Binary files /tmp/3lbQq9QRRV/ruby-oauth2-0.9.3/checksums.yaml.gz and /tmp/H8mEMXB6FH/ruby-oauth2-1.0.0/checksums.yaml.gz differ Binary files /tmp/3lbQq9QRRV/ruby-oauth2-0.9.3/checksums.yaml.gz.sig and /tmp/H8mEMXB6FH/ruby-oauth2-1.0.0/checksums.yaml.gz.sig differ Binary files /tmp/3lbQq9QRRV/ruby-oauth2-0.9.3/data.tar.gz.sig and /tmp/H8mEMXB6FH/ruby-oauth2-1.0.0/data.tar.gz.sig differ diff -Nru ruby-oauth2-0.9.3/debian/changelog ruby-oauth2-1.0.0/debian/changelog --- ruby-oauth2-0.9.3/debian/changelog 2014-05-06 20:48:43.000000000 +0000 +++ ruby-oauth2-1.0.0/debian/changelog 2015-05-13 10:18:36.000000000 +0000 @@ -1,3 +1,19 @@ +ruby-oauth2 (1.0.0-2) unstable; urgency=medium + + * Team upload. + * Re-upload to unstable. + + -- Pirate Praveen Wed, 13 May 2015 15:48:34 +0530 + +ruby-oauth2 (1.0.0-1) experimental; urgency=medium + + * Team upload. + * New upstream release. + * Bump standards version to 3.9.6 (no changes). + * Refresh patch. + + -- Pirate Praveen Mon, 24 Nov 2014 00:44:21 +0530 + ruby-oauth2 (0.9.3-1) unstable; urgency=medium * Team upload. diff -Nru ruby-oauth2-0.9.3/debian/control ruby-oauth2-1.0.0/debian/control --- ruby-oauth2-0.9.3/debian/control 2014-05-06 20:22:23.000000000 +0000 +++ ruby-oauth2-1.0.0/debian/control 2014-11-23 18:52:12.000000000 +0000 @@ -13,7 +13,7 @@ ruby-multi-xml, ruby-rack, ruby-rspec -Standards-Version: 3.9.5 +Standards-Version: 3.9.6 Vcs-Git: git://anonscm.debian.org/pkg-ruby-extras/ruby-oauth2.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-ruby-extras/ruby-oauth2.git;a=summary Homepage: http://github.com/intridea/oauth2 diff -Nru ruby-oauth2-0.9.3/debian/patches/remove-simplecov.patch ruby-oauth2-1.0.0/debian/patches/remove-simplecov.patch --- ruby-oauth2-0.9.3/debian/patches/remove-simplecov.patch 2014-05-06 20:26:40.000000000 +0000 +++ ruby-oauth2-1.0.0/debian/patches/remove-simplecov.patch 2014-11-23 18:57:19.000000000 +0000 @@ -4,22 +4,33 @@ Author: Praveen Arimbrathodiyil Last-Update: 2014-05-06 ---- a/spec/helper.rb -+++ b/spec/helper.rb -@@ -1,16 +1,3 @@ +Index: ruby-oauth2/spec/helper.rb +=================================================================== +--- ruby-oauth2.orig/spec/helper.rb ++++ ruby-oauth2/spec/helper.rb +@@ -1,15 +1,15 @@ -require 'simplecov' -require 'coveralls' -- ++#require 'simplecov' ++#require 'coveralls' + -SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[ - SimpleCov::Formatter::HTMLFormatter, - Coveralls::SimpleCov::Formatter -] -- ++#SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[ ++# SimpleCov::Formatter::HTMLFormatter, ++# Coveralls::SimpleCov::Formatter ++#] + -SimpleCov.start do - add_filter '/spec/' -- minimum_coverage(95.29) +- minimum_coverage(95.33) -end -- ++#SimpleCov.start do ++# add_filter '/spec/' ++# minimum_coverage(95.33) ++#end + require 'oauth2' require 'addressable/uri' - require 'rspec' diff -Nru ruby-oauth2-0.9.3/lib/oauth2/access_token.rb ruby-oauth2-1.0.0/lib/oauth2/access_token.rb --- ruby-oauth2-0.9.3/lib/oauth2/access_token.rb 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/lib/oauth2/access_token.rb 2014-07-23 02:05:21.000000000 +0000 @@ -63,7 +63,7 @@ # # @return [Boolean] def expires? - !!@expires_at + !!@expires_at # rubocop:disable DoubleNegation end # Whether or not the token is expired diff -Nru ruby-oauth2-0.9.3/lib/oauth2/client.rb ruby-oauth2-1.0.0/lib/oauth2/client.rb --- ruby-oauth2-0.9.3/lib/oauth2/client.rb 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/lib/oauth2/client.rb 2014-07-23 02:05:21.000000000 +0000 @@ -1,4 +1,5 @@ require 'faraday' +require 'logger' module OAuth2 # The OAuth2::Client class @@ -23,19 +24,19 @@ # @option opts [Boolean] :raise_errors (true) whether or not to raise an OAuth2::Error # on responses with 400+ status codes # @yield [builder] The Faraday connection builder - def initialize(client_id, client_secret, opts = {}, &block) - _opts = opts.dup + def initialize(client_id, client_secret, options = {}, &block) + opts = options.dup @id = client_id @secret = client_secret - @site = _opts.delete(:site) - ssl = _opts.delete(:ssl) + @site = opts.delete(:site) + ssl = opts.delete(:ssl) @options = {:authorize_url => '/oauth/authorize', :token_url => '/oauth/token', :token_method => :post, :connection_opts => {}, :connection_build => block, :max_redirects => 5, - :raise_errors => true}.merge(_opts) + :raise_errors => true}.merge(opts) @options[:connection_opts][:ssl] = ssl if ssl end @@ -85,6 +86,8 @@ # @option opts [Symbol] :parse @see Response::initialize # @yield [req] The Faraday request def request(verb, url, opts = {}) # rubocop:disable CyclomaticComplexity, MethodLength + connection.response :logger, ::Logger.new($stdout) if ENV['OAUTH_DEBUG'] == 'true' + url = connection.build_url(url, opts[:params]).to_s response = connection.run_request(verb, url, opts[:body], opts[:headers]) do |req| diff -Nru ruby-oauth2-0.9.3/lib/oauth2/mac_token.rb ruby-oauth2-1.0.0/lib/oauth2/mac_token.rb --- ruby-oauth2-0.9.3/lib/oauth2/mac_token.rb 1970-01-01 00:00:00.000000000 +0000 +++ ruby-oauth2-1.0.0/lib/oauth2/mac_token.rb 2014-07-23 02:05:21.000000000 +0000 @@ -0,0 +1,124 @@ +require 'base64' +require 'digest' +require 'openssl' +require 'securerandom' + +module OAuth2 + class MACToken < AccessToken + # Generates a MACToken from an AccessToken and secret + # + # @param [AccessToken] token the OAuth2::Token instance + # @option [String] secret the secret key value + # @param [Hash] opts the options to create the Access Token with + # @see MACToken#initialize + def self.from_access_token(token, secret, options = {}) + new(token.client, token.token, secret, token.params.merge( + :refresh_token => token.refresh_token, + :expires_in => token.expires_in, + :expires_at => token.expires_at + ).merge(options)) + end + + attr_reader :secret, :algorithm + + # Initalize a MACToken + # + # @param [Client] client the OAuth2::Client instance + # @param [String] token the Access Token value + # @option [String] secret the secret key value + # @param [Hash] opts the options to create the Access Token with + # @option opts [String] :refresh_token (nil) the refresh_token value + # @option opts [FixNum, String] :expires_in (nil) the number of seconds in which the AccessToken will expire + # @option opts [FixNum, String] :expires_at (nil) the epoch time in seconds in which AccessToken will expire + # @option opts [FixNum, String] :algorithm (hmac-sha-256) the algorithm to use for the HMAC digest (one of 'hmac-sha-256', 'hmac-sha-1') + def initialize(client, token, secret, opts = {}) + @secret = secret + self.algorithm = opts.delete(:algorithm) || 'hmac-sha-256' + + super(client, token, opts) + end + + # Make a request with the MAC Token + # + # @param [Symbol] verb the HTTP request method + # @param [String] path the HTTP URL path of the request + # @param [Hash] opts the options to make the request with + # @see Client#request + def request(verb, path, opts = {}, &block) + url = client.connection.build_url(path, opts[:params]).to_s + + opts[:headers] ||= {} + opts[:headers].merge!('Authorization' => header(verb, url)) + + @client.request(verb, path, opts, &block) + end + + # Get the headers hash (always an empty hash) + def headers + {} + end + + # Generate the MAC header + # + # @param [Symbol] verb the HTTP request method + # @param [String] url the HTTP URL path of the request + def header(verb, url) + timestamp = Time.now.utc.to_i + nonce = Digest::MD5.hexdigest([timestamp, SecureRandom.hex].join(':')) + + uri = URI.parse(url) + + fail(ArgumentError, "could not parse \"#{url}\" into URI") unless uri.is_a?(URI::HTTP) + + mac = signature(timestamp, nonce, verb, uri) + + "MAC id=\"#{token}\", ts=\"#{timestamp}\", nonce=\"#{nonce}\", mac=\"#{mac}\"" + end + + # Generate the Base64-encoded HMAC digest signature + # + # @param [Fixnum] timestamp the timestamp of the request in seconds since epoch + # @param [String] nonce the MAC header nonce + # @param [Symbol] verb the HTTP request method + # @param [String] url the HTTP URL path of the request + def signature(timestamp, nonce, verb, uri) + signature = [ + timestamp, + nonce, + verb.to_s.upcase, + uri.request_uri, + uri.host, + uri.port, + '', nil + ].join("\n") + + strict_encode64(OpenSSL::HMAC.digest(@algorithm, secret, signature)) + end + + # Set the HMAC algorithm + # + # @param [String] alg the algorithm to use (one of 'hmac-sha-1', 'hmac-sha-256') + def algorithm=(alg) + @algorithm = case alg.to_s + when 'hmac-sha-1' + OpenSSL::Digest::SHA1.new + when 'hmac-sha-256' + OpenSSL::Digest::SHA256.new + else + fail(ArgumentError, 'Unsupported algorithm') + end + end + + private + + # No-op since we need the verb and path + # and the MAC always goes in a header + def token=(_) + end + + # Base64.strict_encode64 is not available on Ruby 1.8.7 + def strict_encode64(str) + Base64.encode64(str).gsub("\n", '') + end + end +end diff -Nru ruby-oauth2-0.9.3/lib/oauth2/version.rb ruby-oauth2-1.0.0/lib/oauth2/version.rb --- ruby-oauth2-0.9.3/lib/oauth2/version.rb 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/lib/oauth2/version.rb 2014-07-23 02:05:21.000000000 +0000 @@ -1,8 +1,8 @@ module OAuth2 class Version - MAJOR = 0 - MINOR = 9 - PATCH = 3 + MAJOR = 1 + MINOR = 0 + PATCH = 0 PRE = nil class << self diff -Nru ruby-oauth2-0.9.3/lib/oauth2.rb ruby-oauth2-1.0.0/lib/oauth2.rb --- ruby-oauth2-0.9.3/lib/oauth2.rb 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/lib/oauth2.rb 2014-07-23 02:05:21.000000000 +0000 @@ -7,4 +7,5 @@ require 'oauth2/strategy/client_credentials' require 'oauth2/strategy/assertion' require 'oauth2/access_token' +require 'oauth2/mac_token' require 'oauth2/response' diff -Nru ruby-oauth2-0.9.3/metadata.gz.sig ruby-oauth2-1.0.0/metadata.gz.sig --- ruby-oauth2-0.9.3/metadata.gz.sig 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/metadata.gz.sig 1970-01-01 00:00:00.000000000 +0000 @@ -1,3 +0,0 @@ -uHFï3,ìÕ"ß…vÏŸ2{>‰têAé–jäOâB'ú•Ù=G)º/š‰I ­5/!¼v˜uÖ$Úþå2Rà¥Ð[B" - - !ruby/object:Gem::Version - version: '1.0' - type: :development - prerelease: false - version_requirements: !ruby/object:Gem::Requirement - requirements: - - - "~>" - - !ruby/object:Gem::Version - version: '1.0' -- !ruby/object:Gem::Dependency name: faraday requirement: !ruby/object:Gem::Requirement requirements: @@ -67,6 +32,20 @@ - !ruby/object:Gem::Version version: '0.10' - !ruby/object:Gem::Dependency + name: jwt + requirement: !ruby/object:Gem::Requirement + requirements: + - - "~>" + - !ruby/object:Gem::Version + version: '1.0' + type: :runtime + prerelease: false + version_requirements: !ruby/object:Gem::Requirement + requirements: + - - "~>" + - !ruby/object:Gem::Version + version: '1.0' +- !ruby/object:Gem::Dependency name: multi_json requirement: !ruby/object:Gem::Requirement requirements: @@ -109,19 +88,19 @@ - !ruby/object:Gem::Version version: '1.2' - !ruby/object:Gem::Dependency - name: jwt + name: bundler requirement: !ruby/object:Gem::Requirement requirements: - - "~>" - !ruby/object:Gem::Version - version: 0.1.8 - type: :runtime + version: '1.0' + type: :development prerelease: false version_requirements: !ruby/object:Gem::Requirement requirements: - - "~>" - !ruby/object:Gem::Version - version: 0.1.8 + version: '1.0' description: A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth spec. email: @@ -140,6 +119,7 @@ - lib/oauth2/access_token.rb - lib/oauth2/client.rb - lib/oauth2/error.rb +- lib/oauth2/mac_token.rb - lib/oauth2/response.rb - lib/oauth2/strategy/assertion.rb - lib/oauth2/strategy/auth_code.rb @@ -152,6 +132,7 @@ - spec/helper.rb - spec/oauth2/access_token_spec.rb - spec/oauth2/client_spec.rb +- spec/oauth2/mac_token_spec.rb - spec/oauth2/response_spec.rb - spec/oauth2/strategy/assertion_spec.rb - spec/oauth2/strategy/auth_code_spec.rb @@ -179,7 +160,7 @@ version: 1.3.5 requirements: [] rubyforge_project: -rubygems_version: 2.2.0 +rubygems_version: 2.2.2 signing_key: specification_version: 4 summary: A Ruby wrapper for the OAuth 2.0 protocol. @@ -187,6 +168,7 @@ - spec/helper.rb - spec/oauth2/access_token_spec.rb - spec/oauth2/client_spec.rb +- spec/oauth2/mac_token_spec.rb - spec/oauth2/response_spec.rb - spec/oauth2/strategy/assertion_spec.rb - spec/oauth2/strategy/auth_code_spec.rb diff -Nru ruby-oauth2-0.9.3/oauth2.gemspec ruby-oauth2-1.0.0/oauth2.gemspec --- ruby-oauth2-0.9.3/oauth2.gemspec 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/oauth2.gemspec 2014-07-23 02:05:21.000000000 +0000 @@ -4,26 +4,24 @@ require 'oauth2/version' Gem::Specification.new do |spec| - spec.add_development_dependency 'bundler', '~> 1.0' spec.add_dependency 'faraday', ['>= 0.8', '< 0.10'] + spec.add_dependency 'jwt', '~> 1.0' spec.add_dependency 'multi_json', '~> 1.3' spec.add_dependency 'multi_xml', '~> 0.5' spec.add_dependency 'rack', '~> 1.2' - spec.add_dependency 'jwt', '~> 0.1.8' + spec.add_development_dependency 'bundler', '~> 1.0' spec.authors = ['Michael Bleigh', 'Erik Michaels-Ober'] - spec.cert_chain = %w(certs/sferik.pem) - spec.description = %q{A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth spec.} + spec.description = 'A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth spec.' spec.email = ['michael@intridea.com', 'sferik@gmail.com'] spec.files = %w(.document CONTRIBUTING.md LICENSE.md README.md Rakefile oauth2.gemspec) spec.files += Dir.glob('lib/**/*.rb') spec.files += Dir.glob('spec/**/*') spec.homepage = 'http://github.com/intridea/oauth2' - spec.licenses = ['MIT'] + spec.licenses = %w(MIT) spec.name = 'oauth2' - spec.require_paths = ['lib'] + spec.require_paths = %w(lib) spec.required_rubygems_version = '>= 1.3.5' - spec.signing_key = File.expand_path('~/.gem/private_key.pem') if $PROGRAM_NAME =~ /gem\z/ - spec.summary = %q{A Ruby wrapper for the OAuth 2.0 protocol.} + spec.summary = 'A Ruby wrapper for the OAuth 2.0 protocol.' spec.test_files = Dir.glob('spec/**/*') spec.version = OAuth2::Version end diff -Nru ruby-oauth2-0.9.3/Rakefile ruby-oauth2-1.0.0/Rakefile --- ruby-oauth2-0.9.3/Rakefile 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/Rakefile 2014-07-23 02:05:21.000000000 +0000 @@ -19,10 +19,10 @@ begin require 'rubocop/rake_task' - Rubocop::RakeTask.new + RuboCop::RakeTask.new rescue LoadError task :rubocop do - $stderr.puts 'Rubocop is disabled' + $stderr.puts 'RuboCop is disabled' end end @@ -33,7 +33,7 @@ require 'yardstick/rake/verify' Yardstick::Rake::Verify.new do |verify| - verify.threshold = 58.9 + verify.threshold = 58.8 end task :default => [:spec, :rubocop, :verify_measurements] diff -Nru ruby-oauth2-0.9.3/README.md ruby-oauth2-1.0.0/README.md --- ruby-oauth2-0.9.3/README.md 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/README.md 2014-07-23 02:05:21.000000000 +0000 @@ -1,10 +1,10 @@ # OAuth2 -[![Gem Version](https://badge.fury.io/rb/oauth2.png)][gem] -[![Build Status](https://secure.travis-ci.org/intridea/oauth2.png?branch=master)][travis] -[![Dependency Status](https://gemnasium.com/intridea/oauth2.png?travis)][gemnasium] -[![Code Climate](https://codeclimate.com/github/intridea/oauth2.png)][codeclimate] -[![Coverage Status](https://coveralls.io/repos/intridea/oauth2/badge.png?branch=master)][coveralls] +[![Gem Version](http://img.shields.io/gem/v/oauth2.svg)][gem] +[![Build Status](http://img.shields.io/travis/intridea/oauth2.svg)][travis] +[![Dependency Status](http://img.shields.io/gemnasium/intridea/oauth2.svg)][gemnasium] +[![Code Climate](http://img.shields.io/codeclimate/github/intridea/oauth2.svg)][codeclimate] +[![Coverage Status](http://img.shields.io/coveralls/intridea/oauth2.svg)][coveralls] [gem]: https://rubygems.org/gems/oauth2 [travis]: http://travis-ci.org/intridea/oauth2 @@ -12,10 +12,7 @@ [codeclimate]: https://codeclimate.com/github/intridea/oauth2 [coveralls]: https://coveralls.io/r/intridea/oauth2 -A Ruby wrapper for the OAuth 2.0 specification. This is a work in progress, -being built first to solve the pragmatic process of connecting to existing -OAuth 2.0 endpoints (e.g. Facebook) with the goal of building it up to meet -the entire specification over time. +A Ruby wrapper for the OAuth 2.0 specification. ## Installation gem install oauth2 diff -Nru ruby-oauth2-0.9.3/spec/helper.rb ruby-oauth2-1.0.0/spec/helper.rb --- ruby-oauth2-0.9.3/spec/helper.rb 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/spec/helper.rb 2014-07-23 02:05:21.000000000 +0000 @@ -8,13 +8,12 @@ SimpleCov.start do add_filter '/spec/' - minimum_coverage(95.29) + minimum_coverage(95.33) end require 'oauth2' require 'addressable/uri' require 'rspec' -require 'rspec/autorun' RSpec.configure do |config| config.expect_with :rspec do |c| @@ -27,3 +26,17 @@ RSpec.configure do |conf| include OAuth2 end + +def capture_output(&block) + begin + old_stdout = $stdout + $stdout = StringIO.new + block.call + result = $stdout.string + ensure + $stdout = old_stdout + end + result +end + +VERBS = [:get, :post, :put, :delete] diff -Nru ruby-oauth2-0.9.3/spec/oauth2/access_token_spec.rb ruby-oauth2-1.0.0/spec/oauth2/access_token_spec.rb --- ruby-oauth2-0.9.3/spec/oauth2/access_token_spec.rb 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/spec/oauth2/access_token_spec.rb 2014-07-23 02:05:21.000000000 +0000 @@ -1,10 +1,7 @@ require 'helper' -VERBS = [:get, :post, :put, :delete] - describe AccessToken do let(:token) { 'monkey' } - let(:token_body) { MultiJson.encode(:access_token => 'foo', :expires_in => 600, :refresh_token => 'bar') } let(:refresh_body) { MultiJson.encode(:access_token => 'refreshed_foo', :expires_in => 600, :refresh_token => 'refresh_bar') } let(:client) do Client.new('abc', 'def', :site => 'https://api.example.com') do |builder| @@ -25,7 +22,7 @@ describe '#initialize' do it 'assigns client and token' do expect(subject.client).to eq(client) - expect(subject.token).to eq(token) + expect(subject.token).to eq(token) end it 'assigns extra params' do diff -Nru ruby-oauth2-0.9.3/spec/oauth2/client_spec.rb ruby-oauth2-1.0.0/spec/oauth2/client_spec.rb --- ruby-oauth2-0.9.3/spec/oauth2/client_spec.rb 2014-02-06 20:18:08.000000000 +0000 +++ ruby-oauth2-1.0.0/spec/oauth2/client_spec.rb 2014-07-23 02:05:21.000000000 +0000 @@ -119,6 +119,16 @@ expect(response.headers).to eq('Content-Type' => 'text/awesome') end + it 'outputs to $stdout when OAUTH_DEBUG=true' do + allow(ENV).to receive(:[]).with('http_proxy').and_return(nil) + allow(ENV).to receive(:[]).with('OAUTH_DEBUG').and_return('true') + output = capture_output do + subject.request(:get, '/success') + end + + expect(output).to include 'INFO -- : get https://api.example.com/success', 'INFO -- : get https://api.example.com/success' + end + it 'posts a body' do response = subject.request(:post, '/reflect', :body => 'foo=bar') expect(response.body).to eq('foo=bar') diff -Nru ruby-oauth2-0.9.3/spec/oauth2/mac_token_spec.rb ruby-oauth2-1.0.0/spec/oauth2/mac_token_spec.rb --- ruby-oauth2-0.9.3/spec/oauth2/mac_token_spec.rb 1970-01-01 00:00:00.000000000 +0000 +++ ruby-oauth2-1.0.0/spec/oauth2/mac_token_spec.rb 2014-07-23 02:05:21.000000000 +0000 @@ -0,0 +1,119 @@ +require 'helper' + +describe MACToken do + let(:token) { 'monkey' } + let(:client) do + Client.new('abc', 'def', :site => 'https://api.example.com') do |builder| + builder.request :url_encoded + builder.adapter :test do |stub| + VERBS.each do |verb| + stub.send(verb, '/token/header') { |env| [200, {}, env[:request_headers]['Authorization']] } + end + end + end + end + + subject { MACToken.new(client, token, 'abc123') } + + describe '#initialize' do + it 'assigns client and token' do + expect(subject.client).to eq(client) + expect(subject.token).to eq(token) + end + + it 'assigns secret' do + expect(subject.secret).to eq('abc123') + end + + it 'defaults algorithm to hmac-sha-256' do + expect(subject.algorithm).to be_instance_of(OpenSSL::Digest::SHA256) + end + + it 'handles hmac-sha-256' do + mac = MACToken.new(client, token, 'abc123', :algorithm => 'hmac-sha-256') + expect(mac.algorithm).to be_instance_of(OpenSSL::Digest::SHA256) + end + + it 'handles hmac-sha-1' do + mac = MACToken.new(client, token, 'abc123', :algorithm => 'hmac-sha-1') + expect(mac.algorithm).to be_instance_of(OpenSSL::Digest::SHA1) + end + + it 'raises on improper algorithm' do + expect { MACToken.new(client, token, 'abc123', :algorithm => 'invalid-sha') }.to raise_error(ArgumentError) + end + end + + describe '#request' do + VERBS.each do |verb| + it "sends the token in the Authorization header for a #{verb.to_s.upcase} request" do + expect(subject.post('/token/header').body).to include("MAC id=\"#{token}\"") + end + end + end + + describe '#header' do + it 'does not generate the same header twice' do + header = subject.header('get', 'https://www.example.com/hello') + duplicate_header = subject.header('get', 'https://www.example.com/hello') + + expect(header).to_not eq(duplicate_header) + end + + it 'generates the proper format' do + header = subject.header('get', 'https://www.example.com/hello?a=1') + expect(header).to match(/MAC id="#{token}", ts="[0-9]+", nonce="[^"]+", mac="[^"]+"/) + end + + it 'passes ArgumentError with an invalid url' do + expect { subject.header('get', 'this-is-not-valid') }.to raise_error(ArgumentError) + end + + it 'passes URI::InvalidURIError through' do + expect { subject.header('get', nil) }.to raise_error(URI::InvalidURIError) + end + end + + describe '#signature' do + it 'generates properly' do + signature = subject.signature(0, 'random-string', 'get', URI('https://www.google.com')) + expect(signature).to eq('rMDjVA3VJj3v1OmxM29QQljKia6msl5rjN83x3bZmi8=') + end + end + + describe '#headers' do + it 'is an empty hash' do + expect(subject.headers).to eq({}) + end + end + + describe '.from_access_token' do + let(:access_token) do + AccessToken.new( + client, token, + :expires_at => 1, + :expires_in => 1, + :refresh_token => 'abc', + :random => 1 + ) + end + + subject { MACToken.from_access_token(access_token, 'hello') } + + it 'initializes client, token, and secret properly' do + expect(subject.client).to eq(client) + expect(subject.token).to eq(token) + expect(subject.secret).to eq('hello') + end + + it 'initializes configuration options' do + expect(subject.expires_at).to eq(1) + expect(subject.expires_in).to eq(1) + expect(subject.refresh_token).to eq('abc') + end + + it 'initializes params' do + expect(subject.params).to eq(:random => 1) + end + end +end