Skip to content
Browse files

Damn git, this version reverts laserlemon

  • Loading branch information...
1 parent eb0be9f commit 1c14d93efcc1d039f73cf126574c231e73437867 @maccman committed Oct 13, 2010
Showing with 20 additions and 10 deletions.
  1. +18 −8 lib/roauth.rb
  2. +2 −2 test/test_roauth.rb
View
26 lib/roauth.rb
@@ -21,7 +21,9 @@ def header(oauth, uri, params = {}, http_method = :get)
oauth[:token_secret] ||= oauth.delete(:access_secret)
sig_params = oauth_params(oauth)
- sig_params[:oauth_signature] = escape(signature(oauth, uri, sig_params.merge(params), http_method))
+ sig_params[:oauth_signature] = escape(
+ signature(oauth, uri, sig_params.merge(params), http_method)
+ )
sorted_sig_params = sig_params.sort_by{|k,v| [k.to_s, v.to_s] }
authorization_params = sorted_sig_params.map {|key, value| [key, "\"#{value}\""].join("=") }.join(", ")
@@ -75,9 +77,9 @@ def signature(oauth, uri, params, http_method = :get)
uri.query = nil
uri = uri.to_s
- sig_base = [http_method.to_s.upcase, uri, normalize(params)].map{|e| escape(e) }.join("&")
+ sig_base = http_method.to_s.upcase + "&" + escape(uri) + "&" + normalize(params)
digest = SIGNATURE_METHODS[oauth[:signature_method]]
- secret = oauth.values_at(:consumer_secret, :token_secret).map{|e| escape(e) }.join("&")
+ secret = "#{escape(oauth[:consumer_secret])}&#{escape(oauth[:token_secret])}"
Base64.encode64(OpenSSL::HMAC.digest(digest, secret, sig_base)).chomp.gsub(/\n/, "")
end
@@ -93,11 +95,19 @@ def unescape(value)
# Normalize a string of parameters based on the {OAuth spec}[http://oauth.net/core/1.0/#rfc.section.9.1.1]
def normalize(params)
- params.sort_by(&:to_s).map do |key, values|
- Array(values).map do |value|
- [escape(key), escape(value)].join("=")
+ # Stringify keys - so we can compare them
+ params.keys.each {|key| params[key.to_s] = params.delete(key) }
+ params.sort.map do |key, values|
+ if values.is_a?(Array)
+ # Multiple values were provided for a single key
+ # in a hash
+ values.sort.collect do |v|
+ [escape(key), escape(v)] * "%3D"
+ end
+ else
+ [escape(key), escape(values)] * "%3D"
end
- end.join("&")
+ end * "%26"
end
extend self
-end
+end
View
4 test/test_roauth.rb
@@ -21,7 +21,7 @@ class TestRoauth < Test::Unit::TestCase
oauth_header = ROAuth.header(oauth, url, params)
signature = ROAuth.parse(oauth_header)[:signature]
- assert_equal "7/y7qmvtcOGo7sI0z1IY4WILZso=", signature
+ assert_equal "9/g1ge6nLYVkBsTEqgxH0Xlv2O4=", signature
end
should "verify correctly signed params" do
@@ -41,7 +41,7 @@ class TestRoauth < Test::Unit::TestCase
:since_id => "5000"
}
- header = %{OAuth oauth_consumer_key="consumer_key", oauth_nonce="foo", oauth_signature="7%2Fy7qmvtcOGo7sI0z1IY4WILZso%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1286967499", oauth_token="access_key", oauth_version="1.0"}
+ header = %{OAuth oauth_consumer_key="consumer_key", oauth_nonce="foo", oauth_signature="9%2Fg1ge6nLYVkBsTEqgxH0Xlv2O4%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1286967499", oauth_token="access_key", oauth_version="1.0"}
assert ROAuth.verify(oauth, header, url, params), "verify failed"
end
end

0 comments on commit 1c14d93

Please sign in to comment.
Something went wrong with that request. Please try again.