class Net::HTTPGenericRequest
Attributes
Public Instance Methods
Add the OAuth information to an HTTP request. Depending on the options[:scheme] setting this may add a header, additional query string parameters, or additional POST body parameters. The default scheme is header, in which the OAuth parameters as put into the Authorization header.
-
http - Configured Net::HTTP instance
-
consumer -
OAuth::Consumerinstance -
token -
OAuth::Tokeninstance -
options - Request-specific options (e.g.
request_uri,consumer,token,scheme,signature_method,nonce,timestamp,body_hash)
This method also modifies the User-Agent header to add the OAuth gem version.
See Also: OAuth core spec version 1.0, section 5.4.1,
{OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
# File lib/oauth/client/net_http.rb 28 def oauth!(http, consumer = nil, token = nil, options = {}) 29 helper_options = oauth_helper_options(http, consumer, token, options) 30 @oauth_helper = OAuth::Client::Helper.new(self, helper_options) 31 @oauth_helper.amend_user_agent_header(self) 32 @oauth_helper.hash_body if oauth_body_hash_required?(helper_options) 33 send("set_oauth_#{helper_options[:scheme]}") 34 end
Create a string suitable for signing for an HTTP request. This process involves parameter normalization as specified in the OAuth specification. The exact normalization also depends on the options[:scheme] being used so this must match what will be used for the request itself. The default scheme is header, in which the OAuth parameters as put into the Authorization header.
-
http - Configured Net::HTTP instance
-
consumer -
OAuth::Consumerinstance -
token -
OAuth::Tokeninstance -
options - Request-specific options (e.g.
request_uri,consumer,token,scheme,signature_method,nonce,timestamp)
See Also: OAuth core spec version 1.0, section 5.4.1,
{OAuth Request Body Hash 1.0 Draft 4}[http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html,
http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/oauth-bodyhash.html#when_to_include]
# File lib/oauth/client/net_http.rb 51 def signature_base_string(http, consumer = nil, token = nil, options = {}) 52 helper_options = oauth_helper_options(http, consumer, token, options) 53 @oauth_helper = OAuth::Client::Helper.new(self, helper_options) 54 @oauth_helper.hash_body if oauth_body_hash_required?(helper_options) 55 @oauth_helper.signature_base_string 56 end
Private Instance Methods
# File lib/oauth/client/net_http.rb 117 def oauth_body_hash_required?(options) 118 !@oauth_helper.token_request? && request_body_permitted? && !content_type.to_s.downcase.start_with?("application/x-www-form-urlencoded") && options[:body_hash_enabled] 119 end
# File lib/oauth/client/net_http.rb 73 def oauth_full_request_uri(http, options) 74 uri = URI.parse(path) 75 76 # Guard against strict doubles or alternative HTTP adapters that may not 77 # expose Net::HTTP's #address/#port API. Only set host/port when available; 78 # otherwise, leave them to be filled by other options (e.g., :site) or the 79 # request itself. 80 if http.respond_to?(:address) 81 uri.host ||= http.address 82 end 83 if http.respond_to?(:port) 84 uri.port ||= http.port 85 end 86 87 if options[:request_endpoint] && options[:site] 88 is_https = options[:site].match(%r{^https://}) 89 uri.host = options[:site].gsub(%r{^https?://}, "") 90 uri.port ||= is_https ? 443 : 80 91 end 92 93 # Fall back to the provided site URL if host/scheme are still missing. 94 if options[:site] 95 begin 96 site_uri = URI.parse(options[:site]) 97 uri.host ||= site_uri.host 98 uri.scheme ||= site_uri.scheme 99 uri.port ||= site_uri.port 100 rescue URI::InvalidURIError 101 # ignore and use defaults below 102 end 103 end 104 105 # As a last resort, ensure scheme/host/port are present to avoid nil errors 106 uri.scheme ||= if http.respond_to?(:use_ssl?) && http.use_ssl? 107 "https" 108 else 109 "http" 110 end 111 uri.host ||= "localhost" 112 uri.port ||= ((uri.scheme == "https") ? 443 : 80) 113 114 uri.to_s 115 end
# File lib/oauth/client/net_http.rb 60 def oauth_helper_options(http, consumer, token, options) 61 { 62 request_uri: oauth_full_request_uri(http, options), 63 consumer: consumer, 64 token: token, 65 scheme: "header", 66 signature_method: nil, 67 nonce: nil, 68 timestamp: nil, 69 body_hash_enabled: true, 70 }.merge(options) 71 end
FIXME: if you're using a POST body and query string parameters, this method will move query string parameters into the body unexpectedly. This may cause problems with non-x-www-form-urlencoded bodies submitted to URLs containing query string params. If duplicate parameters are present in both places, all instances should be included when calculating the signature base string.
# File lib/oauth/client/net_http.rb 132 def set_oauth_body 133 # NOTE: OAuth::Helper and @oauth_helper are not the same, despite sharing all methods defined in OAuth::Helper 134 # see: https://stackoverflow.com/a/53447775/213191 135 set_form_data(OAuth::Helper.stringify_keys(@oauth_helper.parameters_with_oauth)) 136 params_with_sig = @oauth_helper.parameters.merge(oauth_signature: @oauth_helper.signature) 137 set_form_data(OAuth::Helper.stringify_keys(params_with_sig)) 138 end
# File lib/oauth/client/net_http.rb 121 def set_oauth_header 122 self["Authorization"] = @oauth_helper.header 123 end
# File lib/oauth/client/net_http.rb 140 def set_oauth_query_string 141 oauth_params_str = @oauth_helper.oauth_parameters.map { |k, v| [escape(k), escape(v)].join("=") }.join("&") 142 uri = URI.parse(path) 143 uri.query = if uri.query.to_s == "" 144 oauth_params_str 145 else 146 "#{uri.query}&#{oauth_params_str}" 147 end 148 149 @path = uri.to_s 150 151 @path << "&oauth_signature=#{escape(oauth_helper.signature)}" 152 end