simple_oauth 0.2.0 → 0.3.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 3094ba98c7ac1b573727f0c7e1e420d6a2f4d8fc
+  data.tar.gz: 8653e61a74dd4ae0622100fa275627ac3f40c4ca
+SHA512:
+  metadata.gz: 761b9e2cba618d77b811dcf1441e357cf7e0dac191ba138f2ecfd2949373ec4772f99aeb3eb8d087810bb21b8f29562b4fbc6c814bad3068632cd35b2671efd4
+  data.tar.gz: 112cb20fc8bf10a1fcec15fd3a40e248c05c897d21668ba31a87b4deac57c682b93ef37c253d43208e02da031c8c858b4d01d7105b6b42c5750274768fe4de5e

data/.gitignore

@@ -1,9 +1,10 @@
 *.rbc
-.bundle
 .DS_Store
+.bundle
 .yardoc
+Gemfile.lock
 coverage
 doc
-Gemfile.lock
+measurement
 pkg
 rdoc

data/.rspec

@@ -1,3 +1,2 @@
 --color
---fail-fast
 --order random

data/.rubocop.yml

@@ -0,0 +1,54 @@
+Metrics/BlockNesting:
+  Max: 1
+
+Metrics/LineLength:
+  AllowURI: true
+  Enabled: false
+
+Metrics/MethodLength:
+  CountComments: false
+  Max: 7
+
+Metrics/ParameterLists:
+  Max: 4
+  CountKeywordArgs: true
+
+Style/AccessModifierIndentation:
+  EnforcedStyle: outdent
+
+Style/CollectionMethods:
+  PreferredMethods:
+    map:      'collect'
+    reduce:   'inject'
+    find:     'detect'
+    find_all: 'select'
+
+Style/Documentation:
+  Enabled: false
+
+Style/DotPosition:
+  EnforcedStyle: trailing
+
+Style/DoubleNegation:
+  Enabled: false
+
+Style/EachWithObject:
+  Enabled: false
+
+Style/Encoding:
+  Enabled: false
+
+Style/HashSyntax:
+  EnforcedStyle: hash_rockets
+
+Style/Lambda:
+  Enabled: false
+
+Style/RaiseArgs:
+  EnforcedStyle: compact
+
+Style/SpaceInsideHashLiteralBraces:
+  EnforcedStyle: no_space
+
+Style/TrailingComma:
+  EnforcedStyleForMultiline: 'comma'

data/.travis.yml

@@ -1,10 +1,21 @@
 language: ruby
+env:
+  global:
+    - JRUBY_OPTS="$JRUBY_OPTS --debug"
 rvm:
-  - rbx-18mode
-  - rbx-19mode
-  - jruby-18mode
-  - jruby-19mode
   - 1.8.7
-  - 1.9.2
   - 1.9.3
+  - 2.0.0
+  - 2.1
+  - jruby-18mode
+  - jruby-19mode
+  - jruby-head
+  - rbx-2
   - ruby-head
+matrix:
+  allow_failures:
+    - rvm: jruby-head
+    - rvm: rbx-2
+    - rvm: ruby-head
+  fast_finish: true
+sudo: false

data/.yardopts

@@ -1,4 +1,5 @@
 --markup markdown
 -
-HISTORY.md
+CONTRIBUTING.md
 LICENSE.md
+README.md

data/Gemfile

@@ -1,7 +1,17 @@
 source 'https://rubygems.org'
 
-platforms :jruby do
-  gem 'jruby-openssl', '~> 0.7'
+gem 'jruby-openssl', :platforms => :jruby
+gem 'rake'
+
+group :test do
+  gem 'backports'
+  gem 'coveralls'
+  gem 'mime-types', '~> 1.25', :platforms => [:jruby, :ruby_18]
+  gem 'rest-client', '~> 1.6.0', :platforms => [:jruby, :ruby_18]
+  gem 'rspec', '>= 2.14'
+  gem 'rubocop', '>= 0.25', :platforms => [:ruby_19, :ruby_20, :ruby_21]
+  gem 'simplecov', '>= 0.9'
+  gem 'yardstick'
 end
 
 gemspec

data/{LICENSE → LICENSE.md}

@@ -1,6 +1,4 @@
-Copyright (c) 2010 Steve Richert, Erik Michaels-Ober
-
-MIT License
+Copyright (c) 2010-2013 Steve Richert, Erik Michaels-Ober
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/README.md

@@ -1,4 +1,16 @@
-# simple_oauth [![Build Status](https://secure.travis-ci.org/laserlemon/simple_oauth.png)](http://travis-ci.org/laserlemon/simple_oauth) [![Dependency Status](https://gemnasium.com/laserlemon/simple_oauth.png)](https://gemnasium.com/laserlemon/simple_oauth)
+# simple_oauth
+
+[![Gem Version](http://img.shields.io/gem/v/simple_oauth.svg)][gem]
+[![Build Status](http://img.shields.io/travis/laserlemon/simple_oauth.svg)][travis]
+[![Dependency Status](http://img.shields.io/gemnasium/laserlemon/simple_oauth.svg)][gemnasium]
+[![Code Climate](http://img.shields.io/codeclimate/github/laserlemon/simple_oauth.svg)][codeclimate]
+[![Coverage Status](http://img.shields.io/coveralls/laserlemon/simple_oauth.svg)][coveralls]
+
+[gem]: https://rubygems.org/gems/simple_oauth
+[travis]: http://travis-ci.org/laserlemon/simple_oauth
+[gemnasium]: https://gemnasium.com/laserlemon/simple_oauth
+[codeclimate]: https://codeclimate.com/github/laserlemon/simple_oauth
+[coveralls]: https://coveralls.io/r/laserlemon/simple_oauth
 
 Simply builds and verifies OAuth headers
 
@@ -8,14 +20,13 @@ against](http://travis-ci.org/laserlemon/simple_oauth) the following Ruby
 implementations:
 
 * Ruby 1.8.7
-* Ruby 1.9.2
 * Ruby 1.9.3
-* Ruby head
-* [JRuby](http://www.jruby.org/)
+* Ruby 2.0.0
+* Ruby 2.1
+* [JRuby](http://jruby.org/)
 * [Rubinius](http://rubini.us/)
 
-If something doesn't work on one of these interpreters, it should be considered
-a bug.
+If something doesn't work on one of these interpreters, it's a bug.
 
 This library may inadvertently work (or seem to work) on other Ruby
 implementations, however support will only be provided for the versions listed
@@ -24,10 +35,10 @@ above.
 If you would like this library to support another Ruby version, you may
 volunteer to be a maintainer. Being a maintainer entails making sure all tests
 run and pass on that implementation. When something breaks on your
-implementation, you will be personally responsible for providing patches in a
-timely fashion. If critical issues for a particular implementation exist at the
-time of a major release, support for that Ruby version may be dropped.
+implementation, you will be responsible for providing patches in a timely
+fashion. If critical issues for a particular implementation exist at the time
+of a major release, support for that Ruby version may be dropped.
 
 ## Copyright
-Copyright (c) 2010 Steve Richert, Erik Michaels-Ober.
-See [LICENSE](https://github.com/laserlemon/simple_oauth/blob/master/LICENSE) for details.
+Copyright (c) 2010-2013 Steve Richert, Erik Michaels-Ober. See
+[LICENSE](LICENSE.md) for details.

data/Rakefile

@@ -3,4 +3,25 @@ require 'rspec/core/rake_task'
 
 RSpec::Core::RakeTask.new(:spec)
 
-task :default => :spec
+task :test => :spec
+
+begin
+  require 'rubocop/rake_task'
+  RuboCop::RakeTask.new
+rescue LoadError
+  task :rubocop do
+    $stderr.puts 'RuboCop is disabled'
+  end
+end
+
+require 'yardstick/rake/measurement'
+Yardstick::Rake::Measurement.new do |measurement|
+  measurement.output = 'measurement/report.txt'
+end
+
+require 'yardstick/rake/verify'
+Yardstick::Rake::Verify.new do |verify|
+  verify.threshold = 47
+end
+
+task :default => [:spec, :rubocop, :verify_measurements]

data/lib/simple_oauth/header.rb

@@ -14,33 +14,32 @@ module SimpleOAuth
           :nonce => OpenSSL::Random.random_bytes(16).unpack('H*')[0],
           :signature_method => 'HMAC-SHA1',
           :timestamp => Time.now.to_i.to_s,
-          :version => '1.0'
+          :version => '1.0',
         }
       end
 
       def parse(header)
         header.to_s.sub(/^OAuth\s/, '').split(/,\s*/).inject({}) do |attributes, pair|
           match = pair.match(/^(\w+)\=\"([^\"]*)\"$/)
-          attributes.merge(match[1].sub(/^oauth_/, '').to_sym => decode(match[2]))
+          attributes.merge(match[1].sub(/^oauth_/, '').to_sym => unescape(match[2]))
         end
       end
 
       def escape(value)
         uri_parser.escape(value.to_s, /[^a-z0-9\-\.\_\~]/i)
       end
-      alias encode escape
+      alias_method :encode, :escape
 
       def unescape(value)
         uri_parser.unescape(value.to_s)
       end
-      alias decode unescape
+      alias_method :decode, :unescape
 
     private
 
       def uri_parser
         @uri_parser ||= URI.const_defined?(:Parser) ? URI::Parser.new : URI
       end
-
     end
 
     def initialize(method, url, params, oauth = {})
@@ -78,11 +77,16 @@ module SimpleOAuth
   private
 
     def normalized_attributes
-      signed_attributes.sort_by{|k,v| k.to_s }.map{|k,v| %(#{k}="#{self.class.encode(v)}") }.join(', ')
+      signed_attributes.sort_by { |k, _| k.to_s }.collect { |k, v| %(#{k}="#{self.class.escape(v)}") }.join(', ')
     end
 
     def attributes
-      ATTRIBUTE_KEYS.inject({}){|a,k| options[k] ? a.merge(:"oauth_#{k}" => options[k]) : a }
+      matching_keys, extra_keys = options.keys.partition { |key| ATTRIBUTE_KEYS.include?(key) }
+      if options[:ignore_extra_keys] || extra_keys.empty?
+        Hash[options.select { |key, _value| matching_keys.include?(key) }.collect { |key, value| [:"oauth_#{key}", value] }]
+      else
+        fail "SimpleOAuth: Found extra option keys not matching ATTRIBUTE_KEYS:\n  [#{extra_keys.collect(&:inspect).join(', ')}]"
+      end
     end
 
     def signature
@@ -94,16 +98,16 @@ module SimpleOAuth
     end
 
     def secret
-      options.values_at(:consumer_secret, :token_secret).map{|v| self.class.encode(v) }.join('&')
+      options.values_at(:consumer_secret, :token_secret).collect { |v| self.class.escape(v) }.join('&')
     end
     alias_method :plaintext_signature, :secret
 
     def signature_base
-      [method, url, normalized_params].map{|v| self.class.encode(v) }.join('&')
+      [method, url, normalized_params].collect { |v| self.class.escape(v) }.join('&')
     end
 
     def normalized_params
-      signature_params.map{|p| p.map{|v| self.class.encode(v) } }.sort.map{|p| p.join('=') }.join('&')
+      signature_params.collect { |p| p.collect { |v| self.class.escape(v) } }.sort.collect { |p| p.join('=') }.join('&')
     end
 
     def signature_params
@@ -111,7 +115,7 @@ module SimpleOAuth
     end
 
     def url_params
-      CGI.parse(@uri.query || '').inject([]){|p,(k,vs)| p + vs.sort.map{|v| [k, v] } }
+      CGI.parse(@uri.query || '').inject([]) { |p, (k, vs)| p + vs.sort.collect { |v| [k, v] } }
     end
 
     def rsa_sha1_signature
@@ -121,6 +125,5 @@ module SimpleOAuth
     def private_key
       OpenSSL::PKey::RSA.new(options[:consumer_secret])
     end
-
   end
 end

data/simple_oauth.gemspec

@@ -1,21 +1,15 @@
-# encoding: utf-8
-
 Gem::Specification.new do |spec|
+  spec.add_development_dependency 'bundler', '~> 1.0'
   spec.name    = 'simple_oauth'
-  spec.version = '0.2.0'
+  spec.version = '0.3.0'
 
-  spec.authors     = ["Steve Richert", "Erik Michaels-Ober"]
-  spec.email       = ['steve.richert@gmail.com', 'sferik@gmail.com']
+  spec.authors     = ['Steve Richert', 'Erik Michaels-Ober']
+  spec.email       = %w(steve.richert@gmail.com sferik@gmail.com)
   spec.description = 'Simply builds and verifies OAuth headers'
   spec.summary     = spec.description
   spec.homepage    = 'https://github.com/laserlemon/simple_oauth'
-  spec.licenses    = ['MIT']
-
-  spec.add_development_dependency 'rake'
-  spec.add_development_dependency 'rspec', '>= 2'
-  spec.add_development_dependency 'simplecov'
+  spec.licenses    = %w(MIT)
 
-  spec.files         = `git ls-files`.split($\)
-  spec.test_files    = spec.files.grep(/^test\//)
-  spec.require_paths = ["lib"]
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.start_with?('test/') }
+  spec.require_paths = %w(lib)
 end

data/spec/helper.rb

@@ -1,7 +1,12 @@
-unless ENV['CI']
+if RUBY_VERSION >= '1.9'
   require 'simplecov'
+  require 'coveralls'
+
+  SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[SimpleCov::Formatter::HTMLFormatter, Coveralls::SimpleCov::Formatter]
+
   SimpleCov.start do
-    add_filter 'spec'
+    add_filter '/spec/'
+    minimum_coverage(100)
   end
 end
 
@@ -18,4 +23,4 @@ RSpec.configure do |config|
   end
 end
 
-Dir[File.expand_path('../support/**/*.rb', __FILE__)].each{|f| require f }
+Dir[File.expand_path('../support/**/*.rb', __FILE__)].each { |f| require f }

data/spec/simple_oauth/header_spec.rb

@@ -3,27 +3,27 @@
 require 'helper'
 
 describe SimpleOAuth::Header do
-  describe ".default_options" do
-    let(:default_options){ SimpleOAuth::Header.default_options }
+  describe '.default_options' do
+    let(:default_options) { SimpleOAuth::Header.default_options }
 
-    it "is different every time" do
+    it 'is different every time' do
       expect(SimpleOAuth::Header.default_options).not_to eq default_options
     end
 
-    it "is used for new headers" do
-      SimpleOAuth::Header.stub(:default_options => default_options)
+    it 'is used for new headers' do
+      allow(SimpleOAuth::Header).to receive(:default_options).and_return(default_options)
       header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {})
       expect(header.options).to eq default_options
     end
 
-    it "includes a signature method and an OAuth version" do
+    it 'includes a signature method and an OAuth version' do
       expect(default_options[:signature_method]).not_to be_nil
       expect(default_options[:version]).not_to be_nil
     end
   end
 
-  describe ".escape" do
-    it "escapes (most) non-word characters" do
+  describe '.escape' do
+    it 'escapes (most) non-word characters' do
       [' ', '!', '@', '#', '$', '%', '^', '&'].each do |character|
         escaped = SimpleOAuth::Header.escape(character)
         expect(escaped).not_to eq character
@@ -31,7 +31,7 @@ describe SimpleOAuth::Header do
       end
     end
 
-    it "does not escape - . or ~" do
+    it 'does not escape - . or ~' do
       ['-', '.', '~'].each do |character|
         escaped = SimpleOAuth::Header.escape(character)
         expect(escaped).to eq character
@@ -39,11 +39,11 @@ describe SimpleOAuth::Header do
     end
 
     def self.test_special_characters
-      it "escapes non-ASCII characters" do
+      it 'escapes non-ASCII characters' do
         expect(SimpleOAuth::Header.escape('é')).to eq '%C3%A9'
       end
 
-      it "escapes multibyte characters" do
+      it 'escapes multibyte characters' do
         expect(SimpleOAuth::Header.escape('あ')).to eq '%E3%81%82'
       end
     end
@@ -53,35 +53,35 @@ describe SimpleOAuth::Header do
     else
       %w(n N e E s S u U).each do |kcode|
         describe %(when $KCODE = "#{kcode}") do
-          original_kcode = $KCODE
+          original_kcode = $KCODE # rubocop:disable GlobalVars
           begin
-            $KCODE = kcode
+            $KCODE = kcode # rubocop:disable GlobalVars
             test_special_characters
           ensure
-            $KCODE = original_kcode
+            $KCODE = original_kcode # rubocop:disable GlobalVars
           end
         end
       end
     end
   end
 
-  describe ".unescape" do
+  describe '.unescape' do
     pending
   end
 
-  describe ".parse" do
-    let(:header){ SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}) }
-    let(:parsed_options){ SimpleOAuth::Header.parse(header) }
+  describe '.parse' do
+    let(:header) { SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}) }
+    let(:parsed_options) { SimpleOAuth::Header.parse(header) }
 
-    it "returns a hash" do
+    it 'returns a hash' do
       expect(parsed_options).to be_a(Hash)
     end
 
-    it "includes the options used to build the header" do
-      expect(parsed_options.reject{|k,_| k == :signature }).to eq header.options
+    it 'includes the options used to build the header' do
+      expect(parsed_options.reject { |k, _| k == :signature }).to eq header.options
     end
 
-    it "includes a signature" do
+    it 'includes a signature' do
       expect(header.options).not_to have_key(:signature)
       expect(parsed_options).to have_key(:signature)
       expect(parsed_options[:signature]).not_to be_nil
@@ -106,46 +106,47 @@ describe SimpleOAuth::Header do
     end
   end
 
-  describe "#initialize" do
-    let(:header){ SimpleOAuth::Header.new(:get, 'HTTPS://api.TWITTER.com:443/1/statuses/friendships.json?foo=bar#anchor', {}) }
+  describe '#initialize' do
+    let(:header) { SimpleOAuth::Header.new(:get, 'HTTPS://api.TWITTER.com:443/1/statuses/friendships.json?foo=bar#anchor', {}) }
 
-    it "stringifies and uppercases the request method" do
+    it 'stringifies and uppercases the request method' do
       expect(header.method).to eq 'GET'
     end
 
-    it "downcases the scheme and authority" do
-      expect(header.url).to match %r(^https://api\.twitter\.com/)
+    it 'downcases the scheme and authority' do
+      expect(header.url).to match %r{^https://api\.twitter\.com/}
     end
 
-    it "ignores the query and fragment" do
-      expect(header.url).to match %r(/1/statuses/friendships\.json$)
+    it 'ignores the query and fragment' do
+      expect(header.url).to match %r{/1/statuses/friendships\.json$}
     end
   end
 
-  describe "#valid?" do
-    context "using the HMAC-SHA1 signature method" do
-      it "requires consumer and token secrets" do
-        secrets = {:consumer_secret => 'CONSUMER_SECRET', :token_secret => 'TOKEN_SECRET'}
+  describe '#valid?' do
+    context 'using the HMAC-SHA1 signature method' do
+      it 'requires consumer and token secrets' do
+        secrets = {:consumer_secret => 'CONSUMER_SECRET', :token_secret => 'TOKEN_SECRET', :ignore_extra_keys => true}
         header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, secrets)
         parsed_header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, header)
+        parsed_header.options[:ignore_extra_keys] = true
         expect(parsed_header).not_to be_valid
         expect(parsed_header).to be_valid(secrets)
       end
     end
 
-    context "using the RSA-SHA1 signature method" do
-      it "requires an identical private key" do
-        secrets = {:consumer_secret => rsa_private_key}
+    context 'using the RSA-SHA1 signature method' do
+      it 'requires an identical private key' do
+        secrets = {:consumer_secret => rsa_private_key, :ignore_extra_keys => true}
         header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, secrets.merge(:signature_method => 'RSA-SHA1'))
         parsed_header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, header)
-        expect{ parsed_header.valid? }.to raise_error(TypeError)
+        expect { parsed_header.valid? }.to raise_error(TypeError)
         expect(parsed_header).to be_valid(secrets)
       end
     end
 
-    context "using the RSA-SHA1 signature method" do
-      it "requires consumer and token secrets" do
-        secrets = {:consumer_secret => 'CONSUMER_SECRET', :token_secret => 'TOKEN_SECRET'}
+    context 'using the RSA-SHA1 signature method' do
+      it 'requires consumer and token secrets' do
+        secrets = {:consumer_secret => 'CONSUMER_SECRET', :token_secret => 'TOKEN_SECRET', :ignore_extra_keys => true}
         header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, secrets.merge(:signature_method => 'PLAINTEXT'))
         parsed_header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, header)
         expect(parsed_header).not_to be_valid
@@ -154,76 +155,82 @@ describe SimpleOAuth::Header do
     end
   end
 
-  describe "#normalized_attributes" do
-    let(:header){ SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}) }
-    let(:normalized_attributes){ header.send(:normalized_attributes) }
+  describe '#normalized_attributes' do
+    let(:header) { SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}) }
+    let(:normalized_attributes) { header.send(:normalized_attributes) }
 
-    it "returns a sorted-key, quoted-value and comma-separated list" do
-      header.stub(:signed_attributes => {:d => 1, :c => 2, :b => 3, :a => 4})
+    it 'returns a sorted-key, quoted-value and comma-separated list' do
+      allow(header).to receive(:signed_attributes).and_return(:d => 1, :c => 2, :b => 3, :a => 4)
       expect(normalized_attributes).to eq 'a="4", b="3", c="2", d="1"'
     end
 
-    it "URI encodes its values" do
-      header.stub(:signed_attributes => {1 => '!', 2 => '@', 3 => '#', 4 => '$'})
+    it 'URI encodes its values' do
+      allow(header).to receive(:signed_attributes).and_return(1 => '!', 2 => '@', 3 => '#', 4 => '$')
       expect(normalized_attributes).to eq '1="%21", 2="%40", 3="%23", 4="%24"'
     end
   end
 
-  describe "#signed_attributes" do
-    it "includes the OAuth signature" do
+  describe '#signed_attributes' do
+    it 'includes the OAuth signature' do
       header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {})
       expect(header.send(:signed_attributes)).to have_key(:oauth_signature)
     end
   end
 
-  describe "#attributes" do
+  describe '#attributes' do
     let(:header) do
       options = {}
-      SimpleOAuth::Header::ATTRIBUTE_KEYS.each{|k| options[k] = k.to_s.upcase }
+      SimpleOAuth::Header::ATTRIBUTE_KEYS.each { |k| options[k] = k.to_s.upcase }
       options[:other] = 'OTHER'
       SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}, options)
     end
-    let(:attributes){ header.send(:attributes) }
 
     it "prepends keys with 'oauth_'" do
-      expect(attributes.keys).to be_all{|k| k.to_s =~ /^oauth_/ }
+      header.options[:ignore_extra_keys] = true
+      expect(header.send(:attributes).keys).to be_all { |k| k.to_s =~ /^oauth_/ }
     end
 
-    it "excludes keys not included in the list of valid attributes" do
-      expect(attributes.keys).to be_all{|k| k.is_a?(Symbol) }
-      expect(attributes).not_to have_key(:oauth_other)
+    it 'excludes keys not included in the list of valid attributes' do
+      header.options[:ignore_extra_keys] = true
+      expect(header.send(:attributes).keys).to be_all { |k| k.is_a?(Symbol) }
+      expect(header.send(:attributes)).not_to have_key(:oauth_other)
     end
 
-    it "preserves values for valid keys" do
-      expect(attributes.size).to eq SimpleOAuth::Header::ATTRIBUTE_KEYS.size
-      expect(attributes).to be_all{|k,v| k.to_s == "oauth_#{v.downcase}" }
+    it 'preserves values for valid keys' do
+      header.options[:ignore_extra_keys] = true
+      expect(header.send(:attributes).size).to eq SimpleOAuth::Header::ATTRIBUTE_KEYS.size
+      expect(header.send(:attributes)).to be_all { |k, v| k.to_s == "oauth_#{v.downcase}" }
+    end
+
+    it 'raises exception for extra keys' do
+      expect { header.send(:attributes) }.to raise_error(RuntimeError, "SimpleOAuth: Found extra option keys not matching ATTRIBUTE_KEYS:\n  [:other]")
     end
   end
 
-  describe "#signature" do
-    context "calls the appropriate signature method" do
-      specify "when using HMAC-SHA1" do
+  describe '#signature' do
+    context 'calls the appropriate signature method' do
+      specify 'when using HMAC-SHA1' do
         header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, :signature_method => 'HMAC-SHA1')
-        header.should_receive(:hmac_sha1_signature).once.and_return('HMAC_SHA1_SIGNATURE')
+        expect(header).to receive(:hmac_sha1_signature).once.and_return('HMAC_SHA1_SIGNATURE')
         expect(header.send(:signature)).to eq 'HMAC_SHA1_SIGNATURE'
       end
 
-      specify "when using RSA-SHA1" do
+      specify 'when using RSA-SHA1' do
         header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, :signature_method => 'RSA-SHA1')
-        header.should_receive(:rsa_sha1_signature).once.and_return('RSA_SHA1_SIGNATURE')
+        expect(header).to receive(:rsa_sha1_signature).once.and_return('RSA_SHA1_SIGNATURE')
         expect(header.send(:signature)).to eq 'RSA_SHA1_SIGNATURE'
       end
 
-      specify "when using PLAINTEXT" do
+      specify 'when using PLAINTEXT' do
         header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, :signature_method => 'PLAINTEXT')
-        header.should_receive(:plaintext_signature).once.and_return('PLAINTEXT_SIGNATURE')
+        expect(header).to receive(:plaintext_signature).once.and_return('PLAINTEXT_SIGNATURE')
         expect(header.send(:signature)).to eq 'PLAINTEXT_SIGNATURE'
       end
     end
   end
 
-  describe "#hmac_sha1_signature" do
-    it "reproduces a successful Twitter GET" do
+  describe '#hmac_sha1_signature' do
+    it 'reproduces a successful Twitter GET' do
       options = {
         :consumer_key => '8karQBlMg6gFOwcf8kcoYw',
         :consumer_secret => '3d0vcHyUiiqADpWxolW8nlDIpSWMlyK7YNgc5Qna2M',
@@ -231,13 +238,14 @@ describe SimpleOAuth::Header do
         :signature_method => 'HMAC-SHA1',
         :timestamp => '1286830180',
         :token => '201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh',
-        :token_secret => 'T5qa1tF57tfDzKmpM89DHsNuhgOY4NT6DlNLsTFcuQ'
+        :token_secret => 'T5qa1tF57tfDzKmpM89DHsNuhgOY4NT6DlNLsTFcuQ',
+        :ignore_extra_keys => true,
       }
       header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friends.json', {}, options)
       expect(header.to_s).to eq 'OAuth oauth_consumer_key="8karQBlMg6gFOwcf8kcoYw", oauth_nonce="547fed103e122eecf84c080843eedfe6", oauth_signature="i9CT6ahDRAlfGX3hKYf78QzXsaw%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1286830180", oauth_token="201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh", oauth_version="1.0"'
     end
 
-    it "reproduces a successful Twitter POST" do
+    it 'reproduces a successful Twitter POST' do
       options = {
         :consumer_key => '8karQBlMg6gFOwcf8kcoYw',
         :consumer_secret => '3d0vcHyUiiqADpWxolW8nlDIpSWMlyK7YNgc5Qna2M',
@@ -245,117 +253,121 @@ describe SimpleOAuth::Header do
         :signature_method => 'HMAC-SHA1',
         :timestamp => '1286830181',
         :token => '201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh',
-        :token_secret => 'T5qa1tF57tfDzKmpM89DHsNuhgOY4NT6DlNLsTFcuQ'
+        :token_secret => 'T5qa1tF57tfDzKmpM89DHsNuhgOY4NT6DlNLsTFcuQ',
+        :ignore_extra_keys => true,
       }
       header = SimpleOAuth::Header.new(:post, 'https://api.twitter.com/1/statuses/update.json', {:status => 'hi, again'}, options)
       expect(header.to_s).to eq 'OAuth oauth_consumer_key="8karQBlMg6gFOwcf8kcoYw", oauth_nonce="b40a3e0f18590ecdcc0e273f7d7c82f8", oauth_signature="mPqSFKejrWWk3ZT9bTQjhO5b2xI%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1286830181", oauth_token="201425800-Sv4sTcgoffmHGkTCue0JnURT8vrm4DiFAkeFNDkh", oauth_version="1.0"'
     end
   end
 
-  describe "#secret" do
-    let(:header){ SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}) }
-    let(:secret){ header.send(:secret) }
+  describe '#secret' do
+    let(:header) { SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}) }
+    let(:secret) { header.send(:secret) }
 
-    it "combines the consumer and token secrets with an ampersand" do
-      header.stub(:options => {:consumer_secret => 'CONSUMER_SECRET', :token_secret => 'TOKEN_SECRET'})
+    it 'combines the consumer and token secrets with an ampersand' do
+      allow(header).to receive(:options).and_return(:consumer_secret => 'CONSUMER_SECRET', :token_secret => 'TOKEN_SECRET')
       expect(secret).to eq 'CONSUMER_SECRET&TOKEN_SECRET'
     end
 
-    it "URI encodes each secret value before combination" do
-      header.stub(:options => {:consumer_secret => 'CONSUM#R_SECRET', :token_secret => 'TOKEN_S#CRET'})
+    it 'URI encodes each secret value before combination' do
+      allow(header).to receive(:options).and_return(:consumer_secret => 'CONSUM#R_SECRET', :token_secret => 'TOKEN_S#CRET')
       expect(secret).to eq 'CONSUM%23R_SECRET&TOKEN_S%23CRET'
     end
   end
 
-  describe "#signature_base" do
-    let(:header){ SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}) }
-    let(:signature_base){ header.send(:signature_base) }
+  describe '#signature_base' do
+    let(:header) { SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}) }
+    let(:signature_base) { header.send(:signature_base) }
 
-    it "combines the request method, URL and normalized parameters using ampersands" do
-      header.stub(:method => 'METHOD', :url => 'URL', :normalized_params => 'NORMALIZED_PARAMS')
+    it 'combines the request method, URL and normalized parameters using ampersands' do
+      allow(header).to receive(:method).and_return('METHOD')
+      allow(header).to receive(:url).and_return('URL')
+      allow(header).to receive(:normalized_params).and_return('NORMALIZED_PARAMS')
       expect(signature_base).to eq 'METHOD&URL&NORMALIZED_PARAMS'
     end
 
-    it "URI encodes each value before combination" do
-      header.stub(:method => 'ME#HOD', :url => 'U#L', :normalized_params => 'NORMAL#ZED_PARAMS')
+    it 'URI encodes each value before combination' do
+      allow(header).to receive(:method).and_return('ME#HOD')
+      allow(header).to receive(:url).and_return('U#L')
+      allow(header).to receive(:normalized_params).and_return('NORMAL#ZED_PARAMS')
       expect(signature_base).to eq 'ME%23HOD&U%23L&NORMAL%23ZED_PARAMS'
     end
   end
 
-  describe "#normalized_params" do
+  describe '#normalized_params' do
     let(:header) do
       header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {})
-      header.stub(:signature_params => [['A', '4'], ['B', '3'], ['B', '2'], ['C', '1'], ['D[]', '0 ']])
+      allow(header).to receive(:signature_params).and_return([%w(A 4), %w(B 3), %w(B 2), %w(C 1), ['D[]', '0 ']])
       header
     end
-    let(:signature_params){ header.send(:signature_params) }
-    let(:normalized_params){ header.send(:normalized_params) }
+    let(:signature_params) { header.send(:signature_params) }
+    let(:normalized_params) { header.send(:normalized_params) }
 
-    it "joins key/value pairs with equal signs and ampersands" do
+    it 'joins key/value pairs with equal signs and ampersands' do
       expect(normalized_params).to be_a(String)
       parts = normalized_params.split('&')
       expect(parts.size).to eq signature_params.size
-      pairs = parts.map{|p| p.split('=') }
-      expect(pairs).to be_all{|p| p.size == 2 }
+      pairs = parts.collect { |p| p.split('=') }
+      expect(pairs).to be_all { |p| p.size == 2 }
     end
   end
 
-  describe "#signature_params" do
-    let(:header){ SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}) }
-    let(:signature_params){ header.send(:signature_params) }
+  describe '#signature_params' do
+    let(:header) { SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {}) }
+    let(:signature_params) { header.send(:signature_params) }
 
-    it "combines OAuth header attributes, body parameters and URL parameters into an flattened array of key/value pairs" do
-      header.stub(
-        :attributes => {:attribute => 'ATTRIBUTE'},
-        :params => {'param' => 'PARAM'},
-        :url_params => [['url_param', '1'], ['url_param', '2']]
-      )
+    it 'combines OAuth header attributes, body parameters and URL parameters into an flattened array of key/value pairs' do
+      allow(header).to receive(:attributes).and_return(:attribute => 'ATTRIBUTE')
+      allow(header).to receive(:params).and_return('param' => 'PARAM')
+      allow(header).to receive(:url_params).and_return([%w(url_param 1), %w(url_param 2)])
       expect(signature_params).to eq [
         [:attribute, 'ATTRIBUTE'],
-        ['param', 'PARAM'],
-        ['url_param', '1'],
-        ['url_param', '2']
+        %w(param PARAM),
+        %w(url_param 1),
+        %w(url_param 2),
       ]
     end
   end
 
-  describe "#url_params" do
-    it "returns an empty array when the URL has no query parameters" do
+  describe '#url_params' do
+    it 'returns an empty array when the URL has no query parameters' do
       header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json', {})
       expect(header.send(:url_params)).to eq []
     end
 
-    it "returns an array of key/value pairs for each query parameter" do
+    it 'returns an array of key/value pairs for each query parameter' do
       header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json?test=TEST', {})
-      expect(header.send(:url_params)).to eq [['test', 'TEST']]
+      expect(header.send(:url_params)).to eq [%w(test TEST)]
     end
 
-    it "sorts values for repeated keys" do
+    it 'sorts values for repeated keys' do
       header = SimpleOAuth::Header.new(:get, 'https://api.twitter.com/1/statuses/friendships.json?test=3&test=1&test=2', {})
-      expect(header.send(:url_params)).to eq [['test', '1'], ['test', '2'], ['test', '3']]
+      expect(header.send(:url_params)).to eq [%w(test 1), %w(test 2), %w(test 3)]
     end
   end
 
-  describe "#rsa_sha1_signature" do
-    it "reproduces a successful OAuth example GET" do
+  describe '#rsa_sha1_signature' do
+    it 'reproduces a successful OAuth example GET' do
       options = {
         :consumer_key => 'dpf43f3p2l4k3l03',
         :consumer_secret => rsa_private_key,
         :nonce => '13917289812797014437',
         :signature_method => 'RSA-SHA1',
-        :timestamp => '1196666512'
+        :timestamp => '1196666512',
+        :ignore_extra_keys => true,
       }
       header = SimpleOAuth::Header.new(:get, 'http://photos.example.net/photos', {:file => 'vacaction.jpg', :size => 'original'}, options)
       expect(header.to_s).to eq 'OAuth oauth_consumer_key="dpf43f3p2l4k3l03", oauth_nonce="13917289812797014437", oauth_signature="jvTp%2FwX1TYtByB1m%2BPbyo0lnCOLIsyGCH7wke8AUs3BpnwZJtAuEJkvQL2%2F9n4s5wUmUl4aCI4BwpraNx4RtEXMe5qg5T1LVTGliMRpKasKsW%2F%2Fe%2BRinhejgCuzoH26dyF8iY2ZZ%2F5D1ilgeijhV%2FvBka5twt399mXwaYdCwFYE%3D", oauth_signature_method="RSA-SHA1", oauth_timestamp="1196666512", oauth_version="1.0"'
     end
   end
 
-  describe "#private_key" do
+  describe '#private_key' do
     pending
   end
 
-  describe "#plaintext_signature" do
-    it "reproduces a successful OAuth example GET" do
+  describe '#plaintext_signature' do
+    it 'reproduces a successful OAuth example GET' do
       options = {
         :consumer_key => 'abcd',
         :consumer_secret => 'efgh',
@@ -363,7 +375,8 @@ describe SimpleOAuth::Header do
         :signature_method => 'PLAINTEXT',
         :timestamp => '1286977095',
         :token => 'ijkl',
-        :token_secret => 'mnop'
+        :token_secret => 'mnop',
+        :ignore_extra_keys => true,
       }
       header = SimpleOAuth::Header.new(:get, 'http://host.net/resource?name=value', {:name => 'value'}, options)
       expect(header.to_s).to eq 'OAuth oauth_consumer_key="abcd", oauth_nonce="oLKtec51GQy", oauth_signature="efgh%26mnop", oauth_signature_method="PLAINTEXT", oauth_timestamp="1286977095", oauth_token="ijkl", oauth_version="1.0"'

metadata

@@ -1,8 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: simple_oauth
 version: !ruby/object:Gem::Version
-  prerelease: 
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Steve Richert
@@ -10,56 +9,22 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2012-12-02 00:00:00.000000000 Z
+date: 2014-10-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-    none: false
-  name: rake
-  type: :development
-  prerelease: false
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-    none: false
-- !ruby/object:Gem::Dependency
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
-    none: false
-  name: rspec
+        version: '1.0'
   type: :development
   prerelease: false
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '2'
-    none: false
-- !ruby/object:Gem::Dependency
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ! '>='
-      - !ruby/object:Gem::Version
-        version: '0'
-    none: false
-  name: simplecov
-  type: :development
-  prerelease: false
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
-    none: false
+        version: '1.0'
 description: Simply builds and verifies OAuth headers
 email:
 - steve.richert@gmail.com
@@ -68,14 +33,14 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- .gemtest
-- .gitignore
-- .rspec
-- .travis.yml
-- .yardopts
+- ".gitignore"
+- ".rspec"
+- ".rubocop.yml"
+- ".travis.yml"
+- ".yardopts"
 - CONTRIBUTING.md
 - Gemfile
-- LICENSE
+- LICENSE.md
 - README.md
 - Rakefile
 - lib/simple_oauth.rb
@@ -88,27 +53,26 @@ files:
 homepage: https://github.com/laserlemon/simple_oauth
 licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
-  none: false
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
-  none: false
 requirements: []
 rubyforge_project: 
-rubygems_version: 1.8.23
+rubygems_version: 2.4.1
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: Simply builds and verifies OAuth headers
 test_files: []
 has_rdoc: