RubyGems - sinatra - Versions diffs - 0.2.1 → 0.2.2 - Mend

sinatra 0.2.1 → 0.2.2

Potentially problematic release.

This version of sinatra might be problematic. Click here for more details.

Files changed (83) hide show

data/CHANGELOG +1 -0
data/LICENSE +22 -0
data/Manifest +78 -1
data/lib/sinatra.rb +12 -1
data/sinatra.gemspec +7 -14
data/vendor/rack/AUTHORS +7 -0
data/vendor/rack/COPYING +18 -0
data/vendor/rack/KNOWN-ISSUES +18 -0
data/vendor/rack/README +242 -0
data/vendor/rack/Rakefile +174 -0
data/vendor/rack/bin/rackup +153 -0
data/vendor/rack/contrib/rack_logo.svg +111 -0
data/vendor/rack/example/lobster.ru +4 -0
data/vendor/rack/example/protectedlobster.rb +14 -0
data/vendor/rack/example/protectedlobster.ru +8 -0
data/vendor/rack/lib/rack.rb +92 -0
data/vendor/rack/lib/rack/adapter/camping.rb +22 -0
data/vendor/rack/lib/rack/auth/abstract/handler.rb +28 -0
data/vendor/rack/lib/rack/auth/abstract/request.rb +37 -0
data/vendor/rack/lib/rack/auth/basic.rb +58 -0
data/vendor/rack/lib/rack/auth/digest/md5.rb +124 -0
data/vendor/rack/lib/rack/auth/digest/nonce.rb +51 -0
data/vendor/rack/lib/rack/auth/digest/params.rb +55 -0
data/vendor/rack/lib/rack/auth/digest/request.rb +40 -0
data/vendor/rack/lib/rack/auth/openid.rb +116 -0
data/vendor/rack/lib/rack/builder.rb +56 -0
data/vendor/rack/lib/rack/cascade.rb +36 -0
data/vendor/rack/lib/rack/commonlogger.rb +56 -0
data/vendor/rack/lib/rack/file.rb +112 -0
data/vendor/rack/lib/rack/handler/cgi.rb +57 -0
data/vendor/rack/lib/rack/handler/fastcgi.rb +83 -0
data/vendor/rack/lib/rack/handler/lsws.rb +52 -0
data/vendor/rack/lib/rack/handler/mongrel.rb +78 -0
data/vendor/rack/lib/rack/handler/scgi.rb +57 -0
data/vendor/rack/lib/rack/handler/webrick.rb +57 -0
data/vendor/rack/lib/rack/lint.rb +394 -0
data/vendor/rack/lib/rack/lobster.rb +65 -0
data/vendor/rack/lib/rack/mock.rb +160 -0
data/vendor/rack/lib/rack/recursive.rb +57 -0
data/vendor/rack/lib/rack/reloader.rb +64 -0
data/vendor/rack/lib/rack/request.rb +197 -0
data/vendor/rack/lib/rack/response.rb +166 -0
data/vendor/rack/lib/rack/session/abstract/id.rb +126 -0
data/vendor/rack/lib/rack/session/cookie.rb +71 -0
data/vendor/rack/lib/rack/session/memcache.rb +83 -0
data/vendor/rack/lib/rack/session/pool.rb +67 -0
data/vendor/rack/lib/rack/showexceptions.rb +344 -0
data/vendor/rack/lib/rack/showstatus.rb +103 -0
data/vendor/rack/lib/rack/static.rb +38 -0
data/vendor/rack/lib/rack/urlmap.rb +48 -0
data/vendor/rack/lib/rack/utils.rb +240 -0
data/vendor/rack/test/cgi/lighttpd.conf +20 -0
data/vendor/rack/test/cgi/test +9 -0
data/vendor/rack/test/cgi/test.fcgi +7 -0
data/vendor/rack/test/cgi/test.ru +7 -0
data/vendor/rack/test/spec_rack_auth_basic.rb +69 -0
data/vendor/rack/test/spec_rack_auth_digest.rb +169 -0
data/vendor/rack/test/spec_rack_builder.rb +50 -0
data/vendor/rack/test/spec_rack_camping.rb +47 -0
data/vendor/rack/test/spec_rack_cascade.rb +50 -0
data/vendor/rack/test/spec_rack_cgi.rb +91 -0
data/vendor/rack/test/spec_rack_commonlogger.rb +32 -0
data/vendor/rack/test/spec_rack_fastcgi.rb +91 -0
data/vendor/rack/test/spec_rack_file.rb +40 -0
data/vendor/rack/test/spec_rack_lint.rb +317 -0
data/vendor/rack/test/spec_rack_lobster.rb +45 -0
data/vendor/rack/test/spec_rack_mock.rb +152 -0
data/vendor/rack/test/spec_rack_mongrel.rb +165 -0
data/vendor/rack/test/spec_rack_recursive.rb +77 -0
data/vendor/rack/test/spec_rack_request.rb +384 -0
data/vendor/rack/test/spec_rack_response.rb +167 -0
data/vendor/rack/test/spec_rack_session_cookie.rb +49 -0
data/vendor/rack/test/spec_rack_session_memcache.rb +100 -0
data/vendor/rack/test/spec_rack_session_pool.rb +84 -0
data/vendor/rack/test/spec_rack_showexceptions.rb +21 -0
data/vendor/rack/test/spec_rack_showstatus.rb +71 -0
data/vendor/rack/test/spec_rack_static.rb +37 -0
data/vendor/rack/test/spec_rack_urlmap.rb +175 -0
data/vendor/rack/test/spec_rack_utils.rb +57 -0
data/vendor/rack/test/spec_rack_webrick.rb +106 -0
data/vendor/rack/test/testrequest.rb +43 -0
metadata +81 -4
data/Rakefile +0 -24

data/vendor/rack/example/protectedlobster.ru ADDED

@@ -0,0 +1,8 @@
+require 'rack/lobster'
+use Rack::ShowExceptions
+use Rack::Auth::Basic do |username, password|
+  'secret' == password
+end
+run Rack::Lobster.new

data/vendor/rack/lib/rack.rb ADDED

@@ -0,0 +1,92 @@
+# Copyright (C) 2007, 2008 Christian Neukirchen <purl.org/net/chneukirchen>
+#
+# Rack is freely distributable under the terms of an MIT-style license.
+# See COPYING or http://www.opensource.org/licenses/mit-license.php.
+$: << File.expand_path(File.dirname(__FILE__))
+# The Rack main module, serving as a namespace for all core Rack
+# modules and classes.
+#
+# All modules meant for use in your application are <tt>autoload</tt>ed here,
+# so it should be enough just to <tt>require rack.rb</tt> in your code.
+module Rack
+  # The Rack protocol version number implemented.
+  VERSION = [0,1]
+  # Return the Rack protocol version as a dotted string.
+  def self.version
+    VERSION.join(".")
+  end
+  autoload :Builder, "rack/builder"
+  autoload :Cascade, "rack/cascade"
+  autoload :CommonLogger, "rack/commonlogger"
+  autoload :File, "rack/file"
+  autoload :ForwardRequest, "rack/recursive"
+  autoload :Lint, "rack/lint"
+  autoload :Recursive, "rack/recursive"
+  autoload :Reloader, "rack/reloader"
+  autoload :ShowExceptions, "rack/showexceptions"
+  autoload :ShowStatus, "rack/showstatus"
+  autoload :Static, "rack/static"
+  autoload :URLMap, "rack/urlmap"
+  autoload :Utils, "rack/utils"
+  autoload :MockRequest, "rack/mock"
+  autoload :MockResponse, "rack/mock"
+  autoload :Request, "rack/request"
+  autoload :Response, "rack/response"
+  module Auth
+    autoload :Basic, "rack/auth/basic"
+    autoload :AbstractRequest, "rack/auth/abstract/request"
+    autoload :AbstractHandler, "rack/auth/abstract/handler"
+    autoload :OpenID, "rack/auth/openid"
+    module Digest
+      autoload :MD5, "rack/auth/digest/md5"
+      autoload :Nonce, "rack/auth/digest/nonce"
+      autoload :Params, "rack/auth/digest/params"
+      autoload :Request, "rack/auth/digest/request"
+    end
+  end
+  module Session
+    autoload :Cookie, "rack/session/cookie"
+    autoload :Pool, "rack/session/pool"
+    autoload :Memcache, "rack/session/memcache"
+  end
+  # *Adapters* connect Rack with third party web frameworks.
+  #
+  # Rack includes an adapter for Camping, see README for other
+  # frameworks supporting Rack in their code bases.
+  #
+  # Refer to the submodules for framework-specific calling details.
+  module Adapter
+    autoload :Camping, "rack/adapter/camping"
+  end
+  # *Handlers* connect web servers with Rack.
+  #
+  # Rack includes Handlers for Mongrel, WEBrick, FastCGI, CGI, SCGI
+  # and LiteSpeed.
+  #
+  # Handlers usually are activated by calling <tt>MyHandler.run(myapp)</tt>.
+  # A second optional hash can be passed to include server-specific
+  # configuration.
+  module Handler
+    autoload :CGI, "rack/handler/cgi"
+    autoload :FastCGI, "rack/handler/fastcgi"
+    autoload :Mongrel, "rack/handler/mongrel"
+    autoload :WEBrick, "rack/handler/webrick"
+    autoload :LSWS, "rack/handler/lsws"
+    autoload :SCGI, "rack/handler/scgi"
+  end
+end

data/vendor/rack/lib/rack/adapter/camping.rb ADDED

@@ -0,0 +1,22 @@
+module Rack
+  module Adapter
+    class Camping
+      def initialize(app)
+        @app = app
+      end
+      def call(env)
+        env["PATH_INFO"] ||= ""
+        env["SCRIPT_NAME"] ||= ""
+        controller = @app.run(env['rack.input'], env)
+        h = controller.headers
+        h.each_pair do |k,v|
+          if v.kind_of? URI
+            h[k] = v.to_s
+          end
+        end
+        [controller.status, controller.headers, controller.body]
+      end
+    end
+  end
+end

data/vendor/rack/lib/rack/auth/abstract/handler.rb ADDED

@@ -0,0 +1,28 @@
+module Rack
+  module Auth
+    # Rack::Auth::AbstractHandler implements common authentication functionality.
+    #
+    # +realm+ should be set for all handlers.
+    class AbstractHandler
+      attr_accessor :realm
+      def initialize(app, &authenticator)
+        @app, @authenticator = app, authenticator
+      end
+      private
+      def unauthorized(www_authenticate = challenge)
+        return [ 401, { 'WWW-Authenticate' => www_authenticate.to_s }, [] ]
+      end
+      def bad_request
+        [ 400, {}, [] ]
+      end
+    end
+  end
+end

data/vendor/rack/lib/rack/auth/abstract/request.rb ADDED

@@ -0,0 +1,37 @@
+module Rack
+  module Auth
+    class AbstractRequest
+      def initialize(env)
+        @env = env
+      end
+      def provided?
+        !authorization_key.nil?
+      end
+      def parts
+        @parts ||= @env[authorization_key].split(' ', 2)
+      end
+      def scheme
+        @scheme ||= parts.first.downcase.to_sym
+      end
+      def params
+        @params ||= parts.last
+      end
+      private
+      AUTHORIZATION_KEYS = ['HTTP_AUTHORIZATION', 'X-HTTP_AUTHORIZATION', 'X_HTTP_AUTHORIZATION']
+      def authorization_key
+        @authorization_key ||= AUTHORIZATION_KEYS.detect { |key| @env.has_key?(key) }
+      end
+    end
+  end
+end

data/vendor/rack/lib/rack/auth/basic.rb ADDED

@@ -0,0 +1,58 @@
+require 'rack/auth/abstract/handler'
+require 'rack/auth/abstract/request'
+module Rack
+  module Auth
+    # Rack::Auth::Basic implements HTTP Basic Authentication, as per RFC 2617.
+    #
+    # Initialize with the Rack application that you want protecting,
+    # and a block that checks if a username and password pair are valid.
+    #
+    # See also: <tt>example/protectedlobster.rb</tt>
+    class Basic < AbstractHandler
+      def call(env)
+        auth = Basic::Request.new(env)
+        return unauthorized unless auth.provided?
+        return bad_request unless auth.basic?
+        if valid?(auth)
+          env['REMOTE_USER'] = auth.username
+          return @app.call(env)
+        end
+        unauthorized
+      end
+      private
+      def challenge
+        'Basic realm="%s"' % realm
+      end
+      def valid?(auth)
+        @authenticator.call(*auth.credentials)
+      end
+      class Request < Auth::AbstractRequest
+        def basic?
+          :basic == scheme
+        end
+        def credentials
+          @credentials ||= params.unpack("m*").first.split(/:/, 2)
+        end
+        def username
+          credentials.first
+        end
+      end
+    end
+  end
+end

data/vendor/rack/lib/rack/auth/digest/md5.rb ADDED

@@ -0,0 +1,124 @@
+require 'rack/auth/abstract/handler'
+require 'rack/auth/digest/request'
+require 'rack/auth/digest/params'
+require 'rack/auth/digest/nonce'
+require 'digest/md5'
+module Rack
+  module Auth
+    module Digest
+      # Rack::Auth::Digest::MD5 implements the MD5 algorithm version of
+      # HTTP Digest Authentication, as per RFC 2617.
+      #
+      # Initialize with the [Rack] application that you want protecting,
+      # and a block that looks up a plaintext password for a given username.
+      #
+      # +opaque+ needs to be set to a constant base64/hexadecimal string.
+      #
+      class MD5 < AbstractHandler
+        attr_accessor :opaque
+        attr_writer :passwords_hashed
+        def initialize(app)
+          super
+          @passwords_hashed = nil
+        end
+        def passwords_hashed?
+          !!@passwords_hashed
+        end
+        def call(env)
+          auth = Request.new(env)
+          unless auth.provided?
+            return unauthorized
+          end
+          if !auth.digest? || !auth.correct_uri? || !valid_qop?(auth)
+            return bad_request
+          end
+          if valid?(auth)
+            if auth.nonce.stale?
+              return unauthorized(challenge(:stale => true))
+            else
+              env['REMOTE_USER'] = auth.username
+              return @app.call(env)
+            end
+          end
+          unauthorized
+        end
+        private
+        QOP = 'auth'.freeze
+        def params(hash = {})
+          Params.new do |params|
+            params['realm'] = realm
+            params['nonce'] = Nonce.new.to_s
+            params['opaque'] = H(opaque)
+            params['qop'] = QOP
+            hash.each { |k, v| params[k] = v }
+          end
+        end
+        def challenge(hash = {})
+          "Digest #{params(hash)}"
+        end
+        def valid?(auth)
+          valid_opaque?(auth) && valid_nonce?(auth) && valid_digest?(auth)
+        end
+        def valid_qop?(auth)
+          QOP == auth.qop
+        end
+        def valid_opaque?(auth)
+          H(opaque) == auth.opaque
+        end
+        def valid_nonce?(auth)
+          auth.nonce.valid?
+        end
+        def valid_digest?(auth)
+          digest(auth, @authenticator.call(auth.username)) == auth.response
+        end
+        def md5(data)
+          ::Digest::MD5.hexdigest(data)
+        end
+        alias :H :md5
+        def KD(secret, data)
+          H([secret, data] * ':')
+        end
+        def A1(auth, password)
+          [ auth.username, auth.realm, password ] * ':'
+        end
+        def A2(auth)
+          [ auth.method, auth.uri ] * ':'
+        end
+        def digest(auth, password)
+          password_hash = passwords_hashed? ? password : H(A1(auth, password))
+          KD(password_hash, [ auth.nonce, auth.nc, auth.cnonce, QOP, H(A2(auth)) ] * ':')
+        end
+      end
+    end
+  end
+end

data/vendor/rack/lib/rack/auth/digest/nonce.rb ADDED

@@ -0,0 +1,51 @@
+require 'digest/md5'
+module Rack
+  module Auth
+    module Digest
+      # Rack::Auth::Digest::Nonce is the default nonce generator for the
+      # Rack::Auth::Digest::MD5 authentication handler.
+      #
+      # +private_key+ needs to set to a constant string.
+      #
+      # +time_limit+ can be optionally set to an integer (number of seconds),
+      # to limit the validity of the generated nonces.
+      class Nonce
+        class << self
+          attr_accessor :private_key, :time_limit
+        end
+        def self.parse(string)
+          new(*string.unpack("m*").first.split(' ', 2))
+        end
+        def initialize(timestamp = Time.now, given_digest = nil)
+          @timestamp, @given_digest = timestamp.to_i, given_digest
+        end
+        def to_s
+          [([ @timestamp, digest ] * ' ')].pack("m*").strip
+        end
+        def digest
+          ::Digest::MD5.hexdigest([ @timestamp, self.class.private_key ] * ':')
+        end
+        def valid?
+          digest == @given_digest
+        end
+        def stale?
+          !self.class.time_limit.nil? && (@timestamp - Time.now.to_i) < self.class.time_limit
+        end
+        def fresh?
+          !stale?
+        end
+      end
+    end
+  end
+end

data/vendor/rack/lib/rack/auth/digest/params.rb ADDED

@@ -0,0 +1,55 @@
+module Rack
+  module Auth
+    module Digest
+      class Params < Hash
+        def self.parse(str)
+          split_header_value(str).inject(new) do |header, param|
+            k, v = param.split('=', 2)
+            header[k] = dequote(v)
+            header
+          end
+        end
+        def self.dequote(str) # From WEBrick::HTTPUtils
+          ret = (/\A"(.*)"\Z/ =~ str) ? $1 : str.dup
+          ret.gsub!(/\\(.)/, "\\1")
+          ret
+        end
+        def self.split_header_value(str) # From WEBrick::HTTPUtils
+          str.scan(/((?:"(?:\\.|[^"])+?"|[^",]+)+)(?:,\s*|\Z)/n).collect{ |v| v[0] }
+        end
+        def initialize
+          super
+          yield self if block_given?
+        end
+        def [](k)
+          super k.to_s
+        end
+        def []=(k, v)
+          super k.to_s, v.to_s
+        end
+        UNQUOTED = ['qop', 'nc', 'stale']
+        def to_s
+          inject([]) do |parts, (k, v)|
+            parts << "#{k}=" + (UNQUOTED.include?(k) ? v.to_s : quote(v))
+            parts
+          end.join(', ')
+        end
+        def quote(str) # From WEBrick::HTTPUtils
+          '"' << str.gsub(/[\\\"]/o, "\\\1") << '"'
+        end
+      end
+    end
+  end
+end