devise_oauth2_providable 0.1.0 → 0.1.1

data/CONTRIBUTORS.txt

@@ -2,5 +2,5 @@ Ryan Sonnek - Original Author
 
 
 Complete list of contributors:
-https://github.com/socialcast/devise_oauth2_token_bearer_authenticatable/contributors
+https://github.com/socialcast/devise_oauth2_providable/contributors
 

data/Gemfile

@@ -1,4 +1,4 @@
 source "http://rubygems.org"
 
-# Specify your gem's dependencies in devise_oauth2_token_bearer_authenticatable.gemspec
+# Specify your gem's dependencies in the .gemspec
 gemspec

data/README.md

@@ -1,36 +1,109 @@
-# devise_oauth2_token_bearer_authenticatable
+# devise_oauth2_providable
 
-Support OAuth2 authentication for your API.
+Rails3 engine that brings OAuth2 Provider support to your application.
 
+Current OAuth2 Specification Draft:
 http://tools.ietf.org/html/draft-ietf-oauth-v2-15
 
+## Features
+
+* integrates OAuth2 authentication with Devise authenthentication stack
+* one-stop-shop includes all Models, Controllers and Views to get up and
+  running quickly
+* All server requests support authentication via bearer token included in
+the request.  http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-04
+
+
 ## Installation
 
 ```ruby
 # Bundler Gemfile
-gem 'oauth2_token_bearer_authenticatable'
+gem 'devise_oauth2_providable'
 ```
 
 ```ruby
 # create new Rails migration
 class CreateOauth2Schema < ActiveRecord::Migration
   def self.up
-    Devise::Oauth2TokenBearerAuthenticatable::Schema.up(self)
+    Devise::Oauth2Providable:Schema.up(self)
   end
   def self.down
-    Devise::Oauth2TokenBearerAuthenticatable::Schema.down(self)
+    Devise::Oauth2Providable::Schema.down(self)
   end
 end
 ```
-
-## Usage
-
 ```ruby
 class User
-  devise :database_authenticatable, :oauth2_token_bearer_authenticatable
+  # NOTE: include :database_authenticatable configuration
+  # if supporting Resource Owner Password Credentials Grant Type
+  devise :oauth2_providable
 end
 ```
 
+## Models
+
+### Client
+registered OAuth2 client for storing the unique client_id and
+client_secret.
+
+### AccessToken
+http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.3
+
+Short lived token used by clients to perform subsequent requests (see
+bearer token spec)
+
+expires after 15min by default.
+
+### RefreshToken
+http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.5
+
+Long lived token used by clients to request new access tokens without
+requiring user intervention to re-authorize.
+
+expires after 1 month by default.
+
+### AthorizationCode
+http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-1.4.1
+
+*Very* short lived token created to allow a client to request an access
+token after a user has gone through the authorization flow.
+
+expires after 1min by default.
+
+## Routes
+
+### /oauth2/authorize
+http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-2.1
+
+Endpoint to start client authorization flow.  Models, controllers and
+views are included for out of the box deployment.
+
+Supports the Authorization Code and Implicit grant types.
+
+### /oauth2/token
+http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-2.2
+
+Endpoint to request access token.  See grant type documentation for
+supported flows.
+
+## Grant Types
+
+### Resource Owner Password Credentials Grant Type
+http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.3
+
+in order to use the Resource Owner Password Credentials Grant Type, your
+Devise model *must* be configured to support the
+:database_authenticatable option
+
+### Authorization Code Grant Type
+http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.1
+
+### Implicit Grant Type
+http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.2
+
+### Refresh Token Grant Type
+http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-6
+
 ## Contributing
  
 * Fork the project

data/lib/devise_oauth2_providable/engine.rb

@@ -2,6 +2,7 @@ module Devise
   module Oauth2Providable
     class Engine < Rails::Engine
       initializer "devise_oauth2_providable.initialize_application" do |app|
+        app.config.filter_parameters << :client_secret
         app.middleware.use Rack::OAuth2::Server::Resource::Bearer, 'OAuth2 Bearer Token Resources' do |req|
           AccessToken.valid.find_by_token(req.access_token) || req.invalid_token!
         end

data/lib/devise_oauth2_providable/schema.rb

@@ -22,6 +22,8 @@ module Devise
         end
         migration.add_index :access_tokens, :token
         migration.add_index :access_tokens, :expires_at
+        migration.add_index :access_tokens, :user_id
+        migration.add_index :access_tokens, :client_id
 
         migration.create_table :refresh_tokens do |t|
           t.belongs_to :user, :client
@@ -31,6 +33,8 @@ module Devise
         end
         migration.add_index :refresh_tokens, :token
         migration.add_index :refresh_tokens, :expires_at
+        migration.add_index :refresh_tokens, :user_id
+        migration.add_index :refresh_tokens, :client_id
 
         migration.create_table :authorization_codes do |t|
           t.belongs_to :user, :client
@@ -41,6 +45,8 @@ module Devise
         end
         migration.add_index :authorization_codes, :token
         migration.add_index :authorization_codes, :expires_at
+        migration.add_index :authorization_codes, :user_id
+        migration.add_index :authorization_codes, :client_id
       end
 
       def self.down(migration)

data/lib/devise_oauth2_providable/version.rb

@@ -1,5 +1,5 @@
 module Devise
   module Oauth2Providable
-    VERSION = "0.1.0"
+    VERSION = "0.1.1"
   end
 end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: devise_oauth2_providable
 version: !ruby/object:Gem::Version 
-  hash: 27
+  hash: 25
   prerelease: 
   segments: 
   - 0
   - 1
-  - 0
-  version: 0.1.0
+  - 1
+  version: 0.1.1
 platform: ruby
 authors: 
 - Ryan Sonnek
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2011-04-26 00:00:00 Z
+date: 2011-04-27 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: rails