authlogic_oauth2 1.1.0 → 1.1.2
Sign up to get free protection for your applications and to get access to all the features.
- data/README.rdoc +4 -2
- data/authlogic_oauth2.gemspec +2 -2
- data/init.rb +1 -1
- data/lib/authlogic_oauth2.rb +3 -11
- data/lib/authlogic_oauth2/acts_as_authentic.rb +3 -1
- data/lib/authlogic_oauth2/oauth2_process.rb +4 -4
- data/lib/authlogic_oauth2/session.rb +2 -1
- data/lib/authlogic_oauth2/version.rb +1 -1
- metadata +4 -4
data/README.rdoc
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
= Authlogic OAuth2
|
2
2
|
|
3
|
-
This plugin
|
3
|
+
Disclaimer: This plugin CANNOT be used alongside other Authlogic extensions like authlogic_oauth and authlogic_openid due to an unfortunate bug caused by all these plugins overriding the ActiveRecord save method to avoid a DoubleRenderError.
|
4
4
|
|
5
5
|
== Install and use
|
6
6
|
|
@@ -45,8 +45,10 @@ Here's an example for Facebook:
|
|
45
45
|
oauth2_client_id "APPLICATION_ID"
|
46
46
|
oauth2_client_secret "APPLICATION_SECRET"
|
47
47
|
oauth2_site "https://graph.facebook.com"
|
48
|
-
oauth2_scope "email,user_birthday"
|
48
|
+
oauth2_scope "offline_access,email,user_birthday"
|
49
49
|
end
|
50
|
+
|
51
|
+
It's important to note here that if you don't request offline_access permissions from your OAuth2 provider the access token will expire either at a specific time or upon logout from the provider itself. Some providers allow refresh tokens to be issued, but some (Facebook, for example) does not. Refresh token handling hasn't been implemented in authlogic_oauth2 yet, so make sure you request offline_access.
|
50
52
|
|
51
53
|
=== 5. Make sure you save your objects properly
|
52
54
|
|
data/authlogic_oauth2.gemspec
CHANGED
@@ -2,11 +2,11 @@
|
|
2
2
|
|
3
3
|
Gem::Specification.new do |s|
|
4
4
|
s.name = %q{authlogic_oauth2}
|
5
|
-
s.version = "1.1.
|
5
|
+
s.version = "1.1.2"
|
6
6
|
|
7
7
|
s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
|
8
8
|
s.authors = ["Andrew Hite"]
|
9
|
-
s.date = %q{2010-06-
|
9
|
+
s.date = %q{2010-06-20}
|
10
10
|
s.description = %q{Authlogic OAuth2 is an extension of the Authlogic library to add OAuth2 support. OAuth2 can be used to allow users to login with their Facebook credentials.}
|
11
11
|
s.email = %q{andrew@andrew-hite.com}
|
12
12
|
s.extra_rdoc_files = ["README.rdoc", "lib/authlogic_oauth2.rb", "lib/authlogic_oauth2/acts_as_authentic.rb", "lib/authlogic_oauth2/helper.rb", "lib/authlogic_oauth2/oauth2_process.rb", "lib/authlogic_oauth2/session.rb", "lib/authlogic_oauth2/version.rb", "lib/oauth2_callback_filter.rb"]
|
data/init.rb
CHANGED
@@ -1 +1 @@
|
|
1
|
-
File.dirname(__FILE__) + "/rails/init.rb"
|
1
|
+
require File.dirname(__FILE__) + "/rails/init.rb"
|
data/lib/authlogic_oauth2.rb
CHANGED
@@ -11,15 +11,7 @@ ActionController::Base.helper AuthlogicOauth2::Helper
|
|
11
11
|
|
12
12
|
# Throw callback rack app into the middleware stack
|
13
13
|
if defined?(ActionController::Metal)
|
14
|
-
# Rails >= 3.0
|
15
|
-
|
16
|
-
|
17
|
-
Rails.application.instance_variable_set('@app', Oauth2CallbackFilter.new(Rails.application.app))
|
18
|
-
else
|
19
|
-
Rails.configuration.middleware.use(Oauth2CallbackFilter)
|
20
|
-
end
|
21
|
-
elsif defined?(ActionController::Dispatcher) && defined?(ActionController::Dispatcher.middleware)
|
22
|
-
# Rails >= 2.3
|
23
|
-
require 'oauth2_callback_filter'
|
24
|
-
ActionController::Dispatcher.middleware.use(Oauth2CallbackFilter)
|
14
|
+
Rails.configuration.middleware.use(Oauth2CallbackFilter) # Rails >= 3.0
|
15
|
+
else
|
16
|
+
ActionController::Dispatcher.middleware.use(Oauth2CallbackFilter) # Rails < 3.0
|
25
17
|
end
|
@@ -1,3 +1,5 @@
|
|
1
|
+
require 'authlogic'
|
2
|
+
|
1
3
|
module AuthlogicOauth2
|
2
4
|
module ActsAsAuthentic
|
3
5
|
def self.included(klass)
|
@@ -87,7 +89,7 @@ module AuthlogicOauth2
|
|
87
89
|
def authenticate_with_oauth2
|
88
90
|
# Restore any attributes which were saved before redirecting to the oauth2 server
|
89
91
|
self.attributes = session_class.controller.session.delete(:authlogic_oauth2_attributes)
|
90
|
-
self.oauth2_token =
|
92
|
+
self.oauth2_token = generate_oauth2_access_token.token
|
91
93
|
|
92
94
|
# Execute callback if it's defined in the user model
|
93
95
|
self.after_oauth2_authentication if self.respond_to?(:after_oauth2_authentication)
|
@@ -18,7 +18,7 @@ module AuthlogicOauth2
|
|
18
18
|
end
|
19
19
|
|
20
20
|
def redirect_to_oauth2
|
21
|
-
authorize_url = oauth2_client.web_server.authorize_url(:redirect_uri =>
|
21
|
+
authorize_url = oauth2_client.web_server.authorize_url(:redirect_uri => build_oauth2_callback_url, :scope => oauth2_scope)
|
22
22
|
|
23
23
|
# Store the class which is redirecting, so we can ensure other classes
|
24
24
|
# don't get confused and attempt to use the response
|
@@ -30,12 +30,12 @@ module AuthlogicOauth2
|
|
30
30
|
oauth2_controller.redirect_to authorize_url
|
31
31
|
end
|
32
32
|
|
33
|
-
def
|
33
|
+
def build_oauth2_callback_url
|
34
34
|
oauth2_controller.url_for :controller => oauth2_controller.controller_name, :action => oauth2_controller.action_name
|
35
35
|
end
|
36
36
|
|
37
|
-
def
|
38
|
-
oauth2_client.web_server.get_access_token(oauth2_controller.params[:code], :redirect_uri =>
|
37
|
+
def generate_oauth2_access_token
|
38
|
+
oauth2_client.web_server.get_access_token(oauth2_controller.params[:code], :redirect_uri => build_oauth2_callback_url)
|
39
39
|
end
|
40
40
|
|
41
41
|
def oauth2_response
|
@@ -77,6 +77,7 @@ module AuthlogicOauth2
|
|
77
77
|
private
|
78
78
|
|
79
79
|
def authenticating_with_oauth2?
|
80
|
+
return false if authenticating_with_unauthorized_record?
|
80
81
|
# Initial request when user presses one of the button helpers
|
81
82
|
(controller.params && !controller.params[:login_with_oauth2].blank?) ||
|
82
83
|
# When the oauth2 provider responds and we made the initial request
|
@@ -87,7 +88,7 @@ module AuthlogicOauth2
|
|
87
88
|
if @record
|
88
89
|
self.attempted_record = record
|
89
90
|
else
|
90
|
-
self.attempted_record = search_for_record(find_by_oauth2_method,
|
91
|
+
self.attempted_record = search_for_record(find_by_oauth2_method, generate_oauth2_access_token.token)
|
91
92
|
end
|
92
93
|
|
93
94
|
if !attempted_record
|
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: authlogic_oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 23
|
5
5
|
prerelease: false
|
6
6
|
segments:
|
7
7
|
- 1
|
8
8
|
- 1
|
9
|
-
-
|
10
|
-
version: 1.1.
|
9
|
+
- 2
|
10
|
+
version: 1.1.2
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Andrew Hite
|
@@ -15,7 +15,7 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2010-06-
|
18
|
+
date: 2010-06-20 00:00:00 -05:00
|
19
19
|
default_executable:
|
20
20
|
dependencies:
|
21
21
|
- !ruby/object:Gem::Dependency
|