exvo-auth 0.1.0 → 0.1.2

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2009 Jacek Becela
+Copyright (c) 2010 Jacek Becela
 
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/VERSION

@@ -1 +1 @@
-0.1.0
+0.1.2

data/exvo-auth.gemspec

@@ -5,11 +5,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{exvo-auth}
-  s.version = "0.1.0"
+  s.version = "0.1.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Jacek Becela"]
-  s.date = %q{2010-06-23}
+  s.date = %q{2010-06-24}
   s.description = %q{Sign in with Exvo account}
   s.email = %q{jacek.becela@gmail.com}
   s.extra_rdoc_files = [
@@ -24,6 +24,13 @@ Gem::Specification.new do |s|
      "VERSION",
      "exvo-auth.gemspec",
      "lib/exvo-auth.rb",
+     "lib/exvo_auth/config.rb",
+     "lib/exvo_auth/oauth2.rb",
+     "lib/exvo_auth/path_helpers.rb",
+     "lib/exvo_auth/rails/controller_helpers.rb",
+     "lib/exvo_auth/strategies/base.rb",
+     "lib/exvo_auth/strategies/interactive.rb",
+     "lib/exvo_auth/strategies/non_interactive.rb",
      "test/helper.rb",
      "test/test_exvo_auth.rb"
   ]

data/lib/exvo-auth.rb

@@ -2,82 +2,24 @@ require 'omniauth/oauth'
 require 'multi_json'
 
 module ExvoAuth
-  module Strategies
-    class Base < OmniAuth::Strategies::OAuth2
-      def initialize(app, name, app_id, app_secret, options = {})
-        options[:site] ||= 'https://auth.exvo.com/'
-        super(app, name, app_id, app_secret, options)
-      end
-      
-      def user_data
-        @data ||= MultiJson.decode(@access_token.get('/user.json'))
-      end
-
-      # Depending on requested scope and the fact that client app is trusted or not
-      # you can get nil values for some attributes even if they are set.
-      def user_info
-        {
-          'nickname' => user_data['nickname'],
-          'email'    => user_data['email']
-        }
-      end
-
-      def auth_hash
-        OmniAuth::Utils.deep_merge(super, {
-          'provider'  => 'exvo',
-          'uid'       => user_data['id'],
-          'user_info' => user_info,
-          'extra'     => { 'user_hash' => user_data }
-        })
-      end
-    end
-      
-    class Interactive < Base
-      def initialize(app, app_id, app_secret, options = {})
-        super(app, :interactive, app_id, app_secret, options)
-      end
-      
-      def request_phase(options = {})
-        super(:scope => request["scope"])
-      end
-    end
+  autoload :PathHelpers, 'exvo_auth/path_helpers'
+  autoload :Config,      'exvo_auth/config'
 
-    class NonInteractive < Base
-      def initialize(app, app_id, app_secret, options = {})
-        options[:callback_key] ||= "_callback"
-        super(app, :non_interactive, app_id, app_secret, options)
-      end
-      
-      def request_phase(options = {})
-        redirect @client.non_interactive.authorize_url({:redirect_uri => callback_url, :scope => request["scope"]})
-      end
-      
-      def callback_url
-        key   = options[:callback_key]
-        value = request[key]
-        
-        if value
-          super + "?" + Rack::Utils.build_query(key => value)
-        else
-          super
-        end
-      end
-      
-      def fail!(message_key)
-        [200, { "Content-Type" => "application/javascript" }, [MultiJson.encode({ :message => "Not signed in!", :status => 403 })]]
-      end
-    end
-  end
-  
   module OAuth2
     module Strategy
-      class NonInteractive < ::OAuth2::Strategy::WebServer
-        def authorize_params(options = {})
-          super(options).merge('type' => 'non_interactive')
-        end
-      end
+      autoload :NonInteractive, 'exvo_auth/oauth2'
     end
   end
+
+  module Strategies
+    autoload :Base,           'exvo_auth/strategies/base'
+    autoload :Interactive,    'exvo_auth/strategies/interactive'
+    autoload :NonInteractive, 'exvo_auth/strategies/non_interactive'
+  end
+
+  module Rails
+    autoload :ControllerHelpers, 'exvo_auth/rails/controller_helpers'
+  end
 end
 
 OAuth2::Client.class_eval do

data/lib/exvo_auth/config.rb

@@ -0,0 +1,6 @@
+module ExvoAuth::Config
+  def self.host; @@host || 'https://auth.exvo.com' end
+  def self.host=(host); @@host = host end
+  def self.callback_key; @@callback_key || '_callback' end
+  def self.callback_key=(callback_key); @@callback_key = callback_key end
+end

data/lib/exvo_auth/oauth2.rb

@@ -0,0 +1,18 @@
+# In short: if user is already signed in and the request scope matches
+# current authentication with an OAuth2 provider, grant them access token,
+# otherwise - deny authentication.
+#
+# This is a simple, non-standard OAuth2 extension. It is similar to "web_server"
+# strategy with one exception: instead of redirecting following temporary token 
+# requests to an interactive user interface it returns a negative answer:
+# when user is not signed in, or when app requests an extended scope
+# that doesn't match current authentication grant.
+#
+# This strategy is needed to sign users in during json/jsonp requests,
+# which cannot result in any interactive flows.
+class ExvoAuth::OAuth2::Strategy::NonInteractive < ::OAuth2::Strategy::WebServer
+  def authorize_params(options = {})
+    super(options).merge('type' => 'non_interactive')
+  end
+end
+

data/lib/exvo_auth/path_helpers.rb

@@ -0,0 +1,27 @@
+module ExvoAuth::PathHelpers
+  def self.included(base)
+    if base.respond_to?(:helper_method)
+      base.helper_method :interactive_sign_in_path, :non_interactive_sign_in_path, :auth_root_url
+    end
+  end
+  
+  def interactive_sign_in_path(params = {})
+    path_with_query("/auth/interactive", params)
+  end
+
+  def non_interactive_sign_in_path(params = {})
+    path_with_query("/auth/non_interactive", params)
+  end
+  
+  # Redirect users after logout there
+  def auth_sign_out_url
+    ExvoAuth::Config.host + "/users/sign_out"
+  end
+  
+  private
+  
+  def path_with_query(path, params = {})
+    query = Rack::Utils.build_query(params)
+    query.empty? ? path : "#{path}?#{query}"
+  end
+end

data/lib/exvo_auth/rails/controller_helpers.rb

@@ -0,0 +1,40 @@
+module ExvoAuth::Rails::ControllerHelpers
+  def self.included(base)
+    base.send :include, ExvoAuth::PathHelpers
+    base.helper_method :current_user, :signed_in?
+  end
+  
+  def authenticate_user!
+    if !signed_in?
+      store_location!
+
+      callback_key   = ExvoAuth::Config.callback_key
+      callback_value = params[callback_key]
+
+      if request.xhr?
+        redirect_to non_interactive_sign_in_path
+      elsif callback_value.present?
+        redirect_to non_interactive_sign_in_path(callback_key => callback_value)
+      else
+        redirect_to interactive_sign_in_path
+      end
+    end
+  end
+  
+  def current_user
+    return @current_user if defined?(@current_user)
+    @current_user = session[:user_id] && User.find_by_id(session[:user_id])
+  end
+
+  def signed_in?
+    !!current_user
+  end
+  
+  def store_location!
+    session[:return_to] = request.url if request.get?
+  end
+  
+  def stored_location
+    session.delete(:return_to)
+  end
+end

data/lib/exvo_auth/strategies/base.rb

@@ -0,0 +1,26 @@
+class ExvoAuth::Strategies::Base < OmniAuth::Strategies::OAuth2
+  def initialize(app, name, app_id, app_secret, options = {})
+    options[:site] ||= ExvoAuth::Config.host
+    super(app, name, app_id, app_secret, options)
+  end
+  
+  def user_data
+    @data ||= MultiJson.decode(@access_token.get('/user.json'))
+  end
+
+  def user_info
+    {
+      'nickname' => user_data['nickname'],
+      'email'    => user_data['email']
+    }.reject{ |k, v| v.nil? }
+  end
+
+  def auth_hash
+    OmniAuth::Utils.deep_merge(super, {
+      'provider'  => 'exvo',
+      'uid'       => user_data['id'],
+      'user_info' => user_info,
+      'extra'     => { 'user_hash' => user_data }
+    })
+  end
+end

data/lib/exvo_auth/strategies/interactive.rb

@@ -0,0 +1,9 @@
+class ExvoAuth::Strategies::Interactive < ExvoAuth::Strategies::Base
+  def initialize(app, app_id, app_secret, options = {})
+    super(app, :interactive, app_id, app_secret, options)
+  end
+  
+  def request_phase(options = {})
+    super(:scope => request["scope"])
+  end
+end

data/lib/exvo_auth/strategies/non_interactive.rb

@@ -0,0 +1,24 @@
+class ExvoAuth::Strategies::NonInteractive < ExvoAuth::Strategies::Base
+  def initialize(app, app_id, app_secret, options = {})
+    super(app, :non_interactive, app_id, app_secret, options)
+  end
+  
+  def request_phase(options = {})
+    redirect @client.non_interactive.authorize_url({ :redirect_uri => callback_url, :scope => request["scope"] })
+  end
+  
+  def callback_url
+    key   = ExvoAuth::Config.callback_key
+    value = request[key]
+    
+    if value
+      super + "?" + Rack::Utils.build_query(key => value)
+    else
+      super
+    end
+  end
+  
+  def fail!(message_key)
+    [200, { "Content-Type" => "application/json" }, [MultiJson.encode({ :message => "Not signed in!", :status => 403 })]]
+  end
+end

metadata

@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
   segments: 
   - 0
   - 1
-  - 0
-  version: 0.1.0
+  - 2
+  version: 0.1.2
 platform: ruby
 authors: 
 - Jacek Becela
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-06-23 00:00:00 +02:00
+date: 2010-06-24 00:00:00 +02:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -48,6 +48,13 @@ files:
 - VERSION
 - exvo-auth.gemspec
 - lib/exvo-auth.rb
+- lib/exvo_auth/config.rb
+- lib/exvo_auth/oauth2.rb
+- lib/exvo_auth/path_helpers.rb
+- lib/exvo_auth/rails/controller_helpers.rb
+- lib/exvo_auth/strategies/base.rb
+- lib/exvo_auth/strategies/interactive.rb
+- lib/exvo_auth/strategies/non_interactive.rb
 - test/helper.rb
 - test/test_exvo_auth.rb
 has_rdoc: true