r37458 - in /trunk/libnet-oauth-perl: Changes MANIFEST META.yml debian/changelog demo/ demos/ lib/Net/OAuth.pm lib/Net/OAuth/Message.pm lib/Net/OAuth/Request.pm t/01-spec.t t/09-encoding.t t/10-misc.t
gregoa at users.alioth.debian.org
gregoa at users.alioth.debian.org
Fri Jun 5 12:23:37 UTC 2009
Author: gregoa
Date: Fri Jun 5 12:23:32 2009
New Revision: 37458
URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=37458
Log:
New upstream release.
Added:
trunk/libnet-oauth-perl/demos/
- copied from r37457, branches/upstream/libnet-oauth-perl/current/demos/
trunk/libnet-oauth-perl/t/09-encoding.t
- copied unchanged from r37457, branches/upstream/libnet-oauth-perl/current/t/09-encoding.t
trunk/libnet-oauth-perl/t/10-misc.t
- copied unchanged from r37457, branches/upstream/libnet-oauth-perl/current/t/10-misc.t
Removed:
trunk/libnet-oauth-perl/demo/
Modified:
trunk/libnet-oauth-perl/Changes
trunk/libnet-oauth-perl/MANIFEST
trunk/libnet-oauth-perl/META.yml
trunk/libnet-oauth-perl/debian/changelog
trunk/libnet-oauth-perl/lib/Net/OAuth.pm
trunk/libnet-oauth-perl/lib/Net/OAuth/Message.pm
trunk/libnet-oauth-perl/lib/Net/OAuth/Request.pm
trunk/libnet-oauth-perl/t/01-spec.t
Modified: trunk/libnet-oauth-perl/Changes
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libnet-oauth-perl/Changes?rev=37458&op=diff
==============================================================================
--- trunk/libnet-oauth-perl/Changes (original)
+++ trunk/libnet-oauth-perl/Changes Fri Jun 5 12:23:32 2009
@@ -51,3 +51,12 @@
0.14 Sat, 13 Dec 2008 17:29:36 UTC
Add POD for consumer requests
+
+0.15 Fri, 05 Jun 2009 00:48:07 UTC
+ Add Twitter demo consumer
+ Warn if message parameter is already UTF-8 that it will be double-encoded; see I18N section of Net::OAuth manpage
+ Better handling of missing 'realm' parameter in Authorization header methods
+ Better handling of request_url parameter; see REQUEST_URL PARAMETER section of Net::OAuth manpage
+ Fix http://rt.cpan.org/Public/Bug/Display.html?id=44699 - encode spaces to %20 rather than + in $message->to_url()
+
+
Modified: trunk/libnet-oauth-perl/MANIFEST
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libnet-oauth-perl/MANIFEST?rev=37458&op=diff
==============================================================================
--- trunk/libnet-oauth-perl/MANIFEST (original)
+++ trunk/libnet-oauth-perl/MANIFEST Fri Jun 5 12:23:32 2009
@@ -1,13 +1,26 @@
Build.PL
Changes
-demo/config.yml
-demo/default.html
-demo/LICENSE.txt
-demo/oauth-demo.cgi
-demo/oauth-demo.zip
-demo/OAuthDemo.pm
-demo/README.txt
-demo/wrapper.html
+demos/google/.htaccess
+demos/google/config.yml
+demos/google/default.html
+demos/google/dispatch.cgi
+demos/google/LICENSE.txt
+demos/google/oauth-demo.zip
+demos/google/OAuthDemo.pm
+demos/google/README.txt
+demos/google/wrapper.html
+demos/twitter/.htaccess
+demos/twitter/config.yml
+demos/twitter/default.html
+demos/twitter/dispatch.cgi
+demos/twitter/ids.txt
+demos/twitter/ids2.txt
+demos/twitter/LICENSE.txt
+demos/twitter/oauth-demo.zip
+demos/twitter/OAuthDemo.pm
+demos/twitter/README.txt
+demos/twitter/toyota.xml
+demos/twitter/wrapper.html
lib/Net/OAuth.pm
lib/Net/OAuth/AccessTokenRequest.pm
lib/Net/OAuth/AccessTokenResponse.pm
@@ -34,5 +47,7 @@
t/05-auth.t
t/06-factory.t
t/07-consumer-request.t
+t/09-encoding.t
+t/10-misc.t
t/rsakey
t/rsakey.pub
Modified: trunk/libnet-oauth-perl/META.yml
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libnet-oauth-perl/META.yml?rev=37458&op=diff
==============================================================================
--- trunk/libnet-oauth-perl/META.yml (original)
+++ trunk/libnet-oauth-perl/META.yml Fri Jun 5 12:23:32 2009
@@ -1,6 +1,6 @@
---
name: Net-OAuth
-version: 0.14
+version: 0.15
author:
- 'Keith Grennan <kgrennan at cpan.org>'
abstract: An implementation of the OAuth protocol
@@ -17,7 +17,7 @@
provides:
Net::OAuth:
file: lib/Net/OAuth.pm
- version: 0.14
+ version: 0.15
Net::OAuth::AccessTokenRequest:
file: lib/Net/OAuth/AccessTokenRequest.pm
Net::OAuth::AccessTokenResponse:
@@ -30,7 +30,7 @@
file: lib/Net/OAuth/ProtectedResourceRequest.pm
Net::OAuth::Request:
file: lib/Net/OAuth/Request.pm
- version: 0.14
+ version: 0.15
Net::OAuth::RequestTokenRequest:
file: lib/Net/OAuth/RequestTokenRequest.pm
Net::OAuth::RequestTokenResponse:
Modified: trunk/libnet-oauth-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libnet-oauth-perl/debian/changelog?rev=37458&op=diff
==============================================================================
--- trunk/libnet-oauth-perl/debian/changelog (original)
+++ trunk/libnet-oauth-perl/debian/changelog Fri Jun 5 12:23:32 2009
@@ -1,3 +1,9 @@
+libnet-oauth-perl (0.15-1) UNRELEASED; urgency=low
+
+ * New upstream release.
+
+ -- gregor herrmann <gregoa at debian.org> Fri, 05 Jun 2009 14:22:26 +0200
+
libnet-oauth-perl (0.14-1) unstable; urgency=low
[ Brian Cassidy ]
Modified: trunk/libnet-oauth-perl/lib/Net/OAuth.pm
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libnet-oauth-perl/lib/Net/OAuth.pm?rev=37458&op=diff
==============================================================================
--- trunk/libnet-oauth-perl/lib/Net/OAuth.pm (original)
+++ trunk/libnet-oauth-perl/lib/Net/OAuth.pm Fri Jun 5 12:23:32 2009
@@ -3,7 +3,8 @@
use strict;
use UNIVERSAL::require;
-our $VERSION = '0.14';
+our $VERSION = '0.15';
+our $SKIP_UTF8_DOUBLE_ENCODE_CHECK = 0;
sub request {
my $self = shift;
@@ -255,6 +256,29 @@
my $consumer_key = $request->consumer_key;
$request->request_method('POST');
+=head2 THE REQUEST_URL PARAMETER
+
+Any query parameters in the request_url are removed and added to the extra_params hash when generating the signature.
+
+E.g. the following requests are equivalent:
+
+ my $request = Net::OAuth->request('user auth')->new(
+ token => 'abcdef',
+ request_url => 'http://example.com/auth',
+ extra_params => {
+ foo => 'bar',
+ },
+ );
+
+ my $request = Net::OAuth->request('user auth')->new(
+ token => 'abcdef',
+ request_url => 'http://example.com/auth?foo=bar',
+ );
+
+If you want to get the request_url with the query parameters removed, you can do:
+
+ my $url = $request->normalized_request_url;
+
=head2 SIGNATURE METHODS
The following signature methods are supported:
@@ -327,6 +351,36 @@
See L<Net::OAuth::ConsumerRequest>
+=head2 I18N
+
+Per the OAuth spec, when making the signature Net::OAuth first encodes
+parameters to UTF-8. This means that any parameters you pass to Net::OAuth,
+if they are outside of ASCII character set, should be run through
+Encode::decode() (or an equivalent PerlIO layer) first to decode them to
+perl's internal character sructure.
+
+There is a check in Net::OAuth's parameter encoding function that guesses if
+the data you are passing in looks like it is already UTF-8 and warns that you
+should decode it first. This accidental double-encoding of UTF-8 may be a
+source of headaches - if you find that the signature check is failing when
+you send non-ASCII data, that is a likely cause.
+
+You can silence this warning by setting:
+
+ $Net::OAuth::SKIP_UTF8_DOUBLE_ENCODE_CHECK = 1;
+
+Following is an example of decoding some UTF-8 form data before sending it in
+an OAuth messaage (from the Twitter demo included in the Net::OAuth package):
+
+my $request = Net::OAuth->request("protected resource")->new(
+ $self->_default_request_params,
+ request_url => 'http://twitter.com/statuses/update.xml',
+ token => $self->session->param('token'),
+ token_secret => $self->session->param('token_secret'),
+ request_method => 'POST',
+ extra_params => {status => decode_utf8($self->query->param('status'))}
+);
+
=head1 DEMO
There is a demo Consumer CGI in this package, also available online at L<http://oauth.kg23.com/>
Modified: trunk/libnet-oauth-perl/lib/Net/OAuth/Message.pm
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libnet-oauth-perl/lib/Net/OAuth/Message.pm?rev=37458&op=diff
==============================================================================
--- trunk/libnet-oauth-perl/lib/Net/OAuth/Message.pm (original)
+++ trunk/libnet-oauth-perl/lib/Net/OAuth/Message.pm Fri Jun 5 12:23:32 2009
@@ -4,6 +4,9 @@
use base qw/Class::Data::Inheritable Class::Accessor/;
use URI::Escape;
use UNIVERSAL::require;
+use Net::OAuth;
+use URI;
+use URI::QueryParam;
use constant OAUTH_PREFIX => 'oauth_';
@@ -86,6 +89,18 @@
sub encode {
my $str = shift;
$str = "" unless defined $str;
+ unless($Net::OAuth::SKIP_UTF8_DOUBLE_ENCODE_CHECK) {
+ if ($str =~ /[\x80-\xFF]/) {
+ Encode->require;
+ no strict 'subs';
+ eval {
+ Encode::decode_utf8($str, 1);
+ };
+ unless ($@) {
+ warn "Warning: It looks like you are attempting to encode bytes that are already UTF-8 encoded. You should probably use decode_utf8() first. See the Net::OAuth manpage, I18N section";
+ }
+ }
+ }
return URI::Escape::uri_escape_utf8($str,'^\w.~-');
}
@@ -113,6 +128,13 @@
foreach my $k (keys %{$self->{extra_params}}) {
$params{$k} = $self->{extra_params}{$k};
}
+ if ($self->can('request_url')) {
+ my $url = $self->request_url;
+ _ensure_uri_object($url);
+ foreach my $k ($url->query_param) {
+ $params{$k} = $url->query_param($k);
+ }
+ }
}
if ($opts{hash}) {
return \%params;
@@ -158,15 +180,23 @@
my $self = shift;
my $realm = shift;
my $sep = shift || ",";
- return join($sep, "OAuth realm=\"$realm\"",
- $self->gather_message_parameters(quote => '"', add => [qw/signature/], no_extra => 1));
+ if (defined $realm) {
+ $realm = "realm=\"$realm\"$sep";
+ }
+ else {
+ $realm = "";
+ }
+ return "OAuth $realm" .
+ join($sep, $self->gather_message_parameters(quote => '"', add => [qw/signature/], no_extra => 1));
}
sub from_authorization_header {
my $proto = shift;
- my $class = ref $proto || $proto;
- my @header = split /[\s]*,[\s]*/, shift;
- shift @header;
+ my $header = shift;
+ my $class = ref $proto || $proto;
+ die "Header must start with \"OAuth \"" unless $header =~ s/OAuth //;
+ my @header = split /[\s]*,[\s]*/, $header;
+ shift @header if $header[0] =~ /^realm=/i;
return $class->_from_pairs(\@header, @_)
}
@@ -221,15 +251,15 @@
return $class->new(%msg_params, %api_params);
}
+sub _ensure_uri_object {
+ $_[0] = UNIVERSAL::isa($_[0], 'URI') ? $_[0] : URI->new($_[0]);
+}
+
sub from_url {
my $proto = shift;
my $class = ref $proto || $proto;
my $url = shift;
- require URI;
- require URI::QueryParam;
- if (!UNIVERSAL::isa($url, 'URI')) {
- $url = URI->new($url);
- }
+ _ensure_uri_object($url);
return $class->from_hash($url->query_form_hash, @_);
}
@@ -252,19 +282,21 @@
sub to_url {
my $self = shift;
- my $uri = shift;
- if (!defined $uri and $self->can('request_url') and defined $self->request_url) {
- $uri = $self->request_url;
- }
- if (defined $uri) {
- require URI;
- require URI::QueryParam;
- $uri = URI->new("$uri");
+ my $url = shift;
+ if (!defined $url and $self->can('request_url') and defined $self->request_url) {
+ $url = $self->request_url;
+ }
+ if (defined $url) {
+ _ensure_uri_object($url);
+ $url = $url->clone; # don't modify the URL that was passed in
+ $url->query(undef); # remove any existing query params, as these may cause the signature to break
my $params = $self->to_hash;
+ my $sep = '?';
foreach my $k (sort keys %$params) {
- $uri->query_param($k, $params->{$k});
+ $url .= $sep . encode($k) . '=' . encode( $params->{$k} );
+ $sep = '&' if $sep eq '?';
}
- return $uri;
+ return $url;
}
else {
return $self->to_post_body;
Modified: trunk/libnet-oauth-perl/lib/Net/OAuth/Request.pm
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libnet-oauth-perl/lib/Net/OAuth/Request.pm?rev=37458&op=diff
==============================================================================
--- trunk/libnet-oauth-perl/lib/Net/OAuth/Request.pm (original)
+++ trunk/libnet-oauth-perl/lib/Net/OAuth/Request.pm Fri Jun 5 12:23:32 2009
@@ -2,8 +2,10 @@
use warnings;
use strict;
use base qw/Net::OAuth::Message/;
+use URI;
+use URI::QueryParam;
-our $VERSION = '0.14';
+our $VERSION = '0.15';
__PACKAGE__->mk_classdata(required_message_params => [qw/
consumer_key
@@ -31,7 +33,7 @@
__PACKAGE__->mk_classdata(signature_elements => [qw/
request_method
- request_url
+ normalized_request_url
normalized_message_parameters
/]);
@@ -65,6 +67,15 @@
return $key;
}
+sub normalized_request_url {
+ my $self = shift;
+ my $url = $self->request_url;
+ Net::OAuth::Message::_ensure_uri_object($url);
+ $url->query(undef);
+ return $url;
+}
+
+
=head1 NAME
Net::OAuth::Request - base class for OAuth requests
Modified: trunk/libnet-oauth-perl/t/01-spec.t
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libnet-oauth-perl/t/01-spec.t?rev=37458&op=diff
==============================================================================
--- trunk/libnet-oauth-perl/t/01-spec.t (original)
+++ trunk/libnet-oauth-perl/t/01-spec.t Fri Jun 5 12:23:32 2009
@@ -2,7 +2,7 @@
use strict;
use warnings;
-use Test::More tests => 18;
+use Test::More tests => 21;
BEGIN {
use_ok( 'Net::OAuth' );
@@ -117,3 +117,23 @@
is($request->signature_base_string, 'POST&https%3A%2F%2Fphotos.example.net%2Frequest_token&oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dhsu94j3884jdopsl%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242090%26oauth_version%3D1.0');
is($request->signature, 'mBRi0bX78DgCdolSsSYibIGen7U=');
+
+$request = Net::OAuth::ProtectedResourceRequest->new(
+ consumer_key => 'dpf43f3p2l4k3l03',
+ consumer_secret => 'kd94hf93k423kf44',
+ request_url => 'http://photos.example.net/photos?file=vacation.jpg&size=original',
+ request_method => 'GET',
+ signature_method => 'HMAC-SHA1',
+ timestamp => '1191242096',
+ nonce => 'kllo9940pd9333jh',
+ token => 'nnch734d00sl2jdk',
+ token_secret => 'pfkkdhi9sl3r4s00',
+);
+
+$request->sign;
+
+ok($request->verify);
+
+is($request->signature_base_string, 'GET&http%3A%2F%2Fphotos.example.net%2Fphotos&file%3Dvacation.jpg%26oauth_consumer_key%3Ddpf43f3p2l4k3l03%26oauth_nonce%3Dkllo9940pd9333jh%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1191242096%26oauth_token%3Dnnch734d00sl2jdk%26oauth_version%3D1.0%26size%3Doriginal');
+
+is($request->signature, 'tR3+Ty81lMeYAr/Fid0kMTYa/WM=');
More information about the Pkg-perl-cvs-commits
mailing list