0
@@ -94,9 +94,8 @@ class GoogleAuthSub
0
   # This returns a URI::HTTPS object which contains the Google url to request a token from.
0
   def request_url
0
      #FIXME: these currently cause a crash.
0
-     #raise AuthSubError, "Invalid next URL: #{@next_url}" if !full_url?(@next_url)
0
-     #raise AuthSubError, "Invalid scope URL: #{@scope}" if !full_url?(@scope)
0
-
0
+     raise AuthSubError, "Invalid next URL: #{@next_url}" if !full_url?(@next_url)
0
+     raise AuthSubError, "Invalid scope URL: #{@scope}" if !full_url?(@scope)
0
      query = "next=" << @next_url << "&scope=" << @scope << "&session="<<
0
              (session_token? ? '1' : '0')<< "&secure="<< (secure_token? ? '1' : '0')
0
      query = URI.encode(query)
0
@@ -112,7 +111,8 @@ class GoogleAuthSub
0
   # +GoogleAuthsub#token=params[:token]+
0
   #
0
   def receive_token(url)
0
-    q = url.query.match(/Token=(.*)/)
0
+    puts url
0
+    q = url.query.match( /.*token=(.*)/i)
0
     @token = q[1] if !q.nil?
0
   end
0
 
0
@@ -169,7 +169,6 @@ class GoogleAuthSub
0
     rescue
0
       raise AuthSubError, "Google Authsub Error: invalid token info packet received."
0
     end
0
-
0
     return info
0
   end
0
 
0
@@ -179,6 +178,7 @@ class GoogleAuthSub
0
   def get(url)
0
      authsub_http_request(Net::HTTP::Get,url)
0
   end
0
+  
0
   # post +url+
0
   # Does a HTTP POST request to Google using the AuthSub token.
0
   # This returns a Net::HTTPResponse object.
0
@@ -241,23 +241,15 @@ class GoogleAuthSub
0
     when false
0
       return "AuthSub token=\"#{@token}\""
0
     when true
0
-      data = authorization_data(request, url)
0
-      sig = sign_data(data)
0
-      return "AuthSub token=\"#{@token}\" sigalg=\"#{sigalg}\" data=\"#{data}\" sig=\"#{sig}\""
0
+      timestamp = Time.now.to_i
0
+      nonce = OpenSSL::BN.rand_range(2**64)
0
+      data = request.method + ' ' + url.to_s + ' ' + timestamp.to_s + ' ' + nonce.to_s
0
+      digest = OpenSSL::Digest::SHA1.new(data).hexdigest
0
+      sig = [@@pkey.private_encrypt(digest)].pack("m")  #Base64 encode
0
+      return "AuthSub token=\"#{@token}\" data=\"#{data}\" sig=\"#{sig}\" sigalg=\"#{sigalg}\""
0
     end
0
   end
0
-
0
-  # This creates the data string for secure authorisation.
0
-  # It is this that gets sent.
0
-  def authorization_data(request, url)
0
-    nonce = OpenSSL::BN.rand_range(2**64)
0
-    data = request.method + ' ' + url.to_s + ' ' + Time.now.to_i.to_s + ' ' + nonce.to_s
0
-  end
0
-
0
-  def sign_data(data)
0
-     Base64.b64encode(@@pkey.sign(OpenSSL::Digest::SHA1.new, data))
0
-   end
0
-
0
+  
0
   # Checks whether a URL is a full url, i.e. has all of scheme, host and path.
0
   def full_url?(url)
0
     # First check if it is a bad uri
0
@@ -266,13 +258,10 @@ class GoogleAuthSub
0
     rescue URI.InvalidURIError
0
       return false
0
     end
0
-    print u.scheme
0
-    print u.host
0
-    print u.path
0
     return false if u.scheme.nil? || u.host.nil? || u.path.nil?
0
     true
0
   end
0
-
0
+  
0
 end
0
 
0
 end

0
@@ -177,7 +177,7 @@ describe GoogleAuthSub do
0
 
0
   describe "Token received from Google in response url. Note: in Rails this is simply params[:token]" do
0
     before do
0
-     url = URI::HTTP.build({:host => "www.example.com", :path => "/next", :query => "Token=#{@token}"})
0
+     url = URI::HTTP.build({:host => "www.example.com", :path => "/next", :query => "token=#{@token}"})
0
      @authsub.receive_token(url)
0
     end
0
     

0
@@ -29,10 +29,11 @@ module GData
0
     end
0
     
0
     # check the auth_data section of the header
0
+    #FIXME!
0
     def auth_data(method,url)
0
       url = URI.parse(url)
0
       request = method.new(url.path)
0
-      authorization_data(request,url)
0
+      
0
     end
0
     
0
     # extract signature from header