Class: OAuth::Consumer
- Inherits:
-
Object
- Object
- OAuth::Consumer
- Defined in:
- lib/oauth/consumer.rb
Constant Summary collapse
- CA_FILES =
determine the certificate authority path to verify SSL certs
%w(/etc/ssl/certs/ca-certificates.crt /usr/share/curl/curl-ca-bundle.crt)
- CA_FILE =
nil
- @@default_options =
{ # Signature method used by server. Defaults to HMAC-SHA1 :signature_method => 'HMAC-SHA1', # default paths on site. These are the same as the defaults set up by the generators :request_token_path => '/oauth/request_token', :authorize_path => '/oauth/authorize', :access_token_path => '/oauth/access_token', :proxy => nil, # How do we send the oauth values to the server see # http://oauth.net/core/1.0/#consumer_req_param for more info # # Possible values: # # :header - via the Authorize header (Default) ( option 1. in spec) # :body - url form encoded in body of POST request ( option 2. in spec) # :query_string - via the query part of the url ( option 3. in spec) :scheme => :header, # Default http method used for OAuth Token Requests (defaults to :post) :http_method => :post, # Add a custom ca_file for consumer # :ca_file => '/etc/certs.pem' :oauth_version => "1.0" }
Instance Attribute Summary collapse
-
#http ⇒ Object
The HTTP object for the site.
-
#key ⇒ Object
Returns the value of attribute key.
-
#options ⇒ Object
Returns the value of attribute options.
-
#secret ⇒ Object
Returns the value of attribute secret.
- #site ⇒ Object
Instance Method Summary collapse
- #access_token_path ⇒ Object
- #access_token_url ⇒ Object
- #access_token_url? ⇒ Boolean
- #authorize_path ⇒ Object
- #authorize_url ⇒ Object
- #authorize_url? ⇒ Boolean
-
#create_signed_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates and signs an http request.
- #get_access_token(request_token, request_options = {}, *arguments, &block) ⇒ Object
-
#get_request_token(request_options = {}, *arguments, &block) ⇒ Object
Makes a request to the service for a new OAuth::RequestToken.
-
#http_method ⇒ Object
The default http method.
-
#initialize(consumer_key, consumer_secret, options = {}) ⇒ Consumer
constructor
Create a new consumer instance by passing it a configuration hash:.
- #proxy ⇒ Object
-
#request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates, signs and performs an http request.
- #request_token_path ⇒ Object
-
#request_token_url ⇒ Object
TODO this is ugly, rewrite.
- #request_token_url? ⇒ Boolean
- #scheme ⇒ Object
-
#sign!(request, token = nil, request_options = {}) ⇒ Object
Sign the Request object.
-
#signature_base_string(request, token = nil, request_options = {}) ⇒ Object
Return the signature_base_string.
-
#token_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates a request and parses the result as url_encoded.
-
#uri(custom_uri = nil) ⇒ Object
Contains the root URI for this site.
Constructor Details
#initialize(consumer_key, consumer_secret, options = {}) ⇒ Consumer
Create a new consumer instance by passing it a configuration hash:
@consumer = OAuth::Consumer.new(key, secret, {
:site => "http://term.ie",
:scheme => :header,
:http_method => :post,
:request_token_path => "/oauth/example/request_token.php",
:access_token_path => "/oauth/example/access_token.php",
:authorize_path => "/oauth/example/authorize.php"
})
Start the process by requesting a token
@request_token = @consumer.get_request_token
session[:request_token] = @request_token
redirect_to @request_token.
When user returns create an access_token
@access_token = @request_token.get_access_token
@photos=@access_token.get('/photos.xml')
73 74 75 76 77 78 79 80 81 82 |
# File 'lib/oauth/consumer.rb', line 73 def initialize(consumer_key, consumer_secret, = {}) @key = consumer_key @secret = consumer_secret # ensure that keys are symbols @options = @@default_options.merge(.inject({}) { |, (key, value)| [key.to_sym] = value }) end |
Instance Attribute Details
#http ⇒ Object
The HTTP object for the site. The HTTP Object is what you get when you do Net::HTTP.new
90 91 92 |
# File 'lib/oauth/consumer.rb', line 90 def http @http ||= create_http end |
#key ⇒ Object
Returns the value of attribute key.
48 49 50 |
# File 'lib/oauth/consumer.rb', line 48 def key @key end |
#options ⇒ Object
Returns the value of attribute options.
48 49 50 |
# File 'lib/oauth/consumer.rb', line 48 def @options end |
#secret ⇒ Object
Returns the value of attribute secret.
48 49 50 |
# File 'lib/oauth/consumer.rb', line 48 def secret @secret end |
#site ⇒ Object
231 232 233 |
# File 'lib/oauth/consumer.rb', line 231 def site @options[:site].to_s end |
Instance Method Details
#access_token_path ⇒ Object
247 248 249 |
# File 'lib/oauth/consumer.rb', line 247 def access_token_path @options[:access_token_path] end |
#access_token_url ⇒ Object
268 269 270 |
# File 'lib/oauth/consumer.rb', line 268 def access_token_url @options[:access_token_url] || site + access_token_path end |
#access_token_url? ⇒ Boolean
272 273 274 |
# File 'lib/oauth/consumer.rb', line 272 def access_token_url? @options.has_key?(:access_token_url) end |
#authorize_path ⇒ Object
243 244 245 |
# File 'lib/oauth/consumer.rb', line 243 def @options[:authorize_path] end |
#authorize_url ⇒ Object
260 261 262 |
# File 'lib/oauth/consumer.rb', line 260 def @options[:authorize_url] || site + end |
#authorize_url? ⇒ Boolean
264 265 266 |
# File 'lib/oauth/consumer.rb', line 264 def @options.has_key?(:authorize_url) end |
#create_signed_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates and signs an http request. It’s recommended to use the Token classes to set this up correctly
186 187 188 189 190 |
# File 'lib/oauth/consumer.rb', line 186 def create_signed_request(http_method, path, token = nil, = {}, *arguments) request = create_http_request(http_method, path, *arguments) sign!(request, token, ) request end |
#get_access_token(request_token, request_options = {}, *arguments, &block) ⇒ Object
104 105 106 107 |
# File 'lib/oauth/consumer.rb', line 104 def get_access_token(request_token, = {}, *arguments, &block) response = token_request(http_method, (access_token_url? ? access_token_url : access_token_path), request_token, , *arguments, &block) OAuth::AccessToken.from_hash(self, response) end |
#get_request_token(request_options = {}, *arguments, &block) ⇒ Object
Makes a request to the service for a new OAuth::RequestToken
@request_token = @consumer.get_request_token
To include OAuth parameters:
@request_token = @consumer.get_request_token \
:oauth_callback => "http://example.com/cb"
To include application-specific parameters:
@request_token = @consumer.get_request_token({}, :foo => "bar")
TODO oauth_callback should be a mandatory parameter
123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 |
# File 'lib/oauth/consumer.rb', line 123 def get_request_token( = {}, *arguments, &block) # if oauth_callback wasn't provided, it is assumed that oauth_verifiers # will be exchanged out of band [:oauth_callback] ||= OAuth::OUT_OF_BAND unless [:exclude_callback] if block_given? response = token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, , *arguments, &block) else response = token_request(http_method, (request_token_url? ? request_token_url : request_token_path), nil, , *arguments) end OAuth::RequestToken.from_hash(self, response) end |
#http_method ⇒ Object
The default http method
85 86 87 |
# File 'lib/oauth/consumer.rb', line 85 def http_method @http_method ||= @options[:http_method] || :post end |
#proxy ⇒ Object
276 277 278 |
# File 'lib/oauth/consumer.rb', line 276 def proxy @options[:proxy] end |
#request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates, signs and performs an http request. It’s recommended to use the OAuth::Token classes to set this up correctly. request_options take precedence over consumer-wide options when signing
a request.
arguments are POST and PUT bodies (a Hash, string-encoded parameters, or
absent), followed by additional HTTP headers.
@consumer.request(:get, '/people', @token, { :scheme => :query_string })
@consumer.request(:post, '/people', @token, {}, @person.to_xml, { 'Content-Type' => 'application/xml' })
150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 |
# File 'lib/oauth/consumer.rb', line 150 def request(http_method, path, token = nil, = {}, *arguments) if path !~ /^\// @http = create_http(path) _uri = URI.parse(path) path = "#{_uri.path}#{_uri.query ? "?#{_uri.query}" : ""}" end # override the request with your own, this is useful for file uploads which Net::HTTP does not do req = create_signed_request(http_method, path, token, , *arguments) return nil if block_given? and yield(req) == :done rsp = http.request(req) # check for an error reported by the Problem Reporting extension # (http://wiki.oauth.net/ProblemReporting) # note: a 200 may actually be an error; check for an oauth_problem key to be sure if !(headers = rsp.to_hash["www-authenticate"]).nil? && (h = headers.select { |h| h =~ /^OAuth / }).any? && h.first =~ /oauth_problem/ # puts "Header: #{h.first}" # TODO doesn't handle broken responses from api.login.yahoo.com # remove debug code when done params = OAuth::Helper.parse_header(h.first) # puts "Params: #{params.inspect}" # puts "Body: #{rsp.body}" raise OAuth::Problem.new(params.delete("oauth_problem"), rsp, params) end rsp end |
#request_token_path ⇒ Object
239 240 241 |
# File 'lib/oauth/consumer.rb', line 239 def request_token_path @options[:request_token_path] end |
#request_token_url ⇒ Object
TODO this is ugly, rewrite
252 253 254 |
# File 'lib/oauth/consumer.rb', line 252 def request_token_url @options[:request_token_url] || site + request_token_path end |
#request_token_url? ⇒ Boolean
256 257 258 |
# File 'lib/oauth/consumer.rb', line 256 def request_token_url? @options.has_key?(:request_token_url) end |
#scheme ⇒ Object
235 236 237 |
# File 'lib/oauth/consumer.rb', line 235 def scheme @options[:scheme] end |
#sign!(request, token = nil, request_options = {}) ⇒ Object
Sign the Request object. Use this if you have an externally generated http request object you want to sign.
222 223 224 |
# File 'lib/oauth/consumer.rb', line 222 def sign!(request, token = nil, = {}) request.oauth!(http, self, token, .merge()) end |
#signature_base_string(request, token = nil, request_options = {}) ⇒ Object
Return the signature_base_string
227 228 229 |
# File 'lib/oauth/consumer.rb', line 227 def signature_base_string(request, token = nil, = {}) request.signature_base_string(http, self, token, .merge()) end |
#token_request(http_method, path, token = nil, request_options = {}, *arguments) ⇒ Object
Creates a request and parses the result as url_encoded. This is used internally for the RequestToken and AccessToken requests.
193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 |
# File 'lib/oauth/consumer.rb', line 193 def token_request(http_method, path, token = nil, = {}, *arguments) response = request(http_method, path, token, , *arguments) case response.code.to_i when (200..299) if block_given? yield response.body else # symbolize keys # TODO this could be considered unexpected behavior; symbols or not? # TODO this also drops subsequent values from multi-valued keys CGI.parse(response.body).inject({}) do |h,(k,v)| h[k.strip.to_sym] = v.first h[k.strip] = v.first h end end when (300..399) # this is a redirect response.error! when (400..499) raise OAuth::Unauthorized, response else response.error! end end |
#uri(custom_uri = nil) ⇒ Object
Contains the root URI for this site
95 96 97 98 99 100 101 102 |
# File 'lib/oauth/consumer.rb', line 95 def uri(custom_uri = nil) if custom_uri @uri = custom_uri @http = create_http # yike, oh well. less intrusive this way else # if no custom passed, we use existing, which, if unset, is set to site uri @uri ||= URI.parse(site) end end |