exvo-auth 0.4.3 → 0.5.0

data/TODO

@@ -0,0 +1,3 @@
+* Add a way for apps to talk to each other: ssl + basic auth with client_id and client_secret. An app would confirm
+creds (of the connecting app) with Auth app using a speedy HEAD request. 
+* Benchmark the above to measure RTT footprint

data/VERSION

@@ -1 +1 @@
-0.4.3
+0.5.0

data/exvo-auth.gemspec

@@ -5,22 +5,24 @@
 
 Gem::Specification.new do |s|
   s.name = %q{exvo-auth}
-  s.version = "0.4.3"
+  s.version = "0.5.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Jacek Becela"]
-  s.date = %q{2010-07-12}
+  s.date = %q{2010-07-13}
   s.description = %q{Sign in with Exvo account}
   s.email = %q{jacek.becela@gmail.com}
   s.extra_rdoc_files = [
     "LICENSE",
-     "README"
+     "README",
+     "TODO"
   ]
   s.files = [
     ".gitignore",
      "LICENSE",
      "README",
      "Rakefile",
+     "TODO",
      "VERSION",
      "exvo-auth.gemspec",
      "lib/exvo-auth.rb",

data/lib/exvo_auth/controllers/base.rb

@@ -1,4 +1,9 @@
 module ExvoAuth::Controllers::Base
+  def self.included(base)
+    raise "Please define a #root_url method in #{base.name} (or in routes)" unless base.method_defined? :root_url
+  end
+
+  # A before filter to protect your sensitive actions.
   def authenticate_user!
     if !signed_in?
       store_location!
@@ -9,7 +14,7 @@ module ExvoAuth::Controllers::Base
       if callback_value
         redirect_to non_interactive_sign_in_path(callback_key => callback_value)
       else
-        redirect_to sign_in_path
+        redirect_to "/auth/interactive"
       end
     end
   end
@@ -17,15 +22,28 @@ module ExvoAuth::Controllers::Base
   # If there's no stored location then it's a popup login.
   # If there's a stored location then it's a redirect login 
   # caused by #authenticate_user! method.
+  #
+  # Usually this method is called from your sessions#create.
   def sign_in_and_redirect!(user_id)
     session[:user_id] = user_id
-    redirect_to stored_location || ExvoAuth::Config.host + "/close_popup.html"
+    
+    url = if params[:state] == "popup"
+      ExvoAuth::Config.host + "/close_popup.html"
+    else
+      stored_location || root_url
+    end
+    
+    redirect_to url
   end
   
-  def sign_out_and_redirect!(url = sign_out_url)
+  # Redirect to sign_out_url, signs out and redirects back to root_path (by default).
+  # This method assumes you have a "root_url" method defined in your controller.
+  #
+  # Usuallly this method is called from your sessions#destroy.
+  def sign_out_and_redirect!(return_to = root_url)
     session.delete(:user_id)
     @current_user = nil
-    redirect_to url
+    redirect_to sign_out_url(return_to)
   end
   
   def current_user
@@ -37,6 +55,8 @@ module ExvoAuth::Controllers::Base
     !!current_user
   end
   
+  protected
+
   def store_location!
     session[:return_to] = current_url
   end
@@ -45,16 +65,8 @@ module ExvoAuth::Controllers::Base
     session.delete(:return_to)
   end
 
-  def sign_in_path
-    "/auth/interactive"
-  end
-  
-  def sign_up_path
-    "/auth/interactive"
-  end
-  
-  def sign_out_url
-    ExvoAuth::Config.host + "/users/sign_out"
+  def sign_out_url(return_to)
+    ExvoAuth::Config.host + "/users/sign_out?" + Rack::Utils.build_query({ :return_to => return_to })
   end
 
   def non_interactive_sign_in_path(params = {})

data/lib/exvo_auth/controllers/merb.rb

@@ -10,10 +10,12 @@ module ExvoAuth::Controllers::Merb
       throw :halt unless signed_in?
     end 
 
+    protected
+
     def redirect_to(*args)
       redirect(*args)
     end
-
+    
     def find_user_by_id(id)
       User[id]
     end

data/lib/exvo_auth/controllers/rails.rb

@@ -2,10 +2,12 @@ module ExvoAuth::Controllers::Rails
   def self.included(base)
     base.send :include, ExvoAuth::Controllers::Base
     base.send :include, InstanceMethods
-    base.helper_method :current_user, :signed_in?, :sign_in_path, :sign_up_path, :sign_out_url
+    base.helper_method :current_user, :signed_in?
   end
     
   module InstanceMethods
+    protected
+
     def find_user_by_id(id)
       User.find(id)
     end

data/lib/exvo_auth/strategies/interactive.rb

@@ -4,6 +4,6 @@ class ExvoAuth::Strategies::Interactive < ExvoAuth::Strategies::Base
   end
   
   def request_phase(options = {})
-    super(:scope => request["scope"])
+    super(:scope => request["scope"], :state => request["state"])
   end
 end

data/lib/exvo_auth/strategies/non_interactive.rb

@@ -4,7 +4,7 @@ class ExvoAuth::Strategies::NonInteractive < ExvoAuth::Strategies::Base
   end
   
   def request_phase(options = {})
-    redirect @client.non_interactive.authorize_url(:redirect_uri => callback_url, :scope => request["scope"])
+    redirect @client.non_interactive.authorize_url(:redirect_uri => callback_url, :scope => request["scope"], :state => request["state"])
   end
   
   def callback_url

metadata

@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
   prerelease: false
   segments: 
   - 0
-  - 4
-  - 3
-  version: 0.4.3
+  - 5
+  - 0
+  version: 0.5.0
 platform: ruby
 authors: 
 - Jacek Becela
@@ -14,7 +14,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-07-12 00:00:00 +02:00
+date: 2010-07-13 00:00:00 +02:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -40,11 +40,13 @@ extensions: []
 extra_rdoc_files: 
 - LICENSE
 - README
+- TODO
 files: 
 - .gitignore
 - LICENSE
 - README
 - Rakefile
+- TODO
 - VERSION
 - exvo-auth.gemspec
 - lib/exvo-auth.rb