applidget-oauth2 0.0.1 → 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +1 -0
- data/applidget-oauth2-0.0.1.gem +0 -0
- data/lib/applidget/oauth2/version.rb +1 -1
- data/lib/applidget/oauth2.rb +62 -2
- metadata +2 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 05aa7b5dfc529e46a0c60b09f49fed698652907e
|
4
|
+
data.tar.gz: 00d9855f29cb3f2064b7d3ddae2a42764e1662e3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7391cda0ba0b4e5066694f3a6f6d3bdb975e098f8ab89a0573eabe24deb14442f29119e7b852567f5bef200eabf0e48d0f0a35144b539545c71141ee1b63f483
|
7
|
+
data.tar.gz: 51517ff15213b0f2df1ee87c1524f25fe566bd5b593c3e5e6d2521bf7be676a7e5382793edd7686e3885bf2a4d80d36ba407dd81d4471e1db2d3a731b2df6dd8
|
data/Gemfile
CHANGED
Binary file
|
data/lib/applidget/oauth2.rb
CHANGED
@@ -2,8 +2,68 @@ require "applidget/oauth2/version"
|
|
2
2
|
|
3
3
|
module Applidget
|
4
4
|
module Oauth2
|
5
|
-
|
6
|
-
|
5
|
+
require 'oauth2'
|
6
|
+
# Any Oauth2 protocol with Applidget Accounts should be implemented by inheriting from this controller.
|
7
|
+
# You should provide a method '@options' that defines a hash with the right parameters, e.g. :
|
8
|
+
#
|
9
|
+
# def @options
|
10
|
+
# {
|
11
|
+
# model: "guest",
|
12
|
+
# api: "/api/v1/me.json",
|
13
|
+
# request_params: { hd: params[:hd], auth: params[:auth], scope: "public" },
|
14
|
+
# callback_url: generic_url_from callback_guests_auth_applidget_accounts_path
|
15
|
+
# }
|
16
|
+
# end
|
17
|
+
#
|
18
|
+
# You should also override callback method : the parsed response from the api will be given by calling
|
19
|
+
# the super method, e.g. :
|
20
|
+
#
|
21
|
+
# def callback
|
22
|
+
# guest_hash = super
|
23
|
+
# # your code ...
|
24
|
+
# end
|
25
|
+
|
26
|
+
before_filter :check_csrf, :only => [:callback]
|
27
|
+
|
28
|
+
def request_uri(options)
|
29
|
+
@options = options
|
30
|
+
client.auth_code.authorize_url({:redirect_uri => @options[:callback_url]}.merge(request_params))
|
31
|
+
end
|
32
|
+
|
33
|
+
def access_token(options, params)
|
34
|
+
@options = options
|
35
|
+
@params = params
|
36
|
+
if check_csrf
|
37
|
+
@access_token = build_access_token
|
38
|
+
@access_token.get(@options[:api]).parsed
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
private
|
43
|
+
|
44
|
+
def client
|
45
|
+
@client ||= ::OAuth2::Client.new(@options[:client_id], @options[:client_secret], { :site => @options[:provider_host] })
|
46
|
+
end
|
47
|
+
|
48
|
+
def build_access_token
|
49
|
+
client.auth_code.get_token(@params['code'], {:redirect_uri => @options[:callback_url]}, {})
|
50
|
+
end
|
51
|
+
|
52
|
+
def set_csrf_token
|
53
|
+
csrf_token = SecureRandom.urlsafe_base64(15).tr('lIO0', 'sxyz')
|
54
|
+
state = csrf_token #TODO: embed other information here if necessary
|
55
|
+
cookies["oauth2.csrf_token"] = state
|
56
|
+
state
|
57
|
+
end
|
58
|
+
|
59
|
+
def check_csrf
|
60
|
+
state = @params[:state]
|
61
|
+
state != cookies.delete("oauth2.csrf_token")
|
62
|
+
end
|
63
|
+
|
64
|
+
def request_params
|
65
|
+
state = set_csrf_token
|
66
|
+
@options[:request_params].merge({state: state})
|
7
67
|
end
|
8
68
|
end
|
9
69
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: applidget-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- aymericbouzy
|
@@ -52,6 +52,7 @@ files:
|
|
52
52
|
- LICENSE.txt
|
53
53
|
- README.md
|
54
54
|
- Rakefile
|
55
|
+
- applidget-oauth2-0.0.1.gem
|
55
56
|
- applidget-oauth2.gemspec
|
56
57
|
- lib/applidget/oauth2.rb
|
57
58
|
- lib/applidget/oauth2/version.rb
|