lasso 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE +1 -1
- data/{README.rdoc → README.textile} +55 -19
- data/VERSION +1 -1
- data/lasso.gemspec +3 -3
- data/lib/lasso/controller/instance.rb +18 -7
- data/lib/lasso/model/instance.rb +3 -0
- metadata +4 -4
data/LICENSE
CHANGED
@@ -1,16 +1,34 @@
|
|
1
|
-
|
1
|
+
h1. Lasso
|
2
2
|
|
3
|
-
|
3
|
+
h2. Identity herding with OAuth
|
4
4
|
|
5
5
|
Lasso makes it damn easy to add SSO to your Rails application. Just load in your configuration, add a couple associations, and you are set to hit the trail running, partner.
|
6
6
|
|
7
|
-
|
7
|
+
h2. Flexibility
|
8
8
|
|
9
|
-
|
9
|
+
Lasso works via decorators and attempts to have as few opinions about your setup as possible.
|
10
|
+
|
11
|
+
* Can handle one-to-many associations with owners/tokens
|
12
|
+
* Can handle multiple tokens from the same provider
|
13
|
+
* Can handle any provider (OAuth 1 or 2) seamlessly by editing a simple configuration
|
14
|
+
* Isn't hard coded to work with one authentication library
|
15
|
+
* Works well with STI or multiple token classes/controllers
|
10
16
|
|
11
17
|
Lasso creates OAuth tokens via nested attributes on whichever object you deem to be the owner of those keys (e.g, current_user, current_user.account, User.new) which makes it one-to-many and quite flexible.
|
12
18
|
|
13
|
-
|
19
|
+
h3. Gettings started
|
20
|
+
|
21
|
+
I haven't made generators for anything, yet. Feel free to skim this README in addition to checking out the "Lasso/Authlogic example application that I've built.":http://github.com/jamesdaniels/lasso-example
|
22
|
+
|
23
|
+
h2. Walk-through
|
24
|
+
|
25
|
+
h3. Configuration
|
26
|
+
|
27
|
+
Add this line to your environment.rb:
|
28
|
+
|
29
|
+
config.gem 'lasso'
|
30
|
+
|
31
|
+
h3. Schema
|
14
32
|
|
15
33
|
You are going to want a model with a schema that at least looks like this, you can call it what you wish:
|
16
34
|
|
@@ -22,7 +40,7 @@ You are going to want a model with a schema that at least looks like this, you c
|
|
22
40
|
t.datetime "created_at", "updated_at", :null => false
|
23
41
|
end
|
24
42
|
|
25
|
-
|
43
|
+
h3. Model
|
26
44
|
|
27
45
|
Go ahead and add your provider details to the model, like so:
|
28
46
|
|
@@ -45,18 +63,36 @@ Go ahead and add your provider details to the model, like so:
|
|
45
63
|
end
|
46
64
|
end
|
47
65
|
end
|
66
|
+
|
67
|
+
You'll want to setup the association to your owner model too:
|
68
|
+
|
69
|
+
class User < ActiveRecord::Base
|
70
|
+
has_many :access_keys, :dependent => :destroy, :as => :owner
|
71
|
+
accepts_nested_attributes_for :access_keys
|
72
|
+
end
|
48
73
|
|
49
|
-
|
74
|
+
h3. Controller
|
50
75
|
|
51
76
|
You are going to want a controller that is able to handle the requests:
|
52
77
|
|
53
78
|
class OauthController < ApplicationController
|
54
|
-
|
55
|
-
|
56
|
-
:
|
57
|
-
:
|
79
|
+
processes_oauth_transactions_for :access_keys,
|
80
|
+
:through => lambda { current_user || User.new },
|
81
|
+
:callback => lambda { oauth_callback_url },
|
82
|
+
:conflict => :handle_existing_oauth,
|
83
|
+
:login => :handle_oauth_login
|
84
|
+
|
85
|
+
def handle_oauth_login(user)
|
86
|
+
# TODO: Log in as the user
|
87
|
+
end
|
88
|
+
|
89
|
+
def handle_existing_oauth(user)
|
90
|
+
# TODO: Merge accounts or display an error
|
91
|
+
end
|
58
92
|
end
|
59
|
-
|
93
|
+
|
94
|
+
And a controller to show the user their AccessKeys:
|
95
|
+
|
60
96
|
class AccessKeysController < ApplicationController
|
61
97
|
|
62
98
|
def index
|
@@ -67,7 +103,7 @@ You are going to want a controller that is able to handle the requests:
|
|
67
103
|
@access_key = current_user.access_keys.find(params[:id])
|
68
104
|
end
|
69
105
|
|
70
|
-
def
|
106
|
+
def destroy
|
71
107
|
access_key = current_user.access_keys.find(params[:id])
|
72
108
|
access_key.destroy
|
73
109
|
redirect_to access_keys_path
|
@@ -75,22 +111,22 @@ You are going to want a controller that is able to handle the requests:
|
|
75
111
|
|
76
112
|
end
|
77
113
|
|
78
|
-
|
114
|
+
h3. Routes
|
79
115
|
|
80
116
|
And maybe some routes:
|
81
117
|
|
82
|
-
map.resources :access_keys, :only => [:index, :show, :
|
118
|
+
map.resources :access_keys, :only => [:index, :show, :destroy]
|
83
119
|
|
84
120
|
map.oauth_authorize '/:service/oauth/start', :controller => 'oauth', :action => 'new'
|
85
|
-
map.oauth_callback '/:service/oauth/callback', :controller => 'oauth', :action => 'create'
|
121
|
+
map.oauth_callback '/:service/oauth/callback', :controller => 'oauth', :action => 'create'
|
86
122
|
|
87
|
-
|
123
|
+
h3. Usage
|
88
124
|
|
89
125
|
Now OAuth is as simple as adding a link:
|
90
126
|
|
91
127
|
<%= link_to 'Integrate your account with your 37signals account', oauth_authorize_path(:service => '37signals') %>
|
92
128
|
|
93
|
-
|
129
|
+
h3. Note on Patches/Pull Requests
|
94
130
|
|
95
131
|
* Fork the project.
|
96
132
|
* Make your feature addition or bug fix.
|
@@ -100,6 +136,6 @@ Now OAuth is as simple as adding a link:
|
|
100
136
|
(if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
|
101
137
|
* Send me a pull request. Bonus points for topic branches.
|
102
138
|
|
103
|
-
|
139
|
+
h2. Copyright
|
104
140
|
|
105
141
|
Copyright (c) 2010 James Daniels. See LICENSE for details.
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.
|
1
|
+
0.2.0
|
data/lasso.gemspec
CHANGED
@@ -5,7 +5,7 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |s|
|
7
7
|
s.name = %q{lasso}
|
8
|
-
s.version = "0.
|
8
|
+
s.version = "0.2.0"
|
9
9
|
|
10
10
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
11
11
|
s.authors = ["James Daniels"]
|
@@ -14,13 +14,13 @@ Gem::Specification.new do |s|
|
|
14
14
|
s.email = %q{james@marginleft.com}
|
15
15
|
s.extra_rdoc_files = [
|
16
16
|
"LICENSE",
|
17
|
-
"README.
|
17
|
+
"README.textile"
|
18
18
|
]
|
19
19
|
s.files = [
|
20
20
|
".document",
|
21
21
|
".gitignore",
|
22
22
|
"LICENSE",
|
23
|
-
"README.
|
23
|
+
"README.textile",
|
24
24
|
"Rakefile",
|
25
25
|
"VERSION",
|
26
26
|
"lasso.gemspec",
|
@@ -7,19 +7,30 @@ module Lasso
|
|
7
7
|
end
|
8
8
|
|
9
9
|
def create
|
10
|
-
@oauth = type.new(:service => params[:service])
|
11
|
-
#@oauth = oauth_settings[:through].call.send(oauth_model).new(:service => params[:service])
|
12
|
-
parse_response
|
13
10
|
@owner = oauth_settings[:through].bind(self).call
|
14
|
-
|
15
|
-
|
16
|
-
|
11
|
+
@oauth = type.new(:service => params[:service], :owner => @owner)
|
12
|
+
parse_response
|
13
|
+
if @oauth.duplicate
|
14
|
+
if @owner.nil? || @owner.new_record?
|
15
|
+
send(oauth_settings[:login], @oauth.duplicate.owner)
|
16
|
+
elsif @owner == @oauth.duplicate.owner
|
17
|
+
@oauth.duplicate.destroy
|
18
|
+
save_the_oauth
|
19
|
+
else
|
20
|
+
send(oauth_settings[:conflict], @oauth.duplicate.owner)
|
21
|
+
end
|
17
22
|
else
|
18
|
-
|
23
|
+
save_the_oauth
|
19
24
|
end
|
20
25
|
end
|
21
26
|
|
22
27
|
protected
|
28
|
+
|
29
|
+
def save_the_oauth
|
30
|
+
nested = {"#{oauth_model}_attributes" => [@oauth.attributes]}
|
31
|
+
@owner.update_attributes!(nested)
|
32
|
+
redirect_to send("#{oauth_model.to_s.singularize}_path", @owner.send(oauth_model).last)
|
33
|
+
end
|
23
34
|
|
24
35
|
def type
|
25
36
|
"OAuth#{version_one? && 'One' || 'Two'}#{oauth_model_constant}".constantize
|
data/lib/lasso/model/instance.rb
CHANGED
metadata
CHANGED
@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
|
|
4
4
|
prerelease: false
|
5
5
|
segments:
|
6
6
|
- 0
|
7
|
-
-
|
7
|
+
- 2
|
8
8
|
- 0
|
9
|
-
version: 0.
|
9
|
+
version: 0.2.0
|
10
10
|
platform: ruby
|
11
11
|
authors:
|
12
12
|
- James Daniels
|
@@ -65,12 +65,12 @@ extensions: []
|
|
65
65
|
|
66
66
|
extra_rdoc_files:
|
67
67
|
- LICENSE
|
68
|
-
- README.
|
68
|
+
- README.textile
|
69
69
|
files:
|
70
70
|
- .document
|
71
71
|
- .gitignore
|
72
72
|
- LICENSE
|
73
|
-
- README.
|
73
|
+
- README.textile
|
74
74
|
- Rakefile
|
75
75
|
- VERSION
|
76
76
|
- lasso.gemspec
|