filiptepper-oauth-plugin 0.3.11

Sign up to get free protection for your applications and to get access to all the features.
Files changed (74) hide show
  1. data/.gitignore +5 -0
  2. data/CHANGELOG +101 -0
  3. data/MIT-LICENSE +20 -0
  4. data/README.rdoc +376 -0
  5. data/Rakefile +38 -0
  6. data/VERSION +1 -0
  7. data/generators/oauth_consumer/USAGE +10 -0
  8. data/generators/oauth_consumer/oauth_consumer_generator.rb +50 -0
  9. data/generators/oauth_consumer/templates/consumer_token.rb +5 -0
  10. data/generators/oauth_consumer/templates/controller.rb +19 -0
  11. data/generators/oauth_consumer/templates/index.html.erb +29 -0
  12. data/generators/oauth_consumer/templates/index.html.haml +18 -0
  13. data/generators/oauth_consumer/templates/migration.rb +20 -0
  14. data/generators/oauth_consumer/templates/oauth_config.rb +41 -0
  15. data/generators/oauth_consumer/templates/show.html.erb +7 -0
  16. data/generators/oauth_consumer/templates/show.html.haml +8 -0
  17. data/generators/oauth_provider/USAGE +20 -0
  18. data/generators/oauth_provider/lib/insert_routes.rb +67 -0
  19. data/generators/oauth_provider/oauth_provider_generator.rb +125 -0
  20. data/generators/oauth_provider/templates/_form.html.erb +17 -0
  21. data/generators/oauth_provider/templates/_form.html.haml +21 -0
  22. data/generators/oauth_provider/templates/access_token.rb +16 -0
  23. data/generators/oauth_provider/templates/authorize.html.erb +14 -0
  24. data/generators/oauth_provider/templates/authorize.html.haml +16 -0
  25. data/generators/oauth_provider/templates/authorize_failure.html.erb +1 -0
  26. data/generators/oauth_provider/templates/authorize_failure.html.haml +1 -0
  27. data/generators/oauth_provider/templates/authorize_success.html.erb +1 -0
  28. data/generators/oauth_provider/templates/authorize_success.html.haml +1 -0
  29. data/generators/oauth_provider/templates/client_application.rb +55 -0
  30. data/generators/oauth_provider/templates/client_application_spec.rb +29 -0
  31. data/generators/oauth_provider/templates/client_application_test.rb +42 -0
  32. data/generators/oauth_provider/templates/client_applications.yml +23 -0
  33. data/generators/oauth_provider/templates/clients_controller.rb +52 -0
  34. data/generators/oauth_provider/templates/clients_controller_spec.rb +239 -0
  35. data/generators/oauth_provider/templates/clients_controller_test.rb +280 -0
  36. data/generators/oauth_provider/templates/controller.rb +11 -0
  37. data/generators/oauth_provider/templates/controller_spec.rb +367 -0
  38. data/generators/oauth_provider/templates/controller_spec_helper.rb +80 -0
  39. data/generators/oauth_provider/templates/controller_test.rb +310 -0
  40. data/generators/oauth_provider/templates/controller_test_helper.rb +115 -0
  41. data/generators/oauth_provider/templates/edit.html.erb +7 -0
  42. data/generators/oauth_provider/templates/edit.html.haml +4 -0
  43. data/generators/oauth_provider/templates/index.html.erb +43 -0
  44. data/generators/oauth_provider/templates/index.html.haml +39 -0
  45. data/generators/oauth_provider/templates/migration.rb +46 -0
  46. data/generators/oauth_provider/templates/new.html.erb +5 -0
  47. data/generators/oauth_provider/templates/new.html.haml +5 -0
  48. data/generators/oauth_provider/templates/oauth_nonce.rb +13 -0
  49. data/generators/oauth_provider/templates/oauth_nonce_spec.rb +24 -0
  50. data/generators/oauth_provider/templates/oauth_nonce_test.rb +26 -0
  51. data/generators/oauth_provider/templates/oauth_nonces.yml +13 -0
  52. data/generators/oauth_provider/templates/oauth_token.rb +31 -0
  53. data/generators/oauth_provider/templates/oauth_token_spec.rb +309 -0
  54. data/generators/oauth_provider/templates/oauth_token_test.rb +57 -0
  55. data/generators/oauth_provider/templates/oauth_tokens.yml +17 -0
  56. data/generators/oauth_provider/templates/request_token.rb +40 -0
  57. data/generators/oauth_provider/templates/show.html.erb +27 -0
  58. data/generators/oauth_provider/templates/show.html.haml +30 -0
  59. data/init.rb +1 -0
  60. data/install.rb +2 -0
  61. data/lib/oauth-plugin.rb +1 -0
  62. data/lib/oauth/controllers/application_controller_methods.rb +110 -0
  63. data/lib/oauth/controllers/consumer_controller.rb +76 -0
  64. data/lib/oauth/controllers/provider_controller.rb +111 -0
  65. data/lib/oauth/models/consumers/service_loader.rb +18 -0
  66. data/lib/oauth/models/consumers/services/agree2_token.rb +15 -0
  67. data/lib/oauth/models/consumers/services/fireeagle_token.rb +39 -0
  68. data/lib/oauth/models/consumers/services/twitter_token.rb +18 -0
  69. data/lib/oauth/models/consumers/token.rb +60 -0
  70. data/oauth-plugin.gemspec +112 -0
  71. data/rails/init.rb +7 -0
  72. data/tasks/oauth_tasks.rake +4 -0
  73. data/uninstall.rb +1 -0
  74. metadata +136 -0
@@ -0,0 +1,17 @@
1
+ <%%= error_messages_for :client_application %>
2
+ <div class="field">
3
+ <label for="client_application_name">Name*</label><br/>
4
+ <%%= f.text_field :name %>
5
+ </div>
6
+ <div class="field">
7
+ <label for="client_application_url">Main Application URL*</label><br/>
8
+ <%%= f.text_field :url %>
9
+ </div>
10
+ <div class="field">
11
+ <label for="client_application_callback_url">Callback URL*</label><br/>
12
+ <%%= f.text_field :callback_url %>
13
+ </div>
14
+ <div class="field">
15
+ <label for="client_application_support_url">Support URL</label><br/>
16
+ <%%= f.text_field :support_url %>
17
+ </div>
@@ -0,0 +1,21 @@
1
+ =error_messages_for :client_application
2
+ .field
3
+ %label{:for=>"client_application_name"} Name*
4
+ %br
5
+ = f.text_field :name
6
+
7
+ .field
8
+ %label{:for=>"client_application_url"} Main Application URL*
9
+ %br
10
+ = f.text_field :url
11
+
12
+ .field
13
+ %label{:for=>"client_application_callback_url"} Callback URL*
14
+ %br
15
+ = f.text_field :callback_url
16
+
17
+ .field
18
+ %label{:for=>"client_application_support_url"} Support URL
19
+ %br
20
+ = f.text_field :support_url
21
+
@@ -0,0 +1,16 @@
1
+ class AccessToken < OauthToken
2
+ validates_presence_of :user
3
+ before_create :set_authorized_at
4
+
5
+ # Implement this to return a hash or array of the capabilities the access token has
6
+ # This is particularly useful if you have implemented user defined permissions.
7
+ # def capabilities
8
+ # {:invalidate=>"/oauth/invalidate",:capabilities=>"/oauth/capabilities"}
9
+ # end
10
+
11
+ protected
12
+
13
+ def set_authorized_at
14
+ self.authorized_at = Time.now
15
+ end
16
+ end
@@ -0,0 +1,14 @@
1
+ <h1>Authorize access to your account</h1>
2
+ <p>Would you like to authorize <%%= link_to @token.client_application.name,@token.client_application.url %> (<%%= link_to @token.client_application.url,@token.client_application.url %>) to access your account?</p>
3
+ <%% form_tag authorize_url do %>
4
+ <%%= hidden_field_tag "oauth_token", @token.token %>
5
+ <%%- if params[:oauth_callback] -%>
6
+ <%%= hidden_field_tag "oauth_callback", params[:oauth_callback] %>
7
+ <%%- end -%>
8
+ <p>
9
+ <%%= check_box_tag 'authorize' %> authorize access
10
+ </p>
11
+ <p>
12
+ <%%= submit_tag %>
13
+ </p>
14
+ <%% end %>
@@ -0,0 +1,16 @@
1
+ %h1 Authorize access to your account
2
+ %p
3
+ Would you like to authorize
4
+ = link_to @token.client_application.name,@token.client_application.url
5
+ (
6
+ = link_to @token.client_application.url,@token.client_application.url
7
+ ) to access your account?
8
+ - form_tag authorize_url do
9
+ = hidden_field_tag "oauth_token", @token.token
10
+ - if params[:oauth_callback]
11
+ = hidden_field_tag "oauth_callback", params[:oauth_callback]
12
+ %p
13
+ = check_box_tag 'authorize'
14
+ authorize access
15
+ %p
16
+ = submit_tag
@@ -0,0 +1 @@
1
+ <h1>You have disallowed this request</h1>
@@ -0,0 +1 @@
1
+ %h1 You have disallowed this request
@@ -0,0 +1 @@
1
+ <h1>You have allowed this request</h1>
@@ -0,0 +1 @@
1
+ %h1 You have allowed this request
@@ -0,0 +1,55 @@
1
+ require 'oauth'
2
+ class ClientApplication < ActiveRecord::Base
3
+ belongs_to :user
4
+ has_many :tokens, :class_name => "OauthToken"
5
+ validates_presence_of :name, :url, :key, :secret
6
+ validates_uniqueness_of :key
7
+ before_validation_on_create :generate_keys
8
+
9
+ validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i
10
+ validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
11
+ validates_format_of :callback_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
12
+
13
+ attr_accessor :token_callback_url
14
+
15
+ def self.find_token(token_key)
16
+ token = OauthToken.find_by_token(token_key, :include => :client_application)
17
+ if token && token.authorized?
18
+ token
19
+ else
20
+ nil
21
+ end
22
+ end
23
+
24
+ def self.verify_request(request, options = {}, &block)
25
+ begin
26
+ signature = OAuth::Signature.build(request, options, &block)
27
+ return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp)
28
+ value = signature.verify
29
+ value
30
+ rescue OAuth::Signature::UnknownSignatureMethod => e
31
+ logger.info "ERROR"+e.to_s
32
+ false
33
+ end
34
+ end
35
+
36
+ def oauth_server
37
+ @oauth_server ||= OAuth::Server.new("http://your.site")
38
+ end
39
+
40
+ def credentials
41
+ @oauth_client ||= OAuth::Consumer.new(key, secret)
42
+ end
43
+
44
+ def create_request_token
45
+ RequestToken.create :client_application => self,:callback_url=>self.token_callback_url
46
+ end
47
+
48
+ protected
49
+
50
+ def generate_keys
51
+ oauth_client = oauth_server.generate_consumer_credentials
52
+ self.key = oauth_client.key[0,20]
53
+ self.secret = oauth_client.secret[0,40]
54
+ end
55
+ end
@@ -0,0 +1,29 @@
1
+ require File.dirname(__FILE__) + '/../spec_helper'
2
+ describe ClientApplication do
3
+ fixtures :users, :client_applications, :oauth_tokens
4
+ before(:each) do
5
+ @application = ClientApplication.create :name => "Agree2", :url => "http://agree2.com", :user => users(:quentin)
6
+ end
7
+
8
+ it "should be valid" do
9
+ @application.should be_valid
10
+ end
11
+
12
+
13
+ it "should not have errors" do
14
+ @application.errors.full_messages.should == []
15
+ end
16
+
17
+ it "should have key and secret" do
18
+ @application.key.should_not be_nil
19
+ @application.secret.should_not be_nil
20
+ end
21
+
22
+ it "should have credentials" do
23
+ @application.credentials.should_not be_nil
24
+ @application.credentials.key.should == @application.key
25
+ @application.credentials.secret.should == @application.secret
26
+ end
27
+
28
+ end
29
+
@@ -0,0 +1,42 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+ module OAuthHelpers
3
+
4
+ def create_consumer
5
+ @consumer=OAuth::Consumer.new(@application.key,@application.secret,
6
+ {
7
+ :site=>@application.oauth_server.base_url
8
+ })
9
+ end
10
+
11
+ end
12
+
13
+ class ClientApplicationTest < ActiveSupport::TestCase
14
+ include OAuthHelpers
15
+ fixtures :users,:client_applications,:oauth_tokens
16
+
17
+ def setup
18
+ @application = ClientApplication.create :name=>"Agree2",:url=>"http://agree2.com",:user=>users(:quentin)
19
+ create_consumer
20
+ end
21
+
22
+ def test_should_be_valid
23
+ assert @application.valid?
24
+ end
25
+
26
+
27
+ def test_should_not_have_errors
28
+ assert_equal [], @application.errors.full_messages
29
+ end
30
+
31
+ def test_should_have_key_and_secret
32
+ assert_not_nil @application.key
33
+ assert_not_nil @application.secret
34
+ end
35
+
36
+ def test_should_have_credentials
37
+ assert_not_nil @application.credentials
38
+ assert_equal @application.key, @application.credentials.key
39
+ assert_equal @application.secret, @application.credentials.secret
40
+ end
41
+
42
+ end
@@ -0,0 +1,23 @@
1
+ # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
2
+ one:
3
+ id: 1
4
+ name: MyString
5
+ url: MyString
6
+ support_url: MyString
7
+ callback_url: MyString
8
+ key: one_key
9
+ secret: MyString
10
+ user_id: 1
11
+ created_at: 2007-11-17 16:56:51
12
+ updated_at: 2007-11-17 16:56:51
13
+ two:
14
+ id: 2
15
+ name: MyString
16
+ url: MyString
17
+ support_url: MyString
18
+ callback_url: MyString
19
+ key: two_key
20
+ secret: MyString
21
+ user_id: 1
22
+ created_at: 2007-11-17 16:56:51
23
+ updated_at: 2007-11-17 16:56:51
@@ -0,0 +1,52 @@
1
+ class OauthClientsController < ApplicationController
2
+ before_filter :login_required
3
+ before_filter :get_client_application, :only => [:show, :edit, :update, :destroy]
4
+
5
+ def index
6
+ @client_applications = current_user.client_applications
7
+ @tokens = current_user.tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null'
8
+ end
9
+
10
+ def new
11
+ @client_application = ClientApplication.new
12
+ end
13
+
14
+ def create
15
+ @client_application = current_user.client_applications.build(params[:client_application])
16
+ if @client_application.save
17
+ flash[:notice] = "Registered the information successfully"
18
+ redirect_to :action => "show", :id => @client_application.id
19
+ else
20
+ render :action => "new"
21
+ end
22
+ end
23
+
24
+ def show
25
+ end
26
+
27
+ def edit
28
+ end
29
+
30
+ def update
31
+ if @client_application.update_attributes(params[:client_application])
32
+ flash[:notice] = "Updated the client information successfully"
33
+ redirect_to :action => "show", :id => @client_application.id
34
+ else
35
+ render :action => "edit"
36
+ end
37
+ end
38
+
39
+ def destroy
40
+ @client_application.destroy
41
+ flash[:notice] = "Destroyed the client application registration"
42
+ redirect_to :action => "index"
43
+ end
44
+
45
+ private
46
+ def get_client_application
47
+ unless @client_application = current_user.client_applications.find(params[:id])
48
+ flash.now[:error] = "Wrong application id"
49
+ raise ActiveRecord::RecordNotFound
50
+ end
51
+ end
52
+ end
@@ -0,0 +1,239 @@
1
+ require File.dirname(__FILE__) + '/../spec_helper'
2
+ require File.dirname(__FILE__) + '/oauth_controller_spec_helper'
3
+ require 'oauth/client/action_controller_request'
4
+
5
+ describe OauthClientsController, "index" do
6
+ include OAuthControllerSpecHelper
7
+ before(:each) do
8
+ login_as_application_owner
9
+ end
10
+
11
+ def do_get
12
+ get :index
13
+ end
14
+
15
+ it "should be successful" do
16
+ do_get
17
+ response.should be_success
18
+ end
19
+
20
+ it "should query current_users client applications" do
21
+ @user.should_receive(:client_applications).and_return(@client_applications)
22
+ do_get
23
+ end
24
+
25
+ it "should assign client_applications" do
26
+ do_get
27
+ assigns[:client_applications].should equal(@client_applications)
28
+ end
29
+
30
+ it "should render index template" do
31
+ do_get
32
+ response.should render_template('index')
33
+ end
34
+ end
35
+
36
+ describe OauthClientsController, "show" do
37
+ include OAuthControllerSpecHelper
38
+ before(:each) do
39
+ login_as_application_owner
40
+ end
41
+
42
+ def do_get
43
+ get :show, :id => '3'
44
+ end
45
+
46
+ it "should be successful" do
47
+ do_get
48
+ response.should be_success
49
+ end
50
+
51
+ it "should query current_users client applications" do
52
+ @user.should_receive(:client_applications).and_return(@client_applications)
53
+ @client_applications.should_receive(:find).with('3').and_return(@client_application)
54
+ do_get
55
+ end
56
+
57
+ it "should assign client_applications" do
58
+ do_get
59
+ assigns[:client_application].should equal(@client_application)
60
+ end
61
+
62
+ it "should render show template" do
63
+ do_get
64
+ response.should render_template('show')
65
+ end
66
+
67
+ end
68
+
69
+ describe OauthClientsController, "new" do
70
+ include OAuthControllerSpecHelper
71
+ before(:each) do
72
+ login_as_application_owner
73
+ ClientApplication.stub!(:new).and_return(@client_application)
74
+ end
75
+
76
+ def do_get
77
+ get :new
78
+ end
79
+
80
+ it "should be successful" do
81
+ do_get
82
+ response.should be_success
83
+ end
84
+
85
+ it "should assign client_applications" do
86
+ do_get
87
+ assigns[:client_application].should equal(@client_application)
88
+ end
89
+
90
+ it "should render show template" do
91
+ do_get
92
+ response.should render_template('new')
93
+ end
94
+
95
+ end
96
+
97
+ describe OauthClientsController, "edit" do
98
+ include OAuthControllerSpecHelper
99
+ before(:each) do
100
+ login_as_application_owner
101
+ end
102
+
103
+ def do_get
104
+ get :edit, :id => '3'
105
+ end
106
+
107
+ it "should be successful" do
108
+ do_get
109
+ response.should be_success
110
+ end
111
+
112
+ it "should query current_users client applications" do
113
+ @user.should_receive(:client_applications).and_return(@client_applications)
114
+ @client_applications.should_receive(:find).with('3').and_return(@client_application)
115
+ do_get
116
+ end
117
+
118
+ it "should assign client_applications" do
119
+ do_get
120
+ assigns[:client_application].should equal(@client_application)
121
+ end
122
+
123
+ it "should render edit template" do
124
+ do_get
125
+ response.should render_template('edit')
126
+ end
127
+
128
+ end
129
+
130
+ describe OauthClientsController, "create" do
131
+ include OAuthControllerSpecHelper
132
+
133
+ before(:each) do
134
+ login_as_application_owner
135
+ @client_applications.stub!(:build).and_return(@client_application)
136
+ @client_application.stub!(:save).and_return(true)
137
+ end
138
+
139
+ def do_valid_post
140
+ @client_application.should_receive(:save).and_return(true)
141
+ post :create, 'client_application'=>{'name' => 'my site'}
142
+ end
143
+
144
+ def do_invalid_post
145
+ @client_application.should_receive(:save).and_return(false)
146
+ post :create, :client_application=>{:name => 'my site'}
147
+ end
148
+
149
+ it "should query current_users client applications" do
150
+ @client_applications.should_receive(:build).and_return(@client_application)
151
+ do_valid_post
152
+ end
153
+
154
+ it "should redirect to new client_application" do
155
+ do_valid_post
156
+ response.should be_redirect
157
+ response.should redirect_to(:action => "show", :id => @client_application.id)
158
+ end
159
+
160
+ it "should assign client_applications" do
161
+ do_invalid_post
162
+ assigns[:client_application].should equal(@client_application)
163
+ end
164
+
165
+ it "should render show template" do
166
+ do_invalid_post
167
+ response.should render_template('new')
168
+ end
169
+ end
170
+
171
+ describe OauthClientsController, "destroy" do
172
+ include OAuthControllerSpecHelper
173
+ before(:each) do
174
+ login_as_application_owner
175
+ @client_application.stub!(:destroy)
176
+ end
177
+
178
+ def do_delete
179
+ delete :destroy, :id => '3'
180
+ end
181
+
182
+ it "should query current_users client applications" do
183
+ @user.should_receive(:client_applications).and_return(@client_applications)
184
+ @client_applications.should_receive(:find).with('3').and_return(@client_application)
185
+ do_delete
186
+ end
187
+
188
+ it "should destroy client applications" do
189
+ @client_application.should_receive(:destroy)
190
+ do_delete
191
+ end
192
+
193
+ it "should redirect to list" do
194
+ do_delete
195
+ response.should be_redirect
196
+ response.should redirect_to(:action => 'index')
197
+ end
198
+
199
+ end
200
+
201
+ describe OauthClientsController, "update" do
202
+ include OAuthControllerSpecHelper
203
+
204
+ before(:each) do
205
+ login_as_application_owner
206
+ end
207
+
208
+ def do_valid_update
209
+ @client_application.should_receive(:update_attributes).and_return(true)
210
+ put :update, :id => '1', 'client_application'=>{'name' => 'my site'}
211
+ end
212
+
213
+ def do_invalid_update
214
+ @client_application.should_receive(:update_attributes).and_return(false)
215
+ put :update, :id => '1', 'client_application'=>{'name' => 'my site'}
216
+ end
217
+
218
+ it "should query current_users client applications" do
219
+ @user.should_receive(:client_applications).and_return(@client_applications)
220
+ @client_applications.should_receive(:find).with('1').and_return(@client_application)
221
+ do_valid_update
222
+ end
223
+
224
+ it "should redirect to new client_application" do
225
+ do_valid_update
226
+ response.should be_redirect
227
+ response.should redirect_to(:action => "show", :id => @client_application.id)
228
+ end
229
+
230
+ it "should assign client_applications" do
231
+ do_invalid_update
232
+ assigns[:client_application].should equal(@client_application)
233
+ end
234
+
235
+ it "should render show template" do
236
+ do_invalid_update
237
+ response.should render_template('edit')
238
+ end
239
+ end