X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/dbd88d893f3c3fce9cafd666b94396988646d81f..ddb140f3877007249b8bac30dda575e56a1586f9:/config/initializers/oauth.rb

diff --git a/config/initializers/oauth.rb b/config/initializers/oauth.rb
index 3b4f06a2e..57b89564f 100644
--- a/config/initializers/oauth.rb
+++ b/config/initializers/oauth.rb
@@ -1,9 +1,26 @@
 require "oauth/controllers/provider_controller"
+require "oauth/helper"
 require "oauth/rack/oauth_filter"
 
 Rails.configuration.middleware.use OAuth::Rack::OAuthFilter
 
 module OAuth
+  module Helper
+    def escape(value)
+      value.to_s.gsub(OAuth::RESERVED_CHARACTERS) do |c|
+        c.bytes.map do |b|
+          format("%%%02X", b)
+        end.join
+      end.force_encoding(Encoding::US_ASCII)
+    end
+
+    def unescape(value)
+      value.to_s.gsub(/%\h{2}/) do |c|
+        c[1..].to_i(16).chr
+      end.force_encoding(Encoding::UTF_8)
+    end
+  end
+
   module RequestProxy
     class RackRequest
       def method
@@ -16,6 +33,7 @@ end
 module OpenStreetMap
   module ProviderController
     def self.prepended(mod)
+      super
       mod.singleton_class.prepend(OpenStreetMap::ProviderController::ClassMethods)
     end
 
@@ -34,12 +52,12 @@ module OpenStreetMap
     module ClassMethods
       def included(controller)
         controller.class_eval do
-          def self.before_filter(*names, &blk)
-            before_action(*names, &blk)
+          def self.before_filter(...)
+            before_action(...)
           end
 
-          def self.skip_before_filter(*names, &blk)
-            skip_before_action(*names, &blk)
+          def self.skip_before_filter(...)
+            skip_before_action(...)
           end
         end
 
@@ -47,6 +65,26 @@ module OpenStreetMap
       end
     end
   end
+
+  module OAuthFilter
+    def oauth1_verify(request, options = {}, &block)
+      signature = OAuth::Signature.build(request, options, &block)
+      return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp)
+
+      value = signature.verify
+      if request.ssl? && !value
+        http_request = request.dup
+        http_request.define_singleton_method(:scheme) { "http" }
+        http_request.define_singleton_method(:port) { 80 }
+        signature = OAuth::Signature.build(http_request, options, &block)
+        value = signature.verify
+      end
+      value
+    rescue OAuth::Signature::UnknownSignatureMethod
+      false
+    end
+  end
 end
 
 OAuth::Controllers::ProviderController.prepend(OpenStreetMap::ProviderController)
+OAuth::Rack::OAuthFilter.prepend(OpenStreetMap::OAuthFilter)