mirror of
https://github.com/samsonjs/simple_oauth.git
synced 2026-04-27 14:57:45 +00:00
Alias encode to escape and decode to unescape
This commit is contained in:
Erik Michaels-Ober
parent
f67afa46fa
commit
02d041d028
2 changed files with 52 additions and 46 deletions
|
|
@ -6,33 +6,43 @@ require 'cgi'
|
||||||
module SimpleOAuth
|
module SimpleOAuth
|
||||||
class Header
|
class Header
|
||||||
ATTRIBUTE_KEYS = [:callback, :consumer_key, :nonce, :signature_method, :timestamp, :token, :verifier, :version] unless defined? ::SimpleOAuth::Header::ATTRIBUTE_KEYS
|
ATTRIBUTE_KEYS = [:callback, :consumer_key, :nonce, :signature_method, :timestamp, :token, :verifier, :version] unless defined? ::SimpleOAuth::Header::ATTRIBUTE_KEYS
|
||||||
|
|
||||||
def self.default_options
|
|
||||||
{
|
|
||||||
:nonce => OpenSSL::Random.random_bytes(16).unpack('H*')[0],
|
|
||||||
:signature_method => 'HMAC-SHA1',
|
|
||||||
:timestamp => Time.now.to_i.to_s,
|
|
||||||
:version => '1.0'
|
|
||||||
}
|
|
||||||
end
|
|
||||||
|
|
||||||
def self.encode(value)
|
|
||||||
uri_parser.escape(value.to_s, /[^a-z0-9\-\.\_\~]/i)
|
|
||||||
end
|
|
||||||
|
|
||||||
def self.decode(value)
|
|
||||||
uri_parser.unescape(value.to_s)
|
|
||||||
end
|
|
||||||
|
|
||||||
def self.parse(header)
|
|
||||||
header.to_s.sub(/^OAuth\s/, '').split(/,\s*/).inject({}) do |attributes, pair|
|
|
||||||
match = pair.match(/^(\w+)\=\"([^\"]*)\"$/)
|
|
||||||
attributes.merge(match[1].sub(/^oauth_/, '').to_sym => decode(match[2]))
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
attr_reader :method, :params, :options
|
attr_reader :method, :params, :options
|
||||||
|
|
||||||
|
class << self
|
||||||
|
def default_options
|
||||||
|
{
|
||||||
|
:nonce => OpenSSL::Random.random_bytes(16).unpack('H*')[0],
|
||||||
|
:signature_method => 'HMAC-SHA1',
|
||||||
|
:timestamp => Time.now.to_i.to_s,
|
||||||
|
:version => '1.0'
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
def parse(header)
|
||||||
|
header.to_s.sub(/^OAuth\s/, '').split(/,\s*/).inject({}) do |attributes, pair|
|
||||||
|
match = pair.match(/^(\w+)\=\"([^\"]*)\"$/)
|
||||||
|
attributes.merge(match[1].sub(/^oauth_/, '').to_sym => decode(match[2]))
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
def escape(value)
|
||||||
|
uri_parser.escape(value.to_s, /[^a-z0-9\-\.\_\~]/i)
|
||||||
|
end
|
||||||
|
alias encode escape
|
||||||
|
|
||||||
|
def unescape(value)
|
||||||
|
uri_parser.unescape(value.to_s)
|
||||||
|
end
|
||||||
|
alias decode unescape
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def uri_parser
|
||||||
|
@uri_parser ||= URI.const_defined?(:Parser) ? URI::Parser.new : URI
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
def initialize(method, url, params, oauth = {})
|
def initialize(method, url, params, oauth = {})
|
||||||
@method = method.to_s.upcase
|
@method = method.to_s.upcase
|
||||||
@uri = URI.parse(url.to_s)
|
@uri = URI.parse(url.to_s)
|
||||||
|
|
@ -65,11 +75,7 @@ module SimpleOAuth
|
||||||
attributes.merge(:oauth_signature => signature)
|
attributes.merge(:oauth_signature => signature)
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def self.uri_parser
|
|
||||||
@uri_parser ||= URI.const_defined?(:Parser) ? URI::Parser.new : URI
|
|
||||||
end
|
|
||||||
|
|
||||||
def normalized_attributes
|
def normalized_attributes
|
||||||
signed_attributes.sort_by{|k,v| k.to_s }.map{|k,v| %(#{k}="#{self.class.encode(v)}") }.join(', ')
|
signed_attributes.sort_by{|k,v| k.to_s }.map{|k,v| %(#{k}="#{self.class.encode(v)}") }.join(', ')
|
||||||
|
|
|
||||||
|
|
@ -22,29 +22,29 @@ describe SimpleOAuth::Header do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe ".encode" do
|
describe ".escape" do
|
||||||
it "encodes (most) non-word characters" do
|
it "escapes (most) non-word characters" do
|
||||||
[' ', '!', '@', '#', '$', '%', '^', '&'].each do |character|
|
[' ', '!', '@', '#', '$', '%', '^', '&'].each do |character|
|
||||||
encoded = SimpleOAuth::Header.encode(character)
|
escaped = SimpleOAuth::Header.escape(character)
|
||||||
expect(encoded).not_to eq character
|
expect(escaped).not_to eq character
|
||||||
expect(encoded).to eq uri_parser.escape(character, /.*/)
|
expect(escaped).to eq uri_parser.escape(character, /.*/)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it "does not encode - . or ~" do
|
it "does not escape - . or ~" do
|
||||||
['-', '.', '~'].each do |character|
|
['-', '.', '~'].each do |character|
|
||||||
encoded = SimpleOAuth::Header.encode(character)
|
escaped = SimpleOAuth::Header.escape(character)
|
||||||
expect(encoded).to eq character
|
expect(escaped).to eq character
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.test_special_characters
|
def self.test_special_characters
|
||||||
it "encodes non-ASCII characters" do
|
it "escapes non-ASCII characters" do
|
||||||
expect(SimpleOAuth::Header.encode('é')).to eq '%C3%A9'
|
expect(SimpleOAuth::Header.escape('é')).to eq '%C3%A9'
|
||||||
end
|
end
|
||||||
|
|
||||||
it "encodes multibyte characters" do
|
it "escapes multibyte characters" do
|
||||||
expect(SimpleOAuth::Header.encode('あ')).to eq '%E3%81%82'
|
expect(SimpleOAuth::Header.escape('あ')).to eq '%E3%81%82'
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
@ -65,7 +65,7 @@ describe SimpleOAuth::Header do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe ".decode" do
|
describe ".unescape" do
|
||||||
pending
|
pending
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
@ -163,7 +163,7 @@ describe SimpleOAuth::Header do
|
||||||
expect(normalized_attributes).to eq 'a="4", b="3", c="2", d="1"'
|
expect(normalized_attributes).to eq 'a="4", b="3", c="2", d="1"'
|
||||||
end
|
end
|
||||||
|
|
||||||
it "url-encodes its values" do
|
it "URI encodes its values" do
|
||||||
header.stub(:signed_attributes => {1 => '!', 2 => '@', 3 => '#', 4 => '$'})
|
header.stub(:signed_attributes => {1 => '!', 2 => '@', 3 => '#', 4 => '$'})
|
||||||
expect(normalized_attributes).to eq '1="%21", 2="%40", 3="%23", 4="%24"'
|
expect(normalized_attributes).to eq '1="%21", 2="%40", 3="%23", 4="%24"'
|
||||||
end
|
end
|
||||||
|
|
@ -261,7 +261,7 @@ describe SimpleOAuth::Header do
|
||||||
expect(secret).to eq 'CONSUMER_SECRET&TOKEN_SECRET'
|
expect(secret).to eq 'CONSUMER_SECRET&TOKEN_SECRET'
|
||||||
end
|
end
|
||||||
|
|
||||||
it "URL encodes each secret value before combination" do
|
it "URI encodes each secret value before combination" do
|
||||||
header.stub(:options => {:consumer_secret => 'CONSUM#R_SECRET', :token_secret => 'TOKEN_S#CRET'})
|
header.stub(:options => {:consumer_secret => 'CONSUM#R_SECRET', :token_secret => 'TOKEN_S#CRET'})
|
||||||
expect(secret).to eq 'CONSUM%23R_SECRET&TOKEN_S%23CRET'
|
expect(secret).to eq 'CONSUM%23R_SECRET&TOKEN_S%23CRET'
|
||||||
end
|
end
|
||||||
|
|
@ -276,7 +276,7 @@ describe SimpleOAuth::Header do
|
||||||
expect(signature_base).to eq 'METHOD&URL&NORMALIZED_PARAMS'
|
expect(signature_base).to eq 'METHOD&URL&NORMALIZED_PARAMS'
|
||||||
end
|
end
|
||||||
|
|
||||||
it "URL encodes each value before combination" do
|
it "URI encodes each value before combination" do
|
||||||
header.stub(:method => 'ME#HOD', :url => 'U#L', :normalized_params => 'NORMAL#ZED_PARAMS')
|
header.stub(:method => 'ME#HOD', :url => 'U#L', :normalized_params => 'NORMAL#ZED_PARAMS')
|
||||||
expect(signature_base).to eq 'ME%23HOD&U%23L&NORMAL%23ZED_PARAMS'
|
expect(signature_base).to eq 'ME%23HOD&U%23L&NORMAL%23ZED_PARAMS'
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue