Class: HTTPClient::OAuth

Inherits:
Object
  • Object
show all
Includes:
Util
Defined in:
lib/httpclient/auth.rb

Overview

Authentication filter for handling OAuth negotiation. Used in WWWAuth.

CAUTION: This impl only support ‘#7 Accessing Protected Resources’ in OAuth Core 1.0 spec for now. You need to obtain Access token and Access secret by yourself.

CAUTION: This impl does NOT support OAuth Request Body Hash spec for now. oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html

Defined Under Namespace

Classes: Config

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Util

#argument_to_hash, hash_find_value, #http?, #https?, #keyword_argument, uri_dirname, uri_part_of, urify

Constructor Details

#initializeOAuth

Creates new DigestAuth filter.



739
740
741
742
743
744
745
746
747
748
# File 'lib/httpclient/auth.rb', line 739

def initialize
  @config = nil # common config
  @auth = {} # configs for each site
  @challengeable = {}
  @nonce_count = 0
  @signature_handler = {
    'HMAC-SHA1' => method(:sign_hmac_sha1)
  }
  @scheme = "OAuth"
end

Instance Attribute Details

#schemeObject (readonly)

Authentication scheme.



669
670
671
# File 'lib/httpclient/auth.rb', line 669

def scheme
  @scheme
end

Class Method Details

.escape(str) ⇒ Object

:nodoc:



722
723
724
725
726
727
728
729
730
731
732
# File 'lib/httpclient/auth.rb', line 722

def self.escape(str) # :nodoc:
  if str.respond_to?(:force_encoding)
    str.dup.force_encoding('BINARY').gsub(/([^a-zA-Z0-9_.~-]+)/) {
      '%' + $1.unpack('H2' * $1.bytesize).join('%').upcase
    }
  else
    str.gsub(/([^a-zA-Z0-9_.~-]+)/n) {
      '%' + $1.unpack('H2' * $1.bytesize).join('%').upcase
    }
  end
end

Instance Method Details

#challenge(uri, param_str = nil) ⇒ Object

Challenge handler: remember URL for response.



804
805
806
807
808
809
810
811
# File 'lib/httpclient/auth.rb', line 804

def challenge(uri, param_str = nil)
  if uri.nil?
    @challengeable[nil] = true
  else
    @challengeable[urify(uri)] = true
  end
  true
end

#escape(str) ⇒ Object



734
735
736
# File 'lib/httpclient/auth.rb', line 734

def escape(str)
  self.class.escape(str)
end

#get(req) ⇒ Object

Response handler: returns credential. It sends cred only when a given uri is;

  • child page of challengeable(got *Authenticate before) uri and,

  • child page of defined credential



793
794
795
796
797
798
799
800
801
# File 'lib/httpclient/auth.rb', line 793

def get(req)
  target_uri = req.header.request_uri
  return nil unless @challengeable[nil] or @challengeable.find { |uri, ok|
    Util.uri_part_of(target_uri, uri) and ok
  }
  config = get_config(target_uri) || @config
  return nil unless config
  calc_cred(req, config)
end

#get_config(uri = nil) ⇒ Object

Get authentication credential.



778
779
780
781
782
783
784
785
786
787
# File 'lib/httpclient/auth.rb', line 778

def get_config(uri = nil)
  if uri.nil?
    @config
  else
    uri = urify(uri)
    Util.hash_find_value(@auth) { |cand_uri, cred|
      Util.uri_part_of(uri, cand_uri)
    }
  end
end

#reset_challengeObject

Resets challenge state. Do not send ‘*Authorization’ header until the server sends ‘*Authentication’ again.



752
753
754
# File 'lib/httpclient/auth.rb', line 752

def reset_challenge
  @challengeable.clear
end

#set(*args) ⇒ Object

Set authentication credential. You cannot set OAuth config via WWWAuth#set_auth. Use OAuth#config=



758
759
760
# File 'lib/httpclient/auth.rb', line 758

def set(*args)
  # not supported
end

#set?Boolean

have we marked this as set - ie that it’s valid to use in this context?

Returns:

  • (Boolean)


763
764
765
# File 'lib/httpclient/auth.rb', line 763

def set?
  true
end

#set_config(uri, config) ⇒ Object

Set authentication credential.



768
769
770
771
772
773
774
775
# File 'lib/httpclient/auth.rb', line 768

def set_config(uri, config)
  if uri.nil?
    @config = config
  else
    uri = Util.uri_dirname(urify(uri))
    @auth[uri] = config
  end
end