:00 -08:00
|
19
19
|
default_executable:
|
20
20
|
dependencies:
|
21
21
|
- !ruby/object:Gem::Dependency
|
22
|
-
name: mocha
|
23
|
-
prerelease: false
|
24
22
|
requirement: &id001 !ruby/object:Gem::Requirement
|
25
23
|
none: false
|
26
24
|
requirements:
|
@@ -31,6 +29,8 @@ dependencies:
|
|
31
29
|
- 0
|
32
30
|
version: "0"
|
33
31
|
type: :development
|
32
|
+
name: mocha
|
33
|
+
prerelease: false
|
34
34
|
version_requirements: *id001
|
35
35
|
description: Simply builds and verifies OAuth headers
|
36
36
|
email: steve.richert@gmail.com
|
@@ -50,6 +50,9 @@ files:
|
|
50
50
|
- VERSION
|
51
51
|
- init.rb
|
52
52
|
- lib/simple_oauth.rb
|
53
|
+
- lib/simple_oauth/core_ext/object.rb
|
54
|
+
- lib/simple_oauth/header.rb
|
55
|
+
- lib/simple_oauth/version.rb
|
53
56
|
- simple_oauth.gemspec
|
54
57
|
- test/helper.rb
|
55
58
|
- test/rsa_private_key
|
@@ -68,23 +71,21 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
68
71
|
requirements:
|
69
72
|
- - ">="
|
70
73
|
- !ruby/object:Gem::Version
|
71
|
-
hash:
|
74
|
+
hash: 3
|
72
75
|
segments:
|
73
|
-
-
|
74
|
-
|
75
|
-
- 7
|
76
|
-
version: 1.8.7
|
76
|
+
- 0
|
77
|
+
version: "0"
|
77
78
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
78
79
|
none: false
|
79
80
|
requirements:
|
80
81
|
- - ">="
|
81
82
|
- !ruby/object:Gem::Version
|
82
|
-
hash:
|
83
|
+
hash: 23
|
83
84
|
segments:
|
84
85
|
- 1
|
85
|
-
-
|
86
|
-
-
|
87
|
-
version: 1.
|
86
|
+
- 3
|
87
|
+
- 6
|
88
|
+
version: 1.3.6
|
88
89
|
requirements: []
|
89
90
|
|
90
91
|
rubyforge_project:
|