Class: OAuth::Consumer

Inherits:
Object
  • Object
show all
Defined in:
lib/oauth/consumer.rb

Constant Summary collapse

CA_FILES =

determine the certificate authority path to verify SSL certs

%w(/etc/ssl/certs/ca-certificates.crt /usr/share/curl/curl-ca-bundle.crt)
CA_FILE =
nil
@@default_options =
{
  # Signature method used by server. Defaults to HMAC-SHA1
  :signature_method   => 'HMAC-SHA1',
   # default paths on site. These are the same as the defaults set up by the generators
  :request_token_path => '/oauth/request_token',
  :authorize_path     => '/oauth/authorize',
  :access_token_path  => '/oauth/access_token',
   # How do we send the oauth values to the server see
  # http://oauth.net/core/1.0/#consumer_req_param for more info
  #
  # Possible values:
  #
  #   :header - via the Authorize header (Default) ( option 1. in spec)
  #   :body - url form encoded in body of POST request ( option 2. in spec)
  #   :query_string - via the query part of the url ( option 3. in spec)
  :scheme        => :header,
   # Default http method used for OAuth Token Requests (defaults to :post)
  :http_method   => :post,
   :oauth_version => "1.0"
}

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(consumer_key, consumer_secret, options = {}) ⇒ Consumer

Create a new consumer instance by passing it a configuration hash:

@consumer = OAuth::Consumer.new(key, secret, {
  :site               => "http://term.ie",
  :scheme             => :header,
  :http_method        => :post,
  :request_token_path => "/oauth/example/request_token.php",
  :access_token_path  => "/oauth/example/access_token.php",
  :authorize_path     => "/oauth/example/authorize.php"
 })

Start the process by requesting a token

@request_token = @consumer.get_request_token
session[:request_token] = @request_token
redirect_to @request_token.authorize_url

When user returns create an access_token

@access_token = @request_token.get_access_token
@photos=@access_token.get('/photos.xml')


69
70
71
72
73
74
75
76
77
78
# File 'lib/oauth/consumer.rb', line 69

def initialize(consumer_key, consumer_secret, options = {})
  @key    = consumer_key
  @secret = consumer_secret

  # ensure that keys are symbols
  @options = @@default_options.merge(options.inject({}) { |options, (key, value)|
    options[key.to_sym] = value
    options
  })
end

Instance Attribute Details

#httpObject

The HTTP object for the site. The HTTP Object is what you get when you do Net::HTTP.new



86
87
88
# File 'lib/oauth/consumer.rb', line 86

def http
  @http ||= create_http
end

#keyObject

Returns the value of attribute key.



44
45
46
# File 'lib/oauth/consumer.rb', line 44

def key
  @key
end

#optionsObject

Returns the value of attribute options.



44
45
46
# File 'lib/oauth/consumer.rb', line 44

def options
  @options
end

#secretObject

Returns the value of attribute secret.



44
45
46
# File 'lib/oauth/consumer.rb', line 44

def secret
  @secret
end

#siteObject



183
184
185
# File 'lib/oauth/consumer.rb', line 183

def site
  @options[:site].to_s
end

Instance Method Details

#access_token_pathObject



199
200
201
# File 'lib/oauth/consumer.rb', line 199

def access_token_path
  @options[:access_token_path]
end

#access_token_urlObject



220
221
222
# File 'lib/oauth/consumer.rb', line 220

def access_token_url
  @options[:access_token_url] || site + access_token_path
end

#access_token_url?Boolean

Returns:

  • (Boolean)


224
225
226
# File 'lib/oauth/consumer.rb', line 224

def access_token_url?
  @options.has_key?(:access_token_url)
end

#authorize_pathObject



195
196
197
# File 'lib/oauth/consumer.rb', line 195

def authorize_path
  @options[:authorize_path]
end

#authorize_urlObject



212
213
214
# File 'lib/oauth/consumer.rb', line 212

def authorize_url
  @options[:authorize_url] || site + authorize_path
end

#authorize_url?Boolean

Returns:

  • (Boolean)


216
217
218
# File 'lib/oauth/consumer.rb', line 216

def authorize_url?
  @options.has_key?(:authorize_url)
end

#create_signed_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object

Creates and signs an http request. It’s recommended to use the Token classes to set this up correctly



149
150
151
152
153
# File 'lib/oauth/consumer.rb', line 149

def create_signed_request(http_method, path, token = nil, request_options = {}, *arguments)
  request = create_http_request(http_method, path, *arguments)
  sign!(request, token, request_options)
  request
end

#get_request_token(request_options = {}, *arguments) ⇒ Object

Makes a request to the service for a new OAuth::RequestToken

@request_token = @consumer.get_request_token


104
105
106
107
# File 'lib/oauth/consumer.rb', line 104

def get_request_token(request_options = {}, *arguments)
  response = token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, request_options, *arguments)
  OAuth::RequestToken.new(self, response[:oauth_token], response[:oauth_token_secret])
end

#http_methodObject

The default http method



81
82
83
# File 'lib/oauth/consumer.rb', line 81

def http_method
  @http_method ||= @options[:http_method] || :post
end

#request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object

Creates, signs and performs an http request. It’s recommended to use the OAuth::Token classes to set this up correctly. The arguments parameters are a hash or string encoded set of parameters if it’s a post request as well as optional http headers.

@consumer.request(:get,  '/people', @token, { :scheme => :query_string })
@consumer.request(:post, '/people', @token, {}, @person.to_xml, { 'Content-Type' => 'application/xml' })


116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
# File 'lib/oauth/consumer.rb', line 116

def request(http_method, path, token = nil, request_options = {}, *arguments)
  if path !~ /^\//
    @http = create_http(path)
    _uri = URI.parse(path)
    path = "#{_uri.path}#{_uri.query ? "?#{_uri.query}" : ""}"
  end

  rsp = http.request(create_signed_request(http_method, path, token, request_options, *arguments))

  # check for an error reported by the Problem Reporting extension
  # (http://wiki.oauth.net/ProblemReporting)
  # note: a 200 may actually be an error; check for an oauth_problem key to be sure
  if !(headers = rsp.to_hash["www-authenticate"]).nil? &&
    (h = headers.select { |h| h =~ /^OAuth / }).any? &&
    h.first =~ /oauth_problem/

    # puts "Header: #{h.first}"

    # TODO doesn't handle broken responses from api.login.yahoo.com
    # remove debug code when done
    params = OAuth::Helper.parse_header(h.first)

    # puts "Params: #{params.inspect}"
    # puts "Body: #{rsp.body}"

    raise OAuth::Problem.new(params.delete("oauth_problem"), rsp, params)
  end

  rsp
end

#request_token_pathObject



191
192
193
# File 'lib/oauth/consumer.rb', line 191

def request_token_path
  @options[:request_token_path]
end

#request_token_urlObject

TODO this is ugly, rewrite



204
205
206
# File 'lib/oauth/consumer.rb', line 204

def request_token_url
  @options[:request_token_url] || site + request_token_path
end

#request_token_url?Boolean

Returns:

  • (Boolean)


208
209
210
# File 'lib/oauth/consumer.rb', line 208

def request_token_url?
  @options.has_key?(:request_token_url)
end

#schemeObject



187
188
189
# File 'lib/oauth/consumer.rb', line 187

def scheme
  @options[:scheme]
end

#sign!(request, token = nil, request_options = {}) ⇒ Object

Sign the Request object. Use this if you have an externally generated http request object you want to sign.



174
175
176
# File 'lib/oauth/consumer.rb', line 174

def sign!(request, token = nil, request_options = {})
  request.oauth!(http, self, token, options.merge(request_options))
end

#signature_base_string(request, token = nil, request_options = {}) ⇒ Object

Return the signature_base_string



179
180
181
# File 'lib/oauth/consumer.rb', line 179

def signature_base_string(request, token = nil, request_options = {})
  request.signature_base_string(http, self, token, options.merge(request_options))
end

#token_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object

Creates a request and parses the result as url_encoded. This is used internally for the RequestToken and AccessToken requests.



156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
# File 'lib/oauth/consumer.rb', line 156

def token_request(http_method, path, token = nil, request_options = {}, *arguments)
  response = request(http_method, path, token, request_options, *arguments)

  case response.code.to_i

  when (200..299)
    CGI.parse(response.body).inject({}) { |h,(k,v)| h[k.to_sym] = v.first; h }
  when (300..399)
    # this is a redirect
    response.error!
  when (400..499)
    raise OAuth::Unauthorized, response
  else
    response.error!
  end
end

#uri(custom_uri = nil) ⇒ Object

Contains the root URI for this site



91
92
93
94
95
96
97
98
# File 'lib/oauth/consumer.rb', line 91

def uri(custom_uri = nil)
  if custom_uri
    @uri  = custom_uri
    @http = create_http # yike, oh well. less intrusive this way
  else  # if no custom passed, we use existing, which, if unset, is set to site uri
    @uri ||= URI.parse(site)
  end
end