applidget-oauth2 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -0
- data/applidget-oauth2-0.0.1.gem +0 -0
- data/lib/applidget/oauth2/version.rb +1 -1
- data/lib/applidget/oauth2.rb +62 -2
- metadata +2 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 05aa7b5dfc529e46a0c60b09f49fed698652907e
|
4
|
+
data.tar.gz: 00d9855f29cb3f2064b7d3ddae2a42764e1662e3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7391cda0ba0b4e5066694f3a6f6d3bdb975e098f8ab89a0573eabe24deb14442f29119e7b852567f5bef200eabf0e48d0f0a35144b539545c71141ee1b63f483
|
7
|
+
data.tar.gz: 51517ff15213b0f2df1ee87c1524f25fe566bd5b593c3e5e6d2521bf7be676a7e5382793edd7686e3885bf2a4d80d36ba407dd81d4471e1db2d3a731b2df6dd8
|
data/Gemfile
CHANGED
Binary file
|
data/lib/applidget/oauth2.rb
CHANGED
@@ -2,8 +2,68 @@ require "applidget/oauth2/version"
|
|
2
2
|
|
3
3
|
module Applidget
|
4
4
|
module Oauth2
|
5
|
-
|
6
|
-
|
5
|
+
require 'oauth2'
|
6
|
+
# Any Oauth2 protocol with Applidget Accounts should be implemented by inheriting from this controller.
|
7
|
+
# You should provide a method '@options' that defines a hash with the right parameters, e.g. :
|
8
|
+
#
|
9
|
+
# def @options
|
10
|
+
# {
|
11
|
+
# model: "guest",
|
12
|
+
# api: "/api/v1/me.json",
|
13
|
+
# request_params: { hd: params[:hd], auth: params[:auth], scope: "public" },
|
14
|
+
# callback_url: generic_url_from callback_guests_auth_applidget_accounts_path
|
15
|
+
# }
|
16
|
+
# end
|
17
|
+
#
|
18
|
+
# You should also override callback method : the parsed response from the api will be given by calling
|
19
|
+
# the super method, e.g. :
|
20
|
+
#
|
21
|
+
# def callback
|
22
|
+
# guest_hash = super
|
23
|
+
# # your code ...
|
24
|
+
# end
|
25
|
+
|
26
|
+
before_filter :check_csrf, :only => [:callback]
|
27
|
+
|
28
|
+
def request_uri(options)
|
29
|
+
@options = options
|
30
|
+
client.auth_code.authorize_url({:redirect_uri => @options[:callback_url]}.merge(request_params))
|
31
|
+
end
|
32
|
+
|
33
|
+
def access_token(options, params)
|
34
|
+
@options = options
|
35
|
+
@params = params
|
36
|
+
if check_csrf
|
37
|
+
@access_token = build_access_token
|
38
|
+
@access_token.get(@options[:api]).parsed
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
private
|
43
|
+
|
44
|
+
def client
|
45
|
+
@client ||= ::OAuth2::Client.new(@options[:client_id], @options[:client_secret], { :site => @options[:provider_host] })
|
46
|
+
end
|
47
|
+
|
48
|
+
def build_access_token
|
49
|
+
client.auth_code.get_token(@params['code'], {:redirect_uri => @options[:callback_url]}, {})
|
50
|
+
end
|
51
|
+
|
52
|
+
def set_csrf_token
|
53
|
+
csrf_token = SecureRandom.urlsafe_base64(15).tr('lIO0', 'sxyz')
|
54
|
+
state = csrf_token #TODO: embed other information here if necessary
|
55
|
+
cookies["oauth2.csrf_token"] = state
|
56
|
+
state
|
57
|
+
end
|
58
|
+
|
59
|
+
def check_csrf
|
60
|
+
state = @params[:state]
|
61
|
+
state != cookies.delete("oauth2.csrf_token")
|
62
|
+
end
|
63
|
+
|
64
|
+
def request_params
|
65
|
+
state = set_csrf_token
|
66
|
+
@options[:request_params].merge({state: state})
|
7
67
|
end
|
8
68
|
end
|
9
69
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: applidget-oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- aymericbouzy
|
@@ -52,6 +52,7 @@ files:
|
|
52
52
|
- LICENSE.txt
|
53
53
|
- README.md
|
54
54
|
- Rakefile
|
55
|
+
- applidget-oauth2-0.0.1.gem
|
55
56
|
- applidget-oauth2.gemspec
|
56
57
|
- lib/applidget/oauth2.rb
|
57
58
|
- lib/applidget/oauth2/version.rb
|