Module: Signet::OAuth2
- Defined in:
- lib/signet/oauth_2.rb,
lib/signet/oauth_2/client.rb
Overview
An implementation of tools.ietf.org/html/draft-ietf-oauth-v2-10
This module will be updated periodically to support newer drafts of the specification, as they become widely deployed.
Defined Under Namespace
Classes: Client
Class Method Summary collapse
-
.generate_authorization_uri(authorization_uri, parameters = {}) ⇒ String
Appends the necessary OAuth parameters to the base authorization endpoint URI.
-
.generate_basic_authorization_header(client_id, client_password) ⇒ String
Generates a Basic Authorization header from a client identifier and a client password.
-
.generate_bearer_authorization_header(access_token, auth_params = nil) ⇒ String
Generates a Basic Authorization header from a client identifier and a client password.
- .parse_authorization_header(field_value) ⇒ Object
- .parse_basic_credentials(credential_string) ⇒ Object
- .parse_bearer_credentials(credential_string) ⇒ Object
- .parse_json_credentials(body) ⇒ Object
- .parse_oauth_challenge(challenge_string) ⇒ Object
- .parse_www_authenticate_header(field_value) ⇒ Object
Class Method Details
.generate_authorization_uri(authorization_uri, parameters = {}) ⇒ String
Appends the necessary OAuth parameters to the base authorization endpoint URI.
137 138 139 140 141 142 143 144 145 146 |
# File 'lib/signet/oauth_2.rb', line 137 def self.(, parameters={}) for key, value in parameters parameters.delete(key) if value == nil end parsed_uri = Addressable::URI.parse().dup query_values = parsed_uri.query_values || {} query_values = query_values.merge(parameters) parsed_uri.query_values = query_values return parsed_uri.normalize.to_s end |
.generate_basic_authorization_header(client_id, client_password) ⇒ String
Generates a Basic Authorization header from a client identifier and a client password.
93 94 95 96 97 98 99 100 101 |
# File 'lib/signet/oauth_2.rb', line 93 def self.(client_id, client_password) if client_id =~ /:/ raise ArgumentError, "A client identifier may not contain a ':' character." end return 'Basic ' + Base64.encode64( client_id + ':' + client_password ).gsub(/\n/, '') end |
.generate_bearer_authorization_header(access_token, auth_params = nil) ⇒ String
Generates a Basic Authorization header from a client identifier and a client password.
114 115 116 117 118 119 120 121 122 123 124 125 126 127 |
# File 'lib/signet/oauth_2.rb', line 114 def self.( access_token, auth_params=nil) # TODO: escaping? header = "Bearer #{access_token}" if auth_params && !auth_params.empty? header += (", " + (auth_params.inject([]) do |accu, (key, value)| accu << "#{key}=\"#{value}\"" accu end).join(", ") ) end return header end |
.parse_authorization_header(field_value) ⇒ Object
26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
# File 'lib/signet/oauth_2.rb', line 26 def self.(field_value) auth_scheme = field_value[/^([-._0-9a-zA-Z]+)/, 1] case auth_scheme when /^Basic$/i # HTTP Basic is allowed in OAuth 2 return self.parse_basic_credentials(field_value[/^Basic\s+(.*)$/i, 1]) when /^OAuth$/i # Other token types may be supported eventually return self.parse_bearer_credentials(field_value[/^OAuth\s+(.*)$/i, 1]) else raise ParseError, 'Parsing non-OAuth Authorization headers is out of scope.' end end |
.parse_basic_credentials(credential_string) ⇒ Object
53 54 55 56 57 |
# File 'lib/signet/oauth_2.rb', line 53 def self.parse_basic_credentials(credential_string) decoded = Base64.decode64(credential_string) client_id, client_secret = decoded.split(':', 2) return [['client_id', client_id], ['client_secret', client_secret]] end |
.parse_bearer_credentials(credential_string) ⇒ Object
59 60 61 62 63 64 65 66 67 68 69 |
# File 'lib/signet/oauth_2.rb', line 59 def self.parse_bearer_credentials(credential_string) access_token = credential_string[/^([^,\s]+)(?:\s|,|$)/i, 1] parameters = [] parameters << ['access_token', access_token] auth_param_string = credential_string[/^(?:[^,\s]+)\s*,\s*(.*)$/i, 1] if auth_param_string # This code will rarely get called, but is included for completeness parameters.concat(Signet.parse_auth_param_list(auth_param_string)) end return parameters end |
.parse_json_credentials(body) ⇒ Object
75 76 77 78 79 80 |
# File 'lib/signet/oauth_2.rb', line 75 def self.parse_json_credentials(body) if !body.kind_of?(String) raise TypeError, "Expected String, got #{body.class}." end return MultiJson.decode(body) end |
.parse_oauth_challenge(challenge_string) ⇒ Object
71 72 73 |
# File 'lib/signet/oauth_2.rb', line 71 def self.parse_oauth_challenge(challenge_string) return Signet.parse_auth_param_list(challenge_string) end |
.parse_www_authenticate_header(field_value) ⇒ Object
41 42 43 44 45 46 47 48 49 50 51 |
# File 'lib/signet/oauth_2.rb', line 41 def self.parse_www_authenticate_header(field_value) auth_scheme = field_value[/^([-._0-9a-zA-Z]+)/, 1] case auth_scheme when /^OAuth$/i # Other token types may be supported eventually return self.parse_oauth_challenge(field_value[/^OAuth\s+(.*)$/i, 1]) else raise ParseError, 'Parsing non-OAuth WWW-Authenticate headers is out of scope.' end end |