devise_oauth2_providable 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/.rspec +1 -1
- data/lib/devise_oauth2_providable/engine.rb +0 -3
- data/lib/devise_oauth2_providable/strategy.rb +26 -5
- data/lib/devise_oauth2_providable/version.rb +1 -1
- data/spec/rails_app/.rspec +1 -0
- data/spec/rails_app/Gemfile +1 -1
- data/spec/rails_app/app/controllers/protected_controller.rb +6 -0
- data/spec/rails_app/config/routes.rb +1 -0
- data/spec/rails_app/spec/controllers/protected_controller_spec.rb +15 -0
- data/spec/rails_app/spec/spec_helper.rb +2 -0
- metadata +8 -4
data/.rspec
CHANGED
|
@@ -3,9 +3,6 @@ module Devise
|
|
|
3
3
|
class Engine < Rails::Engine
|
|
4
4
|
initializer "devise_oauth2_providable.initialize_application" do |app|
|
|
5
5
|
app.config.filter_parameters << :client_secret
|
|
6
|
-
app.middleware.use Rack::OAuth2::Server::Resource::Bearer, 'OAuth2 Bearer Token Resources' do |req|
|
|
7
|
-
AccessToken.valid.find_by_token(req.access_token) || req.invalid_token!
|
|
8
|
-
end
|
|
9
6
|
end
|
|
10
7
|
end
|
|
11
8
|
end
|
|
@@ -4,13 +4,34 @@ module Devise
|
|
|
4
4
|
module Strategies
|
|
5
5
|
class Oauth2Providable < Base
|
|
6
6
|
def valid?
|
|
7
|
-
|
|
7
|
+
@req = Rack::OAuth2::Server::Resource::Bearer::Request.new(env)
|
|
8
|
+
@req.oauth2?
|
|
8
9
|
end
|
|
9
10
|
def authenticate!
|
|
10
|
-
token =
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
11
|
+
token = [@req.access_token_in_header, @req.access_token_in_payload].compact
|
|
12
|
+
access_token = AccessToken.valid.find_by_token token
|
|
13
|
+
resource = access_token ? access_token.user : nil
|
|
14
|
+
if validate(resource)
|
|
15
|
+
success! resource
|
|
16
|
+
elsif !halted?
|
|
17
|
+
fail(:invalid_token)
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
private
|
|
22
|
+
# Simply invokes valid_for_authentication? with the given block and deal with the result.
|
|
23
|
+
def validate(resource, &block)
|
|
24
|
+
result = resource && resource.valid_for_authentication?(&block)
|
|
25
|
+
|
|
26
|
+
case result
|
|
27
|
+
when String, Symbol
|
|
28
|
+
fail!(result)
|
|
29
|
+
false
|
|
30
|
+
when TrueClass
|
|
31
|
+
true
|
|
32
|
+
else
|
|
33
|
+
result
|
|
34
|
+
end
|
|
14
35
|
end
|
|
15
36
|
end
|
|
16
37
|
end
|
data/spec/rails_app/.rspec
CHANGED
data/spec/rails_app/Gemfile
CHANGED
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
|
|
3
|
+
describe ProtectedController do
|
|
4
|
+
|
|
5
|
+
describe 'get :index' do
|
|
6
|
+
before do
|
|
7
|
+
client = Client.create! :name => 'test', :redirect_uri => 'http://localhost:3000', :website => 'http://localhost'
|
|
8
|
+
@user = User.create! :name => 'ryan sonnek', :email => 'foo@example.com'
|
|
9
|
+
@token = AccessToken.create! :client => client, :user => @user
|
|
10
|
+
|
|
11
|
+
get :index, {:bearer_token => @token.token}, {'HTTP_AUTHORIZATION' => "Bearer #{@token.token}"}
|
|
12
|
+
end
|
|
13
|
+
it { should respond_with :ok }
|
|
14
|
+
end
|
|
15
|
+
end
|
|
@@ -8,6 +8,8 @@ require 'rspec/rails'
|
|
|
8
8
|
Dir[Rails.root.join("spec/support/**/*.rb")].each {|f| require f}
|
|
9
9
|
|
|
10
10
|
RSpec.configure do |config|
|
|
11
|
+
config.include Devise::TestHelpers, :type => :controller
|
|
12
|
+
|
|
11
13
|
# == Mock Framework
|
|
12
14
|
#
|
|
13
15
|
# If you prefer to use mocha, flexmock or RR, uncomment the appropriate line:
|
metadata
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: devise_oauth2_providable
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
hash:
|
|
4
|
+
hash: 21
|
|
5
5
|
prerelease:
|
|
6
6
|
segments:
|
|
7
7
|
- 0
|
|
8
8
|
- 2
|
|
9
|
-
-
|
|
10
|
-
version: 0.2.
|
|
9
|
+
- 1
|
|
10
|
+
version: 0.2.1
|
|
11
11
|
platform: ruby
|
|
12
12
|
authors:
|
|
13
13
|
- Ryan Sonnek
|
|
@@ -15,7 +15,7 @@ autorequire:
|
|
|
15
15
|
bindir: bin
|
|
16
16
|
cert_chain: []
|
|
17
17
|
|
|
18
|
-
date: 2011-05-
|
|
18
|
+
date: 2011-05-17 00:00:00 Z
|
|
19
19
|
dependencies:
|
|
20
20
|
- !ruby/object:Gem::Dependency
|
|
21
21
|
name: rails
|
|
@@ -123,6 +123,7 @@ files:
|
|
|
123
123
|
- spec/rails_app/README
|
|
124
124
|
- spec/rails_app/Rakefile
|
|
125
125
|
- spec/rails_app/app/controllers/application_controller.rb
|
|
126
|
+
- spec/rails_app/app/controllers/protected_controller.rb
|
|
126
127
|
- spec/rails_app/app/helpers/application_helper.rb
|
|
127
128
|
- spec/rails_app/app/models/user.rb
|
|
128
129
|
- spec/rails_app/app/views/layouts/application.html.erb
|
|
@@ -160,6 +161,7 @@ files:
|
|
|
160
161
|
- spec/rails_app/public/robots.txt
|
|
161
162
|
- spec/rails_app/public/stylesheets/.gitkeep
|
|
162
163
|
- spec/rails_app/script/rails
|
|
164
|
+
- spec/rails_app/spec/controllers/protected_controller_spec.rb
|
|
163
165
|
- spec/rails_app/spec/integration/token_endpoint_spec.rb
|
|
164
166
|
- spec/rails_app/spec/models/access_token_spec.rb
|
|
165
167
|
- spec/rails_app/spec/models/client_spec.rb
|
|
@@ -210,6 +212,7 @@ test_files:
|
|
|
210
212
|
- spec/rails_app/README
|
|
211
213
|
- spec/rails_app/Rakefile
|
|
212
214
|
- spec/rails_app/app/controllers/application_controller.rb
|
|
215
|
+
- spec/rails_app/app/controllers/protected_controller.rb
|
|
213
216
|
- spec/rails_app/app/helpers/application_helper.rb
|
|
214
217
|
- spec/rails_app/app/models/user.rb
|
|
215
218
|
- spec/rails_app/app/views/layouts/application.html.erb
|
|
@@ -247,6 +250,7 @@ test_files:
|
|
|
247
250
|
- spec/rails_app/public/robots.txt
|
|
248
251
|
- spec/rails_app/public/stylesheets/.gitkeep
|
|
249
252
|
- spec/rails_app/script/rails
|
|
253
|
+
- spec/rails_app/spec/controllers/protected_controller_spec.rb
|
|
250
254
|
- spec/rails_app/spec/integration/token_endpoint_spec.rb
|
|
251
255
|
- spec/rails_app/spec/models/access_token_spec.rb
|
|
252
256
|
- spec/rails_app/spec/models/client_spec.rb
|