filiptepper-oauth-plugin 0.3.11

data/generators/oauth_provider/templates/_form.html.erb

@@ -0,0 +1,17 @@
+<%%= error_messages_for :client_application %>
+<div class="field">
+  <label for="client_application_name">Name*</label><br/>
+  <%%= f.text_field :name %>
+</div>
+<div class="field">
+  <label for="client_application_url">Main Application URL*</label><br/>
+  <%%= f.text_field :url %>
+</div>
+<div class="field">
+  <label for="client_application_callback_url">Callback URL*</label><br/>
+  <%%= f.text_field :callback_url %>
+</div>
+<div class="field">
+  <label for="client_application_support_url">Support URL</label><br/>
+  <%%= f.text_field :support_url %>
+</div>

data/generators/oauth_provider/templates/_form.html.haml

@@ -0,0 +1,21 @@
+=error_messages_for :client_application
+.field
+  %label{:for=>"client_application_name"} Name*
+  %br
+  = f.text_field :name 
+
+.field
+  %label{:for=>"client_application_url"} Main Application URL*
+  %br
+  = f.text_field :url 
+
+.field
+  %label{:for=>"client_application_callback_url"} Callback URL*
+  %br
+  = f.text_field :callback_url 
+
+.field
+  %label{:for=>"client_application_support_url"} Support URL
+  %br
+  = f.text_field :support_url 
+

data/generators/oauth_provider/templates/access_token.rb

@@ -0,0 +1,16 @@
+class AccessToken < OauthToken
+  validates_presence_of :user
+  before_create :set_authorized_at
+  
+  # Implement this to return a hash or array of the capabilities the access token has
+  # This is particularly useful if you have implemented user defined permissions.
+  # def capabilities
+  #   {:invalidate=>"/oauth/invalidate",:capabilities=>"/oauth/capabilities"}
+  # end
+  
+  protected 
+  
+  def set_authorized_at
+    self.authorized_at = Time.now
+  end
+end

data/generators/oauth_provider/templates/authorize.html.erb

@@ -0,0 +1,14 @@
+<h1>Authorize access to your account</h1>
+<p>Would you like to authorize <%%= link_to @token.client_application.name,@token.client_application.url %> (<%%= link_to @token.client_application.url,@token.client_application.url %>) to access your account?</p>
+<%% form_tag authorize_url do %>
+  <%%= hidden_field_tag "oauth_token", @token.token %>
+  <%%- if params[:oauth_callback] -%>
+  <%%= hidden_field_tag "oauth_callback", params[:oauth_callback] %>
+<%%- end -%>
+<p>
+  <%%= check_box_tag 'authorize' %> authorize access
+</p>
+<p>
+  <%%= submit_tag %>
+</p>
+<%% end %>

data/generators/oauth_provider/templates/authorize.html.haml

@@ -0,0 +1,16 @@
+%h1 Authorize access to your account
+%p
+  Would you like to authorize
+  = link_to @token.client_application.name,@token.client_application.url
+  (
+  = link_to @token.client_application.url,@token.client_application.url
+  ) to access your account?
+- form_tag authorize_url do
+  = hidden_field_tag "oauth_token", @token.token
+  - if params[:oauth_callback]
+    = hidden_field_tag "oauth_callback", params[:oauth_callback]
+  %p
+    = check_box_tag 'authorize'
+    authorize access
+  %p
+    = submit_tag

data/generators/oauth_provider/templates/authorize_failure.html.erb

@@ -0,0 +1 @@
+<h1>You have disallowed this request</h1>

data/generators/oauth_provider/templates/authorize_failure.html.haml

@@ -0,0 +1 @@
+%h1 You have disallowed this request

data/generators/oauth_provider/templates/authorize_success.html.erb

@@ -0,0 +1 @@
+<h1>You have allowed this request</h1>

data/generators/oauth_provider/templates/authorize_success.html.haml

@@ -0,0 +1 @@
+%h1 You have allowed this request

data/generators/oauth_provider/templates/client_application.rb

@@ -0,0 +1,55 @@
+require 'oauth'
+class ClientApplication < ActiveRecord::Base
+  belongs_to :user
+  has_many :tokens, :class_name => "OauthToken"
+  validates_presence_of :name, :url, :key, :secret
+  validates_uniqueness_of :key
+  before_validation_on_create :generate_keys
+
+  validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i
+  validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
+  validates_format_of :callback_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
+
+  attr_accessor :token_callback_url
+  
+  def self.find_token(token_key)
+    token = OauthToken.find_by_token(token_key, :include => :client_application)
+    if token && token.authorized?
+      token
+    else
+      nil
+    end
+  end
+  
+  def self.verify_request(request, options = {}, &block)
+    begin
+      signature = OAuth::Signature.build(request, options, &block)
+      return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp)
+      value = signature.verify
+      value
+    rescue OAuth::Signature::UnknownSignatureMethod => e
+      logger.info "ERROR"+e.to_s
+      false
+    end
+  end
+  
+  def oauth_server
+    @oauth_server ||= OAuth::Server.new("http://your.site")
+  end
+  
+  def credentials
+    @oauth_client ||= OAuth::Consumer.new(key, secret)
+  end
+    
+  def create_request_token
+    RequestToken.create :client_application => self,:callback_url=>self.token_callback_url
+  end
+  
+protected
+  
+  def generate_keys
+    oauth_client = oauth_server.generate_consumer_credentials
+    self.key = oauth_client.key[0,20]
+    self.secret = oauth_client.secret[0,40]
+  end
+end

data/generators/oauth_provider/templates/client_application_spec.rb

@@ -0,0 +1,29 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe ClientApplication do 
+  fixtures :users, :client_applications, :oauth_tokens
+  before(:each) do
+    @application = ClientApplication.create :name => "Agree2", :url => "http://agree2.com", :user => users(:quentin)
+  end
+
+  it "should be valid" do
+    @application.should be_valid
+  end
+  
+    
+  it "should not have errors" do
+    @application.errors.full_messages.should == []
+  end
+  
+  it "should have key and secret" do
+    @application.key.should_not be_nil
+    @application.secret.should_not be_nil
+  end
+
+  it "should have credentials" do
+    @application.credentials.should_not be_nil
+    @application.credentials.key.should == @application.key
+    @application.credentials.secret.should == @application.secret
+  end
+  
+end
+

data/generators/oauth_provider/templates/client_application_test.rb

@@ -0,0 +1,42 @@
+require File.dirname(__FILE__) + '/../test_helper'
+module OAuthHelpers
+  
+  def create_consumer
+    @consumer=OAuth::Consumer.new(@application.key,@application.secret,
+      {
+        :site=>@application.oauth_server.base_url
+      })
+  end
+  
+end
+
+class ClientApplicationTest < ActiveSupport::TestCase
+  include OAuthHelpers
+  fixtures :users,:client_applications,:oauth_tokens
+  
+  def setup
+    @application = ClientApplication.create :name=>"Agree2",:url=>"http://agree2.com",:user=>users(:quentin)
+    create_consumer
+  end
+
+  def test_should_be_valid
+    assert @application.valid?
+  end
+  
+    
+  def test_should_not_have_errors
+    assert_equal [], @application.errors.full_messages
+  end
+  
+  def test_should_have_key_and_secret
+    assert_not_nil @application.key
+    assert_not_nil @application.secret
+  end
+
+  def test_should_have_credentials
+    assert_not_nil @application.credentials
+    assert_equal @application.key, @application.credentials.key
+    assert_equal @application.secret, @application.credentials.secret
+  end
+  
+end

data/generators/oauth_provider/templates/client_applications.yml

@@ -0,0 +1,23 @@
+# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
+one:
+  id: 1
+  name: MyString
+  url: MyString
+  support_url: MyString
+  callback_url: MyString
+  key: one_key
+  secret: MyString
+  user_id: 1
+  created_at: 2007-11-17 16:56:51
+  updated_at: 2007-11-17 16:56:51
+two:
+  id: 2
+  name: MyString
+  url: MyString
+  support_url: MyString
+  callback_url: MyString
+  key: two_key
+  secret: MyString
+  user_id: 1
+  created_at: 2007-11-17 16:56:51
+  updated_at: 2007-11-17 16:56:51

data/generators/oauth_provider/templates/clients_controller.rb

@@ -0,0 +1,52 @@
+class OauthClientsController < ApplicationController
+  before_filter :login_required
+  before_filter :get_client_application, :only => [:show, :edit, :update, :destroy]
+  
+  def index
+    @client_applications = current_user.client_applications
+    @tokens = current_user.tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null'
+  end
+
+  def new
+    @client_application = ClientApplication.new
+  end
+
+  def create
+    @client_application = current_user.client_applications.build(params[:client_application])
+    if @client_application.save
+      flash[:notice] = "Registered the information successfully"
+      redirect_to :action => "show", :id => @client_application.id
+    else
+      render :action => "new"
+    end
+  end
+  
+  def show
+  end
+
+  def edit
+  end
+  
+  def update
+    if @client_application.update_attributes(params[:client_application])
+      flash[:notice] = "Updated the client information successfully"
+      redirect_to :action => "show", :id => @client_application.id
+    else
+      render :action => "edit"
+    end
+  end
+
+  def destroy
+    @client_application.destroy
+    flash[:notice] = "Destroyed the client application registration"
+    redirect_to :action => "index"
+  end
+  
+  private
+  def get_client_application
+    unless @client_application = current_user.client_applications.find(params[:id])
+      flash.now[:error] = "Wrong application id"
+      raise ActiveRecord::RecordNotFound
+    end
+  end
+end

data/generators/oauth_provider/templates/clients_controller_spec.rb

@@ -0,0 +1,239 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+require File.dirname(__FILE__) + '/oauth_controller_spec_helper'
+require 'oauth/client/action_controller_request'
+
+describe OauthClientsController, "index" do
+  include OAuthControllerSpecHelper
+  before(:each) do
+    login_as_application_owner
+  end
+  
+  def do_get
+    get :index
+  end
+  
+  it "should be successful" do
+    do_get
+    response.should be_success
+  end
+  
+  it "should query current_users client applications" do
+    @user.should_receive(:client_applications).and_return(@client_applications)
+    do_get
+  end
+  
+  it "should assign client_applications" do
+    do_get
+    assigns[:client_applications].should equal(@client_applications)
+  end
+  
+  it "should render index template" do
+    do_get
+    response.should render_template('index')
+  end
+end
+
+describe OauthClientsController, "show" do
+  include OAuthControllerSpecHelper
+  before(:each) do
+    login_as_application_owner
+  end
+  
+  def do_get
+    get :show, :id => '3'
+  end
+  
+  it "should be successful" do
+    do_get
+    response.should be_success
+  end
+  
+  it "should query current_users client applications" do
+    @user.should_receive(:client_applications).and_return(@client_applications)
+    @client_applications.should_receive(:find).with('3').and_return(@client_application)
+    do_get
+  end
+  
+  it "should assign client_applications" do
+    do_get
+    assigns[:client_application].should equal(@client_application)
+  end
+  
+  it "should render show template" do
+    do_get
+    response.should render_template('show')
+  end
+  
+end
+
+describe OauthClientsController, "new" do
+  include OAuthControllerSpecHelper
+  before(:each) do
+    login_as_application_owner
+    ClientApplication.stub!(:new).and_return(@client_application)
+  end
+  
+  def do_get
+    get :new
+  end
+  
+  it "should be successful" do
+    do_get
+    response.should be_success
+  end
+  
+  it "should assign client_applications" do
+    do_get
+    assigns[:client_application].should equal(@client_application)
+  end
+  
+  it "should render show template" do
+    do_get
+    response.should render_template('new')
+  end
+  
+end
+
+describe OauthClientsController, "edit" do
+  include OAuthControllerSpecHelper
+  before(:each) do
+    login_as_application_owner
+  end
+  
+  def do_get
+    get :edit, :id => '3'
+  end
+  
+  it "should be successful" do
+    do_get
+    response.should be_success
+  end
+  
+  it "should query current_users client applications" do
+    @user.should_receive(:client_applications).and_return(@client_applications)
+    @client_applications.should_receive(:find).with('3').and_return(@client_application)
+    do_get
+  end
+  
+  it "should assign client_applications" do
+    do_get
+    assigns[:client_application].should equal(@client_application)
+  end
+  
+  it "should render edit template" do
+    do_get
+    response.should render_template('edit')
+  end
+  
+end
+
+describe OauthClientsController, "create" do
+  include OAuthControllerSpecHelper
+  
+  before(:each) do
+    login_as_application_owner
+    @client_applications.stub!(:build).and_return(@client_application)
+    @client_application.stub!(:save).and_return(true)
+  end
+  
+  def do_valid_post
+    @client_application.should_receive(:save).and_return(true)
+    post :create, 'client_application'=>{'name' => 'my site'}
+  end
+
+  def do_invalid_post
+    @client_application.should_receive(:save).and_return(false)
+    post :create, :client_application=>{:name => 'my site'}
+  end
+  
+  it "should query current_users client applications" do
+    @client_applications.should_receive(:build).and_return(@client_application)
+    do_valid_post
+  end
+  
+  it "should redirect to new client_application" do
+    do_valid_post
+    response.should be_redirect
+    response.should redirect_to(:action => "show", :id => @client_application.id)
+  end
+  
+  it "should assign client_applications" do
+    do_invalid_post
+    assigns[:client_application].should equal(@client_application)
+  end
+  
+  it "should render show template" do
+    do_invalid_post
+    response.should render_template('new')
+  end
+end
+
+describe OauthClientsController, "destroy" do
+  include OAuthControllerSpecHelper
+  before(:each) do
+    login_as_application_owner
+    @client_application.stub!(:destroy)
+  end
+  
+  def do_delete
+    delete :destroy, :id => '3'
+  end
+    
+  it "should query current_users client applications" do
+    @user.should_receive(:client_applications).and_return(@client_applications)
+    @client_applications.should_receive(:find).with('3').and_return(@client_application)
+    do_delete
+  end
+
+  it "should destroy client applications" do
+    @client_application.should_receive(:destroy)
+    do_delete
+  end
+    
+  it "should redirect to list" do
+    do_delete
+    response.should be_redirect
+    response.should redirect_to(:action => 'index')
+  end
+  
+end
+
+describe OauthClientsController, "update" do
+  include OAuthControllerSpecHelper
+  
+  before(:each) do
+    login_as_application_owner
+  end
+  
+  def do_valid_update
+    @client_application.should_receive(:update_attributes).and_return(true)
+    put :update, :id => '1', 'client_application'=>{'name' => 'my site'}
+  end
+
+  def do_invalid_update
+    @client_application.should_receive(:update_attributes).and_return(false)
+    put :update, :id => '1', 'client_application'=>{'name' => 'my site'}
+  end
+  
+  it "should query current_users client applications" do
+    @user.should_receive(:client_applications).and_return(@client_applications)
+    @client_applications.should_receive(:find).with('1').and_return(@client_application)
+    do_valid_update
+  end
+  
+  it "should redirect to new client_application" do
+    do_valid_update
+    response.should be_redirect
+    response.should redirect_to(:action => "show", :id => @client_application.id)
+  end
+  
+  it "should assign client_applications" do
+    do_invalid_update
+    assigns[:client_application].should equal(@client_application)
+  end
+  
+  it "should render show template" do
+    do_invalid_update
+    response.should render_template('edit')
+  end
+end