exvo-auth 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2009 Jacek Becela
1
+ Copyright (c) 2010 Jacek Becela
2
2
 
3
3
  Permission is hereby granted, free of charge, to any person obtaining
4
4
  a copy of this software and associated documentation files (the
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.1.0
1
+ 0.1.2
data/exvo-auth.gemspec CHANGED
@@ -5,11 +5,11 @@
5
5
 
6
6
  Gem::Specification.new do |s|
7
7
  s.name = %q{exvo-auth}
8
- s.version = "0.1.0"
8
+ s.version = "0.1.2"
9
9
 
10
10
  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
11
  s.authors = ["Jacek Becela"]
12
- s.date = %q{2010-06-23}
12
+ s.date = %q{2010-06-24}
13
13
  s.description = %q{Sign in with Exvo account}
14
14
  s.email = %q{jacek.becela@gmail.com}
15
15
  s.extra_rdoc_files = [
@@ -24,6 +24,13 @@ Gem::Specification.new do |s|
24
24
  "VERSION",
25
25
  "exvo-auth.gemspec",
26
26
  "lib/exvo-auth.rb",
27
+ "lib/exvo_auth/config.rb",
28
+ "lib/exvo_auth/oauth2.rb",
29
+ "lib/exvo_auth/path_helpers.rb",
30
+ "lib/exvo_auth/rails/controller_helpers.rb",
31
+ "lib/exvo_auth/strategies/base.rb",
32
+ "lib/exvo_auth/strategies/interactive.rb",
33
+ "lib/exvo_auth/strategies/non_interactive.rb",
27
34
  "test/helper.rb",
28
35
  "test/test_exvo_auth.rb"
29
36
  ]
data/lib/exvo-auth.rb CHANGED
@@ -2,82 +2,24 @@ require 'omniauth/oauth'
2
2
  require 'multi_json'
3
3
 
4
4
  module ExvoAuth
5
- module Strategies
6
- class Base < OmniAuth::Strategies::OAuth2
7
- def initialize(app, name, app_id, app_secret, options = {})
8
- options[:site] ||= 'https://auth.exvo.com/'
9
- super(app, name, app_id, app_secret, options)
10
- end
11
-
12
- def user_data
13
- @data ||= MultiJson.decode(@access_token.get('/user.json'))
14
- end
15
-
16
- # Depending on requested scope and the fact that client app is trusted or not
17
- # you can get nil values for some attributes even if they are set.
18
- def user_info
19
- {
20
- 'nickname' => user_data['nickname'],
21
- 'email' => user_data['email']
22
- }
23
- end
24
-
25
- def auth_hash
26
- OmniAuth::Utils.deep_merge(super, {
27
- 'provider' => 'exvo',
28
- 'uid' => user_data['id'],
29
- 'user_info' => user_info,
30
- 'extra' => { 'user_hash' => user_data }
31
- })
32
- end
33
- end
34
-
35
- class Interactive < Base
36
- def initialize(app, app_id, app_secret, options = {})
37
- super(app, :interactive, app_id, app_secret, options)
38
- end
39
-
40
- def request_phase(options = {})
41
- super(:scope => request["scope"])
42
- end
43
- end
5
+ autoload :PathHelpers, 'exvo_auth/path_helpers'
6
+ autoload :Config, 'exvo_auth/config'
44
7
 
45
- class NonInteractive < Base
46
- def initialize(app, app_id, app_secret, options = {})
47
- options[:callback_key] ||= "_callback"
48
- super(app, :non_interactive, app_id, app_secret, options)
49
- end
50
-
51
- def request_phase(options = {})
52
- redirect @client.non_interactive.authorize_url({:redirect_uri => callback_url, :scope => request["scope"]})
53
- end
54
-
55
- def callback_url
56
- key = options[:callback_key]
57
- value = request[key]
58
-
59
- if value
60
- super + "?" + Rack::Utils.build_query(key => value)
61
- else
62
- super
63
- end
64
- end
65
-
66
- def fail!(message_key)
67
- [200, { "Content-Type" => "application/javascript" }, [MultiJson.encode({ :message => "Not signed in!", :status => 403 })]]
68
- end
69
- end
70
- end
71
-
72
8
  module OAuth2
73
9
  module Strategy
74
- class NonInteractive < ::OAuth2::Strategy::WebServer
75
- def authorize_params(options = {})
76
- super(options).merge('type' => 'non_interactive')
77
- end
78
- end
10
+ autoload :NonInteractive, 'exvo_auth/oauth2'
79
11
  end
80
12
  end
13
+
14
+ module Strategies
15
+ autoload :Base, 'exvo_auth/strategies/base'
16
+ autoload :Interactive, 'exvo_auth/strategies/interactive'
17
+ autoload :NonInteractive, 'exvo_auth/strategies/non_interactive'
18
+ end
19
+
20
+ module Rails
21
+ autoload :ControllerHelpers, 'exvo_auth/rails/controller_helpers'
22
+ end
81
23
  end
82
24
 
83
25
  OAuth2::Client.class_eval do
@@ -0,0 +1,6 @@
1
+ module ExvoAuth::Config
2
+ def self.host; @@host || 'https://auth.exvo.com' end
3
+ def self.host=(host); @@host = host end
4
+ def self.callback_key; @@callback_key || '_callback' end
5
+ def self.callback_key=(callback_key); @@callback_key = callback_key end
6
+ end
@@ -0,0 +1,18 @@
1
+ # In short: if user is already signed in and the request scope matches
2
+ # current authentication with an OAuth2 provider, grant them access token,
3
+ # otherwise - deny authentication.
4
+ #
5
+ # This is a simple, non-standard OAuth2 extension. It is similar to "web_server"
6
+ # strategy with one exception: instead of redirecting following temporary token
7
+ # requests to an interactive user interface it returns a negative answer:
8
+ # when user is not signed in, or when app requests an extended scope
9
+ # that doesn't match current authentication grant.
10
+ #
11
+ # This strategy is needed to sign users in during json/jsonp requests,
12
+ # which cannot result in any interactive flows.
13
+ class ExvoAuth::OAuth2::Strategy::NonInteractive < ::OAuth2::Strategy::WebServer
14
+ def authorize_params(options = {})
15
+ super(options).merge('type' => 'non_interactive')
16
+ end
17
+ end
18
+
@@ -0,0 +1,27 @@
1
+ module ExvoAuth::PathHelpers
2
+ def self.included(base)
3
+ if base.respond_to?(:helper_method)
4
+ base.helper_method :interactive_sign_in_path, :non_interactive_sign_in_path, :auth_root_url
5
+ end
6
+ end
7
+
8
+ def interactive_sign_in_path(params = {})
9
+ path_with_query("/auth/interactive", params)
10
+ end
11
+
12
+ def non_interactive_sign_in_path(params = {})
13
+ path_with_query("/auth/non_interactive", params)
14
+ end
15
+
16
+ # Redirect users after logout there
17
+ def auth_sign_out_url
18
+ ExvoAuth::Config.host + "/users/sign_out"
19
+ end
20
+
21
+ private
22
+
23
+ def path_with_query(path, params = {})
24
+ query = Rack::Utils.build_query(params)
25
+ query.empty? ? path : "#{path}?#{query}"
26
+ end
27
+ end
@@ -0,0 +1,40 @@
1
+ module ExvoAuth::Rails::ControllerHelpers
2
+ def self.included(base)
3
+ base.send :include, ExvoAuth::PathHelpers
4
+ base.helper_method :current_user, :signed_in?
5
+ end
6
+
7
+ def authenticate_user!
8
+ if !signed_in?
9
+ store_location!
10
+
11
+ callback_key = ExvoAuth::Config.callback_key
12
+ callback_value = params[callback_key]
13
+
14
+ if request.xhr?
15
+ redirect_to non_interactive_sign_in_path
16
+ elsif callback_value.present?
17
+ redirect_to non_interactive_sign_in_path(callback_key => callback_value)
18
+ else
19
+ redirect_to interactive_sign_in_path
20
+ end
21
+ end
22
+ end
23
+
24
+ def current_user
25
+ return @current_user if defined?(@current_user)
26
+ @current_user = session[:user_id] && User.find_by_id(session[:user_id])
27
+ end
28
+
29
+ def signed_in?
30
+ !!current_user
31
+ end
32
+
33
+ def store_location!
34
+ session[:return_to] = request.url if request.get?
35
+ end
36
+
37
+ def stored_location
38
+ session.delete(:return_to)
39
+ end
40
+ end
@@ -0,0 +1,26 @@
1
+ class ExvoAuth::Strategies::Base < OmniAuth::Strategies::OAuth2
2
+ def initialize(app, name, app_id, app_secret, options = {})
3
+ options[:site] ||= ExvoAuth::Config.host
4
+ super(app, name, app_id, app_secret, options)
5
+ end
6
+
7
+ def user_data
8
+ @data ||= MultiJson.decode(@access_token.get('/user.json'))
9
+ end
10
+
11
+ def user_info
12
+ {
13
+ 'nickname' => user_data['nickname'],
14
+ 'email' => user_data['email']
15
+ }.reject{ |k, v| v.nil? }
16
+ end
17
+
18
+ def auth_hash
19
+ OmniAuth::Utils.deep_merge(super, {
20
+ 'provider' => 'exvo',
21
+ 'uid' => user_data['id'],
22
+ 'user_info' => user_info,
23
+ 'extra' => { 'user_hash' => user_data }
24
+ })
25
+ end
26
+ end
@@ -0,0 +1,9 @@
1
+ class ExvoAuth::Strategies::Interactive < ExvoAuth::Strategies::Base
2
+ def initialize(app, app_id, app_secret, options = {})
3
+ super(app, :interactive, app_id, app_secret, options)
4
+ end
5
+
6
+ def request_phase(options = {})
7
+ super(:scope => request["scope"])
8
+ end
9
+ end
@@ -0,0 +1,24 @@
1
+ class ExvoAuth::Strategies::NonInteractive < ExvoAuth::Strategies::Base
2
+ def initialize(app, app_id, app_secret, options = {})
3
+ super(app, :non_interactive, app_id, app_secret, options)
4
+ end
5
+
6
+ def request_phase(options = {})
7
+ redirect @client.non_interactive.authorize_url({ :redirect_uri => callback_url, :scope => request["scope"] })
8
+ end
9
+
10
+ def callback_url
11
+ key = ExvoAuth::Config.callback_key
12
+ value = request[key]
13
+
14
+ if value
15
+ super + "?" + Rack::Utils.build_query(key => value)
16
+ else
17
+ super
18
+ end
19
+ end
20
+
21
+ def fail!(message_key)
22
+ [200, { "Content-Type" => "application/json" }, [MultiJson.encode({ :message => "Not signed in!", :status => 403 })]]
23
+ end
24
+ end
metadata CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
5
5
  segments:
6
6
  - 0
7
7
  - 1
8
- - 0
9
- version: 0.1.0
8
+ - 2
9
+ version: 0.1.2
10
10
  platform: ruby
11
11
  authors:
12
12
  - Jacek Becela
@@ -14,7 +14,7 @@ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
16
 
17
- date: 2010-06-23 00:00:00 +02:00
17
+ date: 2010-06-24 00:00:00 +02:00
18
18
  default_executable:
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
@@ -48,6 +48,13 @@ files:
48
48
  - VERSION
49
49
  - exvo-auth.gemspec
50
50
  - lib/exvo-auth.rb
51
+ - lib/exvo_auth/config.rb
52
+ - lib/exvo_auth/oauth2.rb
53
+ - lib/exvo_auth/path_helpers.rb
54
+ - lib/exvo_auth/rails/controller_helpers.rb
55
+ - lib/exvo_auth/strategies/base.rb
56
+ - lib/exvo_auth/strategies/interactive.rb
57
+ - lib/exvo_auth/strategies/non_interactive.rb
51
58
  - test/helper.rb
52
59
  - test/test_exvo_auth.rb
53
60
  has_rdoc: true