devise_oauth2_providable 0.1.0 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
data/CONTRIBUTORS.txt CHANGED
@@ -2,5 +2,5 @@ Ryan Sonnek - Original Author
2
2
 
3
3
 
4
4
  Complete list of contributors:
5
- https://github.com/socialcast/devise_oauth2_token_bearer_authenticatable/contributors
5
+ https://github.com/socialcast/devise_oauth2_providable/contributors
6
6
 
data/Gemfile CHANGED
@@ -1,4 +1,4 @@
1
1
  source "http://rubygems.org"
2
2
 
3
- # Specify your gem's dependencies in devise_oauth2_token_bearer_authenticatable.gemspec
3
+ # Specify your gem's dependencies in the .gemspec
4
4
  gemspec
data/README.md CHANGED
@@ -1,36 +1,109 @@
1
- # devise_oauth2_token_bearer_authenticatable
1
+ # devise_oauth2_providable
2
2
 
3
- Support OAuth2 authentication for your API.
3
+ Rails3 engine that brings OAuth2 Provider support to your application.
4
4
 
5
+ Current OAuth2 Specification Draft:
5
6
  http://tools.ietf.org/html/draft-ietf-oauth-v2-15
6
7
 
8
+ ## Features
9
+
10
+ * integrates OAuth2 authentication with Devise authenthentication stack
11
+ * one-stop-shop includes all Models, Controllers and Views to get up and
12
+ running quickly
13
+ * All server requests support authentication via bearer token included in
14
+ the request. http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-04
15
+
16
+
7
17
  ## Installation
8
18
 
9
19
  ```ruby
10
20
  # Bundler Gemfile
11
- gem 'oauth2_token_bearer_authenticatable'
21
+ gem 'devise_oauth2_providable'
12
22
  ```
13
23
 
14
24
  ```ruby
15
25
  # create new Rails migration
16
26
  class CreateOauth2Schema < ActiveRecord::Migration
17
27
  def self.up
18
- Devise::Oauth2TokenBearerAuthenticatable::Schema.up(self)
28
+ Devise::Oauth2Providable:Schema.up(self)
19
29
  end
20
30
  def self.down
21
- Devise::Oauth2TokenBearerAuthenticatable::Schema.down(self)
31
+ Devise::Oauth2Providable::Schema.down(self)
22
32
  end
23
33
  end
24
34
  ```
25
-
26
- ## Usage
27
-
28
35
  ```ruby
29
36
  class User
30
- devise :database_authenticatable, :oauth2_token_bearer_authenticatable
37
+ # NOTE: include :database_authenticatable configuration
38
+ # if supporting Resource Owner Password Credentials Grant Type
39
+ devise :oauth2_providable
31
40
  end
32
41
  ```
33
42
 
43
+ ## Models
44
+
45
+ ### Client
46
+ registered OAuth2 client for storing the unique client_id and
47
+ client_secret.
48
+
49
+ ### AccessToken
50
+ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.3
51
+
52
+ Short lived token used by clients to perform subsequent requests (see
53
+ bearer token spec)
54
+
55
+ expires after 15min by default.
56
+
57
+ ### RefreshToken
58
+ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.5
59
+
60
+ Long lived token used by clients to request new access tokens without
61
+ requiring user intervention to re-authorize.
62
+
63
+ expires after 1 month by default.
64
+
65
+ ### AthorizationCode
66
+ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.4.1
67
+
68
+ *Very* short lived token created to allow a client to request an access
69
+ token after a user has gone through the authorization flow.
70
+
71
+ expires after 1min by default.
72
+
73
+ ## Routes
74
+
75
+ ### /oauth2/authorize
76
+ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-2.1
77
+
78
+ Endpoint to start client authorization flow. Models, controllers and
79
+ views are included for out of the box deployment.
80
+
81
+ Supports the Authorization Code and Implicit grant types.
82
+
83
+ ### /oauth2/token
84
+ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-2.2
85
+
86
+ Endpoint to request access token. See grant type documentation for
87
+ supported flows.
88
+
89
+ ## Grant Types
90
+
91
+ ### Resource Owner Password Credentials Grant Type
92
+ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.3
93
+
94
+ in order to use the Resource Owner Password Credentials Grant Type, your
95
+ Devise model *must* be configured to support the
96
+ :database_authenticatable option
97
+
98
+ ### Authorization Code Grant Type
99
+ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.1
100
+
101
+ ### Implicit Grant Type
102
+ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.2
103
+
104
+ ### Refresh Token Grant Type
105
+ http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-6
106
+
34
107
  ## Contributing
35
108
 
36
109
  * Fork the project
@@ -2,6 +2,7 @@ module Devise
2
2
  module Oauth2Providable
3
3
  class Engine < Rails::Engine
4
4
  initializer "devise_oauth2_providable.initialize_application" do |app|
5
+ app.config.filter_parameters << :client_secret
5
6
  app.middleware.use Rack::OAuth2::Server::Resource::Bearer, 'OAuth2 Bearer Token Resources' do |req|
6
7
  AccessToken.valid.find_by_token(req.access_token) || req.invalid_token!
7
8
  end
@@ -22,6 +22,8 @@ module Devise
22
22
  end
23
23
  migration.add_index :access_tokens, :token
24
24
  migration.add_index :access_tokens, :expires_at
25
+ migration.add_index :access_tokens, :user_id
26
+ migration.add_index :access_tokens, :client_id
25
27
 
26
28
  migration.create_table :refresh_tokens do |t|
27
29
  t.belongs_to :user, :client
@@ -31,6 +33,8 @@ module Devise
31
33
  end
32
34
  migration.add_index :refresh_tokens, :token
33
35
  migration.add_index :refresh_tokens, :expires_at
36
+ migration.add_index :refresh_tokens, :user_id
37
+ migration.add_index :refresh_tokens, :client_id
34
38
 
35
39
  migration.create_table :authorization_codes do |t|
36
40
  t.belongs_to :user, :client
@@ -41,6 +45,8 @@ module Devise
41
45
  end
42
46
  migration.add_index :authorization_codes, :token
43
47
  migration.add_index :authorization_codes, :expires_at
48
+ migration.add_index :authorization_codes, :user_id
49
+ migration.add_index :authorization_codes, :client_id
44
50
  end
45
51
 
46
52
  def self.down(migration)
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module Oauth2Providable
3
- VERSION = "0.1.0"
3
+ VERSION = "0.1.1"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise_oauth2_providable
3
3
  version: !ruby/object:Gem::Version
4
- hash: 27
4
+ hash: 25
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 1
9
- - 0
10
- version: 0.1.0
9
+ - 1
10
+ version: 0.1.1
11
11
  platform: ruby
12
12
  authors:
13
13
  - Ryan Sonnek
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-04-26 00:00:00 Z
18
+ date: 2011-04-27 00:00:00 Z
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
21
21
  name: rails