File: net_http.rb

package info (click to toggle)
ruby-oauth 0.5.4-1.1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye, forky, sid, trixie
  • size: 584 kB
  • sloc: ruby: 4,070; makefile: 4
file content (121 lines) | stat: -rw-r--r-- 5,130 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
 
require 'oauth/helper'
require 'oauth/request_proxy/net_http'

class Net::HTTPGenericRequest
  include OAuth::Helper

  attr_reader :oauth_helper

  # Add the OAuth information to an HTTP request. Depending on the <tt>options[:scheme]</tt> setting
  # this may add a header, additional query string parameters, or additional POST body parameters.
  # The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
  # header.
  #
  # * http - Configured Net::HTTP instance
  # * consumer - OAuth::Consumer instance
  # * token - OAuth::Token instance
  # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
  #   +signature_method+, +nonce+, +timestamp+)
  #
  # This method also modifies the <tt>User-Agent</tt> header to add the OAuth gem version.
  #
  # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1],
  #           {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
  #                                                 http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
  def oauth!(http, consumer = nil, token = nil, options = {})
    helper_options = oauth_helper_options(http, consumer, token, options)
    @oauth_helper = OAuth::Client::Helper.new(self, helper_options)
    @oauth_helper.amend_user_agent_header(self)
    @oauth_helper.hash_body if oauth_body_hash_required?
    self.send("set_oauth_#{helper_options[:scheme]}")
  end

  # Create a string suitable for signing for an HTTP request. This process involves parameter
  # normalization as specified in the OAuth specification. The exact normalization also depends
  # on the <tt>options[:scheme]</tt> being used so this must match what will be used for the request
  # itself. The default scheme is +header+, in which the OAuth parameters as put into the +Authorization+
  # header.
  #
  # * http - Configured Net::HTTP instance
  # * consumer - OAuth::Consumer instance
  # * token - OAuth::Token instance
  # * options - Request-specific options (e.g. +request_uri+, +consumer+, +token+, +scheme+,
  #   +signature_method+, +nonce+, +timestamp+)
  #
  # See Also: {OAuth core spec version 1.0, section 5.4.1}[http://oauth.net/core/1.0#rfc.section.5.4.1],
  #           {OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
  #                                                 http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
  def signature_base_string(http, consumer = nil, token = nil, options = {})
    helper_options = oauth_helper_options(http, consumer, token, options)
    @oauth_helper = OAuth::Client::Helper.new(self, helper_options)
    @oauth_helper.hash_body if oauth_body_hash_required?
    @oauth_helper.signature_base_string
  end

private

  def oauth_helper_options(http, consumer, token, options)
    { :request_uri      => oauth_full_request_uri(http,options),
      :consumer         => consumer,
      :token            => token,
      :scheme           => 'header',
      :signature_method => nil,
      :nonce            => nil,
      :timestamp        => nil }.merge(options)
  end

  def oauth_full_request_uri(http,options)
    uri = URI.parse(self.path)
    uri.host = http.address
    uri.port = http.port

    if options[:request_endpoint] && options[:site]
      is_https = options[:site].match(%r(^https://))
      uri.host = options[:site].gsub(%r(^https?://), '')
      uri.port ||= is_https ? 443 : 80
    end

    if http.respond_to?(:use_ssl?) && http.use_ssl?
      uri.scheme = "https"
    else
      uri.scheme = "http"
    end

    uri.to_s
  end

  def oauth_body_hash_required?
    !@oauth_helper.token_request? && request_body_permitted? && !content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded")
  end

  def set_oauth_header
    self['Authorization'] = @oauth_helper.header
  end

  # FIXME: if you're using a POST body and query string parameters, this method
  # will move query string parameters into the body unexpectedly. This may
  # cause problems with non-x-www-form-urlencoded bodies submitted to URLs
  # containing query string params. If duplicate parameters are present in both
  # places, all instances should be included when calculating the signature
  # base string.

  def set_oauth_body
    self.set_form_data(@oauth_helper.stringify_keys(@oauth_helper.parameters_with_oauth))
    params_with_sig = @oauth_helper.parameters.merge(:oauth_signature => @oauth_helper.signature)
    self.set_form_data(@oauth_helper.stringify_keys(params_with_sig))
  end

  def set_oauth_query_string
    oauth_params_str = @oauth_helper.oauth_parameters.map { |k,v| [escape(k), escape(v)] * "=" }.join("&")
    uri = URI.parse(path)
    if uri.query.to_s == ""
      uri.query = oauth_params_str
    else
      uri.query = uri.query + "&" + oauth_params_str
    end

    @path = uri.to_s

    @path << "&oauth_signature=#{escape(oauth_helper.signature)}"
  end
end