authlogic-connect-mailru 0.1.0

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2009 Alexey Noskov
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/lib/authlogic-connect-mailru.rb

@@ -0,0 +1,5 @@
+require File.dirname(__FILE__) + "/authlogic_connect_mailru/mailru_client"
+require File.dirname(__FILE__) + "/authlogic_connect_mailru/mailru_token"
+require File.dirname(__FILE__) + "/authlogic_connect_mailru/mailru_session"
+
+Authlogic::Session::Base.send(:include, MailruSession)

data/lib/authlogic_connect_mailru/mailru_client.rb

@@ -0,0 +1,54 @@
+class MailruClient
+
+  ENDPOINT = 'http://www.appsmail.ru/platform/api'
+
+  def initialize( token )
+    @token = token
+  end
+
+  def respond_to?( m, *args )
+    super || api?( m )
+  end
+
+  def method_missing( m, *args, &block )
+    call_api( m.to_s.split('_').join('.'), *args )
+  end
+
+  def api?( method )
+    method =~ /^[a-z]+_[a-zA-Z]+$/
+  end
+
+  def call_api( method, params = {} )
+    JSON.parse(Net::HTTP.get_response(prepare_uri method, params).body)
+  end
+
+  def prepare_uri( method, params )
+    params_to_sign = {
+      :method => method,
+      :app_id => @token.class.app_id,
+      :secure => '1',
+      :format => 'json'
+    }.merge(convert_params params)
+
+    if @token.exp < Time.now.to_i
+      params_to_sign[:session_key] = @token.session_key
+    else
+      params_to_sign[:uid] = @token.key
+    end
+
+    URI.parse("#{ENDPOINT}?#{params_to_sign.to_query}&sig=#{@token.class.sign params_to_sign}")
+  end
+
+  def convert_params( params )
+    params.inject({}) do |hash, keyval|
+      hash[keyval.first] = case value = keyval.last
+      when Array then
+        value.join(',')
+      else
+        value.to_s
+      end
+      hash
+    end
+  end
+
+end

data/lib/authlogic_connect_mailru/mailru_session.rb

@@ -0,0 +1,68 @@
+module MailruSession
+
+  def self.included(base)
+    base.class_eval do
+      include InstanceMethods
+
+      validate :validate_by_mailru, :if => :authenticating_with_mailru?
+    end
+  end
+
+  module InstanceMethods
+
+    def authenticating_with_mailru?
+      mailru_credentials
+    end
+
+    def validate_by_mailru
+      return if attempted_record
+
+      if mailru_credentials[:sig] == MailruToken.sign( mailru_credentials )
+        if token = MailruToken.find_by_key( mailru_credentials[:oid], :include => :user ) # Try to find token by user id
+          token.token = mailru_token_value
+          token.save!
+
+          self.attempted_record = token.user
+        elsif auto_register?
+          self.attempted_record = klass.new
+          self.attempted_record.access_tokens << MailruToken.new( :key => mailru_credentials[:oid], :token => mailru_token_value )
+          self.attempted_record.save
+        else
+          Rails.logger.warn "Could not find user in our database, have you registered with your mailru account?"
+
+          errors.add(:user, "Could not find user in our database, have you registered with your mailru account?")
+        end
+      else
+        Rails.logger.warn "Wrong MailRu credentials signature"
+      end
+    end
+
+    private
+
+    def mailru_credentials
+      return @mailru_credentials if defined? @mailru_credentials
+
+      values = auth_controller.cookies['mrc'] && CGI::parse( auth_controller.cookies['mrc'] )
+
+      if values
+        values.symbolize_keys!
+        values.each do |k,v|
+          values[k] = v.first
+        end
+
+        if values[:app_id] != MailruToken.app_id
+          Rails.logger.warn "Mailru AppId differ in cookies (#{values[:app_id]}) and config (#{MailruToken.app_id})"
+          values = nil
+        end
+      end
+
+      @mailru_credentials = values
+    end
+
+    def mailru_token_value
+      [ mailru_credentials[:session_key], mailru_credentials[:exp] ].join('|')
+    end
+
+  end
+
+end

data/lib/authlogic_connect_mailru/mailru_token.rb

@@ -0,0 +1,39 @@
+class MailruToken < AccessToken
+
+  class << self
+
+    def app_id
+      credentials[:app_id]
+    end
+
+    def secret
+      credentials[:secret]
+    end
+
+    def sign( params )
+      Digest::MD5.hexdigest( params.reject{|k,v| k.to_s == 'sig'}.sort{|a, b| a.first.to_s <=> b.first.to_s}.collect{|key, value| "#{key}=#{value}"}.join + secret )
+    end
+
+  end
+
+  def client
+    @client ||= MailruClient.new self
+  end
+
+  def session_key
+    parse_token unless @session_key
+    @session_key
+  end
+
+  def exp
+    parse_token unless @exp
+    @exp.to_i
+  end
+
+  private
+
+  def parse_token
+    @session_key, @exp = token.split '|'
+  end
+
+end

metadata

@@ -0,0 +1,89 @@
+--- !ruby/object:Gem::Specification 
+name: authlogic-connect-mailru
+version: !ruby/object:Gem::Version 
+  hash: 27
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
+platform: ruby
+authors: 
+- Alexey Noskov
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-11-21 00:00:00 +03:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: authlogic-connect
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+description: Extension to authlogic-connect for Mail.ru authentication support
+email: 
+- alexey.noskov@gmail.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.rdoc
+- MIT-LICENSE
+files: 
+- lib/authlogic-connect-mailru.rb
+- lib/authlogic_connect_mailru/mailru_client.rb
+- lib/authlogic_connect_mailru/mailru_session.rb
+- lib/authlogic_connect_mailru/mailru_token.rb
+- MIT-LICENSE
+- README.rdoc
+has_rdoc: true
+homepage: http://github.com/alno/authlogic-connect-mailru
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 23
+      segments: 
+      - 1
+      - 3
+      - 6
+      version: 1.3.6
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: Extension to authlogic-connect for Mail.ru authentication support
+test_files: []
+