initial commit

.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

.rspec

@@ -0,0 +1 @@
+--color

Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in oauth2_mac_client.gemspec
+gemspec

LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2011 Tom Brown
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

README.rdoc

@@ -0,0 +1,16 @@
+= oauth2_mac_client
+
+OAuth 2.0 MAC Client Library.
+
+== Installation
+
+  gem install oauth2_mac_client
+
+== Resources
+
+* View Source on GitHub (https://github.com/herestomwiththeweather/oauth2_mac_client)
+* Report Issues on GitHub (https://github.com/herestomwiththeweather/oauth2_mac_client/issues)
+
+== Copyright
+
+Copyright (c) 2012 Tom Brown. See LICENSE for details.

Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

lib/oauth2_mac_client.rb

@@ -0,0 +1,80 @@
+require "oauth2_mac_client/version"
+require "active_support/core_ext"
+
+module Oauth2MacClient
+  class Token
+    attr_accessor :access_token, :mac_key, :mac_algorithm, :issued_at
+    attr_accessor :method, :request_uri, :host, :port, :body_hash
+    attr_writer :nonce
+
+    def initialize(attributes={})
+      @access_token = attributes[:access_token]
+      @mac_key = attributes[:mac_key]
+      @mac_algorithm = attributes[:mac_algorithm]
+      @issued_at = attributes[:issued_at] || Time.now.utc
+    end
+
+    def age
+      age = Time.now.utc - @issued_at
+      age.to_i
+    end
+
+    def nonce
+      @nonce ||= [
+        age,
+        SecureRandom.hex
+      ].join(':')
+    end
+
+    def request_string
+      [nonce,
+       @method,
+       @request_uri,
+       @host,
+       @port,
+       @body_hash,
+       '', # ext
+       nil].join("\n")
+    end
+
+    def base64_encode(text)
+      Base64.encode64(text).gsub(/\n/,'')
+    end
+
+    def openssl_digest
+      @openssl_digest ||= case @mac_algorithm
+                          when 'hmac-sha-256' then OpenSSL::Digest::SHA256.new
+                          when 'hmac-sha-1' then OpenSSL::Digest::SHA1.new
+                          end
+    end
+
+    def calculate_hmac
+      result = OpenSSL::HMAC.digest(openssl_digest,@mac_key,request_string)
+      base64_encode result
+    end
+
+    def construct_authorization_header(url,method,body="")
+      @body_hash = body.empty? ? "" : body_hash(body)
+      @method=method.upcase
+      uri = URI.parse(url)
+      @host=uri.host
+      @port=uri.port
+      @request_uri=uri.request_uri
+      @hmac=calculate_hmac
+      authorization_header
+    end
+
+    def authorization_header
+      header = "MAC"
+      header << " id=\"#{@access_token}\","
+      header << " nonce=\"#{nonce}\","
+      header << " bodyhash=\"#{@body_hash}\","
+      header << " mac=\"#{@hmac}\","
+    end
+
+    def body_hash(body)
+      result = openssl_digest.digest(body)
+      base64_encode result
+    end
+  end
+end

lib/oauth2_mac_client/version.rb

@@ -0,0 +1,3 @@
+module Oauth2MacClient
+  VERSION = "0.0.1"
+end

oauth2_mac_client.gemspec

@@ -0,0 +1,23 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "oauth2_mac_client/version"
+
+Gem::Specification.new do |s|
+  s.name        = "oauth2_mac_client"
+  s.version     = Oauth2MacClient::VERSION
+  s.authors     = ["Tom Brown"]
+  s.email       = ["herestomwiththeweather@gmail.com"]
+  s.homepage    = "https://github.com/herestomwiththeweather/oauth2_mac_client"
+  s.summary     = %q{Send requests to OAuth 2 provider with MAC authentication}
+  s.description = %q{Send requests to OAuth 2 provider with MAC authentication}
+
+  s.rubyforge_project = "oauth2_mac_client"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_runtime_dependency "activesupport", ">= 2.3"
+  s.add_development_dependency "rspec"
+end

spec/oauth2_mac_client/token_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+module Oauth2MacClient
+  describe Token do
+    let :token do
+      Token.new(
+        access_token: 'access_token',
+        mac_key: 'secret',
+        mac_algorithm: 'hmac-sha-256',
+        issued_at: issued_at
+    )
+    end
+
+    let(:issued_at) { 1305820455 }
+    subject { token }
+
+    its(:mac_key)    { should == 'secret' }
+    its(:mac_algorithm) { should == 'hmac-sha-256' }
+
+    describe '.calculate_hmac' do
+      it "produces the hmac expected from the spec" do
+        @token = Token.new(access_token:'abc',mac_key:'8yfrufh348h',mac_algorithm:'hmac-sha-1')
+        @token.nonce = '273156:di3hvdf8'
+        @token.method = 'POST'
+        @token.request_uri = '/request'
+        @token.host = 'example.com'
+        @token.port = 80
+        @token.body_hash = 'k9kbtCIy0CkI3/FEfpS/oIDjk6k='
+        @token.calculate_hmac.should == 'W7bdMZbv9UWOTadASIQHagZyirA='
+      end
+    end
+  end
+end

spec/spec_helper.rb

@@ -0,0 +1 @@
+require 'oauth2_mac_client'