authlogic-connect 0.0.3.9 → 0.0.4.03

data/lib/authlogic_connect/oauth/session.rb

@@ -7,7 +7,7 @@ module AuthlogicConnect::Oauth
         include InstanceMethods
       end
     end
-
+    
     module InstanceMethods
       include Process
 
@@ -30,12 +30,6 @@ module AuthlogicConnect::Oauth
       end
 
     private
-      # Clears out the block if we are authenticating with oauth,
-      # so that we can redirect without a DoubleRender error.
-      def save_with_oauth(&block)
-        block = nil if redirecting_to_oauth_server?
-        return block.nil?
-      end
       
       def complete_oauth_transaction
         if @record
@@ -46,13 +40,23 @@ module AuthlogicConnect::Oauth
           # attempted_record is part of AuthLogic
           hash = oauth_token_and_secret
           token = token_class.find_by_key_or_token(hash[:key], hash[:token], :include => [:user]) # some weird error if I leave out the include)
-          self.attempted_record = token.user
+          if token
+            self.attempted_record = token.user
+          elsif auto_register?
+            self.attempted_record = klass.new
+            self.attempted_record.access_tokens << token_class.new(hash)
+            self.attempted_record.save
+          else
+            auth_session[:_key] = hash[:key]
+            auth_session[:_token] = hash[:token]
+            auth_session[:_secret] = hash[:secret]
+          end
         end
-        
+
         if !attempted_record
-          errors.add_to_base("Could not find user in our database, have you registered with your oauth account?")
+          errors.add(:user, "Could not find user in our database, have you registered with your oauth account?")
         end
       end
     end
   end
-end
+end

data/lib/authlogic_connect/oauth/state.rb

@@ -5,7 +5,7 @@ module AuthlogicConnect::Oauth::State
   # checks that we just passed parameters to it,
   # and that the parameters say 'authentication_method' == 'oauth'
   def oauth_request?
-    !auth_params.nil? && oauth_provider?
+    auth_params? && oauth_provider?
   end
   
   # 2. from call
@@ -13,19 +13,23 @@ module AuthlogicConnect::Oauth::State
   def oauth_response?
     !oauth_response.nil? && !auth_session.nil? && auth_session[:auth_request_class] == self.class.name && auth_session[:auth_method] == "oauth"
   end
-  alias_method :oauth_complete?, :oauth_response?
+  
+  def oauth_complete?
+    oauth_response? || stored_oauth_token_and_secret?
+  end
   
   # 3. either to or from call
   def using_oauth?
-    oauth_request? || oauth_response?
+    oauth_request? || oauth_response? || stored_oauth_token_and_secret?
   end
   
   def new_oauth_request?
-    oauth_response.blank?
+    return false if stored_oauth_token_and_secret?
+    return oauth_response.blank?
   end
   
   def oauth_provider?
-    !oauth_provider.nil? && !oauth_provider.empty?
+    !oauth_provider.blank?
   end
   
   # main method we call on validation
@@ -37,18 +41,20 @@ module AuthlogicConnect::Oauth::State
     authenticating_with_oauth? && !oauth_complete?
   end
   
-  # both checks if it can redirect, and does the redirect.
-  # is there a more concise way to do this?
-  def redirecting_to_oauth_server?
-    if allow_oauth_redirect?
-      redirect_to_oauth
-      return true
-    end
-    return false
+  def start_oauth?
+    authenticating_with_oauth? && !oauth_complete?
+  end
+  
+  def complete_oauth?
+    using_oauth? && !new_oauth_request?
   end
   
   def validate_password_with_oauth?
     !using_oauth? && require_password?
   end
   
+  def stored_oauth_token_and_secret?
+    !is_auth_session? && auth_params && auth_params.has_key?(:_key) && auth_params.has_key?(:_token) && auth_params.has_key?(:_secret)
+  end
+  
 end

data/lib/authlogic_connect/oauth/tokens/aol_token.rb

@@ -0,0 +1,2 @@
+# http://dev.aol.com/openauth_gettingstarted
+# https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=dev.aol.com&authLev=1&lang=en&locale=us&siteState=OrigUrl%3Dhttp%253A%252F%252Fdev.aol.com%252Fkeys

data/lib/authlogic_connect/oauth/tokens/google_token.rb

@@ -27,15 +27,15 @@
 # YouTube           http://gdata.youtube.com
 class GoogleToken < OauthToken
   
-  settings "https://www.google.com", 
-    :request_token_path => "/accounts/OAuthGetRequestToken",
-    :authorize_path     => "/accounts/OAuthAuthorizeToken",
-    :access_token_path  => "/accounts/OAuthGetAccessToken",
-    :scope              => "https://www.google.com/m8/feeds/"
-  
-  key do |access_token|
-    body = JSON.parse(access_token.get("https://www.google.com/m8/feeds/contacts/default/full?alt=json&max-results=0").body)
-    email = body["feed"]["author"].first["email"]["$t"] # $t is some weird google json thing
-  end
-  
+   settings "https://www.google.com",
+     :request_token_path => "/accounts/OAuthGetRequestToken",
+     :authorize_path     => "/accounts/OAuthAuthorizeToken",
+     :access_token_path  => "/accounts/OAuthGetAccessToken",
+     :scope              => "https://www.googleapis.com/auth/userinfo#email"
+
+   key do |access_token|
+     body = JSON.parse(access_token.get("https://www.googleapis.com/userinfo/email?alt=json").body)
+     email = body["data"]["email"]
+   end
+   
 end

data/lib/authlogic_connect/oauth/tokens/meetup_token.rb

@@ -0,0 +1,12 @@
+# http://www.meetup.com/meetup_api/docs/#oauth
+# protected resources: http://api.meetup.com
+class MeetupToken < OauthToken
+  
+  key :user_id
+
+  settings "http://www.meetup.com/"
+    :request_token_path => "/oauth/request",
+    :authorize_path     => "/authorize",
+    :access_token_path  => "/oauth/access"
+
+end

data/lib/authlogic_connect/oauth/tokens/netflix_token.rb

@@ -0,0 +1,10 @@
+class NetflixToken < OauthToken
+  
+  key :user_id
+
+  settings "http://api.netflix.com",
+    :request_token_path => "/oauth/request_token",
+    :access_token_path => "/oauth/access_token",
+    :authorize_path => "/oauth/login"
+
+end

data/lib/authlogic_connect/oauth/tokens/oauth_token.rb

@@ -1,4 +1,4 @@
-class OauthToken < Token
+class OauthToken < AccessToken
   
   def client
     unless @client
@@ -63,7 +63,9 @@ class OauthToken < Token
     def find_by_key_or_token(key, token, options = {})
       result = self.find_by_key(key, options) unless key.nil?
       unless result
-        result = self.find_by_token(token, options) unless token.nil?
+        if !token.blank? && self.respond_to?(:find_by_token)
+          result = self.find_by_token(token, options)
+        end
       end
       result 
     end
@@ -78,6 +80,7 @@ class OauthToken < Token
       redirect_uri    = options[:redirect_uri]
       token           = options[:token]
       secret          = options[:secret]
+
       if oauth_version == 1.0
         access = request_token(token, secret).get_access_token(:oauth_verifier => oauth_verifier)
         result = {:token => access.token, :secret => access.secret, :key => nil}
@@ -95,6 +98,7 @@ class OauthToken < Token
         access = consumer.web_server.get_access_token(secret, :redirect_uri => redirect_uri)
         result = {:token => access.token, :secret => secret, :key => nil}
       end
+      
       result
     end
     

data/lib/authlogic_connect/oauth/tokens/ohloh_token.rb

@@ -0,0 +1,9 @@
+# https://www.ohloh.net/
+# http://www.ohloh.net/api/oauth
+class OhlohToken < OauthToken
+  
+  key :user_id
+
+  settings "http://www.ohloh.net"
+
+end

data/lib/authlogic_connect/oauth/user.rb

@@ -24,12 +24,10 @@ module AuthlogicConnect::Oauth::User
         validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_oauth?)
         validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_oauth?)
         validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_oauth?)
+        
       end
-      
-      # email needs to be optional for oauth
-      base.validate_email_field = false
     end
-        
+    
     # user adds a few extra things to this method from Process
     # modules work like inheritance
     def save_oauth_session
@@ -37,6 +35,10 @@ module AuthlogicConnect::Oauth::User
       auth_session[:auth_attributes]            = attributes.reject!{|k, v| v.blank?} unless is_auth_session?
     end
     
+    def redirect_to_oauth
+      return has_token?(oauth_provider) ? false : super
+    end
+    
     def restore_attributes
       # Restore any attributes which were saved before redirecting to the auth server
       self.attributes = auth_session[:auth_attributes]
@@ -47,20 +49,13 @@ module AuthlogicConnect::Oauth::User
     # to the database.
     # it is called by the validation chain.
     def complete_oauth_transaction
-      unless create_oauth_token
-        self.errors.add(:tokens, "you have already created an account using your #{token_class.service_name} account, so it")
-      end
-    end
-    
-    def create_oauth_token
       token = token_class.new(oauth_token_and_secret)
       
-      if has_token?(oauth_provider) || Token.find_by_key(token.key) || Token.find_by_token(token.token)
-        return false
+      if has_token?(oauth_provider) || token_class.find_by_key_or_token(token.key, token.token)
+        self.errors.add(:tokens, "you have already created an account using your #{token_class.service_name} account, so it")
       else
-        self.tokens << token
+        self.access_tokens << token
         self.active_token = token
-        return true
       end
     end
     

data/lib/authlogic_connect/oauth/variables.rb

@@ -41,9 +41,18 @@ module AuthlogicConnect::Oauth::Variables
     token_class.consumer
   end
   
+  def stored_oauth_token_and_secret
+    if auth_controller?
+      {:key => auth_params[:_key], :token => auth_params[:_token], :secret => auth_params[:_secret]}
+    else
+      {:key => nil, :token => nil, :secret => nil}
+    end
+  end
+  
   # this is a thick method.
   # it gives you the final key and secret that we will store in the database
   def oauth_token_and_secret
+    return stored_oauth_token_and_secret if stored_oauth_token_and_secret?
     token_class.get_token_and_secret(
       :token          => auth_session[:oauth_request_token],
       :secret         => oauth_version == 1.0 ? auth_session[:oauth_request_token_secret] : oauth_token,

data/lib/authlogic_connect/openid/process.rb

@@ -2,16 +2,56 @@ module AuthlogicConnect::Openid::Process
 
   include AuthlogicConnect::Openid::Variables
   
+  def start_openid
+    save_openid_session
+    call_openid
+  end
+  
+  def complete_openid
+    restore_attributes
+    call_openid
+  end
+  
+  def call_openid
+    options = {}
+    options[:return_to] = auth_callback_url
+    # this is called both on start and complete.
+    # reason being, in the open_id_authentication library (where "authenticate_with_open_id" is defined),
+    # it checks the rack session to find openid pareters, and knows whether we're at
+    # start or complete
+    auth_controller.send(:authenticate_with_open_id, openid_identifier, options) do |result, openid_identifier|
+      complete_openid_transaction(result, openid_identifier)
+      return true
+    end
+    return false
+  end
+  
+  def complete_openid_transaction(result, openid_identifier)
+    if result.unsuccessful?
+      errors.add_to_base(result.message)
+    end
+    
+    if AccessToken.find_by_key(openid_identifier.normalize_identifier)
+    else
+      token = OpenidToken.new(:key => openid_identifier)
+      self.access_tokens << token
+      self.active_token = token
+    end
+  end
+  
   # want to do this after the final save
   def cleanup_openid_session
-    [:auth_attributes, :authentication_type, :auth_callback_method].each {|key| auth_session.delete(key)}
+    [:auth_attributes, :authentication_type, :auth_callback_method].each {|key| remove_session_key(key)}
     auth_session.each_key do |key|
-      auth_session.delete(key) if key.to_s =~ /^OpenID/
+      remove_session_key(key) if key.to_s =~ /^OpenID/
     end
   end
   
   def validate_by_openid
-    errors.add(:tokens, "had the following error: #{@openid_error}") if @openid_error
+    if processing_authentication
+      authentication_protocol(:openid, :start) || authentication_protocol(:openid, :complete)
+      errors.add(:access_tokens, "had the following error: #{@openid_error}") if @openid_error
+    end
   end
   
   def save_openid_session
@@ -22,9 +62,13 @@ module AuthlogicConnect::Openid::Process
     auth_session[:auth_method]            = "openid"
   end
   
+  def attributes_to_save
+    {}
+  end
+  
   def restore_attributes
     # Restore any attributes which were saved before redirecting to the auth server
-    self.attributes = auth_session[:auth_attributes]
+    self.attributes = auth_session[:auth_attributes] unless is_auth_session?
   end
   
-end
+end

data/lib/authlogic_connect/openid/session.rb

@@ -13,7 +13,6 @@ module AuthlogicConnect::Openid
       
       def self.included(klass)
         klass.class_eval do
-          validate :validate_openid_error
           validate :validate_by_openid, :if => :authenticating_with_openid?
         end
       end
@@ -26,53 +25,33 @@ module AuthlogicConnect::Openid
         self.openid_identifier = hash[:openid_identifier] if !hash.nil? && hash.key?(:openid_identifier)
       end
       
-      # Cleaers out the block if we are authenticating with OpenID, so that we can redirect without a DoubleRender
-      # error.
-      def save_with_openid(&block)
-        block = nil if Token.find_by_key(openid_identifier.normalize_identifier)
-        return block.nil?
-      end
-      
       private
-        def authenticating_with_openid?
-          attempted_record.nil? && errors.empty? && (!openid_identifier.blank? || (controller.params[:open_id_complete] && controller.params[:for_session]))
-        end
         
         def auto_register?
           false
         end
         
-        def validate_by_openid
-          self.remember_me = auth_params[:remember_me] == "true" if auth_params.key?(:remember_me)
-          token = Token.find_by_key(openid_identifier.normalize_identifier, :include => [:user])
+        def complete_openid_transaction(result, openid_identifier)
+          if result.unsuccessful?
+            errors.add_to_base(result.message)
+          end
+          
+          token = AccessToken.find_by_key(openid_identifier.normalize_identifier, :include => [:user])
+          
           self.attempted_record = token.user if token
+          
           if !attempted_record
             if auto_register?
-              self.attempted_record = klass.new :openid_identifier => openid_identifier
-              attempted_record.save do |result|
-                if result
-                  true
-                else
-                  false
-                end
-              end
+              self.attempted_record = klass.new
+              self.attempted_record.access_tokens << OpenidToken.new(:key => openid_identifier.normalize_identifier)
+              self.attempted_record.save
             else
-              errors.add(:openid_identifier, "did not match any users in our database, have you set up your account to use OpenID?")
+              auth_session[:openid_identifier] = openid_identifier
+              errors.add(:user, "Could not find user in our database, have you registered with your openid account?")
             end
-            return
-          end
-          controller.send(:authenticate_with_open_id, openid_identifier, :return_to => controller.url_for(:for_session => "1", :remember_me => remember_me?)) do |result, openid_identifier|
-            if result.unsuccessful?
-              errors.add_to_base(result.message)
-              return
-            end
-            
           end
         end
         
-        def validate_openid_error
-          errors.add(:openid_identifier, @openid_error) if @openid_error
-        end
     end
   end
 end

data/lib/authlogic_connect/openid/state.rb

@@ -1,47 +1,48 @@
 # all these methods must return true or false
 module AuthlogicConnect::Openid::State
-    # 1. to call
-    def openid_request?
-      !openid_identifier.blank?
-    end
-    
-    def openid_identifier?
-      openid_request?
-    end
-    
-    def openid_provider?
-      
-    end
-    
-    # 2. from call
-    # better check needed
-    def openid_response?
-      !auth_session[:auth_attributes].nil? && auth_session[:auth_method] == "openid"
-    end
-    alias_method :openid_complete?, :openid_response?
-    
-    # 3. either to or from call
-    # this should include more!
-    # we know we are using open id if:
-    #   the params passed in have "openid_identifier"
-    def using_openid?
-      openid_request? || openid_response?
-    end
-    
-    def authenticating_with_openid?
-      session_class.activated? && using_openid?
-    end
-    
-    def allow_openid_redirect?
-      authenticating_with_openid?
-    end
-    
-    def redirecting_to_openid_server?
-      allow_openid_redirect? && !authenticate_with_openid
-    end
-    
-    def validate_password_with_openid?
-      !using_openid? && require_password?
-    end
-    
+
+  # 1. to call
+  def openid_request?
+    !openid_identifier.blank? && auth_session[:auth_attributes].nil?
+  end
+  
+  def openid_identifier?
+    openid_request?
+  end
+  
+  def openid_provider?
+    
+  end
+  
+  # 2. from call
+  # better check needed
+  def openid_response?
+    auth_controller? && !auth_session[:auth_attributes].nil? && auth_session[:auth_method] == "openid"
+  end
+  alias_method :openid_complete?, :openid_response?
+  
+  # 3. either to or from call
+  # this should include more!
+  # we know we are using open id if:
+  #   the params passed in have "openid_identifier"
+  def using_openid?
+    auth_controller? && (openid_request? || openid_response?)
+  end
+  
+  def authenticating_with_openid?
+    auth_controller? && auth_class.activated? && using_openid?
+  end
+  
+  def start_openid?
+    authenticating_with_openid? && !openid_response?
+  end
+
+  def complete_openid?
+    openid_complete?
+  end
+  
+  def validate_password_with_openid?
+    !using_openid? && require_password?
+  end
+  
 end