RubyGems - le1t0-oauth-plugin - Versions diffs - 0.3.14.001 → 0.4.0.pre4.001 - Mend

le1t0-oauth-plugin 0.3.14.001 → 0.4.0.pre4.001

Files changed (120) hide show

data/lib/oauth/controllers/consumer_controller.rb CHANGED Viewed

@@ -3,7 +3,6 @@ module Oauth
     module ConsumerController
       def self.included(controller)
         controller.class_eval do
-          before_filter :login_required
           before_filter :load_consumer, :except=>:index
           skip_before_filter :verify_authenticity_token,:only=>:callback
         end
@@ -13,8 +12,7 @@ module Oauth
         @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
         # The services the user hasn't already connected to
         @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
-      end
+      end
       # creates request token and redirects on to oauth provider's auth page
       # If user is already connected it displays a page with an option to disconnect and redo
@@ -31,11 +29,19 @@ module Oauth
       end
       def callback
+        logger.info "CALLBACK"
         @request_token_secret=session[params[:oauth_token]]
         if @request_token_secret
-          @token=@consumer.create_from_request_token(current_user,params[:oauth_token],@request_token_secret,params[:oauth_verifier])
+          @token=@consumer.find_or_create_from_request_token(current_user,params[:oauth_token],@request_token_secret,params[:oauth_verifier])
+          session[params[:oauth_token]] = nil
           if @token
-            flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
+            # Log user in
+            if logged_in?
+              flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
+            else
+              self.current_user = @token.user
+              flash[:notice] = "You logged in with #{params[:id].humanize}"
+            end
             go_back
           else
             flash[:error] = "An error happened, please try connecting again"
@@ -67,8 +73,14 @@ module Oauth
       def load_consumer
         consumer_key=params[:id].to_sym
         throw RecordNotFound unless OAUTH_CREDENTIALS.include?(consumer_key)
+        deny_access! unless logged_in? || OAUTH_CREDENTIALS[consumer_key][:allow_login]
         @consumer="#{consumer_key.to_s.camelcase}Token".constantize
-        @token=@consumer.find_by_user_id current_user.id
+        @token=@consumer.find(:first, :conditions=>{:user_id=>current_user.id.to_s}) if logged_in?
+      end
+      # Override this in you controller to deny user or redirect to login screen.
+      def deny_access!
+        head 401
       end
     end

data/lib/oauth/controllers/provider_controller.rb CHANGED Viewed

@@ -5,16 +5,16 @@ module OAuth
       def self.included(controller)
         controller.class_eval do
           before_filter :login_required, :only => [:authorize,:revoke]
-          before_filter :login_or_oauth_required, :only => [:test_request]
-          before_filter :oauth_required, :only => [:invalidate,:capabilities]
-          before_filter :verify_oauth_consumer_signature, :only => [:request_token]
-          before_filter :verify_oauth_request_token, :only => [:access_token]
+          oauthenticate :only => [:test_request]
+          oauthenticate :strategies => :token, :interactive => false, :only => [:invalidate,:capabilities]
+          oauthenticate :strategies => :two_legged, :interactive => false, :only => [:request_token]
+          oauthenticate :strategies => :oauth10_request_token, :interactive => false, :only => [:access_token]
           skip_before_filter :verify_authenticity_token, :only=>[:request_token, :access_token, :invalidate, :test_request]
         end
       end
       def request_token
-        @token = current_client_application.create_request_token
+        @token = current_client_application.create_request_token params
         if @token
           render :text => @token.to_query
         else
@@ -31,49 +31,29 @@ module OAuth
         end
       end
+      def token
+        @client_application = ClientApplication.find_by_key params[:client_id]
+        if @client_application.secret != params[:client_secret]
+          oauth2_error "invalid_client"
+          return
+        end
+        if ["authorization_code","password","none"].include?(params[:grant_type])
+          send "oauth2_token_#{params[:grant_type].underscore}"
+        else
+          oauth2_error "unsupported_grant_type"
+        end
+      end
       def test_request
         render :text => params.collect{|k,v|"#{k}=#{v}"}.join("&")
       end
       def authorize
-        @token = ::RequestToken.find_by_token params[:oauth_token]
-        unless @token
-          render :action=>"authorize_failure"
-          return
-        end
-        unless @token.invalidated?
-          if request.post?
-            if user_authorizes_token?
-              @token.authorize!(current_user)
-              if @token.oauth10?
-                @redirect_url = URI.parse(params[:oauth_callback] || @token.client_application.callback_url)
-              else
-                @redirect_url = URI.parse(@token.oob? ? @token.client_application.callback_url : @token.callback_url)
-              end
-              unless @redirect_url.to_s.blank?
-                if @token.oauth10?
-                  @redirect_url.query = @redirect_url.query.blank? ?
-                                        "oauth_token=#{@token.token}" :
-                                        @redirect_url.query + "&oauth_token=#{@token.token}"
-                  redirect_to @redirect_url.to_s
-                else
-                  @redirect_url.query = @redirect_url.query.blank? ?
-                                        "oauth_token=#{@token.token}&oauth_verifier=#{@token.verifier}" :
-                                        @redirect_url.query + "&oauth_token=#{@token.token}&oauth_verifier=#{@token.verifier}"
-                  redirect_to @redirect_url.to_s
-                end
-              else
-                render :action => "authorize_success"
-              end
-            else
-              @token.invalidate!
-              render :action => "authorize_failure"
-            end
-          end
-        else
-          render :action => "authorize_failure"
+        if params[:oauth_token]
+          @token = ::RequestToken.find_by_token params[:oauth_token]
+          oauth1_authorize
+        elsif ["code","token"].include?(params[:response_type]) # pick flow
+          send "oauth2_authorize_#{params[:response_type]}"
         end
       end
@@ -108,9 +88,139 @@ module OAuth
       protected
+      def oauth1_authorize
+        unless @token
+          render :action=>"authorize_failure"
+          return
+        end
+        unless @token.invalidated?
+          if request.post?
+            if user_authorizes_token?
+              @token.authorize!(current_user)
+              @redirect_url = URI.parse(@token.oob? ? @token.client_application.callback_url : @token.callback_url)
+              unless @redirect_url.to_s.blank?
+                @redirect_url.query = @redirect_url.query.blank? ?
+                                      "oauth_token=#{@token.token}&oauth_verifier=#{@token.verifier}" :
+                                      @redirect_url.query + "&oauth_token=#{@token.token}&oauth_verifier=#{@token.verifier}"
+                redirect_to @redirect_url.to_s
+              else
+                render :action => "authorize_success"
+              end
+            else
+              @token.invalidate!
+              render :action => "authorize_failure"
+            end
+          end
+        else
+          render :action => "authorize_failure"
+        end
+      end
+      def oauth2_authorize_code
+        @client_application = ClientApplication.find_by_key params[:client_id]
+        if request.post?
+          @redirect_url = URI.parse(params[:redirect_url] || @client_application.callback_url)
+          if user_authorizes_token?
+            @verification_code = Oauth2Verifier.create :client_application=>@client_application, :user=>current_user, :callback_url=>@redirect_url.to_s
+            unless @redirect_url.to_s.blank?
+              @redirect_url.query = @redirect_url.query.blank? ?
+                                    "code=#{@verification_code.code}" :
+                                    @redirect_url.query + "&code=#{@verification_code.code}"
+              redirect_to @redirect_url.to_s
+            else
+              render :action => "authorize_success"
+            end
+          else
+            unless @redirect_url.to_s.blank?
+              @redirect_url.query = @redirect_url.query.blank? ?
+                                    "error=user_denied" :
+                                    @redirect_url.query + "&error=user_denied"
+              redirect_to @redirect_url.to_s
+            else
+              render :action => "authorize_failure"
+            end
+          end
+        else
+          render :action => "oauth2_authorize"
+        end
+      end
+      def oauth2_authorize_token
+        @client_application = ClientApplication.find_by_key params[:client_id]
+        if request.post?
+          @redirect_url = URI.parse(params[:redirect_url] || @client_application.callback_url)
+          if user_authorizes_token?
+            @token  = Oauth2Token.create :client_application=>@client_application, :user=>current_user, :scope=>params[:scope]
+            unless @redirect_url.to_s.blank?
+              @redirect_url.query = @redirect_url.query.blank? ?
+                                    "access_token=#{@token.token}" :
+                                    @redirect_url.query + "&access_token=#{@token.token}"
+              redirect_to @redirect_url.to_s
+            else
+              render :action => "authorize_success"
+            end
+          else
+            unless @redirect_url.to_s.blank?
+              @redirect_url.query = @redirect_url.query.blank? ?
+                                    "error=user_denied" :
+                                    @redirect_url.query + "&error=user_denied"
+              redirect_to @redirect_url.to_s
+            else
+              render :action => "authorize_failure"
+            end
+          end
+        else
+          render :action => "oauth2_authorize"
+        end
+      end
+      # http://tools.ietf.org/html/draft-ietf-oauth-v2-08#section-4.1.1
+      def oauth2_token_authorization_code
+        @verification_code =  @client_application.oauth2_verifiers.find_by_token params[:code]
+        unless @verification_code
+          oauth2_error
+          return
+        end
+        if @verification_code.redirect_url != params[:redirect_url]
+          oauth2_error
+          return
+        end
+        @token = @verification_code.exchange!
+        render :json=>@token
+      end
+      # http://tools.ietf.org/html/draft-ietf-oauth-v2-08#section-4.1.2
+      def oauth2_token_password
+        @user = authenticate_user( params[:username], params[:password])
+        unless @user
+          oauth2_error
+          return
+        end
+        @token = Oauth2Token.create :client_application=>@client_application, :user=>@user, :scope=>params[:scope]
+        render :json=>@token
+      end
+      # should authenticate and return a user if valid password. Override in your own controller
+      def authenticate_user(username,password)
+        User.authenticate(username,password)
+      end
+      # autonomous authorization which creates a token for client_applications user
+      def oauth2_token_none
+        @token = Oauth2Token.create :client_application=>@client_application, :user=>@client_application.user, :scope=>params[:scope]
+        render :json=>@token
+      end
       # Override this to match your authorization page form
       def user_authorizes_token?
         params[:authorize] == '1'
+      end
+      def oauth2_error(error="invalid_grant")
+        render :json=>{:error=>error}.to_json
       end
     end
   end

data/lib/oauth/models/consumers/service_loader.rb CHANGED Viewed

@@ -1,3 +1,5 @@
+require 'oauth/controllers/consumer_controller'
 # Goes through the entries in your OAUTH_CREDENTIALS and either loads the class required
 # or subclasses ConsumerToken with the name.
 #
@@ -8,6 +10,7 @@ if defined? ConsumerToken && defined? OAUTH_CREDENTIALS
     class_name=value[:class_name]||"#{key.to_s.classify}Token"
     unless Object.const_defined?(class_name.to_sym)
       if File.exists?(File.join(File.dirname(__FILE__), "services","#{key.to_s}_token.rb"))
+        Rails.logger.info File.join(File.dirname(__FILE__), "services","#{key.to_s}_token")
         require File.join(File.dirname(__FILE__), "services","#{key.to_s}_token")
       else
         begin

data/lib/oauth/models/consumers/services/opentransact_token.rb ADDED Viewed

@@ -0,0 +1,15 @@
+require 'opentransact'
+class OpenTransactToken < ConsumerToken
+#  def self.server
+#    @consumer||=OpenTransact::Server.new credentials
+#  end
+#  def self.consumer
+#    @consumer||=server.consumer
+#  end
+  def client
+    @client ||= OpenTransact::Client.new self.class.credentials.merge( {:token=>token, :secret=>secret})
+  end
+end

data/lib/oauth/models/consumers/services/picomoney_token.rb ADDED Viewed

@@ -0,0 +1,17 @@
+require File.join(File.dirname(__FILE__),'opentransact_token')
+class PicomoneyToken < OpenTransactToken
+  def self.credentials
+    @credentials||={
+        :site=>"https://picomoney.com",
+        :consumer_key => super[:key],
+        :consumer_secret => super[:secret]
+      }.merge(super)
+  end
+  def about_user
+    client.get("/about_user")
+  end
+end

data/lib/oauth/models/consumers/token.rb CHANGED Viewed

@@ -7,7 +7,6 @@ module Oauth
       module Token
         def self.included(model)
           model.class_eval do
-            belongs_to :user
             validates_presence_of :user, :token, :secret
           end
@@ -27,17 +26,30 @@ module Oauth
           end
           def get_request_token(callback_url)
+            Rails.logger.info "OAUTH_CONSUMER #{consumer.inspect}"
             consumer.get_request_token(:oauth_callback=>callback_url)
           end
-          def create_from_request_token(user,token,secret,oauth_verifier)
+          def find_or_create_from_request_token(user,token,secret,oauth_verifier)
             request_token=OAuth::RequestToken.new consumer,token,secret
             options={}
             options[:oauth_verifier]=oauth_verifier if oauth_verifier
             access_token=request_token.get_access_token options
-            create :user_id=>user.id,:token=>access_token.token,:secret=>access_token.secret
+            find_or_create_from_access_token user, access_token
           end
+          def find_or_create_from_access_token(user,access_token)
+            if user
+              user.consumer_tokens.first(:conditions=>{:type=>self.to_s,:token=>access_token.token}) ||
+                user.consumer_tokens.create!(:type=>self.to_s,:token=>access_token.token, :secret=>access_token.secret)
+            else
+              ConsumerToken.first( :conditions =>{ :token=>access_token.token,:type=>self.to_s}) ||
+                create(:type=>self.to_s,:token=>access_token.token, :secret=>access_token.secret)
+            end
+          end
+          def build_user_from_token
+          end
           protected
           def credentials
@@ -55,11 +67,23 @@ module Oauth
           end
           def simple_client
-            @simple_client||=SimpleClient.new OAuth::AccessToken.new( self.class.consumer,token,secret)
+            @simple_client||=SimpleClient.new client
           end
+          # Override this to return user data from service
+          def params_for_user
+            {}
+          end
+          def create_user
+            self.user ||= begin
+              User.new params_for_user
+              user.save(:validate=>false)
+            end
+          end
         end
       end
     end
   end
-end
+end

data/lib/oauth/rack/oauth_filter.rb ADDED Viewed

@@ -0,0 +1,50 @@
+require "rack"
+require "rack/request"
+require "oauth/signature"
+module OAuth
+  module Rack
+    # An OAuth 1.0a filter to be used together with the oauth-plugin for rails.T
+    # This is still experimental
+    #
+    # Add it as middleware to your config/application.rb:
+    #
+    # require 'oauth/rack/oauth_filter'
+    # config.middleware.use OAuth::Rack::OAuthFilter
+    class OAuthFilter
+      def initialize(app)
+        @app = app
+      end
+      def call(env)
+        request = ::Rack::Request.new(env)
+        env["oauth_plugin"]=true
+        if ClientApplication.verify_request(request) do |request_proxy|
+            client_application = ClientApplication.find_by_key(request_proxy.consumer_key)
+            env["oauth.client_application_candidate"] = client_application
+            # Store this temporarily in client_application object for use in request token generation
+            client_application.token_callback_url=request_proxy.oauth_callback if request_proxy.oauth_callback
+            oauth_token = client_application.tokens.first(:conditions=>{:token => request_proxy.token})
+            if oauth_token.respond_to?(:provided_oauth_verifier=)
+              oauth_token.provided_oauth_verifier=request_proxy.oauth_verifier
+            end
+            env["oauth.token_candidate"] = oauth_token
+            # return the token secret and the consumer secret
+            [(oauth_token.nil? ? nil : oauth_token.secret), (client_application.nil? ? nil : client_application.secret)]
+          end
+          env["oauth.token"] = env["oauth.token_candidate"]
+          env["oauth.client_application"] = env["oauth.client_application_candidate"]
+#          Rails.logger.info "oauth.token = #{env["oauth.token"].inspect}"
+        end
+        env["oauth.client_application_candidate"] = nil
+        env["oauth.token_candidate"] = nil
+        response = @app.call(env)
+      end
+    end
+  end
+end