authlogic-connect-x 0.0.4.05x
Sign up to get free protection for your applications and to get access to all the features.
- data/MIT-LICENSE +20 -0
- data/README.markdown +248 -0
- data/Rakefile +75 -0
- data/init.rb +1 -0
- data/lib/authlogic-connect.rb +27 -0
- data/lib/authlogic_connect/access_token.rb +53 -0
- data/lib/authlogic_connect/authlogic_connect.rb +46 -0
- data/lib/authlogic_connect/callback_filter.rb +19 -0
- data/lib/authlogic_connect/common.rb +10 -0
- data/lib/authlogic_connect/common/session.rb +30 -0
- data/lib/authlogic_connect/common/state.rb +32 -0
- data/lib/authlogic_connect/common/user.rb +77 -0
- data/lib/authlogic_connect/common/variables.rb +137 -0
- data/lib/authlogic_connect/engine.rb +14 -0
- data/lib/authlogic_connect/ext.rb +56 -0
- data/lib/authlogic_connect/oauth.rb +14 -0
- data/lib/authlogic_connect/oauth/helper.rb +20 -0
- data/lib/authlogic_connect/oauth/process.rb +75 -0
- data/lib/authlogic_connect/oauth/session.rb +62 -0
- data/lib/authlogic_connect/oauth/state.rb +60 -0
- data/lib/authlogic_connect/oauth/tokens/aol_token.rb +2 -0
- data/lib/authlogic_connect/oauth/tokens/facebook_token.rb +11 -0
- data/lib/authlogic_connect/oauth/tokens/get_satisfaction_token.rb +9 -0
- data/lib/authlogic_connect/oauth/tokens/google_token.rb +41 -0
- data/lib/authlogic_connect/oauth/tokens/linked_in_token.rb +19 -0
- data/lib/authlogic_connect/oauth/tokens/meetup_token.rb +12 -0
- data/lib/authlogic_connect/oauth/tokens/myspace_token.rb +26 -0
- data/lib/authlogic_connect/oauth/tokens/netflix_token.rb +10 -0
- data/lib/authlogic_connect/oauth/tokens/oauth_token.rb +144 -0
- data/lib/authlogic_connect/oauth/tokens/oauth_token.rb~ +140 -0
- data/lib/authlogic_connect/oauth/tokens/ohloh_token.rb +9 -0
- data/lib/authlogic_connect/oauth/tokens/opensocial_token.rb +0 -0
- data/lib/authlogic_connect/oauth/tokens/twitter_token.rb +8 -0
- data/lib/authlogic_connect/oauth/tokens/vimeo_token.rb +18 -0
- data/lib/authlogic_connect/oauth/tokens/yahoo_token.rb +19 -0
- data/lib/authlogic_connect/oauth/user.rb +63 -0
- data/lib/authlogic_connect/oauth/variables.rb +64 -0
- data/lib/authlogic_connect/openid.rb +11 -0
- data/lib/authlogic_connect/openid/process.rb +74 -0
- data/lib/authlogic_connect/openid/session.rb +56 -0
- data/lib/authlogic_connect/openid/state.rb +48 -0
- data/lib/authlogic_connect/openid/tokens/aol_token.rb +0 -0
- data/lib/authlogic_connect/openid/tokens/blogger_token.rb +0 -0
- data/lib/authlogic_connect/openid/tokens/flickr_token.rb +0 -0
- data/lib/authlogic_connect/openid/tokens/my_openid_token.rb +3 -0
- data/lib/authlogic_connect/openid/tokens/openid_token.rb +9 -0
- data/lib/authlogic_connect/openid/user.rb +38 -0
- data/lib/authlogic_connect/openid/variables.rb +19 -0
- data/lib/open_id_authentication.rb +127 -0
- data/rails/init.rb +19 -0
- data/test/controllers/test_users_controller.rb +21 -0
- data/test/libs/database.rb +48 -0
- data/test/libs/user.rb +7 -0
- data/test/libs/user_session.rb +2 -0
- data/test/old.rb +53 -0
- data/test/test_authlogic_connect.rb +13 -0
- data/test/test_helper.rb +153 -0
- data/test/test_user.rb +194 -0
- metadata +242 -0
@@ -0,0 +1,62 @@
|
|
1
|
+
module AuthlogicConnect::Oauth
|
2
|
+
# This module is responsible for adding oauth
|
3
|
+
# to the Authlogic::Session::Base class.
|
4
|
+
module Session
|
5
|
+
def self.included(base)
|
6
|
+
base.class_eval do
|
7
|
+
include InstanceMethods
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
module InstanceMethods
|
12
|
+
include Process
|
13
|
+
|
14
|
+
def self.included(klass)
|
15
|
+
klass.class_eval do
|
16
|
+
validate :validate_by_oauth, :if => :authenticating_with_oauth?
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
# Hooks into credentials so that you can pass a user who has already has an oauth access token.
|
21
|
+
def credentials=(value)
|
22
|
+
super
|
23
|
+
values = value.is_a?(Array) ? value : [value]
|
24
|
+
hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
|
25
|
+
self.record = hash[:priority_record] if !hash.nil? && hash.key?(:priority_record)
|
26
|
+
end
|
27
|
+
|
28
|
+
def record=(record)
|
29
|
+
@record = record
|
30
|
+
end
|
31
|
+
|
32
|
+
private
|
33
|
+
|
34
|
+
def complete_oauth_transaction
|
35
|
+
if @record
|
36
|
+
self.attempted_record = record
|
37
|
+
else
|
38
|
+
# this generated token is always the same for a user!
|
39
|
+
# this is searching with User.find ...
|
40
|
+
# attempted_record is part of AuthLogic
|
41
|
+
hash = oauth_token_and_secret
|
42
|
+
token = token_class.find_by_key_or_token(hash[:key], hash[:token], :include => [:user]) # some weird error if I leave out the include)
|
43
|
+
if token
|
44
|
+
self.attempted_record = token.user
|
45
|
+
elsif auto_register?
|
46
|
+
self.attempted_record = klass.new
|
47
|
+
self.attempted_record.access_tokens << token_class.new(hash)
|
48
|
+
self.attempted_record.save
|
49
|
+
else
|
50
|
+
auth_session[:_key] = hash[:key]
|
51
|
+
auth_session[:_token] = hash[:token]
|
52
|
+
auth_session[:_secret] = hash[:secret]
|
53
|
+
end
|
54
|
+
end
|
55
|
+
|
56
|
+
if !attempted_record
|
57
|
+
errors.add(:user, "Could not find user in our database, have you registered with your oauth account?")
|
58
|
+
end
|
59
|
+
end
|
60
|
+
end
|
61
|
+
end
|
62
|
+
end
|
@@ -0,0 +1,60 @@
|
|
1
|
+
# all these methods must return true or false
|
2
|
+
module AuthlogicConnect::Oauth::State
|
3
|
+
|
4
|
+
# 1. to call
|
5
|
+
# checks that we just passed parameters to it,
|
6
|
+
# and that the parameters say 'authentication_method' == 'oauth'
|
7
|
+
def oauth_request?
|
8
|
+
auth_params? && oauth_provider?
|
9
|
+
end
|
10
|
+
|
11
|
+
# 2. from call
|
12
|
+
# checks that the correct session variables are there
|
13
|
+
def oauth_response?
|
14
|
+
!oauth_response.nil? && !auth_session.nil? && auth_session[:auth_request_class] == self.class.name && auth_session[:auth_method] == "oauth"
|
15
|
+
end
|
16
|
+
|
17
|
+
def oauth_complete?
|
18
|
+
oauth_response? || stored_oauth_token_and_secret?
|
19
|
+
end
|
20
|
+
|
21
|
+
# 3. either to or from call
|
22
|
+
def using_oauth?
|
23
|
+
oauth_request? || oauth_response? || stored_oauth_token_and_secret?
|
24
|
+
end
|
25
|
+
|
26
|
+
def new_oauth_request?
|
27
|
+
return false if stored_oauth_token_and_secret?
|
28
|
+
return oauth_response.blank?
|
29
|
+
end
|
30
|
+
|
31
|
+
def oauth_provider?
|
32
|
+
!oauth_provider.blank?
|
33
|
+
end
|
34
|
+
|
35
|
+
# main method we call on validation
|
36
|
+
def authenticating_with_oauth?
|
37
|
+
correct_request_class? && using_oauth?
|
38
|
+
end
|
39
|
+
|
40
|
+
def allow_oauth_redirect?
|
41
|
+
authenticating_with_oauth? && !oauth_complete?
|
42
|
+
end
|
43
|
+
|
44
|
+
def start_oauth?
|
45
|
+
authenticating_with_oauth? && !oauth_complete?
|
46
|
+
end
|
47
|
+
|
48
|
+
def complete_oauth?
|
49
|
+
using_oauth? && !new_oauth_request?
|
50
|
+
end
|
51
|
+
|
52
|
+
def validate_password_with_oauth?
|
53
|
+
!using_oauth? && require_password?
|
54
|
+
end
|
55
|
+
|
56
|
+
def stored_oauth_token_and_secret?
|
57
|
+
!is_auth_session? && auth_params && auth_params.has_key?(:_key) && auth_params.has_key?(:_token) && auth_params.has_key?(:_secret)
|
58
|
+
end
|
59
|
+
|
60
|
+
end
|
@@ -0,0 +1,11 @@
|
|
1
|
+
# http://www.facebook.com/developers/apps.php
|
2
|
+
# http://developers.facebook.com/setup/
|
3
|
+
class FacebookToken < OauthToken
|
4
|
+
|
5
|
+
version 2.0
|
6
|
+
|
7
|
+
settings "https://graph.facebook.com",
|
8
|
+
:authorize_url => "https://graph.facebook.com/oauth/authorize",
|
9
|
+
:scope => "email, offline_access"
|
10
|
+
|
11
|
+
end
|
@@ -0,0 +1,9 @@
|
|
1
|
+
# http://getsatisfaction.com/developers/oauth
|
2
|
+
class GetSatisfactionToken < OauthToken
|
3
|
+
|
4
|
+
settings "http://getsatisfaction.com",
|
5
|
+
:request_token_path => "/api/request_token",
|
6
|
+
:authorize_url => "/api/authorize",
|
7
|
+
:access_token_path => "/api/access_token"
|
8
|
+
|
9
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
# http://code.google.com/apis/accounts/docs/OAuth_ref.html
|
2
|
+
# http://code.google.com/apis/accounts/docs/OpenID.html#settingup
|
3
|
+
# http://code.google.com/apis/accounts/docs/OAuth.html
|
4
|
+
# http://code.google.com/apis/accounts/docs/RegistrationForWebAppsAuto.html
|
5
|
+
# http://www.manu-j.com/blog/add-google-oauth-ruby-on-rails-sites/214/
|
6
|
+
# http://googlecodesamples.com/oauth_playground/
|
7
|
+
# Scopes:
|
8
|
+
# Analytics https://www.google.com/analytics/feeds/
|
9
|
+
# Google Base http://www.google.com/base/feeds/
|
10
|
+
# Book Search http://www.google.com/books/feeds/
|
11
|
+
# Blogger http://www.blogger.com/feeds/
|
12
|
+
# Calendar http://www.google.com/calendar/feeds/
|
13
|
+
# Contacts http://www.google.com/m8/feeds/
|
14
|
+
# Documents List http://docs.google.com/feeds/
|
15
|
+
# Finance http://finance.google.com/finance/feeds/
|
16
|
+
# GMail https://mail.google.com/mail/feed/atom
|
17
|
+
# Health https://www.google.com/health/feeds/
|
18
|
+
# H9 https://www.google.com/h9/feeds/
|
19
|
+
# Maps http://maps.google.com/maps/feeds/
|
20
|
+
# OpenSocial http://www-opensocial.googleusercontent.com/api/people/
|
21
|
+
# orkut http://www.orkut.com/social/rest
|
22
|
+
# Picasa Web http://picasaweb.google.com/data/
|
23
|
+
# Sidewiki http://www.google.com/sidewiki/feeds/
|
24
|
+
# Sites http://sites.google.com/feeds/
|
25
|
+
# Spreadsheets http://spreadsheets.google.com/feeds/
|
26
|
+
# Webmaster Tools http://www.google.com/webmasters/tools/feeds/
|
27
|
+
# YouTube http://gdata.youtube.com
|
28
|
+
class GoogleToken < OauthToken
|
29
|
+
|
30
|
+
settings "https://www.google.com",
|
31
|
+
:request_token_path => "/accounts/OAuthGetRequestToken",
|
32
|
+
:authorize_path => "/accounts/OAuthAuthorizeToken",
|
33
|
+
:access_token_path => "/accounts/OAuthGetAccessToken",
|
34
|
+
:scope => "https://www.googleapis.com/auth/userinfo#email"
|
35
|
+
|
36
|
+
key do |access_token|
|
37
|
+
body = JSON.parse(access_token.get("https://www.googleapis.com/userinfo/email?alt=json").body)
|
38
|
+
email = body["data"]["email"]
|
39
|
+
end
|
40
|
+
|
41
|
+
end
|
@@ -0,0 +1,19 @@
|
|
1
|
+
# http://developer.linkedin.com/docs/DOC-1008
|
2
|
+
# https://www.linkedin.com/secure/developer
|
3
|
+
# http://github.com/pengwynn/linkedin/tree/master/lib/linked_in/
|
4
|
+
class LinkedInToken < OauthToken
|
5
|
+
|
6
|
+
key do |access_token|
|
7
|
+
body = access_token.get("https://api.linkedin.com/v1/people/~:(id)").body
|
8
|
+
id = body.gsub("<id>([^><]+)</id>", "\\1") # so we don't need to also import nokogiri
|
9
|
+
id
|
10
|
+
end
|
11
|
+
|
12
|
+
settings "https://api.linkedin.com",
|
13
|
+
:request_token_path => "/uas/oauth/requestToken",
|
14
|
+
:access_token_path => "/uas/oauth/accessToken",
|
15
|
+
:authorize_path => "/uas/oauth/authorize",
|
16
|
+
:http_method => "get",
|
17
|
+
:scheme => :query_string
|
18
|
+
|
19
|
+
end
|
@@ -0,0 +1,12 @@
|
|
1
|
+
# http://www.meetup.com/meetup_api/docs/#oauth
|
2
|
+
# protected resources: http://api.meetup.com
|
3
|
+
class MeetupToken < OauthToken
|
4
|
+
|
5
|
+
key :user_id
|
6
|
+
|
7
|
+
settings "http://www.meetup.com/"
|
8
|
+
:request_token_path => "/oauth/request",
|
9
|
+
:authorize_path => "/authorize",
|
10
|
+
:access_token_path => "/oauth/access"
|
11
|
+
|
12
|
+
end
|
@@ -0,0 +1,26 @@
|
|
1
|
+
# http://wiki.developer.myspace.com/index.php?title=Category:MySpaceID
|
2
|
+
# http://developerwiki.myspace.com/index.php?title=OAuth_REST_API_Usage_-_Authentication_Process
|
3
|
+
# http://developerwiki.myspace.com/index.php?title=How_to_Set_Up_a_New_Application_for_OpenID
|
4
|
+
# http://developer.myspace.com/Modules/Apps/Pages/ApplyDevSandbox.aspx
|
5
|
+
# after you've signed up:
|
6
|
+
# http://developer.myspace.com/modules/apps/pages/createappaccount.aspx
|
7
|
+
# "Create a MySpaceID App"
|
8
|
+
# http://developer.myspace.com/modules/apps/pages/editapp.aspx?appid=188312&mode=create
|
9
|
+
# http://developer.myspace.com/Modules/APIs/Pages/OAuthTool.aspx
|
10
|
+
# http://developer.myspace.com/Community/forums/p/3626/15947.aspx
|
11
|
+
class MyspaceToken < OauthToken
|
12
|
+
|
13
|
+
# http://wiki.developer.myspace.com/index.php?title=Portable_Contacts_REST_Resources
|
14
|
+
key do |access_token|
|
15
|
+
body = JSON.parse(access_token.get("/v2/people/@me/@self?format=json").body)
|
16
|
+
id = body["entry"]["id"]
|
17
|
+
end
|
18
|
+
|
19
|
+
settings "http://api.myspace.com",
|
20
|
+
:request_token_path => "/request_token",
|
21
|
+
:authorize_path => "/authorize",
|
22
|
+
:access_token_path => "/access_token",
|
23
|
+
:http_method => "get",
|
24
|
+
:scheme => :query_string
|
25
|
+
|
26
|
+
end
|
@@ -0,0 +1,144 @@
|
|
1
|
+
class OauthToken < AccessToken
|
2
|
+
|
3
|
+
def client
|
4
|
+
unless @client
|
5
|
+
if oauth_version == 1.0
|
6
|
+
@client = OAuth::AccessToken.new(self.consumer, self.token, self.secret)
|
7
|
+
else
|
8
|
+
@client = OAuth2::AccessToken.new(self.consumer, self.token)
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
@client
|
13
|
+
end
|
14
|
+
|
15
|
+
def oauth_version
|
16
|
+
self.class.oauth_version
|
17
|
+
end
|
18
|
+
|
19
|
+
def get(path, options = {})
|
20
|
+
client.get(path, options)
|
21
|
+
end
|
22
|
+
|
23
|
+
def post(path, body='', headers ={})
|
24
|
+
client.post(path, body, headers)
|
25
|
+
end
|
26
|
+
|
27
|
+
class << self
|
28
|
+
|
29
|
+
# oauth version, 1.0 or 2.0
|
30
|
+
def version(value)
|
31
|
+
@oauth_version = value
|
32
|
+
end
|
33
|
+
|
34
|
+
def oauth_version
|
35
|
+
@oauth_version ||= 1.0
|
36
|
+
end
|
37
|
+
|
38
|
+
# unique key that we will use from the AccessToken response
|
39
|
+
# to identify the user by.
|
40
|
+
# in Twitter, its "user_id". Twitter has "screen_name", but that's
|
41
|
+
# more subject to change than user_id. Pick whatever is least likely to change
|
42
|
+
def key(value = nil, &block)
|
43
|
+
if block_given?
|
44
|
+
@oauth_key = block
|
45
|
+
else
|
46
|
+
@oauth_key = value.is_a?(Symbol) ? value : value.to_sym
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
def oauth_key
|
51
|
+
@oauth_key
|
52
|
+
end
|
53
|
+
|
54
|
+
def consumer
|
55
|
+
unless @consumer
|
56
|
+
if oauth_version == 1.0
|
57
|
+
@consumer = OAuth::Consumer.new(credentials[:key], credentials[:secret], config.merge(credentials[:options] || {}))
|
58
|
+
else
|
59
|
+
@consumer = OAuth2::Client.new(credentials[:key], credentials[:secret], config.merge(credentials[:options] || {}))
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
@consumer
|
64
|
+
end
|
65
|
+
|
66
|
+
# if we're lucky we can find it by the token.
|
67
|
+
def find_by_key_or_token(key, token, options = {})
|
68
|
+
result = self.find_by_key(key, options) unless key.nil?
|
69
|
+
unless result
|
70
|
+
if !token.blank? && self.respond_to?(:find_by_token)
|
71
|
+
result = self.find_by_token(token, options)
|
72
|
+
end
|
73
|
+
end
|
74
|
+
result
|
75
|
+
end
|
76
|
+
|
77
|
+
# this is a wrapper around oauth 1 and 2.
|
78
|
+
# it looks obscure, but from the api point of view
|
79
|
+
# you won't have to worry about it's implementation.
|
80
|
+
# in oauth 1.0, key = oauth_token, secret = oauth_secret
|
81
|
+
# in oauth 2.0, key = code, secret = access_token
|
82
|
+
def get_token_and_secret(options = {})
|
83
|
+
oauth_verifier = options[:oauth_verifier]
|
84
|
+
redirect_uri = options[:redirect_uri]
|
85
|
+
token = options[:token]
|
86
|
+
secret = options[:secret]
|
87
|
+
|
88
|
+
if oauth_version == 1.0
|
89
|
+
access = request_token(token, secret).get_access_token(:oauth_verifier => oauth_verifier)
|
90
|
+
result = {:token => access.token, :secret => access.secret, :key => nil}
|
91
|
+
if self.oauth_key
|
92
|
+
if oauth_key.is_a?(Proc)
|
93
|
+
result[:key] = oauth_key.call(access)
|
94
|
+
else
|
95
|
+
result[:key] = access.params[self.oauth_key] || access.params[self.oauth_key.to_s] # try both
|
96
|
+
end
|
97
|
+
else
|
98
|
+
puts "Access Token: #{access.inspect}"
|
99
|
+
raise "please set an oauth key for #{service_name.to_s}"
|
100
|
+
end
|
101
|
+
else
|
102
|
+
access = consumer.web_server.get_access_token(secret, :redirect_uri => redirect_uri)
|
103
|
+
result = {:token => access.token, :secret => secret, :key => nil}
|
104
|
+
end
|
105
|
+
|
106
|
+
result
|
107
|
+
end
|
108
|
+
|
109
|
+
# this is a cleaner method so we can access the authorize_url
|
110
|
+
# from oauth 1 or 2
|
111
|
+
def authorize_url(callback_url, &block)
|
112
|
+
if oauth_version == 1.0
|
113
|
+
request = get_request_token(callback_url)
|
114
|
+
yield request if block_given?
|
115
|
+
return request.authorize_url
|
116
|
+
else
|
117
|
+
options = {:redirect_uri => callback_url}
|
118
|
+
|
119
|
+
unless consumer.nil? || consumer.options.empty? || consumer.options[:scope].nil?
|
120
|
+
options[:scope] = consumer.options[:scope]
|
121
|
+
else
|
122
|
+
options[:scope] = self.config[:scope] unless self.config[:scope].blank?
|
123
|
+
end
|
124
|
+
return consumer.web_server.authorize_url(options)
|
125
|
+
end
|
126
|
+
end
|
127
|
+
|
128
|
+
def request_token(token, secret)
|
129
|
+
OAuth::RequestToken.new(consumer, token, secret)
|
130
|
+
end
|
131
|
+
|
132
|
+
# if you pass a hash as the second parameter to consumer.get_request_token,
|
133
|
+
# ruby oauth will think this is a form and all sorts of bad things happen
|
134
|
+
def get_request_token(callback_url)
|
135
|
+
options = {:scope => config[:scope]} if config[:scope]
|
136
|
+
consumer.get_request_token({:oauth_callback => callback_url}, options)
|
137
|
+
end
|
138
|
+
|
139
|
+
def get_access_token(oauth_verifier)
|
140
|
+
request_token.get_access_token(:oauth_verifier => oauth_verifier)
|
141
|
+
end
|
142
|
+
end
|
143
|
+
|
144
|
+
end
|
@@ -0,0 +1,140 @@
|
|
1
|
+
class OauthToken < AccessToken
|
2
|
+
|
3
|
+
def client
|
4
|
+
unless @client
|
5
|
+
if oauth_version == 1.0
|
6
|
+
@client = OAuth::AccessToken.new(self.consumer, self.token, self.secret)
|
7
|
+
else
|
8
|
+
@client = OAuth2::AccessToken.new(self.consumer, self.token)
|
9
|
+
end
|
10
|
+
end
|
11
|
+
|
12
|
+
@client
|
13
|
+
end
|
14
|
+
|
15
|
+
def oauth_version
|
16
|
+
self.class.oauth_version
|
17
|
+
end
|
18
|
+
|
19
|
+
def get(path, options = {})
|
20
|
+
client.get(path, options)
|
21
|
+
end
|
22
|
+
|
23
|
+
class << self
|
24
|
+
|
25
|
+
# oauth version, 1.0 or 2.0
|
26
|
+
def version(value)
|
27
|
+
@oauth_version = value
|
28
|
+
end
|
29
|
+
|
30
|
+
def oauth_version
|
31
|
+
@oauth_version ||= 1.0
|
32
|
+
end
|
33
|
+
|
34
|
+
# unique key that we will use from the AccessToken response
|
35
|
+
# to identify the user by.
|
36
|
+
# in Twitter, its "user_id". Twitter has "screen_name", but that's
|
37
|
+
# more subject to change than user_id. Pick whatever is least likely to change
|
38
|
+
def key(value = nil, &block)
|
39
|
+
if block_given?
|
40
|
+
@oauth_key = block
|
41
|
+
else
|
42
|
+
@oauth_key = value.is_a?(Symbol) ? value : value.to_sym
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
def oauth_key
|
47
|
+
@oauth_key
|
48
|
+
end
|
49
|
+
|
50
|
+
def consumer
|
51
|
+
unless @consumer
|
52
|
+
if oauth_version == 1.0
|
53
|
+
@consumer = OAuth::Consumer.new(credentials[:key], credentials[:secret], config.merge(credentials[:options] || {}))
|
54
|
+
else
|
55
|
+
@consumer = OAuth2::Client.new(credentials[:key], credentials[:secret], config.merge(credentials[:options] || {}))
|
56
|
+
end
|
57
|
+
end
|
58
|
+
|
59
|
+
@consumer
|
60
|
+
end
|
61
|
+
|
62
|
+
# if we're lucky we can find it by the token.
|
63
|
+
def find_by_key_or_token(key, token, options = {})
|
64
|
+
result = self.find_by_key(key, options) unless key.nil?
|
65
|
+
unless result
|
66
|
+
if !token.blank? && self.respond_to?(:find_by_token)
|
67
|
+
result = self.find_by_token(token, options)
|
68
|
+
end
|
69
|
+
end
|
70
|
+
result
|
71
|
+
end
|
72
|
+
|
73
|
+
# this is a wrapper around oauth 1 and 2.
|
74
|
+
# it looks obscure, but from the api point of view
|
75
|
+
# you won't have to worry about it's implementation.
|
76
|
+
# in oauth 1.0, key = oauth_token, secret = oauth_secret
|
77
|
+
# in oauth 2.0, key = code, secret = access_token
|
78
|
+
def get_token_and_secret(options = {})
|
79
|
+
oauth_verifier = options[:oauth_verifier]
|
80
|
+
redirect_uri = options[:redirect_uri]
|
81
|
+
token = options[:token]
|
82
|
+
secret = options[:secret]
|
83
|
+
|
84
|
+
if oauth_version == 1.0
|
85
|
+
access = request_token(token, secret).get_access_token(:oauth_verifier => oauth_verifier)
|
86
|
+
result = {:token => access.token, :secret => access.secret, :key => nil}
|
87
|
+
if self.oauth_key
|
88
|
+
if oauth_key.is_a?(Proc)
|
89
|
+
result[:key] = oauth_key.call(access)
|
90
|
+
else
|
91
|
+
result[:key] = access.params[self.oauth_key] || access.params[self.oauth_key.to_s] # try both
|
92
|
+
end
|
93
|
+
else
|
94
|
+
puts "Access Token: #{access.inspect}"
|
95
|
+
raise "please set an oauth key for #{service_name.to_s}"
|
96
|
+
end
|
97
|
+
else
|
98
|
+
access = consumer.web_server.get_access_token(secret, :redirect_uri => redirect_uri)
|
99
|
+
result = {:token => access.token, :secret => secret, :key => nil}
|
100
|
+
end
|
101
|
+
|
102
|
+
result
|
103
|
+
end
|
104
|
+
|
105
|
+
# this is a cleaner method so we can access the authorize_url
|
106
|
+
# from oauth 1 or 2
|
107
|
+
def authorize_url(callback_url, &block)
|
108
|
+
if oauth_version == 1.0
|
109
|
+
request = get_request_token(callback_url)
|
110
|
+
yield request if block_given?
|
111
|
+
return request.authorize_url
|
112
|
+
else
|
113
|
+
options = {:redirect_uri => callback_url}
|
114
|
+
|
115
|
+
unless consumer.nil? || consumer.options.empty? || consumer.options[:scope].nil?
|
116
|
+
options[:scope] = consumer.options[:scope]
|
117
|
+
else
|
118
|
+
options[:scope] = self.config[:scope] unless self.config[:scope].blank?
|
119
|
+
end
|
120
|
+
return consumer.web_server.authorize_url(options)
|
121
|
+
end
|
122
|
+
end
|
123
|
+
|
124
|
+
def request_token(token, secret)
|
125
|
+
OAuth::RequestToken.new(consumer, token, secret)
|
126
|
+
end
|
127
|
+
|
128
|
+
# if you pass a hash as the second parameter to consumer.get_request_token,
|
129
|
+
# ruby oauth will think this is a form and all sorts of bad things happen
|
130
|
+
def get_request_token(callback_url)
|
131
|
+
options = {:scope => config[:scope]} if config[:scope]
|
132
|
+
consumer.get_request_token({:oauth_callback => callback_url}, options)
|
133
|
+
end
|
134
|
+
|
135
|
+
def get_access_token(oauth_verifier)
|
136
|
+
request_token.get_access_token(:oauth_verifier => oauth_verifier)
|
137
|
+
end
|
138
|
+
end
|
139
|
+
|
140
|
+
end
|