houston-oauth-plugin 0.5.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (172) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +12 -0
  3. data/CHANGELOG +187 -0
  4. data/Gemfile +27 -0
  5. data/Guardfile +8 -0
  6. data/MIT-LICENSE +20 -0
  7. data/README.rdoc +542 -0
  8. data/Rakefile +1 -0
  9. data/UPGRADE.rdoc +21 -0
  10. data/generators/oauth_consumer/USAGE +10 -0
  11. data/generators/oauth_consumer/oauth_consumer_generator.rb +52 -0
  12. data/generators/oauth_consumer/templates/consumer_token.rb +11 -0
  13. data/generators/oauth_consumer/templates/controller.rb +27 -0
  14. data/generators/oauth_consumer/templates/index.html.erb +29 -0
  15. data/generators/oauth_consumer/templates/index.html.haml +18 -0
  16. data/generators/oauth_consumer/templates/index.html.slim +15 -0
  17. data/generators/oauth_consumer/templates/migration.rb +23 -0
  18. data/generators/oauth_consumer/templates/oauth_config.rb +73 -0
  19. data/generators/oauth_consumer/templates/show.html.erb +7 -0
  20. data/generators/oauth_consumer/templates/show.html.haml +8 -0
  21. data/generators/oauth_consumer/templates/show.html.slim +8 -0
  22. data/generators/oauth_provider/USAGE +20 -0
  23. data/generators/oauth_provider/lib/insert_routes.rb +67 -0
  24. data/generators/oauth_provider/oauth_provider_generator.rb +127 -0
  25. data/generators/oauth_provider/templates/_form.html.erb +17 -0
  26. data/generators/oauth_provider/templates/_form.html.haml +21 -0
  27. data/generators/oauth_provider/templates/access_token.rb +16 -0
  28. data/generators/oauth_provider/templates/authorize.html.erb +14 -0
  29. data/generators/oauth_provider/templates/authorize.html.haml +16 -0
  30. data/generators/oauth_provider/templates/authorize_failure.html.erb +1 -0
  31. data/generators/oauth_provider/templates/authorize_failure.html.haml +1 -0
  32. data/generators/oauth_provider/templates/authorize_success.html.erb +1 -0
  33. data/generators/oauth_provider/templates/authorize_success.html.haml +1 -0
  34. data/generators/oauth_provider/templates/client_application.rb +57 -0
  35. data/generators/oauth_provider/templates/client_application_spec.rb +29 -0
  36. data/generators/oauth_provider/templates/client_application_test.rb +42 -0
  37. data/generators/oauth_provider/templates/client_applications.yml +23 -0
  38. data/generators/oauth_provider/templates/clients_controller.rb +52 -0
  39. data/generators/oauth_provider/templates/clients_controller_spec.rb +176 -0
  40. data/generators/oauth_provider/templates/clients_controller_test.rb +280 -0
  41. data/generators/oauth_provider/templates/controller.rb +23 -0
  42. data/generators/oauth_provider/templates/edit.html.erb +7 -0
  43. data/generators/oauth_provider/templates/edit.html.haml +4 -0
  44. data/generators/oauth_provider/templates/index.html.erb +43 -0
  45. data/generators/oauth_provider/templates/index.html.haml +39 -0
  46. data/generators/oauth_provider/templates/migration.rb +47 -0
  47. data/generators/oauth_provider/templates/new.html.erb +5 -0
  48. data/generators/oauth_provider/templates/new.html.haml +5 -0
  49. data/generators/oauth_provider/templates/oauth2_authorize.html.erb +16 -0
  50. data/generators/oauth_provider/templates/oauth2_authorize.html.haml +17 -0
  51. data/generators/oauth_provider/templates/oauth2_token.rb +20 -0
  52. data/generators/oauth_provider/templates/oauth2_token_spec.rb +52 -0
  53. data/generators/oauth_provider/templates/oauth2_verifier.rb +35 -0
  54. data/generators/oauth_provider/templates/oauth2_verifier_spec.rb +44 -0
  55. data/generators/oauth_provider/templates/oauth_nonce.rb +13 -0
  56. data/generators/oauth_provider/templates/oauth_nonce_spec.rb +24 -0
  57. data/generators/oauth_provider/templates/oauth_nonce_test.rb +26 -0
  58. data/generators/oauth_provider/templates/oauth_nonces.yml +13 -0
  59. data/generators/oauth_provider/templates/oauth_token.rb +30 -0
  60. data/generators/oauth_provider/templates/oauth_token_spec.rb +309 -0
  61. data/generators/oauth_provider/templates/oauth_token_test.rb +57 -0
  62. data/generators/oauth_provider/templates/oauth_tokens.yml +17 -0
  63. data/generators/oauth_provider/templates/request_token.rb +40 -0
  64. data/generators/oauth_provider/templates/show.html.erb +27 -0
  65. data/generators/oauth_provider/templates/show.html.haml +30 -0
  66. data/init.rb +1 -0
  67. data/install.rb +2 -0
  68. data/lib/generators/active_record/oauth_consumer_generator.rb +33 -0
  69. data/lib/generators/active_record/oauth_consumer_templates/consumer_token.rb +11 -0
  70. data/lib/generators/active_record/oauth_consumer_templates/migration.rb +20 -0
  71. data/lib/generators/active_record/oauth_provider_generator.rb +39 -0
  72. data/lib/generators/active_record/oauth_provider_templates/access_token.rb +16 -0
  73. data/lib/generators/active_record/oauth_provider_templates/client_application.rb +57 -0
  74. data/lib/generators/active_record/oauth_provider_templates/migration.rb +47 -0
  75. data/lib/generators/active_record/oauth_provider_templates/oauth2_token.rb +20 -0
  76. data/lib/generators/active_record/oauth_provider_templates/oauth2_verifier.rb +35 -0
  77. data/lib/generators/active_record/oauth_provider_templates/oauth_nonce.rb +13 -0
  78. data/lib/generators/active_record/oauth_provider_templates/oauth_token.rb +30 -0
  79. data/lib/generators/active_record/oauth_provider_templates/request_token.rb +40 -0
  80. data/lib/generators/erb/oauth_consumer_generator.rb +14 -0
  81. data/lib/generators/erb/oauth_consumer_templates/index.html.erb +29 -0
  82. data/lib/generators/erb/oauth_consumer_templates/show.html.erb +7 -0
  83. data/lib/generators/erb/oauth_provider_generator.rb +23 -0
  84. data/lib/generators/erb/oauth_provider_templates/_form.html.erb +17 -0
  85. data/lib/generators/erb/oauth_provider_templates/authorize.html.erb +14 -0
  86. data/lib/generators/erb/oauth_provider_templates/authorize_failure.html.erb +1 -0
  87. data/lib/generators/erb/oauth_provider_templates/authorize_success.html.erb +1 -0
  88. data/lib/generators/erb/oauth_provider_templates/edit.html.erb +7 -0
  89. data/lib/generators/erb/oauth_provider_templates/index.html.erb +43 -0
  90. data/lib/generators/erb/oauth_provider_templates/new.html.erb +5 -0
  91. data/lib/generators/erb/oauth_provider_templates/oauth2_authorize.html.erb +16 -0
  92. data/lib/generators/erb/oauth_provider_templates/show.html.erb +27 -0
  93. data/lib/generators/haml/oauth_consumer_generator.rb +21 -0
  94. data/lib/generators/haml/oauth_consumer_templates/index.html.haml +18 -0
  95. data/lib/generators/haml/oauth_consumer_templates/show.html.haml +8 -0
  96. data/lib/generators/haml/oauth_provider_generator.rb +28 -0
  97. data/lib/generators/haml/oauth_provider_templates/_form.html.haml +21 -0
  98. data/lib/generators/haml/oauth_provider_templates/authorize.html.haml +16 -0
  99. data/lib/generators/haml/oauth_provider_templates/authorize_failure.html.haml +1 -0
  100. data/lib/generators/haml/oauth_provider_templates/authorize_success.html.haml +1 -0
  101. data/lib/generators/haml/oauth_provider_templates/edit.html.haml +4 -0
  102. data/lib/generators/haml/oauth_provider_templates/index.html.haml +39 -0
  103. data/lib/generators/haml/oauth_provider_templates/new.html.haml +5 -0
  104. data/lib/generators/haml/oauth_provider_templates/oauth2_authorize.html.haml +17 -0
  105. data/lib/generators/haml/oauth_provider_templates/show.html.haml +30 -0
  106. data/lib/generators/mongoid/oauth_consumer_generator.rb +15 -0
  107. data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb +41 -0
  108. data/lib/generators/mongoid/oauth_provider_generator.rb +21 -0
  109. data/lib/generators/mongoid/oauth_provider_templates/access_token.rb +16 -0
  110. data/lib/generators/mongoid/oauth_provider_templates/client_application.rb +71 -0
  111. data/lib/generators/mongoid/oauth_provider_templates/oauth2_token.rb +20 -0
  112. data/lib/generators/mongoid/oauth_provider_templates/oauth2_verifier.rb +35 -0
  113. data/lib/generators/mongoid/oauth_provider_templates/oauth_nonce.rb +24 -0
  114. data/lib/generators/mongoid/oauth_provider_templates/oauth_token.rb +44 -0
  115. data/lib/generators/mongoid/oauth_provider_templates/request_token.rb +36 -0
  116. data/lib/generators/oauth_consumer/USAGE +11 -0
  117. data/lib/generators/oauth_consumer/oauth_consumer_generator.rb +31 -0
  118. data/lib/generators/oauth_consumer/templates/controller.rb +59 -0
  119. data/lib/generators/oauth_consumer/templates/oauth_config.rb +68 -0
  120. data/lib/generators/oauth_inflections.rb +6 -0
  121. data/lib/generators/oauth_plugin.rb +0 -0
  122. data/lib/generators/oauth_provider/USAGE +18 -0
  123. data/lib/generators/oauth_provider/oauth_provider_generator.rb +37 -0
  124. data/lib/generators/oauth_provider/templates/clients_controller.rb +52 -0
  125. data/lib/generators/oauth_provider/templates/controller.rb +23 -0
  126. data/lib/generators/rspec/oauth_provider_generator.rb +35 -0
  127. data/lib/generators/rspec/templates/client_application_spec.rb +29 -0
  128. data/lib/generators/rspec/templates/client_applications.yml +23 -0
  129. data/lib/generators/rspec/templates/clients_controller_spec.rb +176 -0
  130. data/lib/generators/rspec/templates/oauth2_token_spec.rb +52 -0
  131. data/lib/generators/rspec/templates/oauth2_verifier_spec.rb +44 -0
  132. data/lib/generators/rspec/templates/oauth_nonce_spec.rb +24 -0
  133. data/lib/generators/rspec/templates/oauth_nonces.yml +13 -0
  134. data/lib/generators/rspec/templates/oauth_token_spec.rb +309 -0
  135. data/lib/generators/rspec/templates/oauth_tokens.yml +17 -0
  136. data/lib/generators/slim/oauth_consumer_generator.rb +21 -0
  137. data/lib/generators/slim/oauth_consumer_templates/index.html.slim +15 -0
  138. data/lib/generators/slim/oauth_consumer_templates/show.html.slim +8 -0
  139. data/lib/generators/test_unit/oauth_provider_generator.rb +33 -0
  140. data/lib/generators/test_unit/templates/client_application_test.rb +42 -0
  141. data/lib/generators/test_unit/templates/client_applications.yml +23 -0
  142. data/lib/generators/test_unit/templates/clients_controller_test.rb +280 -0
  143. data/lib/generators/test_unit/templates/oauth_nonce_test.rb +26 -0
  144. data/lib/generators/test_unit/templates/oauth_nonces.yml +13 -0
  145. data/lib/generators/test_unit/templates/oauth_token_test.rb +57 -0
  146. data/lib/generators/test_unit/templates/oauth_tokens.yml +17 -0
  147. data/lib/oauth-plugin.rb +24 -0
  148. data/lib/oauth-plugin/version.rb +5 -0
  149. data/lib/oauth/controllers/application_controller_methods.rb +140 -0
  150. data/lib/oauth/controllers/consumer_controller.rb +153 -0
  151. data/lib/oauth/controllers/provider_controller.rb +181 -0
  152. data/lib/oauth/models/consumers/service_loader.rb +28 -0
  153. data/lib/oauth/models/consumers/services/agree2_token.rb +15 -0
  154. data/lib/oauth/models/consumers/services/fireeagle_token.rb +39 -0
  155. data/lib/oauth/models/consumers/services/google_token.rb +21 -0
  156. data/lib/oauth/models/consumers/services/oauth2_token.rb +49 -0
  157. data/lib/oauth/models/consumers/services/opentransact_token.rb +15 -0
  158. data/lib/oauth/models/consumers/services/picomoney_token.rb +17 -0
  159. data/lib/oauth/models/consumers/services/twitter_token.rb +24 -0
  160. data/lib/oauth/models/consumers/simple_client.rb +50 -0
  161. data/lib/oauth/models/consumers/token.rb +121 -0
  162. data/lib/oauth/provider/authorizer.rb +83 -0
  163. data/lib/oauth/rack/oauth_filter.rb +97 -0
  164. data/oauth-plugin.gemspec +40 -0
  165. data/rails/init.rb +1 -0
  166. data/spec/dummy_provider_models.rb +53 -0
  167. data/spec/oauth/provider/authorizer_spec.rb +202 -0
  168. data/spec/rack/oauth_filter_spec.rb +244 -0
  169. data/spec/spec_helper.rb +3 -0
  170. data/tasks/oauth_tasks.rake +4 -0
  171. data/uninstall.rb +1 -0
  172. metadata +373 -0
@@ -0,0 +1,13 @@
1
+ # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
2
+ one:
3
+ id: 1
4
+ nonce: a_nonce
5
+ timestamp: 1
6
+ created_at: 2007-11-25 17:27:04
7
+ updated_at: 2007-11-25 17:27:04
8
+ two:
9
+ id: 2
10
+ nonce: b_nonce
11
+ timestamp: 2
12
+ created_at: 2007-11-25 17:27:04
13
+ updated_at: 2007-11-25 17:27:04
@@ -0,0 +1,57 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class RequestTokenTest < ActiveSupport::TestCase
4
+
5
+ fixtures :client_applications, :users, :oauth_tokens
6
+
7
+ def setup
8
+ @token = RequestToken.create :client_application=>client_applications(:one)
9
+ end
10
+
11
+ def test_should_be_valid
12
+ assert @token.valid?
13
+ end
14
+
15
+ def test_should_not_have_errors
16
+ assert @token.errors.empty?
17
+ end
18
+
19
+ def test_should_have_a_token
20
+ assert_not_nil @token.token
21
+ end
22
+
23
+ def test_should_have_a_secret
24
+ assert_not_nil @token.secret
25
+ end
26
+
27
+ def test_should_not_be_authorized
28
+ assert !@token.authorized?
29
+ end
30
+
31
+ def test_should_not_be_invalidated
32
+ assert !@token.invalidated?
33
+ end
34
+
35
+ def test_should_authorize_request
36
+ @token.authorize!(users(:quentin))
37
+ assert @token.authorized?
38
+ assert_not_nil @token.authorized_at
39
+ assert_equal users(:quentin), @token.user
40
+ end
41
+
42
+ def test_should_not_exchange_without_approval
43
+ assert_equal false, @token.exchange!
44
+ assert_equal false, @token.invalidated?
45
+ end
46
+
47
+ def test_should_not_exchange_without_approval
48
+ @token.authorize!(users(:quentin))
49
+ @access = @token.exchange!
50
+ assert_not_equal false, @access
51
+ assert @token.invalidated?
52
+
53
+ assert_equal users(:quentin), @access.user
54
+ assert @access.authorized?
55
+ end
56
+
57
+ end
@@ -0,0 +1,17 @@
1
+ # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
2
+ one:
3
+ id: 1
4
+ user_id: 1
5
+ client_application_id: 1
6
+ token: one
7
+ secret: MyString
8
+ created_at: 2007-11-19 07:31:46
9
+ updated_at: 2007-11-19 07:31:46
10
+ two:
11
+ id: 2
12
+ user_id: 1
13
+ client_application_id: 1
14
+ token: two
15
+ secret: MyString
16
+ created_at: 2007-11-19 07:31:46
17
+ updated_at: 2007-11-19 07:31:46
@@ -0,0 +1,24 @@
1
+ require 'oauth'
2
+ require 'oauth/signature/hmac/sha1'
3
+ require 'oauth/request_proxy/rack_request'
4
+ require 'oauth/server'
5
+ require 'oauth/controllers/application_controller_methods'
6
+ if Rails::VERSION::MAJOR >= 3
7
+ require 'oauth/request_proxy/rack_request'
8
+ else
9
+ require 'oauth/request_proxy/action_controller_request'
10
+ ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
11
+ end
12
+
13
+
14
+ if Rails::VERSION::MAJOR >= 3
15
+ module OAuth
16
+ module Plugin
17
+ class OAuthRailtie < Rails::Railtie
18
+ initializer "oauth-plugin.configure_rails_initialization" do |app|
19
+ ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
20
+ end
21
+ end
22
+ end
23
+ end
24
+ end
@@ -0,0 +1,5 @@
1
+ module Oauth
2
+ module Plugin
3
+ VERSION = "0.5.1"
4
+ end
5
+ end
@@ -0,0 +1,140 @@
1
+ module OAuth
2
+ module Controllers
3
+
4
+ module ApplicationControllerMethods
5
+
6
+ def self.included(controller)
7
+ controller.class_eval do
8
+ extend ClassMethods
9
+ end
10
+ end
11
+
12
+ module ClassMethods
13
+ def oauthenticate(options={})
14
+ filter_options = {}
15
+ filter_options[:only] = options.delete(:only) if options[:only]
16
+ filter_options[:except] = options.delete(:except) if options[:except]
17
+ before_filter Filter.new(options), filter_options
18
+ end
19
+ end
20
+
21
+ class Filter
22
+ def initialize(options={})
23
+ @options={
24
+ :interactive=>true,
25
+ :strategies => [:token,:two_legged]
26
+ }.merge(options)
27
+ @strategies = Array(@options[:strategies])
28
+ @strategies << :interactive if @options[:interactive]
29
+ end
30
+
31
+ def before(controller)
32
+ Authenticator.new(controller,@strategies).allow?
33
+ end
34
+ end
35
+
36
+ class Authenticator
37
+ attr_accessor :controller, :strategies, :strategy
38
+ def initialize(controller,strategies)
39
+ @controller = controller
40
+ @strategies = strategies
41
+ end
42
+
43
+ def allow?
44
+ if @strategies.include?(:interactive) && interactive
45
+ true
46
+ elsif !(@strategies & env["oauth.strategies"].to_a).empty?
47
+ if token.present?
48
+ @controller.send :current_user=, token.user
49
+ true
50
+ else
51
+ false
52
+ end
53
+ else
54
+ if @strategies.include?(:interactive)
55
+ controller.send :access_denied
56
+ else
57
+ controller.send :invalid_oauth_response
58
+ end
59
+ end
60
+ end
61
+
62
+ def oauth20_token
63
+ env["oauth.version"]==2 && env["oauth.token"]
64
+ end
65
+
66
+ def oauth10_token
67
+ env["oauth.version"]==1 && env["oauth.token"]
68
+ end
69
+
70
+ def oauth10_request_token
71
+ oauth10_token && oauth10_token.is_a?(::RequestToken) ? oauth10_token : nil
72
+ end
73
+
74
+ def oauth10_access_token
75
+ oauth10_token && oauth10_token.is_a?(::AccessToken) ? oauth10_token : nil
76
+ end
77
+
78
+ def token
79
+ oauth20_token || oauth10_access_token || nil
80
+ end
81
+
82
+ def client_application
83
+ env["oauth.version"]==1 && env["oauth.client_application"] || oauth20_token.try(:client_application)
84
+ end
85
+
86
+ def two_legged
87
+ env["oauth.version"]==1 && client_application
88
+ end
89
+
90
+ def interactive
91
+ @controller.send :logged_in?
92
+ end
93
+
94
+ def env
95
+ request.env
96
+ end
97
+
98
+ def request
99
+ controller.send :request
100
+ end
101
+
102
+ end
103
+
104
+ protected
105
+
106
+ def current_token
107
+ request.env["oauth.token"]
108
+ end
109
+
110
+ def current_client_application
111
+ request.env["oauth.version"]==1 && request.env["oauth.client_application"] || current_token.try(:client_application)
112
+ end
113
+
114
+ def oauth?
115
+ current_token
116
+ end
117
+
118
+ # use in a before_filter. Note this is for compatibility purposes. Better to use oauthenticate now
119
+ def oauth_required
120
+ Authenticator.new(self,[:oauth10_access_token]).allow?
121
+ end
122
+
123
+ # use in before_filter. Note this is for compatibility purposes. Better to use oauthenticate now
124
+ def login_or_oauth_required
125
+ Authenticator.new(self,[:oauth10_access_token,:interactive]).allow?
126
+ end
127
+
128
+ def invalid_oauth_response(code=401,message="Invalid OAuth Request")
129
+ render :text => message, :status => code
130
+ false
131
+ end
132
+
133
+ # override this in your controller
134
+ def access_denied
135
+ head 401
136
+ end
137
+
138
+ end
139
+ end
140
+ end
@@ -0,0 +1,153 @@
1
+ module Oauth
2
+ module Controllers
3
+ module ConsumerController
4
+ def self.included(controller)
5
+ controller.class_eval do
6
+ before_filter :load_consumer, :except=>:index
7
+ skip_before_filter :verify_authenticity_token,:only=>:callback
8
+ end
9
+ end
10
+
11
+ def index
12
+ @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
13
+ # The services the user hasn't already connected to
14
+ @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
15
+ end
16
+
17
+ # If the user has no token or <tt>force</tt> is set as a param, creates request token and
18
+ # redirects on to oauth provider's auth page. Otherwise it displays a page with an option
19
+ # to disconnect and redo
20
+ def show
21
+ if @token && params[:force]
22
+ @token.destroy
23
+ @token = nil
24
+ end
25
+
26
+ unless @token
27
+ if @consumer.ancestors.include?(Oauth2Token)
28
+ request_url = callback2_oauth_consumer_url + callback2_querystring
29
+ redirect_to @consumer.authorize_url(request_url)
30
+ else
31
+ request_url = callback_oauth_consumer_url(params[:id]) + callback2_querystring
32
+ @request_token = @consumer.get_request_token(request_url)
33
+ session[@request_token.token]=@request_token.secret
34
+ if @request_token.callback_confirmed?
35
+ redirect_to @request_token.authorize_url
36
+ else
37
+ redirect_to(@request_token.authorize_url + "&oauth_callback=#{callback_oauth_consumer_url(params[:id])}")
38
+ end
39
+ end
40
+ end
41
+ end
42
+
43
+ def callback2_querystring
44
+ request.query_string.blank? ? '' : '?' + request.query_string
45
+ end
46
+
47
+ def callback2
48
+ @token = @consumer.access_token(current_user,params[:code], callback2_oauth_consumer_url)
49
+ if @token
50
+ # Log user in
51
+ if logged_in?
52
+ flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
53
+ else
54
+ self.current_user = @token.user
55
+ flash[:notice] = "You logged in with #{params[:id].humanize}"
56
+ end
57
+ go_back
58
+ else
59
+ flash[:error] = "An error happened, please try connecting again"
60
+ redirect_to oauth_consumer_url(params[:id])
61
+ end
62
+
63
+ end
64
+
65
+ def callback
66
+ logger.info "CALLBACK"
67
+ @request_token_secret=session[params[:oauth_token]]
68
+ if @request_token_secret
69
+ @token=@consumer.find_or_create_from_request_token(current_user,params[:oauth_token],@request_token_secret,params[:oauth_verifier])
70
+ session[params[:oauth_token]] = nil
71
+ if @token
72
+ # Log user in
73
+ if logged_in?
74
+ flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
75
+ else
76
+ self.current_user = @token.user
77
+ flash[:notice] = "You logged in with #{params[:id].humanize}"
78
+ end
79
+ go_back
80
+ else
81
+ flash[:error] = "An error happened, please try connecting again"
82
+ redirect_to oauth_consumer_url(params[:id])
83
+ end
84
+ end
85
+
86
+ end
87
+
88
+ def client
89
+ method = request.method.downcase.to_sym
90
+ path = "/#{params[:endpoint]}?#{request.query_string}"
91
+ if consumer_credentials[:expose]
92
+ if @token
93
+ oauth_response = @token.client.send(method, path)
94
+ if oauth_response.is_a? Net::HTTPRedirection
95
+ # follow redirect
96
+ oauth_response = @token.client.send(method, oauth_response['Location'])
97
+ end
98
+
99
+ render :text => oauth_response.body
100
+ else
101
+ render :text => "Token needed.", :status => 403
102
+ end
103
+ else
104
+ render :text => "Not allowed", :status => 403
105
+ end
106
+ end
107
+
108
+ def destroy
109
+ throw RecordNotFound unless @token
110
+ @token.destroy
111
+ if params[:commit]=="Reconnect"
112
+ redirect_to oauth_consumer_url(params[:id])
113
+ else
114
+ flash[:notice] = "#{params[:id].humanize} was successfully disconnected from your account"
115
+
116
+ go_back
117
+ end
118
+ end
119
+
120
+ def callback2_oauth_consumer_url
121
+ @consumer.consumer.options[:redirect_uri]
122
+ end
123
+
124
+ protected
125
+
126
+ # Override this in your controller to decide where you want to redirect user to after callback is finished.
127
+ def go_back
128
+ redirect_to root_url
129
+ end
130
+
131
+ def consumer_credentials
132
+ OAUTH_CREDENTIALS[consumer_key]
133
+ end
134
+
135
+ def consumer_key
136
+ @consumer_key ||= params[:id].to_sym
137
+ end
138
+
139
+ def load_consumer
140
+ throw RecordNotFound unless OAUTH_CREDENTIALS.include?(consumer_key)
141
+ deny_access! unless logged_in? || consumer_credentials[:allow_login]
142
+ @consumer = "#{consumer_key.to_s.camelcase}Token".constantize
143
+ @token = @consumer.where(user_id: current_user.id.to_s).first if logged_in?
144
+ end
145
+
146
+ # Override this in you controller to deny user or redirect to login screen.
147
+ def deny_access!
148
+ head 401
149
+ end
150
+
151
+ end
152
+ end
153
+ end
@@ -0,0 +1,181 @@
1
+ require 'oauth/provider/authorizer'
2
+ module OAuth
3
+ module Controllers
4
+
5
+ module ProviderController
6
+ def self.included(controller)
7
+ controller.class_eval do
8
+ before_filter :login_required, :only => [:authorize,:revoke]
9
+ oauthenticate :only => [:test_request]
10
+ oauthenticate :strategies => :token, :interactive => false, :only => [:invalidate,:capabilities]
11
+ oauthenticate :strategies => :two_legged, :interactive => false, :only => [:request_token]
12
+ oauthenticate :strategies => :oauth10_request_token, :interactive => false, :only => [:access_token]
13
+ skip_before_filter :verify_authenticity_token, :only=>[:request_token, :access_token, :invalidate, :test_request, :token]
14
+ end
15
+ end
16
+
17
+ def request_token
18
+ @token = current_client_application.create_request_token params
19
+ if @token
20
+ render :text => @token.to_query
21
+ else
22
+ render :nothing => true, :status => 401
23
+ end
24
+ end
25
+
26
+ def access_token
27
+ @token = current_token && current_token.exchange!
28
+ if @token
29
+ render :text => @token.to_query
30
+ else
31
+ render :nothing => true, :status => 401
32
+ end
33
+ end
34
+
35
+ def token
36
+ @client_application = ClientApplication.find_by_key! params[:client_id]
37
+ if @client_application.secret != params[:client_secret]
38
+ oauth2_error "invalid_client"
39
+ return
40
+ end
41
+ # older drafts used none for client_credentials
42
+ params[:grant_type] = 'client_credentials' if params[:grant_type] == 'none'
43
+ logger.info "grant_type=#{params[:grant_type]}"
44
+ if ["authorization_code", "password", "client_credentials"].include?(params[:grant_type])
45
+ send "oauth2_token_#{params[:grant_type].underscore}"
46
+ else
47
+ oauth2_error "unsupported_grant_type"
48
+ end
49
+ end
50
+
51
+ def test_request
52
+ render :text => params.collect{|k,v|"#{k}=#{v}"}.join("&")
53
+ end
54
+
55
+ def authorize
56
+ if params[:oauth_token]
57
+ @token = ::RequestToken.find_by_token! params[:oauth_token]
58
+ oauth1_authorize
59
+ else
60
+ if request.post?
61
+ @authorizer = OAuth::Provider::Authorizer.new current_user, user_authorizes_token?, params
62
+ redirect_to @authorizer.redirect_uri
63
+ else
64
+ @client_application = ClientApplication.find_by_key! params[:client_id]
65
+ render :action => "oauth2_authorize"
66
+ end
67
+ end
68
+ end
69
+
70
+ def revoke
71
+ @token = current_user.tokens.find_by_token! params[:token]
72
+ if @token
73
+ @token.invalidate!
74
+ flash[:notice] = "You've revoked the token for #{@token.client_application.name}"
75
+ end
76
+ redirect_to oauth_clients_url
77
+ end
78
+
79
+ # Invalidate current token
80
+ def invalidate
81
+ current_token.invalidate!
82
+ head :status=>410
83
+ end
84
+
85
+ # Capabilities of current_token
86
+ def capabilities
87
+ if current_token.respond_to?(:capabilities)
88
+ @capabilities=current_token.capabilities
89
+ else
90
+ @capabilities={:invalidate=>url_for(:action=>:invalidate)}
91
+ end
92
+
93
+ respond_to do |format|
94
+ format.json {render :json=>@capabilities}
95
+ format.xml {render :xml=>@capabilities}
96
+ end
97
+ end
98
+
99
+ protected
100
+
101
+ def oauth1_authorize
102
+ unless @token
103
+ render :action=>"authorize_failure"
104
+ return
105
+ end
106
+
107
+ unless @token.invalidated?
108
+ if request.post?
109
+ if user_authorizes_token?
110
+ @token.authorize!(current_user)
111
+ callback_url = @token.oob? ? @token.client_application.callback_url : @token.callback_url
112
+ @redirect_url = URI.parse(callback_url) unless callback_url.blank?
113
+
114
+ unless @redirect_url.to_s.blank?
115
+ @redirect_url.query = @redirect_url.query.blank? ?
116
+ "oauth_token=#{@token.token}&oauth_verifier=#{@token.verifier}" :
117
+ @redirect_url.query + "&oauth_token=#{@token.token}&oauth_verifier=#{@token.verifier}"
118
+ redirect_to @redirect_url.to_s
119
+ else
120
+ render :action => "authorize_success"
121
+ end
122
+ else
123
+ @token.invalidate!
124
+ render :action => "authorize_failure"
125
+ end
126
+ end
127
+ else
128
+ render :action => "authorize_failure"
129
+ end
130
+ end
131
+
132
+
133
+ # http://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-4.1.1
134
+ def oauth2_token_authorization_code
135
+ @verification_code = @client_application.oauth2_verifiers.find_by_token params[:code]
136
+ unless @verification_code
137
+ oauth2_error
138
+ return
139
+ end
140
+ if @verification_code.redirect_url != params[:redirect_uri]
141
+ oauth2_error
142
+ return
143
+ end
144
+ @token = @verification_code.exchange!
145
+ render :json=>@token
146
+ end
147
+
148
+ # http://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-4.1.2
149
+ def oauth2_token_password
150
+ @user = authenticate_user( params[:username], params[:password])
151
+ unless @user
152
+ oauth2_error
153
+ return
154
+ end
155
+ @token = Oauth2Token.create :client_application=>@client_application, :user=>@user, :scope=>params[:scope]
156
+ render :json=>@token
157
+ end
158
+
159
+ # should authenticate and return a user if valid password. Override in your own controller
160
+ def authenticate_user(username,password)
161
+ User.authenticate(username,password)
162
+ end
163
+
164
+ # autonomous authorization which creates a token for client_applications user
165
+ def oauth2_token_client_credentials
166
+ @token = Oauth2Token.create :client_application=>@client_application, :user=>@client_application.user, :scope=>params[:scope]
167
+ render :json=>@token
168
+ end
169
+
170
+ # Override this to match your authorization page form
171
+ def user_authorizes_token?
172
+ params[:authorize] == '1'
173
+ end
174
+
175
+ def oauth2_error(error="invalid_grant")
176
+ render :json=>{:error=>error}.to_json, :status => 400
177
+ end
178
+
179
+ end
180
+ end
181
+ end