lib/oauthenticator/signed_request.rb in oauthenticator-0.1.1 vs lib/oauthenticator/signed_request.rb in oauthenticator-0.1.2
- old
+ new
@@ -87,82 +87,97 @@
elsif authorization !~ /\S/
{'Authorization' => ["Authorization header is blank"]}
elsif authorization !~ /\Aoauth\s/i
{'Authorization' => ["Authorization scheme is not OAuth; received Authorization: #{authorization}"]}
else
- errors = Hash.new { |h,k| h[k] = [] }
-
- # timestamp
- if !timestamp?
- errors['Authorization oauth_timestamp'] << "is missing"
- elsif timestamp !~ /\A\s*\d+\s*\z/
- errors['Authorization oauth_timestamp'] << "is not an integer - got: #{timestamp}"
+ to_rescue = SimpleOAuth.const_defined?(:ParseError) ? SimpleOAuth::ParseError : StandardError
+ begin
+ oauth_header_params
+ rescue to_rescue
+ parse_exception = $!
+ end
+ if parse_exception
+ if parse_exception.class.name == 'SimpleOAuth::ParseError'
+ message = parse_exception.message
+ else
+ message = "Authorization header is not a properly-formed OAuth 1.0 header."
+ end
+ {'Authorization' => [message]}
else
- timestamp_i = timestamp.to_i
- if timestamp_i < Time.now.to_i - timestamp_valid_past
- errors['Authorization oauth_timestamp'] << "is too old: #{timestamp}"
- elsif timestamp_i > Time.now.to_i + timestamp_valid_future
- errors['Authorization oauth_timestamp'] << "is too far in the future: #{timestamp}"
+ errors = Hash.new { |h,k| h[k] = [] }
+
+ # timestamp
+ if !timestamp?
+ errors['Authorization oauth_timestamp'] << "is missing"
+ elsif timestamp !~ /\A\s*\d+\s*\z/
+ errors['Authorization oauth_timestamp'] << "is not an integer - got: #{timestamp}"
+ else
+ timestamp_i = timestamp.to_i
+ if timestamp_i < Time.now.to_i - timestamp_valid_past
+ errors['Authorization oauth_timestamp'] << "is too old: #{timestamp}"
+ elsif timestamp_i > Time.now.to_i + timestamp_valid_future
+ errors['Authorization oauth_timestamp'] << "is too far in the future: #{timestamp}"
+ end
end
- end
- # oauth version
- if version? && version != '1.0'
- errors['Authorization oauth_version'] << "must be 1.0; got: #{version}"
- end
+ # oauth version
+ if version? && version != '1.0'
+ errors['Authorization oauth_version'] << "must be 1.0; got: #{version}"
+ end
- # she's filled with secrets
- secrets = {}
+ # she's filled with secrets
+ secrets = {}
- # consumer / client application
- if !consumer_key?
- errors['Authorization oauth_consumer_key'] << "is missing"
- else
- secrets[:consumer_secret] = consumer_secret
- if !secrets[:consumer_secret]
- errors['Authorization oauth_consumer_key'] << 'is invalid'
+ # consumer / client application
+ if !consumer_key?
+ errors['Authorization oauth_consumer_key'] << "is missing"
+ else
+ secrets[:consumer_secret] = consumer_secret
+ if !secrets[:consumer_secret]
+ errors['Authorization oauth_consumer_key'] << 'is invalid'
+ end
end
- end
- # access token
- if token?
- secrets[:token_secret] = access_token_secret
- if !secrets[:token_secret]
- errors['Authorization oauth_token'] << 'is invalid'
- elsif !access_token_belongs_to_consumer?
- errors['Authorization oauth_token'] << 'does not belong to the specified consumer'
+ # access token
+ if token?
+ secrets[:token_secret] = access_token_secret
+ if !secrets[:token_secret]
+ errors['Authorization oauth_token'] << 'is invalid'
+ elsif !access_token_belongs_to_consumer?
+ errors['Authorization oauth_token'] << 'does not belong to the specified consumer'
+ end
end
- end
- # nonce
- if !nonce?
- errors['Authorization oauth_nonce'] << "is missing"
- elsif nonce_used?
- errors['Authorization oauth_nonce'] << "has already been used"
- end
+ # nonce
+ if !nonce?
+ errors['Authorization oauth_nonce'] << "is missing"
+ elsif nonce_used?
+ errors['Authorization oauth_nonce'] << "has already been used"
+ end
- # signature method
- if !signature_method?
- errors['Authorization oauth_signature_method'] << "is missing"
- elsif !allowed_signature_methods.any? { |sm| signature_method.downcase == sm.downcase }
- errors['Authorization oauth_signature_method'] << "must be one of " +
- "#{allowed_signature_methods.join(', ')}; got: #{signature_method}"
- end
+ # signature method
+ if !signature_method?
+ errors['Authorization oauth_signature_method'] << "is missing"
+ elsif !allowed_signature_methods.any? { |sm| signature_method.downcase == sm.downcase }
+ errors['Authorization oauth_signature_method'] << "must be one of " +
+ "#{allowed_signature_methods.join(', ')}; got: #{signature_method}"
+ end
- # signature
- if !signature?
- errors['Authorization oauth_signature'] << "is missing"
- end
+ # signature
+ if !signature?
+ errors['Authorization oauth_signature'] << "is missing"
+ end
- if errors.any?
- errors
- else
- # proceed to check signature
- if !simple_oauth_header.valid?(secrets)
- {'Authorization oauth_signature' => ['is invalid']}
+ if errors.any?
+ errors
else
- use_nonce!
- nil
+ # proceed to check signature
+ if !simple_oauth_header.valid?(secrets)
+ {'Authorization oauth_signature' => ['is invalid']}
+ else
+ use_nonce!
+ nil
+ end
end
end
end
end
end