cb-sorcery 0.8.6

data/lib/sorcery/protocols/oauth.rb

@@ -0,0 +1,42 @@
+require 'oauth'
+
+module Sorcery
+  module Protocols
+    module Oauth
+
+      def oauth_version
+        '1.0'
+      end
+
+      def get_request_token(token=nil,secret=nil)
+        return ::OAuth::RequestToken.new(get_consumer, token, secret) if token && secret
+        get_consumer.get_request_token(oauth_callback: @callback_url)
+      end
+
+      def authorize_url(args)
+        get_request_token(
+          args[:request_token],
+          args[:request_token_secret]
+        ).authorize_url({
+          oauth_callback: @callback_url
+        })
+      end
+
+      def get_access_token(args)
+        get_request_token(
+          args[:request_token],
+          args[:request_token_secret]
+        ).get_access_token({
+          oauth_verifier: args[:oauth_verifier]
+        })
+      end
+
+      protected
+
+      def get_consumer
+        ::OAuth::Consumer.new(@key, @secret, site: @site)
+      end
+
+    end
+  end
+end

data/lib/sorcery/protocols/oauth2.rb

@@ -0,0 +1,47 @@
+require 'oauth2'
+
+module Sorcery
+  module Protocols
+    module Oauth2
+
+      def oauth_version
+        '2.0'
+      end
+
+      def authorize_url(options = {})
+        client = build_client(options)
+        client.auth_code.authorize_url(
+          redirect_uri: @callback_url,
+          scope: @scope,
+          display: @display,
+          state: @state
+        )
+      end
+
+      def get_access_token(args, options = {})
+        client = build_client(options)
+        client.auth_code.get_token(
+          args[:code],
+          {
+            redirect_uri: @callback_url,
+            parse: options.delete(:parse)
+          },
+          options
+        )
+      end
+
+      def build_client(options = {})
+        defaults = {
+          site: @site,
+          ssl: { ca_file: Sorcery::Controller::Config.ca_file }
+        }
+        ::OAuth2::Client.new(
+          @key,
+          @secret,
+          defaults.merge!(options)
+        )
+      end
+
+    end
+  end
+end

data/lib/sorcery/providers/base.rb

@@ -0,0 +1,27 @@
+module Sorcery
+  module Providers
+    class Base
+
+      attr_reader   :access_token
+
+      attr_accessor :callback_url, :key, :original_callback_url, :secret,
+                    :site, :state, :user_info_mapping
+
+      def has_callback?; true; end
+
+      def initialize
+        @user_info_mapping = {}
+      end
+
+      def self.name
+        super.gsub(/Sorcery::Providers::/, '').downcase
+      end
+
+      # Ensure that all descendant classes are loaded before run this
+      def self.descendants
+        ObjectSpace.each_object(Class).select { |klass| klass < self }
+      end
+
+    end
+  end
+end

data/lib/sorcery/providers/facebook.rb

@@ -0,0 +1,63 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with facebook.com.
+    #
+    #   config.facebook.key = <key>
+    #   config.facebook.secret = <secret>
+    #   ...
+    #
+    class Facebook < Base
+
+      include Protocols::Oauth2
+
+      attr_reader   :mode, :param_name, :parse
+      attr_accessor :access_permissions, :display, :scope, :token_url,
+                    :user_info_path
+
+      def initialize
+        super
+
+        @site           = 'https://graph.facebook.com'
+        @user_info_path = '/me'
+        @scope          = 'email,offline_access'
+        @display        = 'page'
+        @token_url      = 'oauth/access_token'
+        @mode           = :query
+        @parse          = :query
+        @param_name     = 'access_token'
+      end
+
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_path)
+
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        authorize_url
+      end
+
+      # overrides oauth2#authorize_url to allow customized scope.
+      def authorize_url
+        @scope = access_permissions.present? ? access_permissions.join(',') : scope
+        super
+      end
+
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+
+        get_access_token(args, token_url: token_url, mode: mode,
+          param_name: param_name, parse: parse)
+      end
+
+    end
+  end
+end

data/lib/sorcery/providers/github.rb

@@ -0,0 +1,51 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with github.com.
+    #
+    #   config.github.key = <key>
+    #   config.github.secret = <secret>
+    #   ...
+    #
+    class Github < Base
+
+      include Protocols::Oauth2
+
+      attr_accessor :auth_path, :scope, :token_url, :user_info_path
+
+      def initialize
+        super
+
+        @scope          = nil
+        @site           = 'https://github.com/'
+        @user_info_path = 'https://api.github.com/user'
+        @auth_path      = '/login/oauth/authorize'
+        @token_url      = '/login/oauth/access_token'
+      end
+
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_path)
+
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        authorize_url({ authorize_url: auth_path })
+      end
+
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+
+        get_access_token(args, token_url: token_url, token_method: :post)
+      end
+
+    end
+  end
+end

data/lib/sorcery/providers/google.rb

@@ -0,0 +1,51 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with google.com.
+    #
+    #   config.google.key = <key>
+    #   config.google.secret = <secret>
+    #   ...
+    #
+    class Google < Base
+
+      include Protocols::Oauth2
+
+      attr_accessor :auth_url, :scope, :token_url, :user_info_url
+
+      def initialize
+        super
+
+        @site          = 'https://accounts.google.com'
+        @auth_url      = '/o/oauth2/auth'
+        @token_url     = '/o/oauth2/token'
+        @user_info_url = 'https://www.googleapis.com/oauth2/v1/userinfo'
+        @scope         = 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile'
+      end
+
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_url)
+
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        authorize_url({ authorize_url: auth_url })
+      end
+
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+
+        get_access_token(args, token_url: token_url, token_method: :post)
+      end
+
+    end
+  end
+end

data/lib/sorcery/providers/jira.rb

@@ -0,0 +1,77 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with Jira
+    #
+    #   config.jira.key = <key>
+    #   config.jira.secret = <secret>
+    #   ...
+    #
+    class Jira < Base
+
+      include Protocols::Oauth
+
+      attr_accessor :access_token_path, :authorize_path, :request_token_path,
+                    :user_info_path, :site, :signature_method, :private_key_file, :callback_url
+
+
+      def initialize
+        @configuration = {
+            authorize_path: '/authorize',
+            request_token_path: '/request-token',
+            access_token_path: '/access-token'
+        }
+        @user_info_path = '/users/me'
+      end
+
+      # Override included get_consumer method to provide authorize_path
+      #read extra configurations
+      def get_consumer
+        @configuration = @configuration.merge({
+            site: site,
+            signature_method: signature_method,
+            consumer_key: key,
+            private_key_file: private_key_file
+        })
+        ::OAuth::Consumer.new(@key, @secret, @configuration)
+      end
+
+      def get_user_hash(access_token)
+        response = access_token.get(user_info_path)
+
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)['users'].first
+          h[:uid] = user_hash[:user_info]['id'].to_s
+        end
+      end
+
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        req_token = get_request_token
+        session[:request_token]         = req_token.token
+        session[:request_token_secret]  = req_token.secret
+
+        #it was like that -> redirect_to authorize_url({ request_token: req_token.token, request_token_secret: req_token.secret })
+        #for some reason Jira does not need these parameters
+
+        get_request_token(
+          session[:request_token],
+          session[:request_token_secret]
+        ).authorize_url
+      end
+
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {
+          oauth_verifier:       params[:oauth_verifier],
+          request_token:        session[:request_token],
+          request_token_secret: session[:request_token_secret]
+        }
+
+        args.merge!({ code: params[:code] }) if params[:code]
+        get_access_token(args)
+      end
+
+    end
+  end
+end

data/lib/sorcery/providers/linkedin.rb

@@ -0,0 +1,66 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with Linkedin.com.
+    #
+    #   config.linkedin.key = <key>
+    #   config.linkedin.secret = <secret>
+    #   ...
+    #
+    class Linkedin < Base
+
+      include Protocols::Oauth
+
+      attr_accessor :authorize_path, :access_permissions, :access_token_path,
+                    :request_token_path, :user_info_fields, :user_info_path
+
+      def initialize
+        @configuration = {
+          site: 'https://api.linkedin.com',
+          authorize_path: '/uas/oauth/authenticate',
+          request_token_path: '/uas/oauth/requestToken',
+          access_token_path: '/uas/oauth/accessToken'
+        }
+        @user_info_path = '/v1/people/~'
+      end
+
+      # Override included get_consumer method to provide authorize_path
+      def get_consumer
+        # Add access permissions to request token path
+        @configuration[:request_token_path] += '?scope=' + access_permissions.join('+') unless access_permissions.blank? or @configuration[:request_token_path].include? '?scope='
+        ::OAuth::Consumer.new(@key, @secret, @configuration)
+      end
+
+      def get_user_hash(access_token)
+        fields = self.user_info_fields.join(',')
+        response = access_token.get("#{@user_info_path}:(#{fields})", 'x-li-format' => 'json')
+
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id'].to_s
+        end
+      end
+
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        req_token = get_request_token
+        session[:request_token]         = req_token.token
+        session[:request_token_secret]  = req_token.secret
+        authorize_url({ request_token: req_token.token, request_token_secret: req_token.secret })
+      end
+
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {
+          oauth_verifier:       params[:oauth_verifier],
+          request_token:        session[:request_token],
+          request_token_secret: session[:request_token_secret]
+        }
+
+        args.merge!({ code: params[:code] }) if params[:code]
+        get_access_token(args)
+      end
+
+    end
+  end
+end

data/lib/sorcery/providers/liveid.rb

@@ -0,0 +1,53 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with microsoft liveid.
+    #
+    #   config.liveid.key = <key>
+    #   config.liveid.secret = <secret>
+    #   ...
+    #
+    class Liveid < Base
+
+      include Protocols::Oauth2
+
+      attr_accessor :auth_url, :token_path, :user_info_url, :scope
+
+      def initialize
+        super
+
+        @site           = 'https://oauth.live.com/'
+        @auth_url       = '/authorize'
+        @token_path     = '/token'
+        @user_info_url  = 'https://apis.live.net/v5.0/me'
+        @scope          = 'wl.basic wl.emails wl.offline_access'
+      end
+
+      def get_user_hash(access_token)
+        access_token.token_param = 'access_token'
+        response = access_token.get(user_info_url)
+
+        {}.tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['id']
+        end
+      end
+
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        self.authorize_url({ authorize_url: auth_url })
+      end
+
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+
+        get_access_token(args, access_token_path: token_path,
+          access_token_method: :post)
+      end
+
+    end
+  end
+end