X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/ae4487921350e141efed42fdf7cd3fd70d72bc97..3c2780f2c3463cbaa6953d7ee8edec93baa863dd:/config/initializers/oauth.rb?ds=inline diff --git a/config/initializers/oauth.rb b/config/initializers/oauth.rb index 421ca2bf9..fbe4ad219 100644 --- a/config/initializers/oauth.rb +++ b/config/initializers/oauth.rb @@ -1,9 +1,26 @@ require "oauth/controllers/provider_controller" +require "oauth/helper" require "oauth/rack/oauth_filter" Rails.configuration.middleware.use OAuth::Rack::OAuthFilter module OAuth + module Helper + def escape(value) + value.to_s.gsub(OAuth::RESERVED_CHARACTERS) do |c| + c.bytes.map do |b| + format("%%%02X", b) + end.join + end.force_encoding(Encoding::US_ASCII) + end + + def unescape(value) + value.to_s.gsub(/%\h{2}/) do |c| + c[1..].to_i(16).chr + end.force_encoding(Encoding::UTF_8) + end + end + module RequestProxy class RackRequest def method @@ -16,34 +33,35 @@ end module OpenStreetMap module ProviderController def self.prepended(mod) + super mod.singleton_class.prepend(OpenStreetMap::ProviderController::ClassMethods) end def render(options = {}) text = options.delete(:text) if text - super options.merge(:plain => text) + super(options.merge(:plain => text)) elsif options.delete(:nothing) status = options.delete(:status) || :ok head status, options else - super options + super(options) end end module ClassMethods def included(controller) controller.class_eval do - def self.before_filter(*names, &blk) - before_action(*names, &blk) + def self.before_filter(...) + before_action(...) end - def self.skip_before_filter(*names, &blk) - skip_before_action(*names, &blk) + def self.skip_before_filter(...) + skip_before_action(...) end end - super controller + super(controller) end end end @@ -52,6 +70,7 @@ module OpenStreetMap def oauth1_verify(request, options = {}, &block) signature = OAuth::Signature.build(request, options, &block) return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp) + value = signature.verify if request.ssl? && !value http_request = request.dup