exvo-auth 0.12.1 → 0.12.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.markdown +108 -0
- data/lib/exvo_auth/controllers/base.rb +2 -2
- data/lib/exvo_auth/version.rb +1 -1
- metadata +5 -5
- data/README +0 -119
data/README.markdown
ADDED
@@ -0,0 +1,108 @@
|
|
1
|
+
#OAuth2
|
2
|
+
|
3
|
+
- Get familiar with OmniAuth by Intridea: http://github.com/intridea/omniauth. Read about OAuth2.
|
4
|
+
- Obtain client_id and client_secret for your app from Exvo.
|
5
|
+
- Install exvo-auth gem or add it to your Gemfile.
|
6
|
+
|
7
|
+
|
8
|
+
##Configure middleware.
|
9
|
+
|
10
|
+
In Rails, the relevant lines could look like this:
|
11
|
+
|
12
|
+
ExvoAuth::Config.client_id = "foo"
|
13
|
+
ExvoAuth::Config.client_secret = "bar"
|
14
|
+
ExvoAuth::Config.debug = true # dumps all HTTP traffic to STDERR, useful during development.
|
15
|
+
config.middleware.use ExvoAuth::Middleware
|
16
|
+
|
17
|
+
|
18
|
+
##Add routes.
|
19
|
+
|
20
|
+
The following comes from Rails config/routes.rb file:
|
21
|
+
|
22
|
+
match "/auth/failure" => "sessions#failure"
|
23
|
+
match "/auth/interactive/callback" => "sessions#create"
|
24
|
+
match "/auth/non_interactive/callback" => "sessions#create" # only if you use json-based login
|
25
|
+
match "/sign_out" => "sessions#destroy"
|
26
|
+
|
27
|
+
Failure url is called whenever there's a failure (d'oh).
|
28
|
+
You can have separate callbacks for interactive and non-interactive
|
29
|
+
callback routes but you can also route both callbacks to the same controller method
|
30
|
+
like shown above.
|
31
|
+
|
32
|
+
##Include controller helpers into your application controller.
|
33
|
+
|
34
|
+
include ExvoAuth::Controllers::Rails (or Merb)
|
35
|
+
|
36
|
+
##Implement a sessions controller.
|
37
|
+
|
38
|
+
Sample implementation (Rails):
|
39
|
+
|
40
|
+
class SessionsController < ApplicationController
|
41
|
+
def create
|
42
|
+
sign_in_and_redirect!
|
43
|
+
end
|
44
|
+
|
45
|
+
def destroy
|
46
|
+
sign_out_and_redirect!
|
47
|
+
end
|
48
|
+
|
49
|
+
def failure
|
50
|
+
render :text => "Sorry!"
|
51
|
+
end
|
52
|
+
end
|
53
|
+
|
54
|
+
##Implement #find_or_create_user_by_uid(uid) in your Application Controller.
|
55
|
+
|
56
|
+
This method will be called by #current_user. Previously we did this in sessions_controller but since the sharing sessions changes this controller
|
57
|
+
will not be used in most cases because the session comes from another app through a shared cookie. This method should find user by uid or create it.
|
58
|
+
Additional info (emails, etc) can be obtained using auth api (/users/uid.json path).
|
59
|
+
|
60
|
+
In short: you get params[:auth]. Do what you want to do with it: store the data, create session, etc.
|
61
|
+
|
62
|
+
|
63
|
+
##Sign up and sign in paths for use in links.
|
64
|
+
|
65
|
+
sign in path: "/auth/interactive"
|
66
|
+
sign up path: "/auth/interactive?x_sign_up=true" # this is OAuth2 custom param
|
67
|
+
sign in path with a return address: "/auth/interactive?state=url" # using OAuth2 state param
|
68
|
+
|
69
|
+
You have a handy methods available in controllers (and views in Rails): sign_in_path and sign_up_path.
|
70
|
+
|
71
|
+
##Read the source, there are few features not mentioned in this README.
|
72
|
+
|
73
|
+
|
74
|
+
#Inter-Application Communication
|
75
|
+
|
76
|
+
You need to have "App Authorization" created by Exvo first.
|
77
|
+
Contact us and provide following details:
|
78
|
+
|
79
|
+
- consumer_id - Id of an app that will be a consumer (this is you)
|
80
|
+
- provider_id - Id of the provider app
|
81
|
+
- scope - The tag associated with the api you want to use in the provider app
|
82
|
+
|
83
|
+
##Consumer side
|
84
|
+
|
85
|
+
consumer = ExvoAuth::Autonomous::Consumer.new(
|
86
|
+
:app_id => "this is client_id of the app you want to connect to"
|
87
|
+
)
|
88
|
+
consumer.get(*args) - interface is exactly the same like in HTTParty. All http methods are available (post, put, delete, head, options).
|
89
|
+
|
90
|
+
##Provider side
|
91
|
+
|
92
|
+
See #authenticate_app_in_scope!(scope) method in ExvoAuth::Controllers::Rails (or Merb). This method lets you create a before filter.
|
93
|
+
Scopes are used by providing app to check if a given consuming app should have access to a given resource inside a scope.
|
94
|
+
If scopes are empty, then provider app should not present any resources to consumer.
|
95
|
+
|
96
|
+
##Example of the before filter for provider controller:
|
97
|
+
|
98
|
+
before_filter {|c| c.authenticate_app_in_scope!("payments") }
|
99
|
+
|
100
|
+
In provider controller which is just a fancy name for API controller you can use #current_app_id method to get the app_id of the app connecting.
|
101
|
+
|
102
|
+
|
103
|
+
#Dejavu - replay non-GET requests after authentication redirects
|
104
|
+
|
105
|
+
##Limitations:
|
106
|
+
|
107
|
+
- doesn't work with file uploads
|
108
|
+
- all request params become query params when replayed
|
@@ -1,6 +1,6 @@
|
|
1
1
|
module ExvoAuth::Controllers::Base
|
2
2
|
# A before filter to protect your sensitive actions.
|
3
|
-
def authenticate_user!
|
3
|
+
def authenticate_user!(opts = {})
|
4
4
|
if !signed_in?
|
5
5
|
store_request!
|
6
6
|
|
@@ -10,7 +10,7 @@ module ExvoAuth::Controllers::Base
|
|
10
10
|
if callback_value
|
11
11
|
redirect_to non_interactive_sign_in_path(callback_key => callback_value)
|
12
12
|
else
|
13
|
-
redirect_to
|
13
|
+
redirect_to opts[:redirect_to] || sign_in_path
|
14
14
|
end
|
15
15
|
end
|
16
16
|
end
|
data/lib/exvo_auth/version.rb
CHANGED
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: exvo-auth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 43
|
5
5
|
prerelease: false
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 12
|
9
|
-
-
|
10
|
-
version: 0.12.
|
9
|
+
- 2
|
10
|
+
version: 0.12.2
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Jacek Becela
|
@@ -15,7 +15,7 @@ autorequire:
|
|
15
15
|
bindir: bin
|
16
16
|
cert_chain: []
|
17
17
|
|
18
|
-
date: 2011-
|
18
|
+
date: 2011-09-19 00:00:00 +02:00
|
19
19
|
default_executable:
|
20
20
|
dependencies:
|
21
21
|
- !ruby/object:Gem::Dependency
|
@@ -142,7 +142,7 @@ extra_rdoc_files: []
|
|
142
142
|
files:
|
143
143
|
- .gitignore
|
144
144
|
- Gemfile
|
145
|
-
- README
|
145
|
+
- README.markdown
|
146
146
|
- Rakefile
|
147
147
|
- exvo-auth.gemspec
|
148
148
|
- lib/exvo-auth.rb
|
data/README
DELETED
@@ -1,119 +0,0 @@
|
|
1
|
-
OAuth2
|
2
|
-
======
|
3
|
-
|
4
|
-
-1. Get familiar with OmniAuth by Intridea: http://github.com/intridea/omniauth. Read about OAuth2.
|
5
|
-
|
6
|
-
|
7
|
-
0. Obtain client_id and client_secret for your app from Exvo.
|
8
|
-
|
9
|
-
|
10
|
-
1. Install exvo-auth gem or add it to your Gemfile.
|
11
|
-
|
12
|
-
|
13
|
-
2. Configure middleware.
|
14
|
-
|
15
|
-
In Rails, the relevant lines could look like this:
|
16
|
-
|
17
|
-
ExvoAuth::Config.client_id = "foo"
|
18
|
-
ExvoAuth::Config.client_secret = "bar"
|
19
|
-
ExvoAuth::Config.debug = true # dumps all HTTP traffic to STDERR, useful during development.
|
20
|
-
config.middleware.use ExvoAuth::Middleware
|
21
|
-
|
22
|
-
|
23
|
-
3. Add routes.
|
24
|
-
|
25
|
-
The following comes from Rails config/routes.rb file:
|
26
|
-
|
27
|
-
match "/auth/failure" => "sessions#failure"
|
28
|
-
match "/auth/interactive/callback" => "sessions#create"
|
29
|
-
match "/auth/non_interactive/callback" => "sessions#create" # only if you use json-based login
|
30
|
-
match "/sign_out" => "sessions#destroy"
|
31
|
-
|
32
|
-
Failure url is called whenever there's a failure (d'oh).
|
33
|
-
You can have separate callbacks for interactive and non-interactive
|
34
|
-
callback routes but you can also route both callbacks to the same controller method
|
35
|
-
like shown above.
|
36
|
-
|
37
|
-
4. Include controller helpers into your application controller.
|
38
|
-
|
39
|
-
include ExvoAuth::Controllers::Rails (or Merb)
|
40
|
-
|
41
|
-
5. Implement a sessions controller.
|
42
|
-
|
43
|
-
Sample implementation (Rails):
|
44
|
-
|
45
|
-
class SessionsController < ApplicationController
|
46
|
-
def create
|
47
|
-
sign_in_and_redirect!
|
48
|
-
end
|
49
|
-
|
50
|
-
def destroy
|
51
|
-
sign_out_and_redirect!
|
52
|
-
end
|
53
|
-
|
54
|
-
def failure
|
55
|
-
render :text => "Sorry!"
|
56
|
-
end
|
57
|
-
end
|
58
|
-
|
59
|
-
|
60
|
-
6. Implement #find_or_create_user_by_uid(uid) in your Application Controller.
|
61
|
-
|
62
|
-
This method will be called by #current_user. Previously we did this in sessions_controller but since the sharing sessions changes this controller
|
63
|
-
will not be used in most cases because the session comes from another app through a shared cookie. This method should find user by uid or create it.
|
64
|
-
Additional info (emails, etc) can be obtained using auth api (/users/uid.json path).
|
65
|
-
|
66
|
-
|
67
|
-
In short: you get params[:auth]. Do what you want to do with it: store the data, create session, etc.
|
68
|
-
|
69
|
-
|
70
|
-
7. Sign up and sign in paths for use in links.
|
71
|
-
|
72
|
-
sign in path: "/auth/interactive"
|
73
|
-
sign up path: "/auth/interactive?x_sign_up=true" # this is OAuth2 custom param
|
74
|
-
sign in path with a return address: "/auth/interactive?state=url" # using OAuth2 state param
|
75
|
-
|
76
|
-
You have a handy methods available in controllers (and views in Rails): sign_in_path and sign_up_path.
|
77
|
-
|
78
|
-
|
79
|
-
8. Read the source, there are few features not mentioned in this README.
|
80
|
-
|
81
|
-
|
82
|
-
Inter-Application Communication
|
83
|
-
===============================
|
84
|
-
|
85
|
-
You need to have "App Authorization" created by Exvo first.
|
86
|
-
Contact us and provide following details:
|
87
|
-
|
88
|
-
* consumer_id - Id of an app that will be a consumer (this is you)
|
89
|
-
* provider_id - Id of the provider app
|
90
|
-
* scope - The tag associated with the api you want to use in the provider app
|
91
|
-
|
92
|
-
# Consumer side
|
93
|
-
|
94
|
-
consumer = ExvoAuth::Autonomous::Consumer.new(
|
95
|
-
:app_id => "this is client_id of the app you want to connect to"
|
96
|
-
)
|
97
|
-
consumer.get(*args) - interface is exactly the same like in HTTParty. All http methods are available (post, put, delete, head, options).
|
98
|
-
|
99
|
-
|
100
|
-
# Provider side
|
101
|
-
|
102
|
-
See #authenticate_app_in_scope!(scope) method in ExvoAuth::Controllers::Rails (or Merb). This method lets you create a before filter.
|
103
|
-
Scopes are used by providing app to check if a given consuming app should have access to a given resource inside a scope.
|
104
|
-
If scopes are empty, then provider app should not present any resources to consumer.
|
105
|
-
|
106
|
-
# Example of the before filter for provider controller:
|
107
|
-
|
108
|
-
before_filter {|c| c.authenticate_app_in_scope!("payments") }
|
109
|
-
|
110
|
-
In provider controller which is just a fancy name for API controller you can use #current_app_id method to get the app_id of the app connecting.
|
111
|
-
|
112
|
-
|
113
|
-
Dejavu - replay non-GET requests after authentication redirects
|
114
|
-
===============================================================
|
115
|
-
|
116
|
-
Limitations:
|
117
|
-
|
118
|
-
* doesn't work with file uploads
|
119
|
-
* all request params become query params when replayed
|