anideo-authlogic-connect 0.0.6

data/lib/authlogic_connect/oauth/tokens/ohloh_token.rb

@@ -0,0 +1,9 @@
+# https://www.ohloh.net/
+# http://www.ohloh.net/api/oauth
+class OhlohToken < OauthToken
+  
+  key :user_id
+
+  settings "http://www.ohloh.net"
+
+end

data/lib/authlogic_connect/oauth/tokens/twitter_token.rb

@@ -0,0 +1,8 @@
+class TwitterToken < OauthToken
+  
+  key :user_id
+  
+  settings "http://api.twitter.com",
+    :authorize_url => "http://api.twitter.com/oauth/authenticate"
+  
+end

data/lib/authlogic_connect/oauth/tokens/vimeo_token.rb

@@ -0,0 +1,18 @@
+# http://www.vimeo.com/api/docs/oauth
+# http://www.vimeo.com/api/applications/new
+# http://vimeo.com/api/applications
+class VimeoToken < OauthToken
+  
+  key do |access_token|
+    body = JSON.parse(access_token.get("http://vimeo.com/api/v2/#{access_token.token}/info.json"))
+    user_id = body.first["id"]
+  end
+  
+  settings "http://vimeo.com",
+    :request_token_path => "/oauth/request_token",
+    :authorize_path     => "/oauth/authorize",
+    :access_token_path  => "/oauth/access_token",
+    :http_method        => "get",
+    :scheme             => :query_string
+  
+end

data/lib/authlogic_connect/oauth/tokens/yahoo_token.rb

@@ -0,0 +1,19 @@
+# https://developer.apps.yahoo.com/dashboard/createKey.html
+# https://developer.apps.yahoo.com/projects
+# http://developer.yahoo.com/oauth/guide/oauth-accesstoken.html
+# http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html
+# http://code.google.com/apis/gadgets/docs/oauth.html
+# http://developer.yahoo.com/social/rest_api_guide/web-services-guids.html
+# A GUID identifies a person
+# http://social.yahooapis.com/v1/me/guid
+class YahooToken < OauthToken
+  
+  # http://social.yahooapis.com/v1/me/guid
+  key :xoauth_yahoo_guid
+  
+  settings "https://api.login.yahoo.com",
+    :request_token_path => '/oauth/v2/get_request_token',
+    :access_token_path  => '/oauth/v2/get_token',
+    :authorize_path     => '/oauth/v2/request_auth'
+  
+end

data/lib/authlogic_connect/oauth/user.rb

@@ -0,0 +1,64 @@
+module AuthlogicConnect::Oauth::User
+  
+  def self.included(base)
+    base.class_eval do
+      # add_acts_as_authentic_module makes sure it is
+      # only added to the user model, not all activerecord models.
+      add_acts_as_authentic_module(InstanceMethods, :prepend)
+    end
+  end
+  
+  module InstanceMethods
+    include AuthlogicConnect::Oauth::Process
+    
+    # Set up some simple validations
+    def self.included(base)
+      base.class_eval do
+        
+        validate :validate_by_oauth, :if => :authenticating_with_oauth?
+        
+        # need these validation options if you don't want it to choke
+        # on password length, which you don't need if you're using oauth
+        validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_oauth?)
+        validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_oauth?)
+        validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_oauth?)
+        validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_oauth?)
+        validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_oauth?)
+        
+      end
+    end
+    
+    # user adds a few extra things to this method from Process
+    # modules work like inheritance
+    def save_oauth_session
+      super
+      auth_session[:auth_attributes] = attributes.reject!{|k, v| v.blank? || !self.respond_to?(k)} unless is_auth_session?
+    end
+    
+    def redirect_to_oauth
+      return has_token?(oauth_provider) ? false : super
+    end
+    
+    def restore_attributes
+      # Restore any attributes which were saved before redirecting to the auth server
+      self.attributes = auth_session[:auth_attributes]
+    end
+    
+    # single implementation method for oauth.
+    # this is called after we get the callback url and we are saving the user
+    # to the database.
+    # it is called by the validation chain.
+    def complete_oauth_transaction
+      token = token_class.new(oauth_token_and_secret)
+      old_token = token_class.find_by_key_or_token(token.key, token.token)
+      token = old_token if old_token
+      
+      if has_token?(oauth_provider)
+        self.errors.add(:tokens, "you have already created an account using your #{token_class.service_name} account, so it")
+      else
+        self.access_tokens << token
+      end
+    end
+    
+  end
+end

data/lib/authlogic_connect/oauth/variables.rb

@@ -0,0 +1,64 @@
+module AuthlogicConnect::Oauth::Variables
+  include AuthlogicConnect::Oauth::State
+  
+  # this doesn't do anything yet, just to show what variables
+  # we need from the form
+  def oauth_variables
+    [:oauth_provider]
+  end
+    
+  # this comes straight from either the params or session.
+  # it is required for most of the other accessors in here
+  def oauth_provider
+    from_session_or_params(:oauth_provider)
+  end
+  
+  # next is "token_class", which is found from the oauth_provider key.
+  # it is the OauthToken subclass, such as TwitterToken, which we
+  # use as the api for accessing oauth and saving the response to the database for a user.
+  def token_class
+    AuthlogicConnect.token(oauth_provider) unless oauth_provider.blank?
+  end
+  
+  # This should go...
+  def oauth_response
+    auth_params && oauth_token
+  end
+  
+  # the token from the response parameters
+  def oauth_token
+    return nil unless token_class
+    oauth_version == 1.0 ? auth_params[:oauth_token] : auth_params[:code]
+  end
+  
+  # the version of oauth we're using.  Accessed from the OauthToken subclass
+  def oauth_version
+    token_class.oauth_version
+  end
+  
+  # the Oauth gem consumer, whereby we can make requests to the server
+  def oauth_consumer
+    token_class.consumer
+  end
+  
+  def stored_oauth_token_and_secret
+    if auth_controller?
+      {:key => auth_params[:_key], :token => auth_params[:_token], :secret => auth_params[:_secret]}
+    else
+      {:key => nil, :token => nil, :secret => nil}
+    end
+  end
+  
+  # this is a thick method.
+  # it gives you the final key and secret that we will store in the database
+  def oauth_token_and_secret
+    return stored_oauth_token_and_secret if stored_oauth_token_and_secret?
+    token_class.get_token_and_secret(
+      :token          => auth_session[:oauth_request_token],
+      :secret         => oauth_version == 1.0 ? auth_session[:oauth_request_token_secret] : oauth_token,
+      :oauth_verifier => auth_params[:oauth_verifier],
+      :redirect_uri   => auth_callback_url
+    )
+  end
+  
+end

data/lib/authlogic_connect/openid.rb

@@ -0,0 +1,11 @@
+module AuthlogicConnect::Openid
+end
+
+require File.dirname(__FILE__) + "/openid/state"
+require File.dirname(__FILE__) + "/openid/variables"
+require File.dirname(__FILE__) + "/openid/process"
+require File.dirname(__FILE__) + "/openid/user"
+require File.dirname(__FILE__) + "/openid/session"
+
+ActiveRecord::Base.send(:include, AuthlogicConnect::Openid::User)
+Authlogic::Session::Base.send(:include, AuthlogicConnect::Openid::Session)

data/lib/authlogic_connect/openid/process.rb

@@ -0,0 +1,74 @@
+module AuthlogicConnect::Openid::Process
+
+  include AuthlogicConnect::Openid::Variables
+  
+  def start_openid
+    save_openid_session
+    call_openid
+  end
+  
+  def complete_openid
+    restore_attributes
+    call_openid
+  end
+  
+  def call_openid
+    options = {}
+    options[:return_to] = auth_callback_url
+    # this is called both on start and complete.
+    # reason being, in the open_id_authentication library (where "authenticate_with_open_id" is defined),
+    # it checks the rack session to find openid pareters, and knows whether we're at
+    # start or complete
+    auth_controller.send(:authenticate_with_open_id, openid_identifier, options) do |result, openid_identifier|
+      complete_openid_transaction(result, openid_identifier)
+      return true
+    end
+    return false
+  end
+  
+  def complete_openid_transaction(result, openid_identifier)
+    if result.unsuccessful?
+      errors.add_to_base(result.message)
+    end
+    
+    if AccessToken.find_by_key(openid_identifier.normalize_identifier)
+    else
+      token = OpenidToken.new(:key => openid_identifier)
+      self.access_tokens << token
+      self.active_token = token
+    end
+  end
+  
+  # want to do this after the final save
+  def cleanup_openid_session
+    [:auth_attributes, :authentication_type, :auth_callback_method].each {|key| remove_session_key(key)}
+    auth_session.each_key do |key|
+      remove_session_key(key) if key.to_s =~ /^OpenID/
+    end
+  end
+  
+  def validate_by_openid
+    if processing_authentication
+      authentication_protocol(:openid, :start) || authentication_protocol(:openid, :complete)
+      errors.add(:access_tokens, "had the following error: #{@openid_error}") if @openid_error
+    end
+  end
+  
+  def save_openid_session
+    # Tell our rack callback filter what method the current request is using
+    auth_session[:auth_callback_method]   = auth_controller.request.method
+    auth_session[:auth_attributes]        = attributes_to_save
+    auth_session[:authentication_type]    = auth_params[:authentication_type]
+    auth_session[:auth_method]            = "openid"
+  end
+  
+  def attributes_to_save
+    {}
+  end
+  
+  def restore_attributes
+    # Restore any attributes which were saved before redirecting to the auth server
+    self.attributes = auth_session[:auth_attributes] unless is_auth_session?
+  end
+  
+end

data/lib/authlogic_connect/openid/session.rb

@@ -0,0 +1,56 @@
+module AuthlogicConnect::Openid
+  # This module is responsible for adding all of the OpenID goodness to the Authlogic::Session::Base class.
+  module Session
+    # Add a simple openid_identifier attribute and some validations for the field.
+    def self.included(klass)
+      klass.class_eval do
+        include InstanceMethods
+      end
+    end
+    
+    module InstanceMethods
+      include AuthlogicConnect::Openid::Process
+      
+      def self.included(klass)
+        klass.class_eval do
+          validate :validate_by_openid, :if => :authenticating_with_openid?
+        end
+      end
+      
+      # Hooks into credentials so that you can pass an :openid_identifier key.
+      def credentials=(value)
+        super
+        values = value.is_a?(Array) ? value : [value]
+        hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
+      end
+      
+      private
+        
+        def auto_register?
+          false
+        end
+        
+        def complete_openid_transaction(result, openid_identifier)
+          if result.unsuccessful?
+            errors.add_to_base(result.message)
+          end
+          
+          token = AccessToken.find_by_key(openid_identifier.normalize_identifier, :include => [:user])
+          
+          self.attempted_record = token.user if token
+          
+          if !attempted_record
+            if auto_register?
+              self.attempted_record = klass.new
+              self.attempted_record.access_tokens << OpenidToken.new(:key => openid_identifier.normalize_identifier)
+              self.attempted_record.save
+            else
+              auth_session[:openid_identifier] = openid_identifier
+              errors.add(:user, "Could not find user in our database, have you registered with your openid account?")
+            end
+          end
+        end
+        
+    end
+  end
+end

data/lib/authlogic_connect/openid/state.rb

@@ -0,0 +1,48 @@
+# all these methods must return true or false
+module AuthlogicConnect::Openid::State
+
+  # 1. to call
+  def openid_request?
+    !openid_identifier.blank? && auth_session[:auth_attributes].nil?
+  end
+  
+  def openid_identifier?
+    openid_request?
+  end
+  
+  def openid_provider?
+    
+  end
+  
+  # 2. from call
+  # better check needed
+  def openid_response?
+    auth_controller? && !auth_session[:auth_attributes].nil? && auth_session[:auth_method] == "openid"
+  end
+  alias_method :openid_complete?, :openid_response?
+  
+  # 3. either to or from call
+  # this should include more!
+  # we know we are using open id if:
+  #   the params passed in have "openid_identifier"
+  def using_openid?
+    auth_controller? && (openid_request? || openid_response?)
+  end
+  
+  def authenticating_with_openid?
+    auth_controller? && auth_class.activated? && using_openid?
+  end
+  
+  def start_openid?
+    authenticating_with_openid? && !openid_response?
+  end
+
+  def complete_openid?
+    openid_complete?
+  end
+  
+  def validate_password_with_openid?
+    !using_openid? && require_password?
+  end
+  
+end

data/lib/authlogic_connect/openid/tokens/my_openid_token.rb

@@ -0,0 +1,3 @@
+class MyOpenidToken < OpenidToken
+  
+end

data/lib/authlogic_connect/openid/tokens/openid_token.rb

@@ -0,0 +1,9 @@
+class OpenidToken < AccessToken
+  
+  before_save :format_identifier
+  
+  def format_identifier
+    self.key = self.key.to_s.normalize_identifier unless self.key.blank?
+  end
+  
+end

data/lib/authlogic_connect/openid/user.rb

@@ -0,0 +1,38 @@
+module AuthlogicConnect::Openid
+  module User
+    def self.included(base)
+      base.class_eval do
+        add_acts_as_authentic_module(AuthlogicConnect::Openid::Process, :prepend)
+        add_acts_as_authentic_module(InstanceMethods, :append)
+      end
+    end
+    
+    module InstanceMethods
+      
+      def self.included(base)        
+        base.class_eval do
+          validate :validate_by_openid, :if => :authenticating_with_openid?
+          
+          validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_openid?)
+          validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_openid?)
+          validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_openid?)
+          validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_openid?)
+          validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_openid?)
+        end
+      end
+      
+      def attributes_to_save
+        attr_list = [:id, :password, crypted_password_field, password_salt_field, :persistence_token, :perishable_token, :single_access_token, :login_count, 
+          :failed_login_count, :last_request_at, :current_login_at, :last_login_at, :current_login_ip, :last_login_ip, :created_at,
+          :updated_at, :lock_version]
+        attrs_to_save = attributes.clone.delete_if do |k, v|
+          attr_list.include?(k.to_sym)
+        end
+        if self.respond_to?(:password) && self.respond_to?(:password_confirmation)
+          attrs_to_save.merge!(:password => password, :password_confirmation => password_confirmation)
+        end
+        attrs_to_save.reject!{|k, v| v.blank? || !self.respond_to?(k)}
+      end
+    end
+  end
+end