authlogic_oauth2 1.0.1

data/Manifest

@@ -0,0 +1,13 @@
+Manifest
+README.rdoc
+Rakefile
+authlogic_oauth2.gemspec
+init.rb
+lib/authlogic_oauth2.rb
+lib/authlogic_oauth2/acts_as_authentic.rb
+lib/authlogic_oauth2/helper.rb
+lib/authlogic_oauth2/oauth2_process.rb
+lib/authlogic_oauth2/session.rb
+lib/authlogic_oauth2/version.rb
+lib/oauth2_callback_filter.rb
+rails/init.rb

data/README.rdoc

@@ -0,0 +1,123 @@
+= Authlogic OAuth2
+
+This plugin works very much like jrallison's authlogic_oauth gem (http://github.com/jrallison/authlogic_oauth), and much of the code is repurposed from his work. If you have used authlogic_oauth before, then you should have no problem using authlogic_oauth2.
+
+== Install and use
+
+=== 1. Install the authlogic and oauth2 gems
+
+  config.gem "authlogic"
+  config.gem "oauth2"
+  config.gem "authlogic_oauth2"
+
+  $ sudo rake gems:install
+
+For older version of Rails, you can install authlogic_oauth2 as a plugin:
+
+  $ script/plugin install git://github.com/andyhite/authlogic_oauth2.git
+
+=== 2. Set up and configure authlogic
+
+For information about how to set up and configure authlogic, please consult the authlogic README (http://github.com/binarylogic/authlogic)
+
+=== 3. Add the necessary fields to your authlogic users table
+
+  class AddOauth2FieldsToUser < ActiveRecord::Migration
+    def self.up
+      add_column :users, :oauth2_token, :string
+      add_index :users, :oauth2_token
+    end
+    
+    def self.down
+      remove_column :users, :oauth2_token
+    end
+  end
+  
+IMPORTANT: make sure that you allow null values for email, crypted_password, and password_salt if they aren't required for OAuth2 users.
+  
+=== 4. Define the oauth2_client and oauth2_scope class methods in your UserSession model
+
+The oauth2_client method should return an OAuth2::Client that is configured for your OAuth2 provider.
+
+The oauth2_scope method should return a string representing the extended permission you need to request from the OAuth2 provider.
+
+Here's an example for Facebook:
+
+  class UserSession < Authlogic::Session::Base
+    def self.oauth2_client
+      OAuth2::Client.new("CLIENT_ID", "SECRET_KEY", :site => "https://graph.facebook.com")
+    end
+    
+    def self.oauth2_scope
+      'email,user_birthday'
+    end
+  end
+  
+=== 5. Make sure you save your objects properly
+
+We need to redirect the user to their oauth2 provider so they can authenticate and then pick things back up when they're returned, so any calls to User#save or UserSession#save need to be updated to the following format:
+
+  @user.save do |result|
+    if result
+      # Do something
+    else
+      # Do something else
+    end
+  end
+  
+and
+
+  @user_session.save do |result|
+    if result
+      # Do something
+    else
+      # Do something else
+    end
+  end
+  
+=== 6. Add the login and register buttons to their respective forms
+
+In file app/views/user_sessions/new.html.erb:
+
+  <% form_for @user_session, :url => user_session_path do |f| %>
+    # All your other form stuff goes here, if you need it.
+    <%= oauth2_login_button :value => "Login using Facebook" %>
+  <% end %>
+  
+In file app/views/users/new.html.erb:
+  
+  <% form_for @user, :url => account_path do |f| %>
+    # All your other form stuff goes here, if you need it.
+    <%= oauth2_register_button :value => "Register using Facebook" %>
+  <% end %>
+  
+=== 7. There is no step 7
+
+If you followed these steps correctly, then you should be able to register and login using OAuth2.
+
+== Accessing API endpoints
+
+You can easily access any API endpoints that are exposed to an OAuth2 user by utilizing the oauth2 gem's "get" method on current_user#oauth2_client. For instance, you can access information about the currently logged in user's Facebook profile by doing the following:
+
+  current_user.oauth2_client.get('/me')
+  
+This will return a JSON string representing the user's profile information.
+
+You can pre-populate user information by using the after_oauth2_authentication hook in your user model:
+
+  require 'json'
+  
+  class User < ActiveRecord::Base
+    ...
+  
+    def after_oauth2_authentication
+      json = oauth2_client.get('/me')
+
+      if user_data = JSON.parse(json)
+        self.name = user_data['name']
+        self.facebook_uid = user_data['id']
+      end
+    end
+  end
+
+You can get more information about the Facebook Graph API on the following website: http://developers.facebook.com/docs/api

data/Rakefile

@@ -0,0 +1,14 @@
+require 'rubygems'  
+require 'rake'  
+require 'echoe'
+require File.dirname(__FILE__) + "/lib/authlogic_oauth2/version"
+  
+Echoe.new('authlogic_oauth2', AuthlogicOauth2::Version::STRING) do |p|  
+  p.description     = "Authlogic OAuth2 is an extension of the Authlogic library to add OAuth2 support. OAuth2 can be used to allow users to login with their Facebook credentials."  
+  p.url             = "http://github.com/andyhite/authlogic_oauth2"  
+  p.author          = "Andrew Hite"  
+  p.email           = "andrew@andrew-hite.com"
+  p.runtime_dependencies = ['authlogic', 'oauth2']
+end  
+  
+Dir["#{File.dirname(__FILE__)}/tasks/*.rake"].sort.each { |ext| load ext }

data/authlogic_oauth2.gemspec

@@ -0,0 +1,36 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{authlogic_oauth2}
+  s.version = "1.0.1"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Andrew Hite"]
+  s.date = %q{2010-06-13}
+  s.description = %q{Authlogic OAuth2 is an extension of the Authlogic library to add OAuth2 support. OAuth2 can be used to allow users to login with their Facebook credentials.}
+  s.email = %q{andrew@andrew-hite.com}
+  s.extra_rdoc_files = ["README.rdoc", "lib/authlogic_oauth2.rb", "lib/authlogic_oauth2/acts_as_authentic.rb", "lib/authlogic_oauth2/helper.rb", "lib/authlogic_oauth2/oauth2_process.rb", "lib/authlogic_oauth2/session.rb", "lib/authlogic_oauth2/version.rb", "lib/oauth2_callback_filter.rb"]
+  s.files = ["Manifest", "README.rdoc", "Rakefile", "authlogic_oauth2.gemspec", "init.rb", "lib/authlogic_oauth2.rb", "lib/authlogic_oauth2/acts_as_authentic.rb", "lib/authlogic_oauth2/helper.rb", "lib/authlogic_oauth2/oauth2_process.rb", "lib/authlogic_oauth2/session.rb", "lib/authlogic_oauth2/version.rb", "lib/oauth2_callback_filter.rb", "rails/init.rb"]
+  s.homepage = %q{http://github.com/andyhite/authlogic_oauth2}
+  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Authlogic_oauth2", "--main", "README.rdoc"]
+  s.require_paths = ["lib"]
+  s.rubyforge_project = %q{authlogic_oauth2}
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{Authlogic OAuth2 is an extension of the Authlogic library to add OAuth2 support. OAuth2 can be used to allow users to login with their Facebook credentials.}
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<authlogic>, [">= 0"])
+      s.add_runtime_dependency(%q<oauth2>, [">= 0"])
+    else
+      s.add_dependency(%q<authlogic>, [">= 0"])
+      s.add_dependency(%q<oauth2>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<authlogic>, [">= 0"])
+    s.add_dependency(%q<oauth2>, [">= 0"])
+  end
+end

data/init.rb

@@ -0,0 +1 @@
+File.dirname(__FILE__) + "/rails/init.rb"

data/lib/authlogic_oauth2/acts_as_authentic.rb

@@ -0,0 +1,110 @@
+module AuthlogicOauth2
+  module ActsAsAuthentic
+    def self.included(klass)
+      klass.class_eval do
+        extend Config
+        add_acts_as_authentic_module(Methods, :prepend)
+      end
+    end
+
+    module Config
+      # The name of the oauth2 token field in the database.
+      #
+      # * <tt>Default:</tt> :oauth2_token
+      # * <tt>Accepts:</tt> Symbol
+      def oauth2_token_field(value = nil)
+        rw_config(:oauth2_token_field, value, :oauth2_token)
+      end
+      alias_method :oauth2_token_field=, :oauth2_token_field
+    end
+
+    module Methods
+      include Oauth2Process
+
+      # Set up some simple validations
+      def self.included(klass)
+        klass.class_eval do
+          alias_method "#{oauth2_token_field.to_s}=".to_sym, :oauth2_token=
+        end
+
+        return if !klass.column_names.include?(klass.oauth2_token_field.to_s)
+
+        klass.class_eval do
+          validate :validate_by_oauth2, :if => :authenticating_with_oauth2?
+
+          validates_uniqueness_of klass.oauth2_token_field, :scope => validations_scope, :if => :using_oauth2?
+
+          validates_length_of_password_field_options validates_length_of_password_field_options.merge(:if => :validate_password_with_oauth2?)
+          validates_confirmation_of_password_field_options validates_confirmation_of_password_field_options.merge(:if => :validate_password_with_oauth2?)
+          validates_length_of_password_confirmation_field_options validates_length_of_password_confirmation_field_options.merge(:if => :validate_password_with_oauth2?)
+          validates_length_of_login_field_options validates_length_of_login_field_options.merge(:if => :validate_password_with_oauth2?)
+          validates_format_of_login_field_options validates_format_of_login_field_options.merge(:if => :validate_password_with_oauth2?)
+        end
+
+        # email needs to be optional for oauth2
+        klass.validate_email_field = false
+      end
+
+      def save(perform_validation = true, &block)
+        if perform_validation && block_given? && redirecting_to_oauth2_server?
+          # Save attributes so they aren't lost during the authentication with the oauth2 server
+          session_class.controller.session[:authlogic_oauth2_attributes] = attributes.reject!{|k, v| v.blank?}
+          redirect_to_oauth2
+          return false
+        end
+
+        result = super
+        yield(result) if block_given?
+        result
+      end
+
+      # accessors for oauth2 fields
+      def oauth2_token
+        read_attribute(oauth2_token_field)
+      end
+      
+      def oauth2_token=(value)
+        write_attribute(oauth2_token_field, value.blank? ? nil : value)
+      end
+      
+      def oauth2_client
+        access_token
+      end
+
+    private
+
+      def authenticating_with_oauth2?
+        # Controller isn't available in all contexts (e.g. irb)
+        return false unless session_class.controller
+        
+        # Initial request when user presses one of the button helpers
+        (session_class.controller.params && !session_class.controller.params[:register_with_oauth2].blank?) ||
+        # When the oauth2 provider responds and we made the initial request
+        (oauth2_response && session_class.controller.session && session_class.controller.session[:oauth2_request_class] == self.class.name)
+      end
+
+      def authenticate_with_oauth2
+        # Restore any attributes which were saved before redirecting to the oauth2 server
+        self.attributes = session_class.controller.session.delete(:authlogic_oauth2_attributes)
+        self.oauth2_token = generate_access_token.token
+        self.after_oauth2_authentication if self.respond_to?(:after_oauth2_authentication)
+      end
+
+      def access_token
+        OAuth2::AccessToken.new(oauth2, read_attribute(oauth2_token_field))
+      end
+
+      def using_oauth2?
+        respond_to?(oauth2_token_field) && !oauth2_token.blank?
+      end
+
+      def validate_password_with_oauth2?
+        !using_oauth2? && require_password?
+      end
+
+      def oauth2_token_field
+        self.class.oauth2_token_field
+      end
+    end
+  end
+end

data/lib/authlogic_oauth2/helper.rb

@@ -0,0 +1,16 @@
+module AuthlogicOauth2
+  module Helper
+    def oauth2_register_button(options = {})
+      oauth2_button('register_with_oauth2', options)
+    end
+    
+    def oauth2_login_button(options = {})
+      oauth2_button('login_with_oauth2', options)
+    end
+  
+  private
+    def oauth2_button(name, options = {})
+      "<input type='submit' value='#{options[:value]}' name='#{name}' id='user_submit' class='#{options[:class]}'/>"
+    end
+  end
+end

data/lib/authlogic_oauth2/oauth2_process.rb

@@ -0,0 +1,64 @@
+module AuthlogicOauth2
+  module Oauth2Process
+
+  private
+
+    def validate_by_oauth2
+      validate_email_field = false
+
+      if oauth2_response.blank?
+        redirect_to_oauth2
+      else
+        authenticate_with_oauth2
+      end
+    end
+
+    def redirecting_to_oauth2_server?
+      authenticating_with_oauth2? && oauth2_response.blank?
+    end
+
+    def redirect_to_oauth2
+      authorize_url = oauth2.web_server.authorize_url(:redirect_uri => build_callback_url, :scope => oauth2_scope)
+
+      # Store the class which is redirecting, so we can ensure other classes
+      # don't get confused and attempt to use the response
+      oauth2_controller.session[:oauth2_request_class] = self.class.name
+
+      # Tell our rack callback filter what method the current request is using
+      oauth2_controller.session[:oauth2_callback_method] = oauth2_controller.request.method
+
+      oauth2_controller.redirect_to authorize_url
+    end
+
+    def build_callback_url
+      oauth2_controller.url_for :controller => oauth2_controller.controller_name, :action => oauth2_controller.action_name
+    end
+
+    def generate_access_token
+      oauth2.web_server.get_access_token(oauth2_controller.params[:code], :redirect_uri => build_callback_url)
+    end
+
+    def oauth2_response
+      oauth2_controller.params && oauth2_controller.params[:code]
+    end
+
+    def oauth2_controller
+      is_auth_session? ? controller : session_class.controller
+    end
+
+    def oauth2
+      is_auth_session? ? self.class.oauth2_client : session_class.oauth2_client
+    end
+    
+    def oauth2_scope
+      is_auth_session? ? self.class.oauth2_scope : session_class.oauth2_scope
+    rescue NoMethodError
+      nil
+    end
+
+    def is_auth_session?
+      self.is_a?(Authlogic::Session::Base)
+    end
+
+  end
+end

data/lib/authlogic_oauth2/session.rb

@@ -0,0 +1,75 @@
+module AuthlogicOauth2
+  # This module is responsible for adding oauth2
+  # to the Authlogic::Session::Base class.
+  module Session
+    def self.included(klass)
+      klass.class_eval do
+        extend Config
+        include Methods
+      end
+    end
+
+    module Config
+      # * <tt>Default:</tt> :find_by_oauth2_token
+      # * <tt>Accepts:</tt> Symbol
+      def find_by_oauth2_method(value = nil)
+        rw_config(:find_by_oauth2_method, value, :find_by_oauth2_token)
+      end
+      alias_method :find_by_oauth2_method=, :find_by_oauth2_method
+    end
+
+    module Methods
+      include Oauth2Process
+
+      def self.included(klass)
+        klass.class_eval do
+          validate :validate_by_oauth2, :if => :authenticating_with_oauth2?
+        end
+      end
+
+      # Hooks into credentials so that you can pass a user who has already has an oauth2 access token.
+      def credentials=(value)
+        super
+        values = value.is_a?(Array) ? value : [value]
+        hash = values.first.is_a?(Hash) ? values.first.with_indifferent_access : nil
+        self.record = hash[:priority_record] if !hash.nil? && hash.key?(:priority_record)
+      end
+
+      def record=(record)
+        @record = record
+      end
+
+      # Clears out the block if we are authenticating with oauth2,
+      # so that we can redirect without a DoubleRender error.
+      def save(&block)
+        block = nil if redirecting_to_oauth2_server?
+        super(&block)
+      end
+
+    private
+
+      def authenticating_with_oauth2?
+        # Initial request when user presses one of the button helpers
+        (controller.params && !controller.params[:login_with_oauth2].blank?) ||
+        # When the oauth2 provider responds and we made the initial request
+        (oauth2_response && controller.session && controller.session[:oauth2_request_class] == self.class.name)
+      end
+
+      def authenticate_with_oauth2
+        if @record
+          self.attempted_record = record
+        else
+          self.attempted_record = search_for_record(find_by_oauth2_method, generate_access_token.token)
+        end
+
+        if !attempted_record
+          errors.add_to_base("Could not find user in our database, have you registered with your Oauth2 account?")
+        end
+      end
+
+      def find_by_oauth2_method
+        self.class.find_by_oauth2_method
+      end
+    end
+  end
+end

data/lib/authlogic_oauth2/version.rb

@@ -0,0 +1,51 @@
+module AuthlogicOauth2
+  # A class for describing the current version of a library. The version
+  # consists of three parts: the +major+ number, the +minor+ number, and the
+  # +tiny+ (or +patch+) number.
+  class Version
+    include Comparable
+
+    # A convenience method for instantiating a new Version instance with the
+    # given +major+, +minor+, and +tiny+ components.
+    def self.[](major, minor, tiny)
+      new(major, minor, tiny)
+    end
+
+    attr_reader :major, :minor, :tiny
+
+    # Create a new Version object with the given components.
+    def initialize(major, minor, tiny)
+      @major, @minor, @tiny = major, minor, tiny
+    end
+
+    # Compare this version to the given +version+ object.
+    def <=>(version)
+      to_i <=> version.to_i
+    end
+
+    # Converts this version object to a string, where each of the three
+    # version components are joined by the '.' character. E.g., 2.0.0.
+    def to_s
+      @to_s ||= [@major, @minor, @tiny].join(".")
+    end
+
+    # Converts this version to a canonical integer that may be compared
+    # against other version objects.
+    def to_i
+      @to_i ||= @major * 1_000_000 + @minor * 1_000 + @tiny
+    end
+
+    def to_a
+      [@major, @minor, @tiny]
+    end
+
+    MAJOR = 1
+    MINOR = 0
+    TINY  = 1
+
+    # The current version as a Version instance
+    CURRENT = new(MAJOR, MINOR, TINY)
+    # The current version as a String
+    STRING = CURRENT.to_s
+  end
+end

data/lib/authlogic_oauth2.rb

@@ -0,0 +1,18 @@
+require File.dirname(__FILE__) + "/authlogic_oauth2/version"
+require File.dirname(__FILE__) + "/authlogic_oauth2/oauth2_process"
+require File.dirname(__FILE__) + "/authlogic_oauth2/acts_as_authentic"
+require File.dirname(__FILE__) + "/authlogic_oauth2/session"
+require File.dirname(__FILE__) + "/authlogic_oauth2/helper"
+require File.dirname(__FILE__) + "/oauth2_callback_filter"
+
+ActiveRecord::Base.send(:include, AuthlogicOauth2::ActsAsAuthentic)
+Authlogic::Session::Base.send(:include, AuthlogicOauth2::Session)
+ActionController::Base.helper AuthlogicOauth2::Helper
+
+# Throw callback rack app into the middleware stack
+ActionController::Dispatcher.middleware = ActionController::MiddlewareStack.new do |m|
+  ActionController::Dispatcher.middleware.each do |klass|
+    m.use klass
+  end
+  m.use Oauth2CallbackFilter
+end

data/lib/oauth2_callback_filter.rb

@@ -0,0 +1,12 @@
+class Oauth2CallbackFilter
+  def initialize(app)
+    @app = app
+  end
+  
+  def call(env)
+    unless env["rack.session"][:oauth2_callback_method].blank?
+      env["REQUEST_METHOD"] = env["rack.session"].delete(:oauth2_callback_method).to_s.upcase
+    end
+    @app.call(env)
+  end
+end

data/rails/init.rb

@@ -0,0 +1 @@
+require "authlogic_oauth2"

metadata

@@ -0,0 +1,119 @@
+--- !ruby/object:Gem::Specification 
+name: authlogic_oauth2
+version: !ruby/object:Gem::Version 
+  hash: 21
+  prerelease: false
+  segments: 
+  - 1
+  - 0
+  - 1
+  version: 1.0.1
+platform: ruby
+authors: 
+- Andrew Hite
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2010-06-13 00:00:00 -05:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: authlogic
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: oauth2
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id002
+description: Authlogic OAuth2 is an extension of the Authlogic library to add OAuth2 support. OAuth2 can be used to allow users to login with their Facebook credentials.
+email: andrew@andrew-hite.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.rdoc
+- lib/authlogic_oauth2.rb
+- lib/authlogic_oauth2/acts_as_authentic.rb
+- lib/authlogic_oauth2/helper.rb
+- lib/authlogic_oauth2/oauth2_process.rb
+- lib/authlogic_oauth2/session.rb
+- lib/authlogic_oauth2/version.rb
+- lib/oauth2_callback_filter.rb
+files: 
+- Manifest
+- README.rdoc
+- Rakefile
+- authlogic_oauth2.gemspec
+- init.rb
+- lib/authlogic_oauth2.rb
+- lib/authlogic_oauth2/acts_as_authentic.rb
+- lib/authlogic_oauth2/helper.rb
+- lib/authlogic_oauth2/oauth2_process.rb
+- lib/authlogic_oauth2/session.rb
+- lib/authlogic_oauth2/version.rb
+- lib/oauth2_callback_filter.rb
+- rails/init.rb
+has_rdoc: true
+homepage: http://github.com/andyhite/authlogic_oauth2
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --line-numbers
+- --inline-source
+- --title
+- Authlogic_oauth2
+- --main
+- README.rdoc
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 11
+      segments: 
+      - 1
+      - 2
+      version: "1.2"
+requirements: []
+
+rubyforge_project: authlogic_oauth2
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: Authlogic OAuth2 is an extension of the Authlogic library to add OAuth2 support. OAuth2 can be used to allow users to login with their Facebook credentials.
+test_files: []
+