Class: HTTPClient::OAuth

Inherits:

Object

• Object
• HTTPClient::OAuth

Includes:

Util, Mutex_m

Defined in:

lib/httpclient/auth.rb

Overview

Authentication filter for handling OAuth negotiation. Used in WWWAuth.

CAUTION: This impl only support ‘#7 Accessing Protected Resources’ in OAuth Core 1.0 spec for now. You need to obtain Access token and Access secret by yourself.

CAUTION: This impl does NOT support OAuth Request Body Hash spec for now. oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html

Defined Under Namespace

Classes: Config

Instance Attribute Summary

• #scheme ⇒ Object readonly

  Authentication scheme.

Class Method Summary

• .escape(str) ⇒ Object

  :nodoc:.

Instance Method Summary

• #challenge(uri, param_str = nil) ⇒ Object

  Challenge handler: remember URL for response.

• #escape(str) ⇒ Object
• #get(req) ⇒ Object

  Response handler: returns credential.

• #get_config(uri = nil) ⇒ Object

  Get authentication credential.

• #initialize ⇒ OAuth constructor

  Creates new DigestAuth filter.

• #reset_challenge ⇒ Object

  Resets challenge state.

• #set(*args) ⇒ Object

  Set authentication credential.

• #set? ⇒ Boolean

  have we marked this as set - ie that it’s valid to use in this context?.

• #set_config(uri, config) ⇒ Object

  Set authentication credential.

Methods included from Util

#argument_to_hash, hash_find_value, #http?, #https?, #keyword_argument, uri_dirname, uri_part_of, urify

Constructor Details

#initialize ⇒ OAuth

Creates new DigestAuth filter.

# File 'lib/httpclient/auth.rb', line 802

def initialize
  super
  @config = nil # common config
  @auth = {} # configs for each site
  @challenge = {}
  @nonce_count = 0
  @signature_handler = {
    'HMAC-SHA1' => method(:sign_hmac_sha1)
  }
  @scheme = "OAuth"
end

Instance Attribute Details

#scheme ⇒ Object (readonly)

Authentication scheme.

# File 'lib/httpclient/auth.rb', line 732

def scheme
  @scheme
end

Class Method Details

.escape(str) ⇒ Object

:nodoc:

# File 'lib/httpclient/auth.rb', line 785

def self.escape(str) # :nodoc:
  if str.respond_to?(:force_encoding)
    str.dup.force_encoding('BINARY').gsub(/([^a-zA-Z0-9_.~-]+)/) {
      '%' + $1.unpack('H2' * $1.bytesize).join('%').upcase
    }
  else
    str.gsub(/([^a-zA-Z0-9_.~-]+)/n) {
      '%' + $1.unpack('H2' * $1.bytesize).join('%').upcase
    }
  end
end

Instance Method Details

#challenge(uri, param_str = nil) ⇒ Object

Challenge handler: remember URL for response.

challenge() in OAuth handler always returns false to avoid connection retry which should not work in OAuth authentication context. This method just remember URL (nil means ‘any’) for the next connection. Normally OAuthClient handles this correctly but see how it uses when you need to use this class directly.

# File 'lib/httpclient/auth.rb', line 875

def challenge(uri, param_str = nil)
  synchronize {
    if uri.nil?
      @challenge[nil] = true
    else
      @challenge[urify(uri)] = true
    end
    false
  }
end

#escape(str) ⇒ Object

# File 'lib/httpclient/auth.rb', line 797

def escape(str)
  self.class.escape(str)
end

#get(req) ⇒ Object

Response handler: returns credential. It sends cred only when a given uri is;

• child page of challengeable(got *Authenticate before) uri and,

• child page of defined credential

# File 'lib/httpclient/auth.rb', line 856

def get(req)
  target_uri = req.header.request_uri
  synchronize {
    return nil unless @challenge[nil] or @challenge.find { |uri, ok|
      Util.uri_part_of(target_uri, uri) and ok
    }
    config = do_get_config(target_uri) || @config
    return nil unless config
    calc_cred(req, config)
  }
end

#get_config(uri = nil) ⇒ Object

Get authentication credential.

# File 'lib/httpclient/auth.rb', line 846

def get_config(uri = nil)
  synchronize {
    do_get_config(uri)
  }
end

#reset_challenge ⇒ Object

Resets challenge state. Do not send ‘*Authorization’ header until the server sends ‘*Authentication’ again.

# File 'lib/httpclient/auth.rb', line 816

def reset_challenge
  synchronize do
    @challenge.clear
  end
end

#set(*args) ⇒ Object

Set authentication credential. You cannot set OAuth config via WWWAuth#set_auth. Use OAuth#config=

# File 'lib/httpclient/auth.rb', line 824

def set(*args)
  # not supported
end

#set? ⇒ Boolean

have we marked this as set - ie that it’s valid to use in this context?

Returns:

• (Boolean)

# File 'lib/httpclient/auth.rb', line 829

def set?
  true
end

#set_config(uri, config) ⇒ Object

Set authentication credential.

# File 'lib/httpclient/auth.rb', line 834

def set_config(uri, config)
  synchronize do
    if uri.nil?
      @config = config
    else
      uri = Util.uri_dirname(urify(uri))
      @auth[uri] = config
    end
  end
end