simple_oauth 0.3.0 → 0.4.0

data/mutant.yml

@@ -0,0 +1,17 @@
+usage: opensource
+integration:
+  name: minitest
+includes:
+  - lib
+  - test
+requires:
+  - simple_oauth
+mutation:
+  operators: full
+  timeout: 5.0
+matcher:
+  subjects:
+    - SimpleOAuth*
+coverage_criteria:
+  process_abort: true
+  test_result: true

data/sig/matchdata_ext.rbs

@@ -0,0 +1,6 @@
+# Extension to MatchData for indexed access with Integer
+class MatchData
+  # Override [] to return non-nil String for Integer index
+  # (when we know the group exists)
+  def []: (Integer index) -> String
+end

data/sig/openssl_ext.rbs

@@ -0,0 +1,9 @@
+# Extensions to OpenSSL types
+module OpenSSL
+  module PKey
+    class PKey
+      # Sign with digest name as String (in addition to Digest object)
+      def sign: (String | OpenSSL::Digest digest, String data) -> String
+    end
+  end
+end

data/sig/simple_oauth/header/class_methods.rbs

@@ -0,0 +1,26 @@
+module SimpleOAuth
+  class Header
+    # Class methods for Header - parsing, defaults, and body hashing
+    module ClassMethods
+      # Returns default OAuth options with generated nonce and timestamp
+      def default_options: (?String? body) -> Header::oauth_options
+
+      # Computes the oauth_body_hash for a request body
+      def body_hash: (String? body, ?String algorithm) -> String
+
+      # Parses an OAuth Authorization header string into a hash
+      def parse: (String | _ToS header) -> Header::oauth_options
+
+      # Parses OAuth parameters from a form-encoded POST body
+      def parse_form_body: (String | _ToS body) -> Header::oauth_options
+
+      private
+
+      # Generates a random nonce for OAuth requests
+      def generate_nonce: () -> String
+
+      # Encodes binary data as Base64 without newlines
+      def encode_base64: (String data) -> String
+    end
+  end
+end

data/sig/simple_oauth/parser.rbs

@@ -0,0 +1,24 @@
+module SimpleOAuth
+  # Parses OAuth Authorization headers
+  class Parser
+    # Pattern to match OAuth key-value pairs
+    PARAM_PATTERN: Regexp
+
+    # OAuth scheme prefix pattern
+    OAUTH_PREFIX: Regexp
+
+    attr_reader scanner: StringScanner
+    attr_reader attributes: Hash[Symbol, String]
+
+    def initialize: (String | _ToS header) -> void
+    def parse: (Array[Symbol] valid_keys) -> Hash[Symbol, String]
+
+    private
+
+    def scan_oauth_prefix: () -> void
+    def scan_params: (Array[Symbol] valid_keys) -> void
+    def validate_comma_separator: (String key, String comma) -> void
+    def store_if_valid: (String key, String value, Array[Symbol] valid_keys) -> void
+    def verify_complete: () -> void
+  end
+end

data/sig/simple_oauth/signature.rbs

@@ -0,0 +1,57 @@
+# Signature computation methods for OAuth 1.0
+#
+# This module provides a registry of signature methods that can be extended
+# with custom implementations.
+module SimpleOAuth
+  module Signature
+    # Type for signature implementation block
+    type signature_block = ^(String secret, String signature_base) -> String
+
+    # Type for registry entry
+    type registry_entry = { implementation: signature_block, rsa: bool }
+
+    # Registry of signature method implementations (class-level instance variable)
+    self.@registry: Hash[String, registry_entry]
+
+    # Registers a custom signature method
+    def self.register: (String | Symbol name, ?rsa: bool) { (String, String) -> String } -> void
+
+    # Checks if a signature method is registered
+    def self.registered?: (String | Symbol name) -> bool
+
+    # Returns list of registered signature method names
+    def self.methods: () -> Array[String]
+
+    # Checks if a signature method uses RSA
+    def self.rsa?: (String | Symbol name) -> bool
+
+    # Computes a signature using the specified method
+    def self.sign: (String | Symbol name, String? secret, String signature_base) -> String
+
+    # Unregisters a signature method
+    def self.unregister: (String | Symbol name) -> void
+
+    # Resets the registry to only built-in methods
+    def self.reset!: () -> void
+
+    # Encodes binary data as Base64 without newlines
+    def self.encode_base64: (String data) -> String
+
+    private
+
+    # Normalizes signature method name for registry lookup
+    def self.normalize_name: (String | Symbol name) -> String
+
+    # Registers the built-in OAuth signature methods
+    def self.register_builtin_methods: () -> void
+
+    # Registers HMAC-based signature methods
+    def self.register_hmac_methods: () -> void
+
+    # Registers RSA-based signature methods
+    def self.register_rsa_methods: () -> void
+
+    # Registers the PLAINTEXT signature method
+    def self.register_plaintext_method: () -> void
+  end
+end

data/sig/simple_oauth.rbs

@@ -0,0 +1,158 @@
+# OAuth 1.0 header generation library
+module SimpleOAuth
+  # Error raised when parsing a malformed OAuth Authorization header
+  class ParseError < StandardError
+  end
+
+  # Error raised when invalid options are passed to Header
+  class InvalidOptionsError < StandardError
+  end
+
+  # OAuth percent-encoding utilities
+  module Encoding
+    # Characters that don't need to be escaped per OAuth spec
+    UNRESERVED_CHARS: Regexp
+
+    # Percent-encodes a value according to OAuth specification
+    def escape: (String | _ToS value) -> String
+
+    # Alias for escape
+    def encode: (String | _ToS value) -> String
+
+    # Decodes a percent-encoded value
+    def unescape: (String | _ToS value) -> String
+
+    # Alias for unescape
+    def decode: (String | _ToS value) -> String
+
+    # Module-level methods (via extend self)
+    def self.escape: (String | _ToS value) -> String
+    def self.encode: (String | _ToS value) -> String
+    def self.unescape: (String | _ToS value) -> String
+    def self.decode: (String | _ToS value) -> String
+  end
+
+  # Generates OAuth 1.0 Authorization headers for HTTP requests
+  class Header
+    # OAuth header scheme prefix
+    OAUTH_SCHEME: String
+
+    # Prefix for OAuth parameters
+    OAUTH_PREFIX: String
+
+    # Default signature method per RFC 5849
+    DEFAULT_SIGNATURE_METHOD: String
+
+    # OAuth version
+    OAUTH_VERSION: String
+
+    # Valid OAuth attribute keys that can be included in the header
+    ATTRIBUTE_KEYS: Array[Symbol]
+
+    # Keys that are used internally but should not appear in attributes
+    IGNORED_KEYS: Array[Symbol]
+
+    # Valid keys when parsing OAuth parameters (ATTRIBUTE_KEYS + signature)
+    PARSE_KEYS: Array[Symbol]
+
+    # Type aliases for clarity
+    type oauth_key = :body_hash | :callback | :consumer_key | :nonce | :signature_method | :timestamp | :token | :verifier | :version
+    type ignored_key = :consumer_secret | :token_secret | :signature | :realm | :ignore_extra_keys
+    type signature_method = "HMAC-SHA1" | "HMAC-SHA256" | "RSA-SHA1" | "RSA-SHA256" | "PLAINTEXT"
+    type params_hash = Hash[String | Symbol, untyped]
+    type oauth_options = Hash[Symbol, untyped]
+    type signed_attributes_hash = Hash[Symbol, untyped]
+
+    # The HTTP method for the request
+    attr_reader method: String
+
+    # The request parameters to be signed
+    attr_reader params: params_hash
+
+    # The raw request body for oauth_body_hash computation
+    attr_reader body: String?
+
+    # The OAuth options including credentials and signature
+    attr_reader options: oauth_options
+
+    # Class methods from ClassMethods module
+    extend ClassMethods
+
+    # Encoding methods from Encoding module
+    extend Encoding
+
+    # Percent-encodes a value according to OAuth specification
+    def self.escape: (String | _ToS value) -> String
+
+    # Alias for escape
+    def self.encode: (String | _ToS value) -> String
+
+    # Decodes a percent-encoded value
+    def self.unescape: (String | _ToS value) -> String
+
+    # Alias for unescape
+    def self.decode: (String | _ToS value) -> String
+
+    # Creates a new OAuth header
+    def initialize: (String | Symbol method, String | URI::Generic url, params_hash params, ?oauth_options | String oauth, ?String? body) -> void
+
+    # Returns the normalized URL without query string or fragment
+    def url: () -> String
+
+    # Returns the OAuth Authorization header string
+    def to_s: () -> String
+
+    # Validates the signature in the header against the provided secrets
+    def valid?: (?oauth_options secrets) -> bool
+
+    # Returns the OAuth attributes including the signature
+    def signed_attributes: () -> signed_attributes_hash
+
+    private
+
+    # Internal URI instance
+    @uri: URI::Generic
+
+    # Normalizes and parses a URL into a URI object
+    def normalize_uri: (String | URI::Generic url) -> URI::Generic
+
+    # Builds OAuth options from input (hash or header string)
+    def build_options: (oauth_options | String oauth, String? body) -> oauth_options
+
+    # Builds the normalized OAuth attributes string for the Authorization header
+    def normalized_attributes: () -> String
+
+    # Extracts valid OAuth attributes from options (excludes realm per RFC 5849)
+    def attributes: () -> signed_attributes_hash
+
+    # Validates that no unknown keys are present in options
+    def validate_option_keys!: () -> void
+
+    # Returns OAuth attributes including realm for Authorization header output
+    def header_attributes: () -> signed_attributes_hash
+
+    # Extracts query parameters from the request URL
+    def url_params: () -> Array[untyped]
+
+    # Computes the OAuth signature using the configured signature method
+    def signature: () -> String
+
+    # Builds the secret string from consumer and token secrets
+    def secret: () -> String
+
+    # Builds the signature base string from method, URL, and params
+    def signature_base: () -> String
+
+    # Normalizes and sorts all request parameters for signing
+    def normalized_params: () -> String
+
+    # Collects all parameters to include in signature
+    def signature_params: () -> Array[untyped]
+  end
+end
+
+# Version module
+module SimpleOauth
+  # The current version of the SimpleOAuth gem
+  VERSION: String
+end

data/sig/strscan.rbs

@@ -0,0 +1,9 @@
+# Minimal StringScanner type declarations for simple_oauth
+class StringScanner
+  def initialize: (String string) -> void
+  def scan: (Regexp pattern) -> String?
+  def eos?: () -> bool
+  def rest: () -> String
+  def pos: () -> Integer
+  def []: (Integer index) -> String?
+end

data/sig/uri_rfc2396_parser.rbs

@@ -0,0 +1,10 @@
+# Stubs for URI module
+module URI
+  # The RFC2396 parser instance constant
+  RFC2396_PARSER: RFC2396_Parser
+
+  class Generic
+    # Returns the URI as a String (implicit conversion)
+    def to_str: () -> String
+  end
+end

metadata

@@ -1,30 +1,43 @@
 --- !ruby/object:Gem::Specification
 name: simple_oauth
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Steve Richert
-- Erik Michaels-Ober
-autorequire: 
-bindir: bin
+- Erik Berlin
+bindir: exe
 cert_chain: []
-date: 2014-10-09 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: base64
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
-  type: :development
+        version: '0'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: cgi
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Simply builds and verifies OAuth headers
 email:
 - steve.richert@gmail.com
@@ -33,28 +46,40 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- ".rspec"
 - ".rubocop.yml"
-- ".travis.yml"
 - ".yardopts"
+- CHANGELOG.md
 - CONTRIBUTING.md
-- Gemfile
 - LICENSE.md
 - README.md
 - Rakefile
+- Steepfile
 - lib/simple_oauth.rb
+- lib/simple_oauth/encoding.rb
+- lib/simple_oauth/errors.rb
 - lib/simple_oauth/header.rb
-- simple_oauth.gemspec
-- spec/helper.rb
-- spec/simple_oauth/header_spec.rb
-- spec/support/fixtures/rsa-private-key
-- spec/support/rsa.rb
+- lib/simple_oauth/header/class_methods.rb
+- lib/simple_oauth/parser.rb
+- lib/simple_oauth/signature.rb
+- lib/simple_oauth/version.rb
+- mutant.yml
+- sig/matchdata_ext.rbs
+- sig/openssl_ext.rbs
+- sig/simple_oauth.rbs
+- sig/simple_oauth/header/class_methods.rbs
+- sig/simple_oauth/parser.rbs
+- sig/simple_oauth/signature.rbs
+- sig/strscan.rbs
+- sig/uri_rfc2396_parser.rbs
 homepage: https://github.com/laserlemon/simple_oauth
 licenses:
 - MIT
-metadata: {}
-post_install_message: 
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/laserlemon/simple_oauth
+  source_code_uri: https://github.com/laserlemon/simple_oauth
+  changelog_uri: https://github.com/laserlemon/simple_oauth/blob/master/CHANGELOG.md
+  rubygems_mfa_required: 'true'
 rdoc_options: []
 require_paths:
 - lib
@@ -62,17 +87,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '3.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.1
-signing_key: 
+rubygems_version: 4.0.5
 specification_version: 4
 summary: Simply builds and verifies OAuth headers
 test_files: []
-has_rdoc: 

data/.gitignore

@@ -1,10 +0,0 @@
-*.rbc
-.DS_Store
-.bundle
-.yardoc
-Gemfile.lock
-coverage
-doc
-measurement
-pkg
-rdoc

data/.rspec

@@ -1,2 +0,0 @@
---color
---order random

data/.travis.yml

@@ -1,21 +0,0 @@
-language: ruby
-env:
-  global:
-    - JRUBY_OPTS="$JRUBY_OPTS --debug"
-rvm:
-  - 1.8.7
-  - 1.9.3
-  - 2.0.0
-  - 2.1
-  - jruby-18mode
-  - jruby-19mode
-  - jruby-head
-  - rbx-2
-  - ruby-head
-matrix:
-  allow_failures:
-    - rvm: jruby-head
-    - rvm: rbx-2
-    - rvm: ruby-head
-  fast_finish: true
-sudo: false

data/Gemfile

@@ -1,17 +0,0 @@
-source 'https://rubygems.org'
-
-gem 'jruby-openssl', :platforms => :jruby
-gem 'rake'
-
-group :test do
-  gem 'backports'
-  gem 'coveralls'
-  gem 'mime-types', '~> 1.25', :platforms => [:jruby, :ruby_18]
-  gem 'rest-client', '~> 1.6.0', :platforms => [:jruby, :ruby_18]
-  gem 'rspec', '>= 2.14'
-  gem 'rubocop', '>= 0.25', :platforms => [:ruby_19, :ruby_20, :ruby_21]
-  gem 'simplecov', '>= 0.9'
-  gem 'yardstick'
-end
-
-gemspec

data/simple_oauth.gemspec

@@ -1,15 +0,0 @@
-Gem::Specification.new do |spec|
-  spec.add_development_dependency 'bundler', '~> 1.0'
-  spec.name    = 'simple_oauth'
-  spec.version = '0.3.0'
-
-  spec.authors     = ['Steve Richert', 'Erik Michaels-Ober']
-  spec.email       = %w(steve.richert@gmail.com sferik@gmail.com)
-  spec.description = 'Simply builds and verifies OAuth headers'
-  spec.summary     = spec.description
-  spec.homepage    = 'https://github.com/laserlemon/simple_oauth'
-  spec.licenses    = %w(MIT)
-
-  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.start_with?('test/') }
-  spec.require_paths = %w(lib)
-end

data/spec/helper.rb

@@ -1,26 +0,0 @@
-if RUBY_VERSION >= '1.9'
-  require 'simplecov'
-  require 'coveralls'
-
-  SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[SimpleCov::Formatter::HTMLFormatter, Coveralls::SimpleCov::Formatter]
-
-  SimpleCov.start do
-    add_filter '/spec/'
-    minimum_coverage(100)
-  end
-end
-
-require 'simple_oauth'
-require 'rspec'
-
-def uri_parser
-  @uri_parser ||= URI.const_defined?(:Parser) ? URI::Parser.new : URI
-end
-
-RSpec.configure do |config|
-  config.expect_with :rspec do |c|
-    c.syntax = :expect
-  end
-end
-
-Dir[File.expand_path('../support/**/*.rb', __FILE__)].each { |f| require f }