exvo-auth 0.14.0 → 0.14.1

data/README.md

@@ -1,4 +1,17 @@
-# OAuth2
+# exvo-auth
+
+This gem is Exvo's implementation of the oauth2 protocole for handling user authentication across Exvo apps.
+
+
+
+## Requirements
+
+* Runs on Ruby 1.8.7 & 1.9.2 (preferred version)
+* Rails 3.0+ (works with Rails 3.1) or Merb
+
+
+
+## OAuth2
 
 * Get familiar with [OmniAuth by Intridea](http://github.com/intridea/omniauth). Read about OAuth2.
 * Obtain `client_id` and `client_secret` for your app from Exvo.
@@ -13,8 +26,8 @@ The preferred way to configure the gem is via the ENV variables:
 ```ruby
 ENV['AUTH_CLIENT_ID']     = "foo"
 ENV['AUTH_CLIENT_SECRET'] = "bar"
-ENV['AUTH_DEBUG']         = true            # [OPTIONAL] dumps all HTTP traffic to STDERR, useful during development
-ENV['AUTH_REQUIRE_SSL']   = false           # [OPTIONAL] disable SSL, useful in development (note that all apps API urls must be http, not https)
+ENV['AUTH_DEBUG']         = "true"          # [OPTIONAL] dumps all HTTP traffic to STDERR, useful during development; it *has to be a string, not a boolean*
+ENV['AUTH_REQUIRE_SSL']   = "false"         # [OPTIONAL] disable SSL, useful in development (note that all apps API urls must be http, not https); it *has to be a string, not a boolean*
 ENV['AUTH_HOST']          = "test.exvo.com" # [OPTIONAL] override the default auth host
 ```
 
@@ -29,8 +42,8 @@ But you can also set things directly in the `config/application.rb` file (before
 ```ruby
 ExvoAuth::Config.client_id     = "foo"
 ExvoAuth::Config.client_secret = "bar"
-ExvoAuth::Config.debug         = true
-ExvoAuth::Config.require_ssl   = false
+ExvoAuth::Config.debug         = true            # boolean
+ExvoAuth::Config.require_ssl   = false           # boolean
 ExvoAuth::Config.host          = "test.exvo.com"
 ```
 

data/lib/exvo-auth.rb

@@ -45,5 +45,7 @@ module ExvoAuth
 end
 
 OAuth2::Client.class_eval do
-  def non_interactive; ExvoAuth::OAuth2::Strategy::NonInteractive.new(self) end
+  def non_interactive
+    ExvoAuth::OAuth2::Strategy::NonInteractive.new(self)
+  end
 end

data/lib/exvo_auth/config.rb

@@ -1,6 +1,6 @@
 module ExvoAuth::Config
   def self.debug
-    @@debug ||= ENV['AUTH_DEBUG'] || false
+    @@debug ||= (ENV['AUTH_DEBUG'] == 'true') || false
   end
 
   def self.debug=(debug)
@@ -49,7 +49,7 @@ module ExvoAuth::Config
   end
 
   def self.require_ssl
-    @@require_ssl ||= ENV['AUTH_REQUIRE_SSL'] || default_opts[env.to_sym][:require_ssl]
+    @@require_ssl ||= (ENV['AUTH_REQUIRE_SSL'] == 'true') || default_opts[env.to_sym][:require_ssl]
   end
 
   def self.require_ssl=(require_ssl)

data/lib/exvo_auth/controllers/base.rb

@@ -34,7 +34,7 @@ module ExvoAuth::Controllers::Base
   # Usuallly this method is called from your sessions#destroy.
   def sign_out_and_redirect!(return_to = "/")
     session.clear
-    @current_user = nil
+    remove_instance_variable(:@current_user) if instance_variable_defined?(:@current_user)
     redirect_to sign_out_url(return_to)
   end
 
@@ -62,7 +62,7 @@ module ExvoAuth::Controllers::Base
   end
 
   def current_user
-    return @current_user if defined?(@current_user)
+    return @current_user unless @current_user.nil?
     @current_user = session[:user_uid] && find_or_create_user_by_uid(session[:user_uid])
   end
 

data/lib/exvo_auth/models/message.rb

@@ -69,4 +69,4 @@ class ExvoAuth::Models::Message
     !!id
   end
 
-end
+end

data/lib/exvo_auth/oauth2.rb

@@ -2,16 +2,23 @@
 # current authentication with an OAuth2 provider, grant them access token,
 # otherwise - deny authentication.
 #
-# This is a simple, non-standard OAuth2 extension. It is similar to "web_server"
-# strategy with one exception: instead of redirecting following temporary token 
-# requests to an interactive user interface it returns a negative answer:
-# when user is not signed in, or when app requests an extended scope
-# that doesn't match current authentication grant.
+# This is a simple, non-standard OAuth2 extension. Instead of redirecting
+# following temporary token requests to an interactive user interface it
+# returns a negative answer when user is not signed in or when app requests
+# an extended scope that doesn't match current authentication grant.
 #
 # This strategy is needed to sign users in during json/jsonp requests,
 # which cannot result in any interactive/navigational flows.
-class ExvoAuth::OAuth2::Strategy::NonInteractive < ::OAuth2::Strategy::WebServer
+class ExvoAuth::OAuth2::Strategy::NonInteractive < ::OAuth2::Strategy::Base
   def authorize_params(options = {})
-    super(options).merge('type' => 'non_interactive')
+    options.merge('type' => 'non_interactive').merge(client_params)
+  end
+
+  def authorize_url(params={})
+    @client.authorize_url(authorize_params.merge(params))
+  end
+
+  def get_token(code, params={}, opts={})
+    @client.get_token(client_params.merge(params), opts)
   end
 end

data/lib/exvo_auth/strategies/non_interactive.rb

@@ -2,31 +2,46 @@ class ExvoAuth::Strategies::NonInteractive < ExvoAuth::Strategies::Base
   def initialize(app, options = {})
     super(app, :non_interactive, options)
   end
-  
+
   def request_phase
     options[:redirect_uri] = callback_url if callback_url
     options[:scope] = request["scope"] if request["scope"]
     options[:state] = request["state"] if request["state"]
 
-    redirect @client.non_interactive.authorize_url(options)
+    redirect client.non_interactive.authorize_url(options)
   end
-  
+
   def callback_url
     key   = ExvoAuth::Config.callback_key
     value = request[key]
-    
+
     if value
       super + "?" + Rack::Utils.build_query(key => value)
     else
       super
     end
   end
-  
-  def fail!(message_key)
-    body = MultiJson.encode(:error => "Please sign in!")
-    [401, { 
-      "Content-Type"   => "application/json", 
-      "Content-Length" => body.length.to_s 
+
+  # FIXME this does not bubble up the 401 response code, although the error message is returned
+  def fail!(message_key, exception = nil)
+    error =
+      case message_key
+      when :invalid_credentials, :session_expired
+        "Please sign in."
+      when :invalid_response
+        "Invalid response from the authorization server. Please try again."
+      when :timeout
+        "Timeout occured. Please try again."
+      when :service_unavailable
+        "Authorization service is not available. Please try again later."
+      else
+        "Unknown error. Please try again."
+      end
+
+    body = MultiJson.encode(:error => error)
+    [401, {
+      "Content-Type"   => "application/json",
+      "Content-Length" => body.length.to_s
     }, [body]]
   end
 end

data/lib/exvo_auth/version.rb

@@ -1,3 +1,3 @@
 module ExvoAuth
-  VERSION = "0.14.0"
+  VERSION = "0.14.1"
 end

data/test/test_exvo_auth.rb

@@ -66,4 +66,10 @@ class TestExvoAuth < Test::Unit::TestCase
     assert_equal host, ExvoAuth::Config.host
     ENV['AUTH_HOST'] = nil
   end
+
+  test "setting debugging using ENV key (boolean converted to string)" do
+    assert_equal false, ExvoAuth::Config.debug
+    ENV['AUTH_DEBUG'] = 'true'
+    assert_equal true, ExvoAuth::Config.debug
+  end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: exvo-auth
 version: !ruby/object:Gem::Version
-  version: 0.14.0
+  version: 0.14.1
   prerelease: 
 platform: ruby
 authors:
@@ -9,11 +9,11 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2011-12-09 00:00:00.000000000Z
+date: 2012-01-03 00:00:00.000000000Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: oa-oauth
-  requirement: &85705040 !ruby/object:Gem::Requirement
+  requirement: &84259450 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -21,10 +21,10 @@ dependencies:
         version: 0.3.2
   type: :runtime
   prerelease: false
-  version_requirements: *85705040
+  version_requirements: *84259450
 - !ruby/object:Gem::Dependency
   name: httparty
-  requirement: &85704480 !ruby/object:Gem::Requirement
+  requirement: &84257660 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
         version: '0'
   type: :runtime
   prerelease: false
-  version_requirements: *85704480
+  version_requirements: *84257660
 - !ruby/object:Gem::Dependency
   name: activemodel
-  requirement: &85703260 !ruby/object:Gem::Requirement
+  requirement: &84254280 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -43,10 +43,10 @@ dependencies:
         version: '3.0'
   type: :runtime
   prerelease: false
-  version_requirements: *85703260
+  version_requirements: *84254280
 - !ruby/object:Gem::Dependency
   name: actionpack
-  requirement: &85702120 !ruby/object:Gem::Requirement
+  requirement: &84253250 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ~>
@@ -54,10 +54,10 @@ dependencies:
         version: '3.0'
   type: :runtime
   prerelease: false
-  version_requirements: *85702120
+  version_requirements: *84253250
 - !ruby/object:Gem::Dependency
   name: mocha
-  requirement: &85701560 !ruby/object:Gem::Requirement
+  requirement: &84252370 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -65,10 +65,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *85701560
+  version_requirements: *84252370
 - !ruby/object:Gem::Dependency
   name: test-unit
-  requirement: &85700790 !ruby/object:Gem::Requirement
+  requirement: &84251420 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -76,10 +76,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *85700790
+  version_requirements: *84251420
 - !ruby/object:Gem::Dependency
   name: bundler
-  requirement: &85700500 !ruby/object:Gem::Requirement
+  requirement: &84250100 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -87,10 +87,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *85700500
+  version_requirements: *84250100
 - !ruby/object:Gem::Dependency
   name: rake
-  requirement: &85699890 !ruby/object:Gem::Requirement
+  requirement: &84249320 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -98,10 +98,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *85699890
+  version_requirements: *84249320
 - !ruby/object:Gem::Dependency
   name: guard
-  requirement: &85698850 !ruby/object:Gem::Requirement
+  requirement: &84248480 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -109,10 +109,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *85698850
+  version_requirements: *84248480
 - !ruby/object:Gem::Dependency
   name: guard-test
-  requirement: &85691120 !ruby/object:Gem::Requirement
+  requirement: &84248080 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -120,10 +120,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *85691120
+  version_requirements: *84248080
 - !ruby/object:Gem::Dependency
   name: rb-fsevent
-  requirement: &85690210 !ruby/object:Gem::Requirement
+  requirement: &84247720 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -131,10 +131,10 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *85690210
+  version_requirements: *84247720
 - !ruby/object:Gem::Dependency
   name: rb-inotify
-  requirement: &85689050 !ruby/object:Gem::Requirement
+  requirement: &84247320 !ruby/object:Gem::Requirement
     none: false
     requirements:
     - - ! '>='
@@ -142,7 +142,7 @@ dependencies:
         version: '0'
   type: :development
   prerelease: false
-  version_requirements: *85689050
+  version_requirements: *84247320
 description: Sign in with Exvo account
 email:
 - jacek.becela@gmail.com
@@ -203,3 +203,4 @@ signing_key:
 specification_version: 3
 summary: Sign in with Exvo account
 test_files: []
+has_rdoc: