devise_oauth2_providable 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/.rspec CHANGED
@@ -1,3 +1,3 @@
1
1
  --colour
2
2
  --format documentation
3
-
3
+ --backtrace
@@ -3,9 +3,6 @@ module Devise
3
3
  class Engine < Rails::Engine
4
4
  initializer "devise_oauth2_providable.initialize_application" do |app|
5
5
  app.config.filter_parameters << :client_secret
6
- app.middleware.use Rack::OAuth2::Server::Resource::Bearer, 'OAuth2 Bearer Token Resources' do |req|
7
- AccessToken.valid.find_by_token(req.access_token) || req.invalid_token!
8
- end
9
6
  end
10
7
  end
11
8
  end
@@ -4,13 +4,34 @@ module Devise
4
4
  module Strategies
5
5
  class Oauth2Providable < Base
6
6
  def valid?
7
- env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN].present?
7
+ @req = Rack::OAuth2::Server::Resource::Bearer::Request.new(env)
8
+ @req.oauth2?
8
9
  end
9
10
  def authenticate!
10
- token = AccessToken.valid.find_by_token env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN]
11
- raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized unless token
12
- raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:invalid_token, 'User token is required') unless token.user
13
- success! token.user
11
+ token = [@req.access_token_in_header, @req.access_token_in_payload].compact
12
+ access_token = AccessToken.valid.find_by_token token
13
+ resource = access_token ? access_token.user : nil
14
+ if validate(resource)
15
+ success! resource
16
+ elsif !halted?
17
+ fail(:invalid_token)
18
+ end
19
+ end
20
+
21
+ private
22
+ # Simply invokes valid_for_authentication? with the given block and deal with the result.
23
+ def validate(resource, &block)
24
+ result = resource && resource.valid_for_authentication?(&block)
25
+
26
+ case result
27
+ when String, Symbol
28
+ fail!(result)
29
+ false
30
+ when TrueClass
31
+ true
32
+ else
33
+ result
34
+ end
14
35
  end
15
36
  end
16
37
  end
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Oauth2Providable
3
- VERSION = "0.2.0"
3
+ VERSION = "0.2.1"
4
4
  end
5
5
  end
@@ -1 +1,2 @@
1
1
  --colour
2
+ --backtrace
@@ -1,7 +1,7 @@
1
1
  source 'http://rubygems.org'
2
2
 
3
3
  gem 'rails', '3.0.7'
4
- gem 'rspec-rails', '2.5.0'
4
+ gem 'rspec-rails', '2.6.0'
5
5
  gem 'devise_oauth2_providable', :path => '../../'
6
6
  gem 'shoulda-matchers', '1.0.0.beta2'
7
7
  gem 'ruby-debug'
@@ -0,0 +1,6 @@
1
+ class ProtectedController < ApplicationController
2
+ before_filter :authenticate_user!
3
+ def index
4
+ render :nothing => true, :status => :ok
5
+ end
6
+ end
@@ -1,5 +1,6 @@
1
1
  RailsApp::Application.routes.draw do
2
2
  devise_for :users
3
+ resources :protected
3
4
 
4
5
  # The priority is based upon order of creation:
5
6
  # first created -> highest priority.
@@ -0,0 +1,15 @@
1
+ require 'spec_helper'
2
+
3
+ describe ProtectedController do
4
+
5
+ describe 'get :index' do
6
+ before do
7
+ client = Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
8
+ @user = User.create! :name => 'ryan sonnek', :email => 'foo@example.com'
9
+ @token = AccessToken.create! :client => client, :user => @user
10
+
11
+ get :index, {:bearer_token => @token.token}, {'HTTP_AUTHORIZATION' => "Bearer #{@token.token}"}
12
+ end
13
+ it { should respond_with :ok }
14
+ end
15
+ end
@@ -8,6 +8,8 @@ require 'rspec/rails'
8
8
  Dir[Rails.root.join("spec/support/**/*.rb")].each {|f| require f}
9
9
 
10
10
  RSpec.configure do |config|
11
+ config.include Devise::TestHelpers, :type => :controller
12
+
11
13
  # == Mock Framework
12
14
  #
13
15
  # If you prefer to use mocha, flexmock or RR, uncomment the appropriate line:
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_oauth2_providable
3
3
  version: !ruby/object:Gem::Version
4
- hash: 23
4
+ hash: 21
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 2
9
- - 0
10
- version: 0.2.0
9
+ - 1
10
+ version: 0.2.1
11
11
  platform: ruby
12
12
  authors:
13
13
  - Ryan Sonnek
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-05-16 00:00:00 Z
18
+ date: 2011-05-17 00:00:00 Z
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
21
21
  name: rails
@@ -123,6 +123,7 @@ files:
123
123
  - spec/rails_app/README
124
124
  - spec/rails_app/Rakefile
125
125
  - spec/rails_app/app/controllers/application_controller.rb
126
+ - spec/rails_app/app/controllers/protected_controller.rb
126
127
  - spec/rails_app/app/helpers/application_helper.rb
127
128
  - spec/rails_app/app/models/user.rb
128
129
  - spec/rails_app/app/views/layouts/application.html.erb
@@ -160,6 +161,7 @@ files:
160
161
  - spec/rails_app/public/robots.txt
161
162
  - spec/rails_app/public/stylesheets/.gitkeep
162
163
  - spec/rails_app/script/rails
164
+ - spec/rails_app/spec/controllers/protected_controller_spec.rb
163
165
  - spec/rails_app/spec/integration/token_endpoint_spec.rb
164
166
  - spec/rails_app/spec/models/access_token_spec.rb
165
167
  - spec/rails_app/spec/models/client_spec.rb
@@ -210,6 +212,7 @@ test_files:
210
212
  - spec/rails_app/README
211
213
  - spec/rails_app/Rakefile
212
214
  - spec/rails_app/app/controllers/application_controller.rb
215
+ - spec/rails_app/app/controllers/protected_controller.rb
213
216
  - spec/rails_app/app/helpers/application_helper.rb
214
217
  - spec/rails_app/app/models/user.rb
215
218
  - spec/rails_app/app/views/layouts/application.html.erb
@@ -247,6 +250,7 @@ test_files:
247
250
  - spec/rails_app/public/robots.txt
248
251
  - spec/rails_app/public/stylesheets/.gitkeep
249
252
  - spec/rails_app/script/rails
253
+ - spec/rails_app/spec/controllers/protected_controller_spec.rb
250
254
  - spec/rails_app/spec/integration/token_endpoint_spec.rb
251
255
  - spec/rails_app/spec/models/access_token_spec.rb
252
256
  - spec/rails_app/spec/models/client_spec.rb