Module: OAuthenticator

Extended by:

RackTestSigner

Defined in:

lib/oauthenticator/version.rb,
lib/oauthenticator/config_methods.rb,
lib/oauthenticator/faraday_signer.rb,
lib/oauthenticator/signed_request.rb,
lib/oauthenticator/rack_test_signer.rb,
lib/oauthenticator/signable_request.rb,
lib/oauthenticator/rack_authenticator.rb,
lib/oauthenticator/parse_authorization.rb

Overview

OAuthenticator

Defined Under Namespace

Modules: ConfigMethods, RackTestSigner Classes: DuplicatedParameters, Error, FaradaySigner, NonceUsedError, ParseError, RackAuthenticator, SignableRequest, SignedRequest

Constant Summary

VERSION =

OAuthenticator::VERSION

"1.3.1"

Class Method Summary

• .escape(value) ⇒ String

  escape a value.

• .parse_authorization(header) ⇒ Hash<String, String>

  Parsed authorization parameters.

• .unescape(value) ⇒ String

  unescape a value.

Methods included from RackTestSigner

signing_rack_test

Class Method Details

.escape(value) ⇒ String

escape a value

Parameters:

• value (String) —

  value

Returns:

• (String) —

  escaped value

# File 'lib/oauthenticator/parse_authorization.rb', line 63

def escape(value)
  uri_parser.escape(value.to_s, /[^a-z0-9\-\.\_\~]/i)
end

.parse_authorization(header) ⇒ Hash<String, String>

Returns parsed authorization parameters.

Parameters:

• header (String) —

  an Authorization header

Returns:

• (Hash<String, String>) —

  parsed authorization parameters

Raises:

• (OAuthenticator::ParseError) —

  if the header is not well-formed and cannot be parsed

• (OAuthenticator::DuplicatedParameters) —

  if the header contains multiple instances of the same param

# File 'lib/oauthenticator/parse_authorization.rb', line 32

def parse_authorization(header)
  header = header.to_s
  scanner = StringScanner.new(header)
  auth_parse_error = proc { |message| raise ParseError.new(message, {'Authorization' => [message]}) }
  scanner.scan(/OAuth\s*/i) || auth_parse_error.call("Authorization scheme is not OAuth - recieved: #{header}")
  attributes = Hash.new { |h,k| h[k] = [] }
  while match = scanner.scan(/(\w+)="([^"]*)"\s*(,?)\s*/)
    key = scanner[1]
    value = scanner[2]
    comma_follows = !scanner[3].empty?
    if !comma_follows && !scanner.eos?
      auth_parse_error.call("Could not parse Authorization header: #{header}\naround or after character #{scanner.pos}: #{scanner.rest}")
    end
    attributes[unescape(key)] << unescape(value)
  end
  unless scanner.eos?
    auth_parse_error.call("Could not parse Authorization header: #{header}\naround or after character #{scanner.pos}: #{scanner.rest}")
  end
  duplicates = attributes.reject { |k,v| v.size <= 1 }
  if duplicates.any?
    errors = duplicates.map do |k,vs|
      {k => ["Received multiple instances of Authorization parameter #{k}. Received values were: #{vs.inspect}"]}
    end.inject({}, &:update)
    raise DuplicatedParameters.new("Received duplicate parameters: #{duplicates.keys.inspect}", errors)
  end
  return attributes.map { |k,v| {k => v.first} }.inject({}, &:update)
end

.unescape(value) ⇒ String

unescape a value

Parameters:

• value (String) —

  escaped value

Returns:

• (String) —

  unescaped value

# File 'lib/oauthenticator/parse_authorization.rb', line 70

def unescape(value)
  uri_parser.unescape(value.to_s)
end