authlogic-oauth 1.0.7 → 1.0.8
Sign up to get free protection for your applications and to get access to all the features.
- data/CHANGELOG.rdoc +5 -1
- data/lib/authlogic_oauth/acts_as_authentic.rb +26 -23
- data/lib/authlogic_oauth/oauth_process.rb +19 -15
- data/lib/authlogic_oauth/session.rb +16 -14
- data/lib/authlogic_oauth/version.rb +10 -10
- metadata +2 -2
data/CHANGELOG.rdoc
CHANGED
@@ -1,3 +1,7 @@
|
|
1
|
+
== 1.0.8 release 2009-8-2
|
2
|
+
|
3
|
+
* Fixing unauthorized errors when you before_filter :require_no_user on the UserController#create action.
|
4
|
+
|
1
5
|
== 1.0.7 release 2009-7-20
|
2
6
|
|
3
7
|
* Fixing a OAuth unauthorized error when updating a user object with new oauth token/secret via the 'Register with OAuth' helper.
|
@@ -15,7 +19,7 @@
|
|
15
19
|
|
16
20
|
* Using oauth's callback_url parameter to control where the oauth server returns the user to the application.
|
17
21
|
The callback_url parameter was temporarily disabled on major oauth sites due to security concerns, but has been resolved.
|
18
|
-
|
22
|
+
|
19
23
|
* Removed the need to add specific oauth routes and an oauth_controller (YAY!). This makes using the plugin much easier.
|
20
24
|
|
21
25
|
== 1.0.1 released 2009-6-4
|
@@ -6,7 +6,7 @@ module AuthlogicOauth
|
|
6
6
|
add_acts_as_authentic_module(Methods, :prepend)
|
7
7
|
end
|
8
8
|
end
|
9
|
-
|
9
|
+
|
10
10
|
module Config
|
11
11
|
# The name of the oauth token field in the database.
|
12
12
|
#
|
@@ -16,7 +16,7 @@ module AuthlogicOauth
|
|
16
16
|
rw_config(:oauth_token_field, value, :oauth_token)
|
17
17
|
end
|
18
18
|
alias_method :oauth_token_field=, :oauth_token_field
|
19
|
-
|
19
|
+
|
20
20
|
# The name of the oauth token secret field in the database.
|
21
21
|
#
|
22
22
|
# * <tt>Default:</tt> :oauth_secret
|
@@ -26,36 +26,36 @@ module AuthlogicOauth
|
|
26
26
|
end
|
27
27
|
alias_method :oauth_secret_field=, :oauth_secret_field
|
28
28
|
end
|
29
|
-
|
29
|
+
|
30
30
|
module Methods
|
31
31
|
include OauthProcess
|
32
|
-
|
32
|
+
|
33
33
|
# Set up some simple validations
|
34
34
|
def self.included(klass)
|
35
35
|
klass.class_eval do
|
36
36
|
alias_method "#{oauth_token_field.to_s}=".to_sym, :oauth_token=
|
37
37
|
alias_method "#{oauth_secret_field.to_s}=".to_sym, :oauth_secret=
|
38
38
|
end
|
39
|
-
|
39
|
+
|
40
40
|
return if !klass.column_names.include?(klass.oauth_token_field.to_s)
|
41
41
|
|
42
42
|
klass.class_eval do
|
43
43
|
validate :validate_by_oauth, :if => :authenticating_with_oauth?
|
44
|
-
|
44
|
+
|
45
45
|
validates_uniqueness_of klass.oauth_token_field, :scope => validations_scope, :if => :using_oauth?
|
46
46
|
validates_presence_of klass.oauth_secret_field, :scope => validations_scope, :if => :using_oauth?
|
47
|
-
|
47
|
+
|
48
48
|
validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_oauth?)
|
49
49
|
validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_oauth?)
|
50
50
|
validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_oauth?)
|
51
51
|
validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_oauth?)
|
52
52
|
validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_oauth?)
|
53
53
|
end
|
54
|
-
|
54
|
+
|
55
55
|
# email needs to be optional for oauth
|
56
56
|
klass.validate_email_field = false
|
57
57
|
end
|
58
|
-
|
58
|
+
|
59
59
|
def save(perform_validation = true, &block)
|
60
60
|
if perform_validation && block_given? && redirecting_to_oauth_server?
|
61
61
|
# Save attributes so they aren't lost during the authentication with the oauth server
|
@@ -63,58 +63,61 @@ module AuthlogicOauth
|
|
63
63
|
redirect_to_oauth
|
64
64
|
return false
|
65
65
|
end
|
66
|
-
|
66
|
+
|
67
67
|
result = super
|
68
68
|
yield(result) if block_given?
|
69
69
|
result
|
70
70
|
end
|
71
|
-
|
71
|
+
|
72
72
|
# Set the oauth fields
|
73
73
|
def oauth_token=(value)
|
74
74
|
write_attribute(oauth_token_field, value.blank? ? nil : value)
|
75
75
|
end
|
76
|
-
|
76
|
+
|
77
77
|
def oauth_secret=(value)
|
78
78
|
write_attribute(oauth_secret_field, value.blank? ? nil : value)
|
79
79
|
end
|
80
|
-
|
80
|
+
|
81
81
|
private
|
82
|
-
|
82
|
+
|
83
83
|
def authenticating_with_oauth?
|
84
|
-
|
84
|
+
# Initial request when user presses one of the button helpers
|
85
|
+
(session_class.controller.params && !session_class.controller.params[:register_with_oauth].blank?) ||
|
86
|
+
# When the oauth provider responds and we made the initial request
|
87
|
+
(oauth_response && session_class.controller.session && session_class.controller.session[:oauth_request_class] == self.class.name)
|
85
88
|
end
|
86
|
-
|
89
|
+
|
87
90
|
def authenticate_with_oauth
|
88
91
|
# Restore any attributes which were saved before redirecting to the oauth server
|
89
92
|
self.attributes = session_class.controller.session.delete(:authlogic_oauth_attributes)
|
90
93
|
access_token = generate_access_token
|
91
|
-
|
94
|
+
|
92
95
|
self.oauth_token = access_token.token
|
93
96
|
self.oauth_secret = access_token.secret
|
94
97
|
end
|
95
|
-
|
98
|
+
|
96
99
|
def access_token
|
97
100
|
OAuth::AccessToken.new(oauth,
|
98
101
|
read_attribute(oauth_token_field),
|
99
102
|
read_attribute(oauth_secret_field))
|
100
103
|
end
|
101
|
-
|
104
|
+
|
102
105
|
def using_oauth?
|
103
106
|
respond_to?(oauth_token_field) && !oauth_token.blank?
|
104
107
|
end
|
105
|
-
|
108
|
+
|
106
109
|
def validate_password_with_oauth?
|
107
110
|
!using_oauth? && require_password?
|
108
111
|
end
|
109
|
-
|
112
|
+
|
110
113
|
def oauth_token_field
|
111
114
|
self.class.oauth_token_field
|
112
115
|
end
|
113
|
-
|
116
|
+
|
114
117
|
def oauth_secret_field
|
115
118
|
self.class.oauth_secret_field
|
116
119
|
end
|
117
|
-
|
120
|
+
|
118
121
|
end
|
119
122
|
end
|
120
123
|
end
|
@@ -1,62 +1,66 @@
|
|
1
1
|
module AuthlogicOauth
|
2
2
|
module OauthProcess
|
3
|
-
|
3
|
+
|
4
4
|
private
|
5
|
-
|
5
|
+
|
6
6
|
def validate_by_oauth
|
7
7
|
validate_email_field = false
|
8
|
-
|
8
|
+
|
9
9
|
if oauth_response.blank?
|
10
10
|
redirect_to_oauth
|
11
11
|
else
|
12
12
|
authenticate_with_oauth
|
13
13
|
end
|
14
14
|
end
|
15
|
-
|
15
|
+
|
16
16
|
def redirecting_to_oauth_server?
|
17
17
|
authenticating_with_oauth? && oauth_response.blank?
|
18
18
|
end
|
19
|
-
|
19
|
+
|
20
20
|
def redirect_to_oauth
|
21
21
|
request = oauth.get_request_token :oauth_callback => build_callback_url
|
22
22
|
oauth_controller.session[:oauth_request_token] = request.token
|
23
23
|
oauth_controller.session[:oauth_request_token_secret] = request.secret
|
24
|
-
|
24
|
+
|
25
|
+
# Store the class which is redirecting, so we can ensure other classes
|
26
|
+
# don't get confused and attempt to use the response
|
27
|
+
oauth_controller.session[:oauth_request_class] = self.class.name
|
28
|
+
|
25
29
|
# Tell our rack callback filter what method the current request is using
|
26
30
|
oauth_controller.session[:oauth_callback_method] = oauth_controller.request.method
|
27
|
-
|
31
|
+
|
28
32
|
oauth_controller.redirect_to request.authorize_url
|
29
33
|
end
|
30
|
-
|
34
|
+
|
31
35
|
def build_callback_url
|
32
36
|
oauth_controller.url_for :controller => oauth_controller.controller_name, :action => oauth_controller.action_name
|
33
37
|
end
|
34
|
-
|
38
|
+
|
35
39
|
def request_token
|
36
40
|
OAuth::RequestToken.new(oauth,
|
37
41
|
oauth_controller.session[:oauth_request_token],
|
38
42
|
oauth_controller.session[:oauth_request_token_secret])
|
39
43
|
end
|
40
|
-
|
44
|
+
|
41
45
|
def generate_access_token
|
42
46
|
request_token.get_access_token(:oauth_verifier => oauth_controller.params[:oauth_verifier])
|
43
47
|
end
|
44
|
-
|
48
|
+
|
45
49
|
def oauth_response
|
46
50
|
oauth_controller.params && oauth_controller.params[:oauth_token]
|
47
51
|
end
|
48
|
-
|
52
|
+
|
49
53
|
def oauth_controller
|
50
54
|
is_auth_session? ? controller : session_class.controller
|
51
55
|
end
|
52
|
-
|
56
|
+
|
53
57
|
def oauth
|
54
58
|
is_auth_session? ? self.class.oauth_consumer : session_class.oauth_consumer
|
55
59
|
end
|
56
|
-
|
60
|
+
|
57
61
|
def is_auth_session?
|
58
62
|
self.is_a?(Authlogic::Session::Base)
|
59
63
|
end
|
60
|
-
|
64
|
+
|
61
65
|
end
|
62
66
|
end
|
@@ -8,7 +8,7 @@ module AuthlogicOauth
|
|
8
8
|
include Methods
|
9
9
|
end
|
10
10
|
end
|
11
|
-
|
11
|
+
|
12
12
|
module Config
|
13
13
|
# * <tt>Default:</tt> :find_by_oauth_token
|
14
14
|
# * <tt>Accepts:</tt> Symbol
|
@@ -17,16 +17,16 @@ module AuthlogicOauth
|
|
17
17
|
end
|
18
18
|
alias_method :find_by_oauth_method=, :find_by_oauth_method
|
19
19
|
end
|
20
|
-
|
20
|
+
|
21
21
|
module Methods
|
22
22
|
include OauthProcess
|
23
|
-
|
23
|
+
|
24
24
|
def self.included(klass)
|
25
25
|
klass.class_eval do
|
26
26
|
validate :validate_by_oauth, :if => :authenticating_with_oauth?
|
27
27
|
end
|
28
28
|
end
|
29
|
-
|
29
|
+
|
30
30
|
# Hooks into credentials so that you can pass a user who has already has an oauth access token.
|
31
31
|
def credentials=(value)
|
32
32
|
super
|
@@ -34,25 +34,27 @@ module AuthlogicOauth
|
|
34
34
|
hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
|
35
35
|
self.record = hash[:priority_record] if !hash.nil? && hash.key?(:priority_record)
|
36
36
|
end
|
37
|
-
|
37
|
+
|
38
38
|
def record=(record)
|
39
39
|
@record = record
|
40
40
|
end
|
41
|
-
|
42
|
-
# Clears out the block if we are authenticating with oauth,
|
41
|
+
|
42
|
+
# Clears out the block if we are authenticating with oauth,
|
43
43
|
# so that we can redirect without a DoubleRender error.
|
44
44
|
def save(&block)
|
45
45
|
block = nil if redirecting_to_oauth_server?
|
46
46
|
super(&block)
|
47
47
|
end
|
48
|
-
|
48
|
+
|
49
49
|
private
|
50
|
-
|
50
|
+
|
51
51
|
def authenticating_with_oauth?
|
52
|
-
#
|
53
|
-
(controller.params && !controller.params[:login_with_oauth].blank?) ||
|
52
|
+
# Initial request when user presses one of the button helpers
|
53
|
+
(controller.params && !controller.params[:login_with_oauth].blank?) ||
|
54
|
+
# When the oauth provider responds and we made the initial request
|
55
|
+
(oauth_response && controller.session && controller.session[:oauth_request_class] == self.class.name)
|
54
56
|
end
|
55
|
-
|
57
|
+
|
56
58
|
def authenticate_with_oauth
|
57
59
|
if @record
|
58
60
|
self.attempted_record = record
|
@@ -60,12 +62,12 @@ module AuthlogicOauth
|
|
60
62
|
self.attempted_record = search_for_record(find_by_oauth_method, generate_access_token.token)
|
61
63
|
#errors.add_to_base("Unable to authenticate with Twitter.")
|
62
64
|
end
|
63
|
-
|
65
|
+
|
64
66
|
if !attempted_record
|
65
67
|
errors.add_to_base("Could not find user in our database, have you registered with your oauth account?")
|
66
68
|
end
|
67
69
|
end
|
68
|
-
|
70
|
+
|
69
71
|
def find_by_oauth_method
|
70
72
|
self.class.find_by_oauth_method
|
71
73
|
end
|
@@ -4,45 +4,45 @@ module AuthlogicOauth
|
|
4
4
|
# +tiny+ (or +patch+) number.
|
5
5
|
class Version
|
6
6
|
include Comparable
|
7
|
-
|
7
|
+
|
8
8
|
# A convenience method for instantiating a new Version instance with the
|
9
9
|
# given +major+, +minor+, and +tiny+ components.
|
10
10
|
def self.[](major, minor, tiny)
|
11
11
|
new(major, minor, tiny)
|
12
12
|
end
|
13
|
-
|
13
|
+
|
14
14
|
attr_reader :major, :minor, :tiny
|
15
|
-
|
15
|
+
|
16
16
|
# Create a new Version object with the given components.
|
17
17
|
def initialize(major, minor, tiny)
|
18
18
|
@major, @minor, @tiny = major, minor, tiny
|
19
19
|
end
|
20
|
-
|
20
|
+
|
21
21
|
# Compare this version to the given +version+ object.
|
22
22
|
def <=>(version)
|
23
23
|
to_i <=> version.to_i
|
24
24
|
end
|
25
|
-
|
25
|
+
|
26
26
|
# Converts this version object to a string, where each of the three
|
27
27
|
# version components are joined by the '.' character. E.g., 2.0.0.
|
28
28
|
def to_s
|
29
29
|
@to_s ||= [@major, @minor, @tiny].join(".")
|
30
30
|
end
|
31
|
-
|
31
|
+
|
32
32
|
# Converts this version to a canonical integer that may be compared
|
33
33
|
# against other version objects.
|
34
34
|
def to_i
|
35
35
|
@to_i ||= @major * 1_000_000 + @minor * 1_000 + @tiny
|
36
36
|
end
|
37
|
-
|
37
|
+
|
38
38
|
def to_a
|
39
39
|
[@major, @minor, @tiny]
|
40
40
|
end
|
41
|
-
|
41
|
+
|
42
42
|
MAJOR = 1
|
43
43
|
MINOR = 0
|
44
|
-
TINY =
|
45
|
-
|
44
|
+
TINY = 8
|
45
|
+
|
46
46
|
# The current version as a Version instance
|
47
47
|
CURRENT = new(MAJOR, MINOR, TINY)
|
48
48
|
# The current version as a String
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authlogic-oauth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.8
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- John Allison
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
11
|
|
12
|
-
date: 2009-
|
12
|
+
date: 2009-08-02 00:00:00 -04:00
|
13
13
|
default_executable:
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|