authorizme 0.0.1.alpha

data/.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/.rspec

@@ -0,0 +1 @@
+--color

data/.rvmrc

@@ -0,0 +1,81 @@
+#!/usr/bin/env bash
+
+# This is an RVM Project .rvmrc file, used to automatically load the ruby
+# development environment upon cd'ing into the directory
+
+# First we specify our desired <ruby>[@<gemset>], the @gemset name is optional.
+environment_id="ruby-1.9.3-p125@rails32"
+
+#
+# Uncomment the following lines if you want to verify rvm version per project
+#
+# rvmrc_rvm_version="1.10.2" # 1.10.1 seams as a safe start
+# eval "$(echo ${rvm_version}.${rvmrc_rvm_version} | awk -F. '{print "[[ "$1*65536+$2*256+$3" -ge "$4*65536+$5*256+$6" ]]"}' )" || {
+#   echo "This .rvmrc file requires at least RVM ${rvmrc_rvm_version}, aborting loading."
+#   return 1
+# }
+#
+
+#
+# Uncomment following line if you want options to be set only for given project.
+#
+# PROJECT_JRUBY_OPTS=( --1.9 )
+#
+# The variable PROJECT_JRUBY_OPTS requires the following to be run in shell:
+#
+#    chmod +x ${rvm_path}/hooks/after_use_jruby_opts
+#
+
+#
+# First we attempt to load the desired environment directly from the environment
+# file. This is very fast and efficient compared to running through the entire
+# CLI and selector. If you want feedback on which environment was used then
+# insert the word 'use' after --create as this triggers verbose mode.
+#
+if [[ -d "${rvm_path:-$HOME/.rvm}/environments" \
+  && -s "${rvm_path:-$HOME/.rvm}/environments/$environment_id" ]]
+then
+  \. "${rvm_path:-$HOME/.rvm}/environments/$environment_id"
+
+  if [[ -s "${rvm_path:-$HOME/.rvm}/hooks/after_use" ]]
+  then
+    . "${rvm_path:-$HOME/.rvm}/hooks/after_use"
+  fi
+else
+  # If the environment file has not yet been created, use the RVM CLI to select.
+  if ! rvm --create use  "$environment_id"
+  then
+    echo "Failed to create RVM environment '${environment_id}'."
+    return 1
+  fi
+fi
+
+#
+# If you use an RVM gemset file to install a list of gems (*.gems), you can have
+# it be automatically loaded. Uncomment the following and adjust the filename if
+# necessary.
+#
+# filename=".gems"
+# if [[ -s "$filename" ]]
+# then
+#   rvm gemset import "$filename" | grep -v already | grep -v listed | grep -v complete | sed '/^$/d'
+# fi
+
+# If you use bundler, this might be useful to you:
+# if [[ -s Gemfile ]] && ! command -v bundle >/dev/null
+# then
+#   printf "%b" "The rubygem 'bundler' is not installed. Installing it now.\n"
+#   gem install bundler
+# fi
+# if [[ -s Gemfile ]] && command -v bundle
+# then
+#   bundle install
+# fi
+
+if [[ $- == *i* ]] # check for interactive shells
+then
+    echo "Using: $(tput setaf 2)$GEM_HOME$(tput sgr0)" # show the user the ruby and gemset they are using in green
+else 
+	echo "Using: $GEM_HOME" # don't use colors in interactive shells
+fi
+

data/CHANGELOG.md

@@ -0,0 +1,21 @@
+## 0.0.1
+
+* Initial release
+
+### Features & Enhancements
+
+* Basic authentication
+* Twitter.com authentication
+* Draugiem.lv authentication
+* Facebook.com authentication
+
+### Bug Fixes
+
+### Test Suite
+
+* RSpec
+
+### Contributors
+
+* Arturs Braucs
+* Creative Mobile

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in authorizme.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,7 @@
+Copyright (C) 2012 Creative Mobile
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,39 @@
+# Authorizme
+
+Simple authorization plugin for Ruby on Rails applications that by default includes basic authorization and 3 provider authorization with Latvia social network draugiem.lv, facebook.com and twitter.com.
+
+## Installation
+
+Add to your Gemfile and run the `bundle` command to install it.
+
+```ruby
+gem "authorizme"
+```
+
+Run authorizme install generator from your app folder
+
+```ruby
+rails g authorizme:install
+```
+
+That will install:
+
+* config file `authorizme.rb` in to `config/initializers`
+* `User` model with `acts_as_authorizme` method
+* migrations for authorizme
+
+Then migrate your database `rake db:migrate`
+
+**Requires Ruby 1.9.2 or later and Rails 3.2.1 or later.**
+
+## Usage
+
+### Getting started
+
+### Advanced usage
+
+## Development
+
+Questions or problems? Please post them on the [issue tracker](https://github.com/CreativeMobile/authorizme/issues). You can contribute changes by forking the project and submitting a pull request. You can ensure the tests passing by running `bundle` and `rake`.
+
+This gem is created by Arturs Braucs @ Creative Mobile and is under the MIT License.

data/Rakefile

@@ -0,0 +1,7 @@
+require "bundler/gem_tasks"
+
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/app/controllers/authorizme/authorizme_controller.rb

@@ -0,0 +1,37 @@
+module Authorizme
+  class AuthorizmeController < ::ApplicationController
+    respond_to :html, :json, :xml
+
+    def index
+    end
+
+    protected
+
+      def login user
+      	session[:user_id] = user.id
+      end
+  
+      def logout
+      	session[:user_id] = nil
+        if Authorizme::remote
+          respond_with_status "logged_out"
+        else
+          redirect_to Authorizme::after_logout_path
+        end
+      end
+      
+      def respond_with_status status_name, attributes = nil
+        status = {status: status_name}
+        status = status.merge(attributes) if attributes
+        respond_with status
+      end
+      
+      def redirect_uri provider
+        if Rails.env.development?
+          redirect_url = "http://127.0.0.1:3000/authorizme/login/twitter/callback.json"
+        else
+          "http://#{request.host}/#{Authorizme::namespace}/login/#{provider}/callback"
+        end
+      end
+  end
+end

data/app/controllers/authorizme/login/draugiem_controller.rb

@@ -0,0 +1,37 @@
+module Authorizme
+  module Login
+    class DraugiemController < AuthorizmeController
+      before_filter :set_draugiem
+
+      def auth
+        redirect_to @draugiem.login_url
+      end
+
+      def callback
+        json = @draugiem.authorize params[:dr_auth_status], params[:dr_auth_code]
+        if params[:dr_auth_status] == "ok" && json["users"]
+          user_json = json["users"][json["uid"]]
+          attributes = {first_name: user_json["name"], last_name: user_json["surname"], image_url: user_json["img"]}
+          user = User.authenticate_with_draugiem(json["uid"], attributes, json["apikey"]) 
+          login user
+          respond_with_status "logged_in", user: user
+        else
+          respond_with_status "error_in_loggin"
+        end
+      end
+
+      private
+
+        def set_draugiem
+          options = {
+            draugiem_app_id: Authorizme::draugiem_app_id,
+            draugiem_app_key: Authorizme::draugiem_app_key,
+            draugiem_api_path: Authorizme::draugiem_api_path,
+            draugiem_api_authorize_path: Authorizme::draugiem_api_authorize_path,
+            redirect_url: redirect_uri("draugiem")       
+          }
+          @draugiem = Authorizme::Provider::Draugiem.new(options)
+        end
+    end
+  end
+end

data/app/controllers/authorizme/login/facebook_controller.rb

@@ -0,0 +1,29 @@
+module Authorizme
+  module Login
+    class FacebookController < AuthorizmeController
+      
+      def auth
+        redirect_to client.authorization.authorize_url(:redirect_uri => redirect_uri("facebook"), 
+                                                      :scope => Authorizme::facebook_perms, 
+                                                      :display => "popup")
+      end
+
+      def callback
+        access_token = client.authorization.process_callback(params[:code], :redirect_uri => redirect_uri("facebook"))
+        user_json = client.selection.me.info!
+        image_url = "https://graph.facebook.com/#{user_json.id}/picture?type=large"
+        attributes = {first_name: user_json.first_name, last_name: user_json.last_name, image_url: image_url}
+        user = User.authenticate_with_facebook(user_json.id, attributes, access_token) 
+        login user
+        respond_with_status "logged_in", user: user
+      end
+      
+      private
+      
+        def client
+            @client ||= FBGraph::Client.new(:client_id => Authorizme::facebook_client_id,
+                                           :secret_id => Authorizme::facebook_client_secret)
+        end
+    end
+  end
+end

data/app/controllers/authorizme/login/twitter_controller.rb

@@ -0,0 +1,62 @@
+module Authorizme
+  module Login
+    class TwitterController < AuthorizmeController
+
+      def auth
+        client = oauth_client
+        request_token = client.authentication_request_token(:oauth_callback => redirect_uri("twitter"))
+        session[:twitter_request_token] = request_token.token
+        session[:twitter_request_secret] = request_token.secret
+        redirect_to request_token.authorize_url
+      end
+
+      def callback
+        if params[:denied]
+          respond_with_status "error_in_logging"
+        else
+          access_token = authorize_with_twitter params[:oauth_token], params[:oauth_verifier]
+          twitter_user = Twitter.user
+          attributes = {first_name: twitter_user.name, image_url: twitter_user.profile_image_url}
+          user = User.authenticate_with_twitter(twitter_user.id, attributes, access_token.token, access_token.secret)
+          login user
+          respond_with_status "logged_in", user: user
+        end
+      end
+
+      private
+      
+        def oauth_client
+          TwitterOAuth::Client.new(
+              :consumer_key => Authorizme::twitter_consumer_key,
+              :consumer_secret => Authorizme::twitter_consumer_secret
+          )
+        end
+        
+        def twitter_client access_token
+          Twitter.configure do |config|
+            config.consumer_key = Authorizme::twitter_consumer_key
+            config.consumer_secret = Authorizme::twitter_consumer_secret
+            config.oauth_token = access_token.token if access_token.token
+            config.oauth_token_secret = access_token.secret if access_token.secret
+          end
+        end
+
+        def authorize_with_twitter oauth_token, oauth_verifier
+          request_token = session[:twitter_request_token]
+          request_secret = session[:twitter_request_secret]
+          if request_token && request_secret
+            client = oauth_client
+            access_token = client.authorize(
+              request_token,
+              request_secret,
+              :oauth_verifier => oauth_verifier
+            )
+            
+            twitter_client access_token
+            access_token
+          end
+        end
+
+    end
+  end
+end

data/app/controllers/authorizme/sessions_controller.rb

@@ -0,0 +1,29 @@
+module Authorizme
+  class SessionsController < AuthorizmeController
+  
+    def create
+      user = User.find_by_email(params[:email])
+      if user && user.authenticate(params[:password])
+        login user
+        if Authorizme::remote
+          status = {status: "logged_in", user: user}
+          respond_with status
+        else
+          redirect_to Authorizme::after_login_path
+        end
+      else
+        if Authorizme::remote
+          status = {status: "error"}
+          respond_with status
+        else
+          render "new"
+        end
+      end
+    end
+    
+    def destroy
+      logout
+    end
+
+  end
+end

data/app/controllers/authorizme/users_controller.rb

@@ -0,0 +1,17 @@
+module Authorizme
+  class UsersController < AuthorizmeController
+    
+    def new
+      @user = User.new
+    end
+    
+    def create
+      @user = User.new(params[:user])
+      if @user.save
+        redirect_to root_url, :notice => "Signed up!"
+      else
+        render "new"
+      end
+    end
+  end
+end

data/app/models/authorizme/user_provider.rb

@@ -0,0 +1,13 @@
+module Authorizme
+  class UserProvider < ActiveRecord::Base
+    #Relations
+    belongs_to :user
+    belongs_to :origin_user, :class_name => "User"
+
+    #Validations
+    # => Attributes
+    validates :social_id, :presence => true
+    validates :token, :presence => true
+
+  end
+end

data/app/models/authorizme/user_role.rb

@@ -0,0 +1,5 @@
+module Authorizme
+  class UserRole < ActiveRecord::Base
+  	has_many :users
+  end
+end

data/app/views/authorizme/authorizme/index.html.erb

@@ -0,0 +1,23 @@
+<h2>Authorizme plugin for authorization</h2>
+<div>Authorizme version <%= Authorizme::VERSION %></div>
+
+<h3>Authorize with your credentials:</h3>
+<%= form_tag "/#{Authorizme::namespace}/sessions" do %>
+  <p>
+    <%= label_tag :email %><br />
+    <%= text_field_tag :email, params[:email] %>
+  </p>
+  <p>
+    <%= label_tag :password %><br />
+    <%= password_field_tag :password %>
+  </p>
+  <p class="button"><%= submit_tag "Log in" %></p>
+<% end %>
+
+<h3>or use one of those providers:</h3>
+<%= link_to "Draugiem.lv", "/#{Authorizme::namespace}/login/draugiem" %>
+<%= link_to "Twitter.com", "/#{Authorizme::namespace}/login/twitter" %>
+<%= link_to "Facebook.com", "/#{Authorizme::namespace}/login/facebook" %>
+
+<h3>or you can signup:</h3>
+<%= link_to "Signup", "/#{Authorizme::namespace}/signup" %>

data/app/views/authorizme/users/new.html.erb

@@ -0,0 +1,26 @@
+<h1>Sign Up</h1>
+<%= form_for @user, :url => authorizme_users_path do |f| %>
+  <% if @user.errors.any? %>
+    <div class="error_messages">
+      <h2>Form is invalid</h2>
+      <ul>
+        <% for message in @user.errors.full_messages %>
+          <li><%= message %></li>
+        <% end %>
+      </ul>
+    </div>
+  <% end %>
+  <p>
+    <%= f.label :email %><br />
+    <%= f.text_field :email %>
+  </p>
+  <p>
+    <%= f.label :password %><br />
+    <%= f.password_field :password %>
+  </p>
+  <p>
+    <%= f.label :password_confirmation %><br />
+    <%= f.password_field :password_confirmation %>
+  </p>
+  <p class="button"><%= f.submit %></p>
+<% end %>

data/authorizme.gemspec

@@ -0,0 +1,37 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "authorizme/version"
+
+Gem::Specification.new do |s|
+  s.name        = "authorizme"
+  s.version     = Authorizme::VERSION
+  s.authors     = ["Arturs Braucs", "Creative Mobile"]
+  s.email       = ["arturs@creo.mobi"]
+  s.homepage    = "https://github.com/CreativeMobile/Authorizme"
+  s.summary     = %q{Simple authorization gem for basic and Oauth: facebook.com, twitter.com and draugiem.lv}
+  s.description = %q{Authorization that includes basic authorization and 3 social authorization with Latvia social network draugiem.lv, facebook.com and twitter.com.}
+
+  s.rubyforge_project = "authorizme"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_development_dependency 'rake'
+  s.add_development_dependency 'rspec'
+  s.add_development_dependency 'rspec-rails'
+  s.add_development_dependency 'webrat'
+  s.add_development_dependency 'capybara'
+  s.add_development_dependency 'factory_girl_rails'
+  
+  s.add_dependency "activesupport", "~> 3.2.1"
+  s.add_dependency "rails", "~> 3.2.1"
+  s.add_dependency "bcrypt-ruby"
+  s.add_dependency "json"
+  s.add_dependency "twitter_oauth"
+  s.add_dependency "twitter"
+  s.add_dependency "oauth2"
+  s.add_dependency "fbgraph"
+  
+end

data/config/routes.rb

@@ -0,0 +1,19 @@
+Rails.application.routes.draw do
+  # All authorizme routes will be under custom namespace
+  namespace Authorizme::namespace do
+  	resources :sessions
+    resources :users
+    
+    get '/' => 'authorizme#index', :as => 'main'
+    get '/signup' => 'users#new', :as => 'signup' 
+    
+    # Declare all provider routes.
+    Authorizme::providers.each do |provider|
+      get "/login/#{provider}" => "login/#{provider}#auth", :as => "#{provider}_login"
+      get "/login/#{provider}/callback" => "login/#{provider}#callback", :as => "#{provider}_callback"
+    end
+    
+    post '/login' => 'sessions#create', :as => 'login'
+    get '/logout' => 'sessions#destroy', :as => 'logout'
+  end
+end

data/lib/authorizme/acts_as_authorizme.rb

@@ -0,0 +1,131 @@
+module Authorizme
+  module ActsAsAuthorizme
+    extend ActiveSupport::Concern
+    
+    included do
+    end
+
+    module ClassMethods
+      def acts_as_authorizme
+        # Load bcrypt-ruby only when acts_as_authorizme is called. Need for password digest
+        gem 'bcrypt-ruby', '~> 3.0.0'
+        require 'bcrypt'
+        
+        # Relations
+        belongs_to :role, :class_name => "Authorizme::UserRole", :foreign_key => "user_role_id"
+        belongs_to :origin_provider, :class_name => "Authorizme::UserProvider"
+        has_many :providers, :class_name => "Authorizme::UserProvider"
+        
+        attr_reader :password
+        attr_accessible :first_name, :last_name, :image_url, :email, :password, :password_confirmation
+        
+        # Validations
+        validates_confirmation_of :password
+        validates_presence_of     :password_digest, :if => :has_not_provider?
+        validates_presence_of :email, :on => :create, :if => :has_not_provider?
+        validates_uniqueness_of :email, :if => :has_not_provider?
+
+        # Filters
+        before_create :set_default_role
+
+        include InstanceMethodsOnActivation
+
+        if respond_to?(:attributes_protected_by_default)
+          def self.attributes_protected_by_default
+            super + ['password_digest']
+          end
+        end
+        
+        def method_missing(meth, *args, &block)
+          if meth.to_s =~ /^authenticate_with_(.+)$/
+            run_authenticate_with_provider($1, *args, &block)
+          else
+            super
+          end
+        end
+
+        #def respond_to?(meth)
+        #  if meth.to_s =~ /^authenticate_with_.*$/
+        #    true
+        #  else
+        #    super
+        #  end
+        #end
+        
+        protected
+
+          # authorize
+          # Finds or creates user provider and creates or updates user with social data
+          # => Attributes
+          # *provider* provider name, e.g. facebook. Default in gem draugiem, twitter, facebook
+          # From args: 
+          # *social_id* social network user identity number
+          # *attributes* attributes from social nettwork. Can be set: first_name, last_name, image_url 
+          # *token* token
+          # *secret* secret
+          #
+          def run_authenticate_with_provider provider, *args, &block          
+            social_id = args[0]
+            attributes = args[1]
+            token = args[2]
+            secret = args[3]
+
+            user_provider = Authorizme::UserProvider.find_or_initialize_by_social_id_and_provider_type(social_id.to_s, provider)
+            user_provider.token = token
+            user_provider.secret = secret if secret
+            user_provider.save!
+            self.create_or_update_by_provider user_provider, attributes
+          end
+          
+          
+          def create_or_update_by_provider provider, attributes
+            unless provider.user
+              provider.user = User.new
+              provider.user.origin_provider = provider
+              provider.user.has_provider = true
+              provider.user.save!
+              provider.origin_user = provider.user
+              provider.user
+            end
+            provider.user.has_provider = true
+            provider.user.attributes = attributes
+            provider.user.save!
+            provider.save!
+            provider.user
+          end
+      end
+    end
+
+    module InstanceMethodsOnActivation
+      # Returns self if the password is correct, otherwise false.
+      def authenticate(unencrypted_password)
+        if BCrypt::Password.new(password_digest) == unencrypted_password
+          self
+        else
+          false
+        end
+      end
+
+      # Encrypts the password into the password_digest attribute.
+      def password=(unencrypted_password)
+        @password = unencrypted_password
+        unless unencrypted_password.blank?
+          self.password_digest = BCrypt::Password.create(unencrypted_password)
+        end
+      end
+      
+      def has_not_provider?
+        !self.has_provider
+      end
+      
+      private
+
+        def set_default_role
+         new_role = Authorizme::UserRole.find(:first) 
+         self.role = new_role if new_role
+        end
+    end
+  end
+end
+
+ActiveRecord::Base.send :include, Authorizme::ActsAsAuthorizme

data/lib/authorizme/engine.rb

@@ -0,0 +1,5 @@
+module Authorizme
+  class Engine < Rails::Engine
+  	config.authorizme = Authorizme
+  end
+end