oauth - npm Package Compare versions

Comparing version 0.9.6 to 0.9.7

LICENSE

lib/oauth2.js

		var querystring= require('querystring'),
		crypto= require('crypto'),
		https= require('https'),
		http= require('http'),
		URL= require('url'),
		@@ -9,3 +10,3 @@ OAuthUtils= require('./_utils');
		this._clientId= clientId;
		this._clientSecret= clientSecret;
		this._clientSecret= clientSecret;
		this._baseSite= baseSite;
		@@ -32,6 +33,14 @@ this._authorizeUrl= authorizePath \|\| "/oauth/authorize";

		var creds = crypto.createCredentials({ });
		var parsedUrl= URL.parse( url, true );
		if( parsedUrl.protocol == "https:" && !parsedUrl.port ) parsedUrl.port= 443;

		var http_library= https;
		var creds = crypto.createCredentials({ });
		var parsedUrl= URL.parse( url, true );
		if( parsedUrl.protocol == "https:" && !parsedUrl.port ) {
		parsedUrl.port= 443;
		}

		// As this is OAUth2, we assume https unless told explicitly otherwise.
		if( parsedUrl.protocol != "https:" ) {
		http_library= http;
		}

		var realHeaders= {};
		@@ -77,3 +86,3 @@ if( headers ) {

		var request = https.request(options, function (response) {
		var request = http_library.request(options, function (response) {
		response.on("data", function (chunk) {
		@@ -100,3 +109,3 @@ result+= chunk
		request.end();
		}
		}

		@@ -116,3 +125,4 @@
		params['type']= 'web_server';
		params['code']= code;
		var codeParam = (params.grant_type === 'refresh_token') ? 'refresh_token' : 'code';
		params[codeParam]= code;

		@@ -144,6 +154,6 @@ var post_data= querystring.stringify( params );
		delete results["refresh_token"];
		callback(null, access_token, refresh_token);
		callback(null, access_token, refresh_token, results); // callback results =-=
		}
		});
		}
		}

		@@ -150,0 +160,0 @@ // Deprecated

package.json

		{ "name" : "oauth"
		, "description" : "Library for interacting with OAuth 1.0, 1.0A, 2 and Echo. Provides simplified client access and allows for construction of more complex apis and OAuth providers."
		, "version" : "0.9.6"
		, "version" : "0.9.7"
		, "directories" : { "lib" : "./lib" }
		@@ -14,2 +14,7 @@ , "main" : "index.js"
		}
		, "licenses" :
		[ { "type" : "MIT"
		, "url" : "http://github.com/ciaranj/node-oauth/raw/master/LICENSE"
		}
		]
		}

Readme.md

		@@ -7,3 +7,3 @@ node-oauth

		Also provides rudimentary OAuth2 support, tested against facebook connect and github. For more complete usage examples please take a look at connect-auth (http://github.com/ciaranj/connect-auth)
		Also provides rudimentary OAuth2 support, tested against facebook, github, foursquare, google and Janrain. For more complete usage examples please take a look at connect-auth (http://github.com/ciaranj/connect-auth)

		@@ -14,22 +14,56 @@

		* 0.9.6 - Support for 302 redirects on OAuth2 (Thanks Patrick Negri). Some code tidying. ( Thanks to Raoul Millais )
		* 0.9.5 - Allow usage of HTTP verbs other than GET for retrieving the access and request tokens (OAuth1) (Thanks to Raoul Millais)
		* 0.9.4 - Support for OAuth providers that drop connections (don't send response lengths? [Google]) And change OAuth2 getOAuthAccessToken to POST rather than GET ( Possible Breaking change!!! ... re-tested against Google, Github, Facebook, FourSquare and Janrain and seems ok .. is closer to the spec (v20) )
		* 0.9.3 - Adds support for following 301 redirects (Thanks bdickason)
		* 0.9.2 - Correct content length calculated for non-ascii post bodies (Thanks selead)
		Allowed for configuration of the 'access token' name used when requesting protected resources (OAuth2)
		* 0.9.1 - Added support for automatically following 302 redirects (Thanks neyric) Added support for OAuth Echo (Thanks Ryan LeFevre). Improved handling of 2xx responses (Thanks Neil Mansilla).
		* 0.9.0 - Compatibility fixes to bring node-oauth up to speed with node.js 0.4x [thanks to Rasmus Andersson for starting the work ]
		* 0.8.4 - Fixed issue #14 (Parameter ordering ignored encodings). Added support for repeated parameter names. Implements issue #15 (Use native SHA1 if available, 10x speed improvement!). Fixed issue #16 (Should use POST when requesting access tokens.). Fixed Issue #17 (OAuth2 spec compliance). Implemented enhancement #13 (Adds support for PUT & DELETE http verbs). Fixes issue #18 (Complex/Composite url arguments [thanks novemberborn])
		* 0.8.3 - Fixed an issue where the auth header code depended on the Array's toString method (Yohei Sasaki) Updated the getOAuthRequestToken method so we can access google's OAuth secured methods. Also re-implemented and fleshed out the test suite.
		* 0.8.2 - The request returning methods will now write the POST body if provided (Chris Anderson), the code responsible for manipulating the headers is a bit safe now when working with other code (Paul McKellar) and tweaked the package.json to use index.js instead of main.js
		* 0.8.1 - Added mechanism to get hold of a signed Node Request object, ready for attaching response listeners etc. (Perfect for streaming APIs)
		* 0.8.0 - Standardised method capitalisation, the old getOauthAccessToken is now getOAuthAccessToken (Breaking change to existing code)
		* 0.7.7 - Looks like non oauth_ parameters where appearing within the Authorization headers, which I believe to be incorrect.
		* 0.7.6 - Added in oauth_verifier property to getAccessToken required for 1.0A
		* 0.7.5 - Added in a main.js to simplify the require'ing of OAuth
		* 0.7.4 - Minor change to add an error listener to the OAuth client (thanks troyk)
		* 0.7.3 - OAuth 2 now sends a Content-Length Http header to keep nginx happy :)
		* 0.7.2 - Fixes some broken unit tests!
		* 0.7.0 - Introduces support for HTTPS end points and callback URLS for OAuth 1.0A and Oauth 2 (Please be aware that this was a breaking change to the constructor arguments order)
		* 0.9.7
		- OAuth2: Pass back any extra response data for calls to getOAuthAccessToken (Thanks to Tang Bo Hao)
		- OAuth2: Don't force a https request if given a http url (Thanks to Damien Mathieu)
		- OAuth2: Supports specifying a grant-type of 'refresh-token' (Thanks to Luke Baker)
		* 0.9.6
		- OAuth2: Support for 302 redirects (Thanks Patrick Negri).
		- OAuth1/2: Some code tidying. ( Thanks to Raoul Millais )
		* 0.9.5
		- OAuth1: Allow usage of HTTP verbs other than GET for retrieving the access and request tokens (Thanks to Raoul Millais)
		* 0.9.4
		- OAuth1/2: Support for OAuth providers that drop connections (don't send response lengths? [Google])
		- OAuth2: Change getOAuthAccessToken to POST rather than GET ( Possible Breaking change!!! ... re-tested against Google, Github, Facebook, FourSquare and Janrain and seems ok .. is closer to the spec (v20) )
		* 0.9.3
		- OAuth1: Adds support for following 301 redirects (Thanks bdickason)
		* 0.9.2
		- OAuth1: Correct content length calculated for non-ascii post bodies (Thanks selead)
		- OAuth1: Allowed for configuration of the 'access token' name used when requesting protected resources (OAuth2)
		* 0.9.1
		- OAuth1: Added support for automatically following 302 redirects (Thanks neyric)
		- OAuth1: Added support for OAuth Echo (Thanks Ryan LeFevre).
		- OAuth1: Improved handling of 2xx responses (Thanks Neil Mansilla).
		* 0.9.0
		- OAuth1/2: Compatibility fixes to bring node-oauth up to speed with node.js 0.4x [thanks to Rasmus Andersson for starting the work ]
		* 0.8.4
		- OAuth1: Fixed issue #14 (Parameter ordering ignored encodings).
		- OAuth1: Added support for repeated parameter names.
		- OAuth1/2: Implements issue #15 (Use native SHA1 if available, 10x speed improvement!).
		- OAuth2: Fixed issue #16 (Should use POST when requesting access tokens.).
		- OAuth2: Fixed Issue #17 (OAuth2 spec compliance).
		- OAuth1: Implemented enhancement #13 (Adds support for PUT & DELETE http verbs).
		- OAuth1: Fixes issue #18 (Complex/Composite url arguments [thanks novemberborn])
		* 0.8.3
		- OAuth1: Fixed an issue where the auth header code depended on the Array's toString method (Yohei Sasaki) Updated the getOAuthRequestToken method so we can access google's OAuth secured methods. Also re-implemented and fleshed out the test suite.
		* 0.8.2
		- OAuth1: The request returning methods will now write the POST body if provided (Chris Anderson), the code responsible for manipulating the headers is a bit safe now when working with other code (Paul McKellar)
		- Package: Tweaked the package.json to use index.js instead of main.js
		* 0.8.1
		- OAuth1: Added mechanism to get hold of a signed Node Request object, ready for attaching response listeners etc. (Perfect for streaming APIs)
		* 0.8.0
		- OAuth1: Standardised method capitalisation, the old getOauthAccessToken is now getOAuthAccessToken (Breaking change to existing code)
		* 0.7.7
		- OAuth1: Looks like non oauth_ parameters where appearing within the Authorization headers, which I believe to be incorrect.
		* 0.7.6
		- OAuth1: Added in oauth_verifier property to getAccessToken required for 1.0A
		* 0.7.5
		- Package: Added in a main.js to simplify the require'ing of OAuth
		* 0.7.4
		- OAuth1: Minor change to add an error listener to the OAuth client (thanks troyk)
		* 0.7.3
		- OAuth2: Now sends a Content-Length Http header to keep nginx happy :)
		* 0.7.2
		- OAuth1: Fixes some broken unit tests!
		* 0.7.0
		- OAuth1/2: Introduces support for HTTPS end points and callback URLS for OAuth 1.0A and Oauth 2 (Please be aware that this was a breaking change to the constructor arguments order)

		@@ -44,1 +78,4 @@ Contributors
		* Patrick Negri - http://github.com/pnegri
		* Tang Bo Hao - http://github.com/btspoony
		* Damien Mathieu - http://42.dmathieu.com
		* Luke Baker - http://github.com/lukebaker

tests/oauth2.js

		@@ -6,4 +6,5 @@ var vows = require('vows'),
		vows.describe('OAuth2').addBatch({
		'When handling the access token response': {
		topic: new OAuth2(),
		'Given an OAuth2 instance, ': {
		topic: new OAuth2(),
		'When handling the access token response': {
		'we should correctly extract the token if received as form-data': function (oa) {
		@@ -26,4 +27,43 @@ oa._request= function( method, url, fo, bar, bleh, callback) {
		});
		},
		'we should return the received data to the calling method': function (oa) {
		oa._request= function(method, url, headers, post_body, access_token, callback) {
		callback(null, '{"access_token":"access","refresh_token":"refresh","extra_1":1, "extra_2":"foo"}');
		};
		oa.getOAuthAccessToken("", {}, function(error, access_token, refresh_token, results) {
		assert.equal( access_token, "access");
		assert.equal( refresh_token, "refresh");
		assert.isNotNull( results );
		assert.equal( results.extra_1, 1);
		assert.equal( results.extra_2, "foo");
		});
		}
		},
		'When no grant_type parameter is specified': {
		'we should pass the value of the code argument as the code parameter': function(oa) {
		oa._request= function(method, url, headers, post_body, access_token, callback) {
		assert.isTrue( post_body.indexOf("code=xsds23") != -1 )
		}
		oa.getOAuthAccessToken("xsds23", {} );
		}
		},
		'When an invalid grant_type parameter is specified': {
		'we should pass the value of the code argument as the code parameter': function(oa) {
		oa._request= function(method, url, headers, post_body, access_token, callback) {
		assert.isTrue( post_body.indexOf("code=xsds23") != -1 )
		}
		oa.getOAuthAccessToken("xsds23", {grant_type:"refresh_toucan"} );
		}
		},
		'When a grant_type parameter of value "refresh_token" is specified': {
		'we should pass the value of the code argument as the refresh_token parameter, should pass a grant_type parameter, but shouldn\'t pass a code parameter' : function(oa) {
		oa._request= function(method, url, headers, post_body, access_token, callback) {
		assert.isTrue( post_body.indexOf("refresh_token=sdsds2") != -1 )
		assert.isTrue( post_body.indexOf("grant_type=refresh_token") != -1 )
		assert.isTrue( post_body.indexOf("code=") == -1 )
		}
		oa.getOAuthAccessToken("sdsds2", {grant_type:"refresh_token"} );
		}
		}
		}
		}).export(module);

debian/changelog

debian/compat

debian/control

debian/copyright

debian/dirs

debian/install

debian/rules

debian/source/format

oauth - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics