authlogic-connect 0.0.1

data/lib/authlogic_connect/oauth/process.rb

@@ -0,0 +1,82 @@
+module AuthlogicConnect::Oauth
+  module Process
+
+  private
+    include Variables
+
+    def validate_by_oauth
+      validate_email_field = false
+
+      if oauth_response.blank?
+        redirect_to_oauth
+      else
+        authenticate_with_oauth
+      end
+    end
+    
+    def redirecting_to_oauth_server?
+      authenticating_with_oauth? && oauth_response.blank?
+    end
+    
+    def redirect_to_oauth
+      save_oauth_callback
+
+      if oauth_version == 1.0
+        request = oauth_token.get_request_token(oauth_callback_url)
+        save_auth_session(request)
+        auth_controller.redirect_to request.authorize_url
+      else
+        auth_controller.redirect_to oauth_client.web_server.authorize_url(
+          :redirect_uri => oauth_callback_url,
+          :scope => oauth_token.settings[:scope]
+        )
+      end
+    end
+    
+    def save_oauth_callback
+      # Store the class which is redirecting, so we can ensure other classes
+      # don't get confused and attempt to use the response
+      auth_session[:oauth_request_class]        = self.class.name
+      auth_session[:oauth_provider]             = auth_params[:oauth_provider]
+
+      # Tell our rack callback filter what method the current request is using
+      auth_session[:oauth_callback_method]      = auth_controller.request.method
+    end
+    
+    def save_auth_session(request)
+      # store token and secret
+      auth_session[:oauth_request_token]        = request.token
+      auth_session[:oauth_request_token_secret] = request.secret
+    end
+
+    def oauth_callback_url
+      auth_controller.url_for :controller => auth_controller.controller_name, :action => auth_controller.action_name
+    end
+    
+    def request_token
+      oauth_token.request_token(auth_session[:oauth_request_token], auth_session[:oauth_request_token_secret])
+    end
+    
+    # in oauth 1.0, key = oauth_token, secret = oauth_secret
+    # in oauth 2.0, key = code, secret = access_token
+    def oauth_key_and_secret
+      if oauth_version == 1.0
+        result = request_token.get_access_token(:oauth_verifier => auth_params[:oauth_verifier])
+        result = {:key => result.token, :secret => result.secret}
+      else
+        result = oauth_client.web_server.get_access_token(oauth_key, :redirect_uri => oauth_callback_url)
+        result = {:key => result.token, :secret => oauth_key}
+      end
+      result
+    end
+
+    def generate_access_token
+      if oauth_version == 1.0
+        request_token.get_access_token(:oauth_verifier => auth_params[:oauth_verifier])
+      else
+        oauth_client.web_server.get_access_token(oauth_key, :redirect_uri => oauth_callback_url)
+      end
+    end
+    
+  end
+end

data/lib/authlogic_connect/oauth/session.rb

@@ -0,0 +1,72 @@
+module AuthlogicConnect::Oauth
+  # This module is responsible for adding oauth
+  # to the Authlogic::Session::Base class.
+  module Session
+    def self.included(base)
+      puts "included Oauth in Session"
+      base.class_eval do
+        include InstanceMethods
+      end
+    end
+
+    module InstanceMethods
+      include Process
+
+      def self.included(klass)
+        klass.class_eval do
+          validate :validate_by_oauth, :if => :authenticating_with_oauth?
+        end
+      end
+      
+      # Hooks into credentials so that you can pass a user who has already has an oauth access token.
+      def credentials=(value)
+        super
+        values = value.is_a?(Array) ? value : [value]
+        hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
+        self.record = hash[:priority_record] if !hash.nil? && hash.key?(:priority_record)
+      end
+
+      def record=(record)
+        @record = record
+      end
+
+    private
+      # Clears out the block if we are authenticating with oauth,
+      # so that we can redirect without a DoubleRender error.
+      def save_with_oauth(&block)
+        puts "SAVE SESSION WITH OAUTH"
+        puts "redirecting_to_oauth_server? #{redirecting_to_oauth_server?.to_s}"
+        block = nil if redirecting_to_oauth_server?
+        return block.nil?
+      end
+      
+      def authenticating_with_oauth?
+        return false unless oauth_provider
+        
+        # Initial request when user presses one of the button helpers
+        initial_request = (controller.params && !controller.params[:login_with_oauth].blank?)
+        # When the oauth provider responds and we made the initial request
+        initial_response = (oauth_response && auth_session && auth_session[:oauth_request_class] == self.class.name)
+        
+        return initial_request || initial_response
+      end
+      
+      def authenticate_with_oauth
+        if @record
+          self.attempted_record = record
+        else
+          # this generated token is always the same for a user!
+          # this is searching with User.find ...
+          # attempted_record is part of AuthLogic
+          key = oauth_key_and_secret[:key]
+          token = oauth_token.find_by_key(key, :include => [:user]) # some weird error if I leave out the include
+          self.attempted_record = token.user
+        end
+        
+        if !attempted_record
+          errors.add_to_base("Could not find user in our database, have you registered with your oauth account?")
+        end
+      end
+    end
+  end
+end

data/lib/authlogic_connect/oauth/tokens/delicious_token.rb

@@ -0,0 +1,12 @@
+class DeliciousToken < OauthToken
+  
+  class << self
+    def settings
+      @settings ||= {
+        :site => "http://api.del.icio.us",
+        :realm => "yahooapis.com"
+      }
+    end
+  end
+  
+end

data/lib/authlogic_connect/oauth/tokens/facebook_token.rb

@@ -0,0 +1,19 @@
+# http://www.facebook.com/developers/apps.php
+# http://developers.facebook.com/setup/
+class FacebookToken < OauthToken
+  
+  class << self
+    def settings
+      @settings ||= {
+        :site => "https://graph.facebook.com",
+        :authorize_url => "https://graph.facebook.com/oauth/authorize",
+        :oauth_version => "2.0",
+        :scope => "email, offline_access"
+      }
+    end
+    
+    def oauth_version
+      2.0
+    end
+  end
+end

data/lib/authlogic_connect/oauth/tokens/get_satisfaction_token.rb

@@ -0,0 +1,14 @@
+# http://getsatisfaction.com/developers/oauth
+class GetSatisfactionToken < OauthToken
+  
+  class << self
+    def settings
+      @settings ||= {
+        :site => "http://getsatisfaction.com",
+        :request_token_path => "/api/request_token",
+        :authorize_url => "/api/authorize",
+        :access_token_path => "/api/access_token"
+      }
+    end
+  end
+end

data/lib/authlogic_connect/oauth/tokens/google_token.rb

@@ -0,0 +1,38 @@
+# http://code.google.com/apis/accounts/docs/OAuth.html
+# http://code.google.com/apis/accounts/docs/RegistrationForWebAppsAuto.html
+# http://googlecodesamples.com/oauth_playground/
+# Scopes:
+# Analytics         https://www.google.com/analytics/feeds/ 
+# Google Base       http://www.google.com/base/feeds/       
+# Book Search       http://www.google.com/books/feeds/      
+# Blogger           http://www.blogger.com/feeds/           
+# Calendar          http://www.google.com/calendar/feeds/   
+# Contacts          http://www.google.com/m8/feeds/         
+# Documents List    http://docs.google.com/feeds/           
+# Finance           http://finance.google.com/finance/feeds/
+# GMail             https://mail.google.com/mail/feed/atom
+# Health            https://www.google.com/health/feeds/
+# H9                https://www.google.com/h9/feeds/
+# Maps              http://maps.google.com/maps/feeds/
+# OpenSocial        http://www-opensocial.googleusercontent.com/api/people/
+# orkut             http://www.orkut.com/social/rest
+# Picasa Web        http://picasaweb.google.com/data/
+# Sidewiki          http://www.google.com/sidewiki/feeds/
+# Sites             http://sites.google.com/feeds/
+# Spreadsheets      http://spreadsheets.google.com/feeds/
+# Webmaster Tools   http://www.google.com/webmasters/tools/feeds/
+# YouTube           http://gdata.youtube.com
+class GoogleToken < OauthToken
+  
+  class << self
+    def settings
+      @settings ||= {
+        :site => "https://www.google.com", 
+        :request_token_path => "/accounts/OAuthGetRequestToken",
+        :authorize_path => "/accounts/OAuthAuthorizeToken",
+        :access_token_path => "/accounts/OAuthGetAccessToken",
+        :scope => "https://www.google.com/m8/feeds/"
+      }
+    end
+  end
+end

data/lib/authlogic_connect/oauth/tokens/myspace_token.rb

@@ -0,0 +1,14 @@
+# http://wiki.developer.myspace.com/index.php?title=Category:MySpaceID
+class MyspaceToken < OauthToken
+  
+  class << self
+    def settings
+      @settings ||= {
+        :site => "https://www.google.com", 
+        :request_token_path => "/accounts/OAuthGetRequestToken",
+        :authorize_path => "/accounts/OAuthAuthorizeToken",
+        :access_token_path => "/accounts/OAuthGetAccessToken"
+      }
+    end
+  end
+end

data/lib/authlogic_connect/oauth/tokens/oauth_token.rb

@@ -0,0 +1,48 @@
+class OauthToken < Token
+  
+  # Main client for interfacing with remote service. Override this to use
+  # preexisting library eg. Twitter gem.
+  def client
+    @client ||= OAuth::AccessToken.new(self.class.consumer, token, secret)
+  end
+  
+  def simple_client
+    @simple_client ||= SimpleClient.new(OAuth::AccessToken.new(self.class.consumer, token, secret))
+  end
+  
+  def oauth_version
+    self.class.oauth_version
+  end
+  
+  class << self
+    
+    def oauth_version
+      1.0
+    end
+    
+    def settings
+      @settings ||= {}
+    end
+    
+    def consumer
+      @consumer ||= OAuth::Consumer.new(credentials[:key], credentials[:secret], settings.merge(credentials[:options] || {}))
+    end
+    
+    def client
+      OAuth2::Client.new(credentials[:key], credentials[:secret], settings)
+    end
+    
+    def request_token(token, secret)
+      OAuth::RequestToken.new(consumer, token, secret)
+    end
+    
+    def get_request_token(callback_url)
+      consumer.get_request_token({:oauth_callback => callback_url}, settings)
+    end
+    
+    def get_access_token(oauth_verifier)
+      request_token.get_access_token(:oauth_verifier => oauth_verifier)
+    end
+  end
+  
+end

data/lib/authlogic_connect/oauth/tokens/photobucket_token.rb

@@ -0,0 +1,13 @@
+# http://photobucket.com/developer/
+# https://login.photobucket.com/developer/register
+class PhotobucketToken < OauthToken
+  
+  class << self
+    def settings
+      @settings ||= {
+        :site => "http://twitter.com",
+        :authorize_url => "http://twitter.com/oauth/authenticate"
+      }
+    end
+  end
+end

data/lib/authlogic_connect/oauth/tokens/smug_mug_token.rb

@@ -0,0 +1,14 @@
+# http://wiki.smugmug.net/display/API/OAuth
+class SmugMugToken < OauthToken
+  
+  class << self
+    def settings
+      @settings ||= {
+        :site => "http://api.smugmug.com",
+        :request_token_path => "/services/oauth/getRequestToken.mg",
+        :authorize_url => "/services/oauth/authorize.mg",
+        :access_token_path => "/services/oauth/getAccessToken.mg"
+      }
+    end
+  end
+end

data/lib/authlogic_connect/oauth/tokens/twitter_token.rb

@@ -0,0 +1,11 @@
+class TwitterToken < OauthToken
+  
+  class << self
+    def settings
+      @settings ||= {
+        :site => "http://twitter.com",
+        :authorize_url => "http://twitter.com/oauth/authenticate"
+      }
+    end
+  end
+end

data/lib/authlogic_connect/oauth/tokens/vimeo_token.rb

@@ -0,0 +1,13 @@
+# http://www.vimeo.com/api/docs/oauth
+# http://www.vimeo.com/api/applications/new
+class VimeoToken < OauthToken
+  
+  class << self
+    def settings
+      @settings ||= {
+        :site => "http://vimeo.com",
+        :authorize_url => "http://vimeo.com/oauth/authorize"
+      }
+    end
+  end
+end

data/lib/authlogic_connect/oauth/tokens/yahoo_token.rb

@@ -0,0 +1,20 @@
+# https://developer.apps.yahoo.com/dashboard/createKey.html
+# http://developer.yahoo.com/oauth/guide/oauth-accesstoken.html
+class YahooToken < OauthToken
+  
+  class << self
+    def settings
+      @settings ||= {
+        :site => "https://api.login.yahoo.com",
+        :request_token_path => '/oauth/v2/get_request_token',
+        :access_token_path  => '/oauth/v2/get_token',
+        :authorize_path     => '/oauth/v2/request_auth'
+      }
+    end
+    
+    def oauth_version
+      2.0
+    end
+  end
+  
+end

data/lib/authlogic_connect/oauth/user.rb

@@ -0,0 +1,81 @@
+module AuthlogicConnect::Oauth
+  module User
+    def self.included(base)
+      base.class_eval do
+        add_acts_as_authentic_module(InstanceMethods, :prepend)
+      end
+    end
+    
+    module InstanceMethods
+      include Process
+      # Set up some simple validations
+      def self.included(base)
+        base.class_eval do
+          has_many :tokens, :class_name => "Token", :dependent => :destroy
+          belongs_to :active_token, :class_name => "Token", :dependent => :destroy
+          accepts_nested_attributes_for :tokens, :active_token
+          
+          validate :validate_by_oauth, :if => :authenticating_with_oauth?
+          
+          # need these validation options if you don't want it to choke
+          # on password length, which you don't need if you're using oauth
+          validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_oauth?)
+          validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_oauth?)
+          validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_oauth?)
+          validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_oauth?)
+          validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_oauth?)
+        end
+
+        # email needs to be optional for oauth
+        base.validate_email_field = false
+      end
+      
+      def update_attributes(attributes, &block)
+        self.attributes = attributes
+        save(true, &block)
+      end
+      
+      # NEED TO GIVE A BLOCK
+      def save_with_oauth(perform_validation = true, &block)
+        if perform_validation && block_given? && redirecting_to_oauth_server?
+          # Save attributes so they aren't lost during the authentication with the oauth server
+          auth_session[:authlogic_oauth_attributes] = attributes.reject!{|k, v| v.blank?}
+          redirect_to_oauth
+          return false
+        end
+        return true
+      end
+      
+    protected
+    
+      def using_oauth?
+        !oauth_token.blank?
+      end
+      
+      def validate_password_with_oauth?
+        !using_oauth? && require_password?
+      end
+      
+      def authenticating_with_oauth?
+        return false unless oauth_provider
+        # Initial request when user presses one of the button helpers
+        (auth_params && !auth_params[:register_with_oauth].blank?) ||
+        # When the oauth provider responds and we made the initial request
+        (oauth_response && auth_session && auth_session[:oauth_request_class] == self.class.name)
+      end
+
+      def authenticate_with_oauth
+        # Restore any attributes which were saved before redirecting to the oauth server
+        self.attributes = auth_session.delete(:authlogic_oauth_attributes)
+        token = AuthlogicConnect.token(oauth_provider).new(oauth_key_and_secret)
+        if Token.find_by_key(token.key)
+          self.errors.add("you have already created an account using your #{oauth_token.service_name} account, so it")
+        else
+          self.tokens << token
+          self.active_token = token
+        end
+      end
+
+    end
+  end
+end