authlogic-connect 0.0.1

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2010 Lance Pollard (lancejpollard@gmail.com)
+ 
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+ 
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+ 
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.markdown

@@ -0,0 +1,145 @@
+# Authlogic Connect
+
+Authlogic Connect is an extension of the Authlogic library to add extensive Oauth and OpenID support. With Authlogic Connect, it's very easy to allow users to login through any of the 30+ authentication providers out there.  You shouldn't be reinventing the wheel anyways.
+
+There are 3 ways you can allow your users to login with Authlogic Connect:
+
+1. Clicking an Oauth Provider
+2. Clicking an OpenID Provider and entering in their username
+3. Manually typing in a full OpenID address
+
+All of that is easier than creating a new account and password.
+
+## Helpful links
+
+*	<b>Authlogic:</b> [http://github.com/binarylogic/authlogic](http://github.com/binarylogic/authlogic)
+*	<b>Authlogic Connect Example Project:</b> [http://github.com/viatropos/authlogic-connect-example](http://github.com/viatropos/authlogic-connect-example)
+*	<b>Live example with Twitter and Facebook using Rails 3:</b> [http://authlogic-connect.heroku.com](http://authlogic-connect.heroku.com)
+
+## Supported Providers
+
+Lists of all known providers here:
+
+- [Oauth Providers](http://wiki.oauth.net/ServiceProviders)
+- [OpenID Providers](http://en.wikipedia.org/wiki/List_of_OpenID_providers)
+
+### Oauth
+
+- Twitter
+- Facebook
+- Google
+
+### OpenID
+
+- MyOpenID
+
+## Install and use
+
+### 1. Install Authlogic and setup your application
+
+    sudo gem install authlogic
+
+### 2. Install OAuth and Authlogic Connect
+
+    sudo gem install oauth
+    sudo gem install authlogic-connect
+
+Now add the gem dependencies in your config:
+
+    config.gem "json"
+    config.gem "authlogic"
+    config.gem "oauth"
+    config.gem "oauth2"
+    config.gem "authlogic-connect", :lib => "authlogic_connect"
+
+### 3. Add the Migrations
+
+If you are starting from scratch (and you don't even have a User model yet), create the migrations using this command.
+
+    script/generate authlogic_connect_migration
+
+Otherwise, add this migration
+
+    class AddAuthlogicConnectMigration < ActiveRecord::Migration
+      def self.up
+        add_column :users, :oauth_token, :string
+        add_column :users, :oauth_secret, :string
+        add_index :users, :oauth_token
+
+        change_column :users, :login, :string, :default => nil, :null => true
+        change_column :users, :crypted_password, :string, :default => nil, :null => true
+        change_column :users, :password_salt, :string, :default => nil, :null => true
+      end
+
+      def self.down
+        remove_column :users, :oauth_token
+        remove_column :users, :oauth_secret
+
+        [:login, :crypted_password, :password_salt].each do |field|
+          User.all(:conditions => "#{field} is NULL").each { |user| user.update_attribute(field, "") if user.send(field).nil? }
+          change_column :users, field, :string, :default => "", :null => false
+        end
+      end
+    end
+  
+### 4. Make sure you save your objects properly
+
+Because of the redirects involved in Oauth and OpenID, you MUST pass a block to the `save` method in your UsersController and UserSessionsController:
+
+    @user_session.save do |result|
+      if result
+        flash[:notice] # "Login successful!"
+        redirect_back_or_default account_url
+      else
+        render :action => :new
+      end
+    end
+
+You should save your `@user` objects this way as well, because you also want the user to authenticate with OAuth.
+
+If we don't use the block, we will get a DoubleRender error. This lets us skip that entire block and send the user along their way without any problems.
+
+### 5. Create Custom Tokens (if they don't already exist)
+
+Here's an example of the FacebookToken for Oauth
+
+    class FacebookToken < OauthToken
+    
+    end
+  
+### 6. Add login and register buttons to your views
+
+    <%# oauth_register_button :value => "Register with Twitter" %>
+    <%# oauth_login_button :value => "Login with Twitter" %>
+
+That's it! The rest is taken care of for you.
+
+## The Flow
+
+- Controller calls `save`
+- Save checks to see what type of authentication we're going to use
+  - methods called `authenticating_with_x?` sees if its service is in use
+    - called twice, once before, and once after, redirect
+  - it does this by checking if the session and parameters have certain variables defined.
+- Save calls `save_with_x`, which either:
+  - performs the initial redirect, or
+  - on response from the service, retrieves attributes and saves the user
+- If first round (hasn't yet redirected):
+  - Saves important data into the session
+  - Specifies callback url based on controller name and action
+  - Redirects to remote service
+  - User clicks "accept!"
+  - Redirects back to callback url
+- If second round (redirect callback url):
+  - Still processing service (`authenticating_with_oauth?` for example)
+  - Instantiates new User, Session, or Token, or all 3 if they are brand new
+  - Validates User and Session
+    - You don't want to validate any password/email if you're using these services,
+      so they are all skipped
+    - Need to validate keys
+  - Save user
+- Finish block, render page
+
+## Tests
+
+This has no tests!  I had to build this in a weekend and am not fluent with Shoulda, which I'd like to use.  One of these days when I can breathe.

data/Rakefile

@@ -0,0 +1,69 @@
+require 'rake'
+require "rake/rdoctask"
+require 'rake/gempackagetask'
+
+# http://docs.rubygems.org/read/chapter/20
+spec = Gem::Specification.new do |s|
+  s.name              = "authlogic-connect"
+  s.author            = "Lance Pollard"
+  s.version           = "0.0.1"
+  s.summary           = "Authlogic Connect: Let your app use all of Oauth and OpenID"
+  s.homepage          = "http://github.com/viatropos/authlogic-connect"
+  s.email             = "lancejpollard@gmail.com"
+  s.description       = "Let your app use all of Oauth and OpenID"
+  s.has_rdoc          = true
+  s.rubyforge_project = "authlogic-connect"
+  s.platform          = Gem::Platform::RUBY
+  s.files             = %w(README.markdown Rakefile init.rb MIT-LICENSE) + Dir["{lib,rails,test}/**/*"] - Dir["test/tmp"]
+  s.require_path      = "lib"
+  s.add_dependency("activesupport", ">= 2.1.2")
+  s.add_dependency("activerecord", ">= 2.1.2")
+  s.add_dependency("authlogic")
+  s.add_dependency("oauth")
+  s.add_dependency("json")
+  s.add_dependency("oauth2") # facebook only
+end
+
+desc "Create .gemspec file (useful for github)"
+task :gemspec do
+  File.open("pkg/#{spec.name}.gemspec", "w") do |f|
+    f.puts spec.to_ruby
+  end
+end
+
+desc "Build the gem into the current directory"
+task :gem => :gemspec do
+  `gem build pkg/#{spec.name}.gemspec`
+end
+
+desc "Publish gem to rubygems"
+task :publish => [:package] do
+  `gem push pkg/#{spec.name}-#{spec.version}.gem`
+end
+
+desc "Print a list of the files to be put into the gem"
+task :manifest do
+  File.open("Manifest", "w") do |f|
+    spec.files.each do |file|
+      f.puts file
+    end
+  end
+end
+
+Rake::GemPackageTask.new(spec) do |pkg|
+  pkg.gem_spec    = spec
+  pkg.package_dir = "pkg"
+end
+
+desc "Install the gem locally"
+task :install => [:package] do
+  sh %{sudo gem install pkg/#{spec.name}-#{spec.version} --no-ri --no-rdoc}
+end
+
+desc "Generate the rdoc"
+Rake::RDocTask.new do |rdoc|
+  files = ["README.markdown", "lib/**/*.rb"]
+  rdoc.rdoc_files.add(files)
+  rdoc.main = "README.markdown"
+  rdoc.title = spec.summary
+end

data/init.rb

@@ -0,0 +1 @@
+File.dirname(__FILE__) + "/rails/init.rb"

data/lib/authlogic_connect.rb

@@ -0,0 +1,71 @@
+require 'active_record'
+require 'authlogic'
+require 'oauth'
+require 'oauth2'
+
+class Hash
+  def recursively_symbolize_keys!
+    self.symbolize_keys!
+    self.values.each do |v|
+      if v.is_a? Hash
+        v.recursively_symbolize_keys!
+      elsif v.is_a? Array
+        v.recursively_symbolize_keys!
+      end
+    end
+    self
+  end
+end
+
+class Array
+  def recursively_symbolize_keys!
+    self.each do |item|
+      if item.is_a? Hash
+        item.recursively_symbolize_keys!
+      elsif item.is_a? Array
+        item.recursively_symbolize_keys!
+      end
+    end
+  end
+end
+
+module AuthlogicConnect
+  VERSION = "0.0.1"
+  
+  class << self
+    
+    attr_accessor :config
+
+    def config=(value)
+      value.recursively_symbolize_keys!
+      @config = value
+    end
+
+    def key(path)
+      result = self.config
+      path.to_s.split(".").each { |node| result = result[node.to_sym] if result }
+      result
+    end
+    
+    def credentials(service)
+      key("services.#{service.to_s}")
+    end
+
+    def include?(service)
+      !credentials(service).nil?
+    end
+    
+    def token(key)
+      throw Error unless AuthlogicConnect.include?(key) and !key.to_s.empty?
+      "#{key.to_s.camelcase}Token".constantize
+    end
+    
+    def consumer(key)
+      token(key).consumer
+    end
+  end
+end
+
+require File.dirname(__FILE__) + "/authlogic_connect/openid"
+require File.dirname(__FILE__) + "/authlogic_connect/oauth"
+require File.dirname(__FILE__) + "/authlogic_connect/common"

data/lib/authlogic_connect/common.rb

@@ -0,0 +1,9 @@
+module AuthlogicConnect::Common
+end
+
+require File.dirname(__FILE__) + "/common/variables"
+require File.dirname(__FILE__) + "/common/user"
+require File.dirname(__FILE__) + "/common/session"
+
+ActiveRecord::Base.send(:include, AuthlogicConnect::Common::User)
+Authlogic::Session::Base.send(:include, AuthlogicConnect::Common::Session)

data/lib/authlogic_connect/common/session.rb

@@ -0,0 +1,27 @@
+module AuthlogicConnect::Common
+  module Session
+    
+    def self.included(base)
+      base.class_eval do
+        include Variables
+        include InstanceMethods
+      end
+    end
+    
+    module InstanceMethods
+      
+      # core save method coordinating how to save the session
+      def save(&block)
+        block_destroyed = false
+        if authenticating_with_openid?
+          block_destroyed = save_with_openid(&block)
+        elsif authenticating_with_oauth?
+          block_destroyed = save_with_oauth(&block)
+        end
+        block = nil if block_destroyed
+        super(&block)
+      end
+    end
+    
+  end
+end

data/lib/authlogic_connect/common/user.rb

@@ -0,0 +1,40 @@
+module AuthlogicConnect::Common
+  module User
+    
+    def self.included(base)
+      base.class_eval do
+        add_acts_as_authentic_module(Variables, :prepend)
+        add_acts_as_authentic_module(InstanceMethods, :append)
+      end
+    end
+    
+    module InstanceMethods
+      
+      # core save method coordinating how to save the user
+      def save(perform_validation = true, &block)
+        status = true
+        if authenticating_with_openid?
+          status = save_with_openid(perform_validation, &block)
+        elsif authenticating_with_oauth?
+          status = save_with_oauth(perform_validation, &block)
+        end
+        if status
+          result = super
+          yield(result) if block_given?
+          result
+        end
+        status
+      end
+      
+      def validate_password_with_oauth?
+        !using_openid? && super
+      end
+      
+      def validate_password_with_openid?
+        !using_oauth? && super
+      end
+      
+    end
+    
+  end
+end

data/lib/authlogic_connect/common/variables.rb

@@ -0,0 +1,21 @@
+module AuthlogicConnect::Common
+  module Variables
+    
+    def auth_controller
+      is_auth_session? ? controller : session_class.controller
+    end
+    
+    def auth_session
+      auth_controller.session
+    end
+    
+    def auth_params
+      auth_controller.params
+    end
+    
+    def is_auth_session?
+      self.is_a?(Authlogic::Session::Base)
+    end
+    
+  end
+end

data/lib/authlogic_connect/oauth.rb

@@ -0,0 +1,11 @@
+module AuthlogicConnect::Oauth
+end
+
+require File.dirname(__FILE__) + "/oauth/process"
+require File.dirname(__FILE__) + "/oauth/user"
+require File.dirname(__FILE__) + "/oauth/session"
+require File.dirname(__FILE__) + "/oauth/helper"
+
+ActiveRecord::Base.send(:include, AuthlogicConnect::Oauth::User)
+Authlogic::Session::Base.send(:include, AuthlogicConnect::Oauth::Session)
+ActionController::Base.helper AuthlogicConnect::Oauth::Helper

data/lib/authlogic_connect/oauth/helper.rb

@@ -0,0 +1,16 @@
+module AuthlogicConnect::Oauth
+  module Helper
+    def oauth_register_button(options = {})
+      oauth_button('register_with_oauth', options)
+    end
+    
+    def oauth_login_button(options = {})
+      oauth_button('login_with_oauth', options)
+    end
+  
+  private
+    def oauth_button(name, options = {})
+      "<input type='submit' value='#{options[:value]}' name='#{name}' id='user_submit' class='#{options[:class]}'/>"
+    end
+  end
+end