authlogic_oauth2 1.0.2 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
data/README.rdoc
CHANGED
@@ -33,24 +33,19 @@ For information about how to set up and configure authlogic, please consult the
|
|
33
33
|
end
|
34
34
|
end
|
35
35
|
|
36
|
-
IMPORTANT: make sure that you allow null values for
|
36
|
+
IMPORTANT: make sure that you allow null values for crypted_password and password_salt if they aren't required for OAuth2 users.
|
37
37
|
|
38
|
-
=== 4.
|
38
|
+
=== 4. Configure your OAuth2 client in the UserSession model
|
39
39
|
|
40
|
-
The
|
41
|
-
|
42
|
-
The oauth2_scope method should return a string representing the extended permission you need to request from the OAuth2 provider.
|
40
|
+
The oauth2_client_id, oauth2_client_secret and oauth2_site configuration values must be specified so we can initialize the connection with your OAuth2 provider. The oauth2_scope value is optional, and is used to request extended permissions from your provider.
|
43
41
|
|
44
42
|
Here's an example for Facebook:
|
45
43
|
|
46
44
|
class UserSession < Authlogic::Session::Base
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
def self.oauth2_scope
|
52
|
-
'email,user_birthday'
|
53
|
-
end
|
45
|
+
oauth2_client_id "APPLICATION_ID"
|
46
|
+
oauth2_client_secret "APPLICATION_SECRET"
|
47
|
+
oauth2_site "https://graph.facebook.com"
|
48
|
+
oauth2_scope "email,user_birthday"
|
54
49
|
end
|
55
50
|
|
56
51
|
=== 5. Make sure you save your objects properly
|
@@ -97,9 +92,9 @@ If you followed these steps correctly, then you should be able to register and l
|
|
97
92
|
|
98
93
|
== Accessing API endpoints
|
99
94
|
|
100
|
-
You can easily access any API endpoints that are exposed to an OAuth2 user by utilizing the oauth2 gem's "get" method on current_user#
|
95
|
+
You can easily access any API endpoints that are exposed to an OAuth2 user by utilizing the oauth2 gem's "get" method on current_user#oauth2_access. For instance, you can access information about the currently logged in user's Facebook profile by doing the following:
|
101
96
|
|
102
|
-
current_user.
|
97
|
+
current_user.oauth2_access.get('/me')
|
103
98
|
|
104
99
|
This will return a JSON string representing the user's profile information.
|
105
100
|
|
@@ -111,7 +106,7 @@ You can pre-populate user information by using the after_oauth2_authentication h
|
|
111
106
|
...
|
112
107
|
|
113
108
|
def after_oauth2_authentication
|
114
|
-
json =
|
109
|
+
json = oauth2_access.get('/me')
|
115
110
|
|
116
111
|
if user_data = JSON.parse(json)
|
117
112
|
self.name = user_data['name']
|
data/authlogic_oauth2.gemspec
CHANGED
@@ -58,7 +58,7 @@ module AuthlogicOauth2
|
|
58
58
|
result
|
59
59
|
end
|
60
60
|
|
61
|
-
#
|
61
|
+
# Accessors for oauth2 fields
|
62
62
|
def oauth2_token
|
63
63
|
read_attribute(oauth2_token_field)
|
64
64
|
end
|
@@ -67,7 +67,8 @@ module AuthlogicOauth2
|
|
67
67
|
write_attribute(oauth2_token_field, value.blank? ? nil : value)
|
68
68
|
end
|
69
69
|
|
70
|
-
|
70
|
+
# Provides access to an API exposed on the access_token object
|
71
|
+
def oauth2_access
|
71
72
|
access_token
|
72
73
|
end
|
73
74
|
|
@@ -87,11 +88,13 @@ module AuthlogicOauth2
|
|
87
88
|
# Restore any attributes which were saved before redirecting to the oauth2 server
|
88
89
|
self.attributes = session_class.controller.session.delete(:authlogic_oauth2_attributes)
|
89
90
|
self.oauth2_token = generate_access_token.token
|
91
|
+
|
92
|
+
# Execute callback if it's defined in the user model
|
90
93
|
self.after_oauth2_authentication if self.respond_to?(:after_oauth2_authentication)
|
91
94
|
end
|
92
95
|
|
93
96
|
def access_token
|
94
|
-
OAuth2::AccessToken.new(
|
97
|
+
OAuth2::AccessToken.new(oauth2_client, read_attribute(oauth2_token_field))
|
95
98
|
end
|
96
99
|
|
97
100
|
def using_oauth2?
|
@@ -101,7 +104,8 @@ module AuthlogicOauth2
|
|
101
104
|
def validate_password_with_oauth2?
|
102
105
|
!using_oauth2? && require_password?
|
103
106
|
end
|
104
|
-
|
107
|
+
|
108
|
+
# Convenience methods for accessing configuration values
|
105
109
|
def oauth2_token_field
|
106
110
|
self.class.oauth2_token_field
|
107
111
|
end
|
@@ -18,7 +18,7 @@ module AuthlogicOauth2
|
|
18
18
|
end
|
19
19
|
|
20
20
|
def redirect_to_oauth2
|
21
|
-
authorize_url =
|
21
|
+
authorize_url = oauth2_client.web_server.authorize_url(:redirect_uri => build_callback_url, :scope => oauth2_scope)
|
22
22
|
|
23
23
|
# Store the class which is redirecting, so we can ensure other classes
|
24
24
|
# don't get confused and attempt to use the response
|
@@ -35,30 +35,41 @@ module AuthlogicOauth2
|
|
35
35
|
end
|
36
36
|
|
37
37
|
def generate_access_token
|
38
|
-
|
38
|
+
oauth2_client.web_server.get_access_token(oauth2_controller.params[:code], :redirect_uri => build_callback_url)
|
39
39
|
end
|
40
40
|
|
41
41
|
def oauth2_response
|
42
42
|
oauth2_controller.params && oauth2_controller.params[:code]
|
43
43
|
end
|
44
|
-
|
44
|
+
|
45
|
+
def oauth2_client
|
46
|
+
OAuth2::Client.new(oauth2_client_id, oauth2_client_secret, :site => oauth2_site)
|
47
|
+
end
|
48
|
+
|
49
|
+
# Convenience method for accessing the session controller
|
45
50
|
def oauth2_controller
|
46
51
|
is_auth_session? ? controller : session_class.controller
|
47
52
|
end
|
48
53
|
|
49
|
-
|
50
|
-
|
54
|
+
# Convenience methods for accessing session configuration values
|
55
|
+
def oauth2_client_id
|
56
|
+
is_auth_session? ? self.class.oauth2_client_id : session_class.oauth2_client_id
|
57
|
+
end
|
58
|
+
|
59
|
+
def oauth2_client_secret
|
60
|
+
is_auth_session? ? self.class.oauth2_client_secret : session_class.oauth2_client_secret
|
61
|
+
end
|
62
|
+
|
63
|
+
def oauth2_site
|
64
|
+
is_auth_session? ? self.class.oauth2_site : session_class.oauth2_site
|
51
65
|
end
|
52
66
|
|
53
67
|
def oauth2_scope
|
54
68
|
is_auth_session? ? self.class.oauth2_scope : session_class.oauth2_scope
|
55
|
-
rescue NoMethodError
|
56
|
-
nil
|
57
69
|
end
|
58
70
|
|
59
71
|
def is_auth_session?
|
60
72
|
self.is_a?(Authlogic::Session::Base)
|
61
73
|
end
|
62
|
-
|
63
74
|
end
|
64
75
|
end
|
@@ -16,6 +16,34 @@ module AuthlogicOauth2
|
|
16
16
|
rw_config(:find_by_oauth2_method, value, :find_by_oauth2_token)
|
17
17
|
end
|
18
18
|
alias_method :find_by_oauth2_method=, :find_by_oauth2_method
|
19
|
+
|
20
|
+
# * <tt>Default:</tt> ''
|
21
|
+
# * <tt>Accepts:</tt> String
|
22
|
+
def oauth2_client_id(value = nil)
|
23
|
+
rw_config(:oauth2_client_id, value, '')
|
24
|
+
end
|
25
|
+
alias_method :oauth2_client_id=, :oauth2_client_id
|
26
|
+
|
27
|
+
# * <tt>Default:</tt> ''
|
28
|
+
# * <tt>Accepts:</tt> String
|
29
|
+
def oauth2_client_secret(value = nil)
|
30
|
+
rw_config(:oauth2_client_secret, value, '')
|
31
|
+
end
|
32
|
+
alias_method :oauth2_client_secret=, :oauth2_client_secret
|
33
|
+
|
34
|
+
# * <tt>Default:</tt> ''
|
35
|
+
# * <tt>Accepts:</tt> String
|
36
|
+
def oauth2_site(value = nil)
|
37
|
+
rw_config(:oauth2_site, value, '')
|
38
|
+
end
|
39
|
+
alias_method :oauth2_site=, :oauth2_site
|
40
|
+
|
41
|
+
# * <tt>Default:</tt> ''
|
42
|
+
# * <tt>Accepts:</tt> String
|
43
|
+
def oauth2_scope(value = nil)
|
44
|
+
rw_config(:oauth2_scope, value, '')
|
45
|
+
end
|
46
|
+
alias_method :oauth2_scope=, :oauth2_scope
|
19
47
|
end
|
20
48
|
|
21
49
|
module Methods
|
@@ -67,9 +95,26 @@ module AuthlogicOauth2
|
|
67
95
|
end
|
68
96
|
end
|
69
97
|
|
98
|
+
# Convenience methods for accessing configuration values
|
70
99
|
def find_by_oauth2_method
|
71
100
|
self.class.find_by_oauth2_method
|
72
101
|
end
|
102
|
+
|
103
|
+
def oauth2_client_id
|
104
|
+
self.class.oauth2_client_id
|
105
|
+
end
|
106
|
+
|
107
|
+
def oauth2_client_secret
|
108
|
+
self.class.oauth2_client_secret
|
109
|
+
end
|
110
|
+
|
111
|
+
def oauth2_site
|
112
|
+
self.class.oauth2_site
|
113
|
+
end
|
114
|
+
|
115
|
+
def oauth2_scope
|
116
|
+
self.class.oauth2_scope
|
117
|
+
end
|
73
118
|
end
|
74
119
|
end
|
75
120
|
end
|