Class: OAuth::Consumer
Constant Summary collapse
- CA_FILES =
determine the certificate authority path to verify SSL certs
%W(#{ENV['SSL_CERT_FILE']} /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt /usr/share/curl/curl-ca-bundle.crt)
- CA_FILE =
nil
- @@default_options =
{ # Signature method used by server. Defaults to HMAC-SHA1 :signature_method => 'HMAC-SHA1', # default paths on site. These are the same as the defaults set up by the generators :request_token_path => '/oauth/request_token', :authorize_path => '/oauth/authorize', :access_token_path => '/oauth/access_token', :proxy => nil, # How do we send the oauth values to the server see # http://oauth.net/core/1.0/#consumer_req_param for more info # # Possible values: # # :header - via the Authorize header (Default) ( option 1. in spec) # :body - url form encoded in body of POST request ( option 2. in spec) # :query_string - via the query part of the url ( option 3. in spec) :scheme => :header, # Default http method used for OAuth Token Requests (defaults to :post) :http_method => :post, # Add a custom ca_file for consumer # :ca_file => '/etc/certs.pem' :oauth_version => "1.0" }
Instance Attribute Summary collapse
-
#http ⇒ Object
The HTTP object for the site.
-
#key ⇒ Object
Returns the value of attribute key.
-
#options ⇒ Object
Returns the value of attribute options.
-
#secret ⇒ Object
Returns the value of attribute secret.
- #site ⇒ Object
Instance Method Summary collapse
- #access_token_path ⇒ Object
- #access_token_url ⇒ Object
- #access_token_url? ⇒ Boolean
- #authorize_path ⇒ Object
- #authorize_url ⇒ Object
- #authorize_url? ⇒ Boolean
-
#create_signed_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates and signs an http request.
- #get_access_token(request_token, request_options = {}, *arguments, &block) ⇒ Object
-
#get_request_token(request_options = {}, *arguments, &block) ⇒ Object
Makes a request to the service for a new OAuth::RequestToken.
-
#http_method ⇒ Object
The default http method.
-
#initialize(consumer_key, consumer_secret, options = {}) ⇒ Consumer
constructor
Create a new consumer instance by passing it a configuration hash:.
- #proxy ⇒ Object
-
#request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates, signs and performs an http request.
- #request_endpoint ⇒ Object
- #request_token_path ⇒ Object
-
#request_token_url ⇒ Object
TODO this is ugly, rewrite.
- #request_token_url? ⇒ Boolean
- #scheme ⇒ Object
-
#sign!(request, token = nil, request_options = {}) ⇒ Object
Sign the Request object.
-
#signature_base_string(request, token = nil, request_options = {}) ⇒ Object
Return the signature_base_string.
-
#token_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates a request and parses the result as url_encoded.
-
#uri(custom_uri = nil) ⇒ Object
Contains the root URI for this site.
Constructor Details
#initialize(consumer_key, consumer_secret, options = {}) ⇒ Consumer
Create a new consumer instance by passing it a configuration hash:
@consumer = OAuth::Consumer.new(key, secret, {
:site => "http://term.ie",
:scheme => :header,
:http_method => :post,
:request_token_path => "/oauth/example/request_token.php",
:access_token_path => "/oauth/example/access_token.php",
:authorize_path => "/oauth/example/authorize.php"
})
Start the process by requesting a token
@request_token = @consumer.get_request_token
session[:request_token] = @request_token
redirect_to @request_token.
When user returns create an access_token
@access_token = @request_token.get_access_token
@photos=@access_token.get('/photos.xml')
74 75 76 77 78 79 80 81 82 83 |
# File 'lib/oauth/consumer.rb', line 74 def initialize(consumer_key, consumer_secret, = {}) @key = consumer_key @secret = consumer_secret # ensure that keys are symbols @options = @@default_options.merge(.inject({}) do |opts, (key, value)| opts[key.to_sym] = value opts end) end |
Instance Attribute Details
#http ⇒ Object
The HTTP object for the site. The HTTP Object is what you get when you do Net::HTTP.new
91 92 93 |
# File 'lib/oauth/consumer.rb', line 91 def http @http ||= create_http end |
#key ⇒ Object
Returns the value of attribute key.
49 50 51 |
# File 'lib/oauth/consumer.rb', line 49 def key @key end |
#options ⇒ Object
Returns the value of attribute options.
49 50 51 |
# File 'lib/oauth/consumer.rb', line 49 def @options end |
#secret ⇒ Object
Returns the value of attribute secret.
49 50 51 |
# File 'lib/oauth/consumer.rb', line 49 def secret @secret end |
#site ⇒ Object
233 234 235 |
# File 'lib/oauth/consumer.rb', line 233 def site @options[:site].to_s end |
Instance Method Details
#access_token_path ⇒ Object
254 255 256 |
# File 'lib/oauth/consumer.rb', line 254 def access_token_path @options[:access_token_path] end |
#access_token_url ⇒ Object
275 276 277 |
# File 'lib/oauth/consumer.rb', line 275 def access_token_url @options[:access_token_url] || site + access_token_path end |
#access_token_url? ⇒ Boolean
279 280 281 |
# File 'lib/oauth/consumer.rb', line 279 def access_token_url? @options.has_key?(:access_token_url) end |
#authorize_path ⇒ Object
250 251 252 |
# File 'lib/oauth/consumer.rb', line 250 def @options[:authorize_path] end |
#authorize_url ⇒ Object
267 268 269 |
# File 'lib/oauth/consumer.rb', line 267 def @options[:authorize_url] || site + end |
#authorize_url? ⇒ Boolean
271 272 273 |
# File 'lib/oauth/consumer.rb', line 271 def @options.has_key?(:authorize_url) end |
#create_signed_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates and signs an http request. It’s recommended to use the Token classes to set this up correctly
186 187 188 189 190 |
# File 'lib/oauth/consumer.rb', line 186 def create_signed_request(http_method, path, token = nil, = {}, *arguments) request = create_http_request(http_method, path, *arguments) sign!(request, token, ) request end |
#get_access_token(request_token, request_options = {}, *arguments, &block) ⇒ Object
105 106 107 108 |
# File 'lib/oauth/consumer.rb', line 105 def get_access_token(request_token, = {}, *arguments, &block) response = token_request(http_method, (access_token_url? ? access_token_url : access_token_path), request_token, , *arguments, &block) OAuth::AccessToken.from_hash(self, response) end |
#get_request_token(request_options = {}, *arguments, &block) ⇒ Object
Makes a request to the service for a new OAuth::RequestToken
@request_token = @consumer.get_request_token
To include OAuth parameters:
@request_token = @consumer.get_request_token \
:oauth_callback => "http://example.com/cb"
To include application-specific parameters:
@request_token = @consumer.get_request_token({}, :foo => "bar")
TODO oauth_callback should be a mandatory parameter
124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 |
# File 'lib/oauth/consumer.rb', line 124 def get_request_token( = {}, *arguments, &block) # if oauth_callback wasn't provided, it is assumed that oauth_verifiers # will be exchanged out of band [:oauth_callback] ||= OAuth::OUT_OF_BAND unless [:exclude_callback] if block_given? response = token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, , *arguments, &block) else response = token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, , *arguments) end OAuth::RequestToken.from_hash(self, response) end |
#http_method ⇒ Object
The default http method
86 87 88 |
# File 'lib/oauth/consumer.rb', line 86 def http_method @http_method ||= @options[:http_method] || :post end |
#proxy ⇒ Object
283 284 285 |
# File 'lib/oauth/consumer.rb', line 283 def proxy @options[:proxy] end |
#request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates, signs and performs an http request. It’s recommended to use the OAuth::Token classes to set this up correctly. request_options take precedence over consumer-wide options when signing
a request.
arguments are POST and PUT bodies (a Hash, string-encoded parameters, or
absent), followed by additional HTTP headers.
@consumer.request(:get, '/people', @token, { :scheme => :query_string })
@consumer.request(:post, '/people', @token, {}, @person.to_xml, { 'Content-Type' => 'application/xml' })
151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 |
# File 'lib/oauth/consumer.rb', line 151 def request(http_method, path, token = nil, = {}, *arguments) if path !~ /^\// @http = create_http(path) _uri = URI.parse(path) path = "#{_uri.path}#{_uri.query ? "?#{_uri.query}" : ""}" end # override the request with your own, this is useful for file uploads which Net::HTTP does not do req = create_signed_request(http_method, path, token, , *arguments) return nil if block_given? and yield(req) == :done rsp = http.request(req) # check for an error reported by the Problem Reporting extension # (http://wiki.oauth.net/ProblemReporting) # note: a 200 may actually be an error; check for an oauth_problem key to be sure if !(headers = rsp.to_hash["www-authenticate"]).nil? && (h = headers.select { |hdr| hdr =~ /^OAuth / }).any? && h.first =~ /oauth_problem/ # puts "Header: #{h.first}" # TODO doesn't handle broken responses from api.login.yahoo.com # remove debug code when done params = OAuth::Helper.parse_header(h.first) # puts "Params: #{params.inspect}" # puts "Body: #{rsp.body}" raise OAuth::Problem.new(params.delete("oauth_problem"), rsp, params) end rsp end |
#request_endpoint ⇒ Object
237 238 239 240 |
# File 'lib/oauth/consumer.rb', line 237 def request_endpoint return nil if @options[:request_endpoint].nil? @options[:request_endpoint].to_s end |
#request_token_path ⇒ Object
246 247 248 |
# File 'lib/oauth/consumer.rb', line 246 def request_token_path @options[:request_token_path] end |
#request_token_url ⇒ Object
TODO this is ugly, rewrite
259 260 261 |
# File 'lib/oauth/consumer.rb', line 259 def request_token_url @options[:request_token_url] || site + request_token_path end |
#request_token_url? ⇒ Boolean
263 264 265 |
# File 'lib/oauth/consumer.rb', line 263 def request_token_url? @options.has_key?(:request_token_url) end |
#scheme ⇒ Object
242 243 244 |
# File 'lib/oauth/consumer.rb', line 242 def scheme @options[:scheme] end |
#sign!(request, token = nil, request_options = {}) ⇒ Object
Sign the Request object. Use this if you have an externally generated http request object you want to sign.
224 225 226 |
# File 'lib/oauth/consumer.rb', line 224 def sign!(request, token = nil, = {}) request.oauth!(http, self, token, .merge()) end |
#signature_base_string(request, token = nil, request_options = {}) ⇒ Object
Return the signature_base_string
229 230 231 |
# File 'lib/oauth/consumer.rb', line 229 def signature_base_string(request, token = nil, = {}) request.signature_base_string(http, self, token, .merge()) end |
#token_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates a request and parses the result as url_encoded. This is used internally for the RequestToken and AccessToken requests.
193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 |
# File 'lib/oauth/consumer.rb', line 193 def token_request(http_method, path, token = nil, = {}, *arguments) [:token_request] ||= true response = request(http_method, path, token, , *arguments) case response.code.to_i when (200..299) if block_given? yield response.body else # symbolize keys # TODO this could be considered unexpected behavior; symbols or not? # TODO this also drops subsequent values from multi-valued keys CGI.parse(response.body).inject({}) do |h,(k,v)| h[k.strip.to_sym] = v.first h[k.strip] = v.first h end end when (300..399) # this is a redirect uri = URI.parse(response.header['location']) response.error! if uri.path == path # careful of those infinite redirects self.token_request(http_method, uri.path, token, , arguments) when (400..499) raise OAuth::Unauthorized, response else response.error! end end |
#uri(custom_uri = nil) ⇒ Object
Contains the root URI for this site
96 97 98 99 100 101 102 103 |
# File 'lib/oauth/consumer.rb', line 96 def uri(custom_uri = nil) if custom_uri @uri = custom_uri @http = create_http # yike, oh well. less intrusive this way else # if no custom passed, we use existing, which, if unset, is set to site uri @uri ||= URI.parse(site) end end |