X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/ce9066797cb8bd2f3ae4b1590a3516580e44db36..9416317e6428e8b6a801edba8bbbc27ee27dc7cc:/config/initializers/oauth.rb?ds=sidebyside diff --git a/config/initializers/oauth.rb b/config/initializers/oauth.rb index 421ca2bf9..812e6610d 100644 --- a/config/initializers/oauth.rb +++ b/config/initializers/oauth.rb @@ -1,9 +1,26 @@ require "oauth/controllers/provider_controller" +require "oauth/helper" require "oauth/rack/oauth_filter" Rails.configuration.middleware.use OAuth::Rack::OAuthFilter module OAuth + module Helper + def escape(value) + value.to_s.gsub(OAuth::RESERVED_CHARACTERS) do |c| + c.bytes.map do |b| + format("%%%02X", b) + end.join + end.force_encoding(Encoding::US_ASCII) + end + + def unescape(value) + value.to_s.gsub(/%\h{2}/) do |c| + c[1..].to_i(16).chr + end.force_encoding(Encoding::UTF_8) + end + end + module RequestProxy class RackRequest def method @@ -16,34 +33,35 @@ end module OpenStreetMap module ProviderController def self.prepended(mod) + super mod.singleton_class.prepend(OpenStreetMap::ProviderController::ClassMethods) end def render(options = {}) text = options.delete(:text) if text - super options.merge(:plain => text) + super(options.merge(:plain => text)) elsif options.delete(:nothing) status = options.delete(:status) || :ok head status, options else - super options + super end end module ClassMethods def included(controller) controller.class_eval do - def self.before_filter(*names, &blk) - before_action(*names, &blk) + def self.before_filter(...) + before_action(...) end - def self.skip_before_filter(*names, &blk) - skip_before_action(*names, &blk) + def self.skip_before_filter(...) + skip_before_action(...) end end - super controller + super end end end @@ -52,6 +70,7 @@ module OpenStreetMap def oauth1_verify(request, options = {}, &block) signature = OAuth::Signature.build(request, options, &block) return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp) + value = signature.verify if request.ssl? && !value http_request = request.dup