devise_oauth2_providable 0.2.0 → 0.2.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.rspec +1 -1
- data/lib/devise_oauth2_providable/engine.rb +0 -3
- data/lib/devise_oauth2_providable/strategy.rb +26 -5
- data/lib/devise_oauth2_providable/version.rb +1 -1
- data/spec/rails_app/.rspec +1 -0
- data/spec/rails_app/Gemfile +1 -1
- data/spec/rails_app/app/controllers/protected_controller.rb +6 -0
- data/spec/rails_app/config/routes.rb +1 -0
- data/spec/rails_app/spec/controllers/protected_controller_spec.rb +15 -0
- data/spec/rails_app/spec/spec_helper.rb +2 -0
- metadata +8 -4
data/.rspec
CHANGED
|
@@ -3,9 +3,6 @@ module Devise
|
|
|
3
3
|
class Engine < Rails::Engine
|
|
4
4
|
initializer "devise_oauth2_providable.initialize_application" do |app|
|
|
5
5
|
app.config.filter_parameters << :client_secret
|
|
6
|
-
app.middleware.use Rack::OAuth2::Server::Resource::Bearer, 'OAuth2 Bearer Token Resources' do |req|
|
|
7
|
-
AccessToken.valid.find_by_token(req.access_token) || req.invalid_token!
|
|
8
|
-
end
|
|
9
6
|
end
|
|
10
7
|
end
|
|
11
8
|
end
|
|
@@ -4,13 +4,34 @@ module Devise
|
|
|
4
4
|
module Strategies
|
|
5
5
|
class Oauth2Providable < Base
|
|
6
6
|
def valid?
|
|
7
|
-
|
|
7
|
+
@req = Rack::OAuth2::Server::Resource::Bearer::Request.new(env)
|
|
8
|
+
@req.oauth2?
|
|
8
9
|
end
|
|
9
10
|
def authenticate!
|
|
10
|
-
token =
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
11
|
+
token = [@req.access_token_in_header, @req.access_token_in_payload].compact
|
|
12
|
+
access_token = AccessToken.valid.find_by_token token
|
|
13
|
+
resource = access_token ? access_token.user : nil
|
|
14
|
+
if validate(resource)
|
|
15
|
+
success! resource
|
|
16
|
+
elsif !halted?
|
|
17
|
+
fail(:invalid_token)
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
private
|
|
22
|
+
# Simply invokes valid_for_authentication? with the given block and deal with the result.
|
|
23
|
+
def validate(resource, &block)
|
|
24
|
+
result = resource && resource.valid_for_authentication?(&block)
|
|
25
|
+
|
|
26
|
+
case result
|
|
27
|
+
when String, Symbol
|
|
28
|
+
fail!(result)
|
|
29
|
+
false
|
|
30
|
+
when TrueClass
|
|
31
|
+
true
|
|
32
|
+
else
|
|
33
|
+
result
|
|
34
|
+
end
|
|
14
35
|
end
|
|
15
36
|
end
|
|
16
37
|
end
|
data/spec/rails_app/.rspec
CHANGED
data/spec/rails_app/Gemfile
CHANGED
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe ProtectedController do
|
|
4
|
+
|
|
5
|
+
describe 'get :index' do
|
|
6
|
+
before do
|
|
7
|
+
client = Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
|
|
8
|
+
@user = User.create! :name => 'ryan sonnek', :email => 'foo@example.com'
|
|
9
|
+
@token = AccessToken.create! :client => client, :user => @user
|
|
10
|
+
|
|
11
|
+
get :index, {:bearer_token => @token.token}, {'HTTP_AUTHORIZATION' => "Bearer #{@token.token}"}
|
|
12
|
+
end
|
|
13
|
+
it { should respond_with :ok }
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -8,6 +8,8 @@ require 'rspec/rails'
|
|
|
8
8
|
Dir[Rails.root.join("spec/support/**/*.rb")].each {|f| require f}
|
|
9
9
|
|
|
10
10
|
RSpec.configure do |config|
|
|
11
|
+
config.include Devise::TestHelpers, :type => :controller
|
|
12
|
+
|
|
11
13
|
# == Mock Framework
|
|
12
14
|
#
|
|
13
15
|
# If you prefer to use mocha, flexmock or RR, uncomment the appropriate line:
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_oauth2_providable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 21
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 2
|
|
9
|
-
-
|
|
10
|
-
version: 0.2.
|
|
9
|
+
- 1
|
|
10
|
+
version: 0.2.1
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Ryan Sonnek
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2011-05-
|
|
18
|
+
date: 2011-05-17 00:00:00 Z
|
|
19
19
|
dependencies:
|
|
20
20
|
- !ruby/object:Gem::Dependency
|
|
21
21
|
name: rails
|
|
@@ -123,6 +123,7 @@ files:
|
|
|
123
123
|
- spec/rails_app/README
|
|
124
124
|
- spec/rails_app/Rakefile
|
|
125
125
|
- spec/rails_app/app/controllers/application_controller.rb
|
|
126
|
+
- spec/rails_app/app/controllers/protected_controller.rb
|
|
126
127
|
- spec/rails_app/app/helpers/application_helper.rb
|
|
127
128
|
- spec/rails_app/app/models/user.rb
|
|
128
129
|
- spec/rails_app/app/views/layouts/application.html.erb
|
|
@@ -160,6 +161,7 @@ files:
|
|
|
160
161
|
- spec/rails_app/public/robots.txt
|
|
161
162
|
- spec/rails_app/public/stylesheets/.gitkeep
|
|
162
163
|
- spec/rails_app/script/rails
|
|
164
|
+
- spec/rails_app/spec/controllers/protected_controller_spec.rb
|
|
163
165
|
- spec/rails_app/spec/integration/token_endpoint_spec.rb
|
|
164
166
|
- spec/rails_app/spec/models/access_token_spec.rb
|
|
165
167
|
- spec/rails_app/spec/models/client_spec.rb
|
|
@@ -210,6 +212,7 @@ test_files:
|
|
|
210
212
|
- spec/rails_app/README
|
|
211
213
|
- spec/rails_app/Rakefile
|
|
212
214
|
- spec/rails_app/app/controllers/application_controller.rb
|
|
215
|
+
- spec/rails_app/app/controllers/protected_controller.rb
|
|
213
216
|
- spec/rails_app/app/helpers/application_helper.rb
|
|
214
217
|
- spec/rails_app/app/models/user.rb
|
|
215
218
|
- spec/rails_app/app/views/layouts/application.html.erb
|
|
@@ -247,6 +250,7 @@ test_files:
|
|
|
247
250
|
- spec/rails_app/public/robots.txt
|
|
248
251
|
- spec/rails_app/public/stylesheets/.gitkeep
|
|
249
252
|
- spec/rails_app/script/rails
|
|
253
|
+
- spec/rails_app/spec/controllers/protected_controller_spec.rb
|
|
250
254
|
- spec/rails_app/spec/integration/token_endpoint_spec.rb
|
|
251
255
|
- spec/rails_app/spec/models/access_token_spec.rb
|
|
252
256
|
- spec/rails_app/spec/models/client_spec.rb
|