Class: OAuth::Consumer
Constant Summary collapse
- CA_FILES =
determine the certificate authority path to verify SSL certs
%w(/etc/ssl/certs/ca-certificates.crt /usr/share/curl/curl-ca-bundle.crt)
- CA_FILE =
nil
- @@default_options =
{ # Signature method used by server. Defaults to HMAC-SHA1 :signature_method => 'HMAC-SHA1', # default paths on site. These are the same as the defaults set up by the generators :request_token_path => '/oauth/request_token', :authorize_path => '/oauth/authorize', :access_token_path => '/oauth/access_token', :proxy => nil, # How do we send the oauth values to the server see # http://oauth.net/core/1.0/#consumer_req_param for more info # # Possible values: # # :header - via the Authorize header (Default) ( option 1. in spec) # :body - url form encoded in body of POST request ( option 2. in spec) # :query_string - via the query part of the url ( option 3. in spec) :scheme => :header, # Default http method used for OAuth Token Requests (defaults to :post) :http_method => :post, # Add a custom ca_file for consumer # :ca_file => '/etc/certs.pem' :oauth_version => "1.0" }
Instance Attribute Summary collapse
-
#http ⇒ Object
The HTTP object for the site.
-
#key ⇒ Object
Returns the value of attribute key.
-
#options ⇒ Object
Returns the value of attribute options.
-
#secret ⇒ Object
Returns the value of attribute secret.
- #site ⇒ Object
Instance Method Summary collapse
- #access_token_path ⇒ Object
- #access_token_url ⇒ Object
- #access_token_url? ⇒ Boolean
- #authorize_path ⇒ Object
- #authorize_url ⇒ Object
- #authorize_url? ⇒ Boolean
-
#create_signed_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates and signs an http request.
- #get_access_token(request_token, request_options = {}, *arguments, &block) ⇒ Object
-
#get_request_token(request_options = {}, *arguments, &block) ⇒ Object
Makes a request to the service for a new OAuth::RequestToken.
-
#http_method ⇒ Object
The default http method.
-
#initialize(consumer_key, consumer_secret, options = {}) ⇒ Consumer
constructor
Create a new consumer instance by passing it a configuration hash:.
- #proxy ⇒ Object
-
#request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates, signs and performs an http request.
- #request_endpoint ⇒ Object
- #request_token_path ⇒ Object
-
#request_token_url ⇒ Object
TODO this is ugly, rewrite.
- #request_token_url? ⇒ Boolean
- #scheme ⇒ Object
-
#sign!(request, token = nil, request_options = {}) ⇒ Object
Sign the Request object.
-
#signature_base_string(request, token = nil, request_options = {}) ⇒ Object
Return the signature_base_string.
-
#token_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates a request and parses the result as url_encoded.
-
#uri(custom_uri = nil) ⇒ Object
Contains the root URI for this site.
Constructor Details
#initialize(consumer_key, consumer_secret, options = {}) ⇒ Consumer
Create a new consumer instance by passing it a configuration hash:
@consumer = OAuth::Consumer.new(key, secret, {
:site => "http://term.ie",
:scheme => :header,
:http_method => :post,
:request_token_path => "/oauth/example/request_token.php",
:access_token_path => "/oauth/example/access_token.php",
:authorize_path => "/oauth/example/authorize.php"
})
Start the process by requesting a token
@request_token = @consumer.get_request_token
session[:request_token] = @request_token
redirect_to @request_token.
When user returns create an access_token
@access_token = @request_token.get_access_token
@photos=@access_token.get('/photos.xml')
74 75 76 77 78 79 80 81 82 83 |
# File 'lib/oauth/consumer.rb', line 74 def initialize(consumer_key, consumer_secret, = {}) @key = consumer_key @secret = consumer_secret # ensure that keys are symbols @options = @@default_options.merge(.inject({}) do |opts, (key, value)| opts[key.to_sym] = value opts end) end |
Instance Attribute Details
#http ⇒ Object
The HTTP object for the site. The HTTP Object is what you get when you do Net::HTTP.new
91 92 93 |
# File 'lib/oauth/consumer.rb', line 91 def http @http ||= create_http end |
#key ⇒ Object
Returns the value of attribute key.
49 50 51 |
# File 'lib/oauth/consumer.rb', line 49 def key @key end |
#options ⇒ Object
Returns the value of attribute options.
49 50 51 |
# File 'lib/oauth/consumer.rb', line 49 def @options end |
#secret ⇒ Object
Returns the value of attribute secret.
49 50 51 |
# File 'lib/oauth/consumer.rb', line 49 def secret @secret end |
#site ⇒ Object
232 233 234 |
# File 'lib/oauth/consumer.rb', line 232 def site @options[:site].to_s end |
Instance Method Details
#access_token_path ⇒ Object
253 254 255 |
# File 'lib/oauth/consumer.rb', line 253 def access_token_path @options[:access_token_path] end |
#access_token_url ⇒ Object
274 275 276 |
# File 'lib/oauth/consumer.rb', line 274 def access_token_url @options[:access_token_url] || site + access_token_path end |
#access_token_url? ⇒ Boolean
278 279 280 |
# File 'lib/oauth/consumer.rb', line 278 def access_token_url? @options.has_key?(:access_token_url) end |
#authorize_path ⇒ Object
249 250 251 |
# File 'lib/oauth/consumer.rb', line 249 def @options[:authorize_path] end |
#authorize_url ⇒ Object
266 267 268 |
# File 'lib/oauth/consumer.rb', line 266 def @options[:authorize_url] || site + end |
#authorize_url? ⇒ Boolean
270 271 272 |
# File 'lib/oauth/consumer.rb', line 270 def @options.has_key?(:authorize_url) end |
#create_signed_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates and signs an http request. It’s recommended to use the Token classes to set this up correctly
186 187 188 189 190 |
# File 'lib/oauth/consumer.rb', line 186 def create_signed_request(http_method, path, token = nil, = {}, *arguments) request = create_http_request(http_method, path, *arguments) sign!(request, token, ) request end |
#get_access_token(request_token, request_options = {}, *arguments, &block) ⇒ Object
105 106 107 108 |
# File 'lib/oauth/consumer.rb', line 105 def get_access_token(request_token, = {}, *arguments, &block) response = token_request(http_method, (access_token_url? ? access_token_url : access_token_path), request_token, , *arguments, &block) OAuth::AccessToken.from_hash(self, response) end |
#get_request_token(request_options = {}, *arguments, &block) ⇒ Object
Makes a request to the service for a new OAuth::RequestToken
@request_token = @consumer.get_request_token
To include OAuth parameters:
@request_token = @consumer.get_request_token \
:oauth_callback => "http://example.com/cb"
To include application-specific parameters:
@request_token = @consumer.get_request_token({}, :foo => "bar")
TODO oauth_callback should be a mandatory parameter
124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 |
# File 'lib/oauth/consumer.rb', line 124 def get_request_token( = {}, *arguments, &block) # if oauth_callback wasn't provided, it is assumed that oauth_verifiers # will be exchanged out of band [:oauth_callback] ||= OAuth::OUT_OF_BAND unless [:exclude_callback] if block_given? response = token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, , *arguments, &block) else response = token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, , *arguments) end OAuth::RequestToken.from_hash(self, response) end |
#http_method ⇒ Object
The default http method
86 87 88 |
# File 'lib/oauth/consumer.rb', line 86 def http_method @http_method ||= @options[:http_method] || :post end |
#proxy ⇒ Object
282 283 284 |
# File 'lib/oauth/consumer.rb', line 282 def proxy @options[:proxy] end |
#request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates, signs and performs an http request. It’s recommended to use the OAuth::Token classes to set this up correctly. request_options take precedence over consumer-wide options when signing
a request.
arguments are POST and PUT bodies (a Hash, string-encoded parameters, or
absent), followed by additional HTTP headers.
@consumer.request(:get, '/people', @token, { :scheme => :query_string })
@consumer.request(:post, '/people', @token, {}, @person.to_xml, { 'Content-Type' => 'application/xml' })
151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 |
# File 'lib/oauth/consumer.rb', line 151 def request(http_method, path, token = nil, = {}, *arguments) if path !~ /^\// @http = create_http(path) _uri = URI.parse(path) path = "#{_uri.path}#{_uri.query ? "?#{_uri.query}" : ""}" end # override the request with your own, this is useful for file uploads which Net::HTTP does not do req = create_signed_request(http_method, path, token, , *arguments) return nil if block_given? and yield(req) == :done rsp = http.request(req) # check for an error reported by the Problem Reporting extension # (http://wiki.oauth.net/ProblemReporting) # note: a 200 may actually be an error; check for an oauth_problem key to be sure if !(headers = rsp.to_hash["www-authenticate"]).nil? && (h = headers.select { |hdr| hdr =~ /^OAuth / }).any? && h.first =~ /oauth_problem/ # puts "Header: #{h.first}" # TODO doesn't handle broken responses from api.login.yahoo.com # remove debug code when done params = OAuth::Helper.parse_header(h.first) # puts "Params: #{params.inspect}" # puts "Body: #{rsp.body}" raise OAuth::Problem.new(params.delete("oauth_problem"), rsp, params) end rsp end |
#request_endpoint ⇒ Object
236 237 238 239 |
# File 'lib/oauth/consumer.rb', line 236 def request_endpoint return nil if @options[:request_endpoint].nil? @options[:request_endpoint].to_s end |
#request_token_path ⇒ Object
245 246 247 |
# File 'lib/oauth/consumer.rb', line 245 def request_token_path @options[:request_token_path] end |
#request_token_url ⇒ Object
TODO this is ugly, rewrite
258 259 260 |
# File 'lib/oauth/consumer.rb', line 258 def request_token_url @options[:request_token_url] || site + request_token_path end |
#request_token_url? ⇒ Boolean
262 263 264 |
# File 'lib/oauth/consumer.rb', line 262 def request_token_url? @options.has_key?(:request_token_url) end |
#scheme ⇒ Object
241 242 243 |
# File 'lib/oauth/consumer.rb', line 241 def scheme @options[:scheme] end |
#sign!(request, token = nil, request_options = {}) ⇒ Object
Sign the Request object. Use this if you have an externally generated http request object you want to sign.
223 224 225 |
# File 'lib/oauth/consumer.rb', line 223 def sign!(request, token = nil, = {}) request.oauth!(http, self, token, .merge()) end |
#signature_base_string(request, token = nil, request_options = {}) ⇒ Object
Return the signature_base_string
228 229 230 |
# File 'lib/oauth/consumer.rb', line 228 def signature_base_string(request, token = nil, = {}) request.signature_base_string(http, self, token, .merge()) end |
#token_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates a request and parses the result as url_encoded. This is used internally for the RequestToken and AccessToken requests.
193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 |
# File 'lib/oauth/consumer.rb', line 193 def token_request(http_method, path, token = nil, = {}, *arguments) response = request(http_method, path, token, , *arguments) case response.code.to_i when (200..299) if block_given? yield response.body else # symbolize keys # TODO this could be considered unexpected behavior; symbols or not? # TODO this also drops subsequent values from multi-valued keys CGI.parse(response.body).inject({}) do |h,(k,v)| h[k.strip.to_sym] = v.first h[k.strip] = v.first h end end when (300..399) # this is a redirect uri = URI.parse(response.header['location']) response.error! if uri.path == path # careful of those infinite redirects self.token_request(http_method, uri.path, token, , arguments) when (400..499) raise OAuth::Unauthorized, response else response.error! end end |
#uri(custom_uri = nil) ⇒ Object
Contains the root URI for this site
96 97 98 99 100 101 102 103 |
# File 'lib/oauth/consumer.rb', line 96 def uri(custom_uri = nil) if custom_uri @uri = custom_uri @http = create_http # yike, oh well. less intrusive this way else # if no custom passed, we use existing, which, if unset, is set to site uri @uri ||= URI.parse(site) end end |