RubyGems - le1t0-oauth-plugin - Versions diffs - 0.3.14.001 → 0.4.0.pre4.001 - Mend

le1t0-oauth-plugin 0.3.14.001 → 0.4.0.pre4.001

Files changed (120) hide show

data/generators/oauth_provider/templates/controller_spec_helper.rb CHANGED Viewed

@@ -1,80 +1,66 @@
+require 'oauth/client/action_controller_request'
 module OAuthControllerSpecHelper
-  def login
-    controller.stub!(:local_request?).and_return(true)
-    @user = mock_model(User)
-    controller.stub!(:current_user).and_return(@user)
-    @tokens = []
-    @tokens.stub!(:find).and_return(@tokens)
-    @user.stub!(:tokens).and_return(@tokens)
-    User.stub!(:find_by_id).and_return(@user)
+  def current_user
+    @user||=users(:aaron)
+  end
+  def current_client_application
+    @client_application||=client_applications(:one)
+  end
+  def access_token
+    @access_token||=AccessToken.create :user=>current_user,:client_application=>current_client_application
+  end
+  def request_token
+    @request_token||=RequestToken.create :client_application=>current_client_application, :callback_url=>"http://application/callback"
+  end
+  def consumer_request_token
+    OAuth::RequestToken.new current_consumer,request_token.token,request_token.secret
+  end
+  def consumer_access_token
+    OAuth::AccessToken.new current_consumer,access_token.token,access_token.secret
+  end
+  if defined?(Devise)
+    include Devise::TestHelpers
+    def login
+      sign_in :user, current_user
+    end
+  else
+    def login
+      controller.stub!(:current_user).and_return(current_user)
+    end
   end
   def login_as_application_owner
+    @user = users(:quentin)
     login
-    @client_application = mock_model(ClientApplication)
-    @client_applications = [@client_application]
-    @user.stub!(:client_applications).and_return(@client_applications)
-    @client_applications.stub!(:find).and_return(@client_application)
   end
-  def setup_oauth
-    controller.stub!(:local_request?).and_return(true)
-    @user||=mock_model(User)
-    User.stub!(:find_by_id).and_return(@user)
-    @server = OAuth::Server.new "http://test.host"
-    @consumer = OAuth::Consumer.new('key', 'secret',{:site => "http://test.host"})
-    @client_application = mock_model(ClientApplication)
-    controller.stub!(:current_client_application).and_return(@client_application)
-    ClientApplication.stub!(:find_by_key).and_return(@client_application)
-    @client_application.stub!(:key).and_return(@consumer.key)
-    @client_application.stub!(:secret).and_return(@consumer.secret)
-    @client_application.stub!(:name).and_return("Client Application name")
-    @client_application.stub!(:callback_url).and_return("http://application/callback")
-    @request_token = mock_model(RequestToken, :token => 'request_token', :client_application => @client_application, :secret => "request_secret", :user => @user)
-    @request_token.stub!(:invalidated?).and_return(false)
-    ClientApplication.stub!(:find_token).and_return(@request_token)
-    @request_token_string="oauth_token=request_token&oauth_token_secret=request_secret"
-    @request_token.stub!(:to_query).and_return(@request_token_string)
-    @request_token.stub!(:expired?).and_return(false)
-    @request_token.stub!(:callback_url).and_return(nil)
-    @request_token.stub!(:verifier).and_return("verifyme")
-    @request_token.stub!(:oauth10?).and_return(false)
-    @request_token.stub!(:oob?).and_return(true)
-    @access_token = mock_model(AccessToken, :token => 'access_token', :client_application => @client_application, :secret => "access_secret", :user => @user)
-    @access_token.stub!(:invalidated?).and_return(false)
-    @access_token.stub!(:authorized?).and_return(true)
-    @access_token.stub!(:expired?).and_return(false)
-    @access_token_string="oauth_token=access_token&oauth_token_secret=access_secret"
-    @access_token.stub!(:to_query).and_return(@access_token_string)
-    @client_application.stub!(:authorize_request?).and_return(true)
-#    @client_application.stub!(:sign_request_with_oauth_token).and_return(@request_token)
-    @client_application.stub!(:exchange_for_access_token).and_return(@access_token)
+  def current_consumer
+    @consumer ||= OAuth::Consumer.new(current_client_application.key,current_client_application.secret,{:site => "http://test.host"})
   end
   def setup_oauth_for_user
     login
-    setup_oauth
-    @tokens = [@request_token]
-    @tokens.stub!(:find).and_return(@tokens)
-    @tokens.stub!(:find_by_token).and_return(@request_token)
-    @user.stub!(:tokens).and_return(@tokens)
   end
   def sign_request_with_oauth(token=nil,options={})
     ActionController::TestRequest.use_oauth=true
-    @request.configure_oauth(@consumer,token,options)
+    @request.configure_oauth(current_consumer,token,options)
+  end
+  def two_legged_sign_request_with_oauth(consumer=nil,options={})
+    ActionController::TestRequest.use_oauth=true
+    @request.configure_oauth(consumer,nil,options)
   end
-  def setup_to_authorize_request
-    setup_oauth
-    OauthToken.stub!(:find_by_token).with( @access_token.token).and_return(@access_token)
-    @access_token.stub!(:is_a?).and_return(true)
+  def add_oauth2_token_header(token,options={})
+    request.env['HTTP_AUTHORIZATION'] = "OAuth #{token.token}"
   end
-end
+end

data/generators/oauth_provider/templates/migration.rb CHANGED Viewed

@@ -5,27 +5,28 @@ class CreateOauthTables < ActiveRecord::Migration
       t.string :url
       t.string :support_url
       t.string :callback_url
-      t.string :key, :limit => 20
+      t.string :key, :limit => 40
       t.string :secret, :limit => 40
       t.integer :user_id
       t.timestamps
     end
-    add_index :client_applications, :key, :unique
+    add_index :client_applications, :key, :unique => true
     create_table :oauth_tokens do |t|
       t.integer :user_id
       t.string :type, :limit => 20
       t.integer :client_application_id
-      t.string :token, :limit => 20
+      t.string :token, :limit => 40
       t.string :secret, :limit => 40
       t.string :callback_url
       t.string :verifier, :limit => 20
-      t.timestamp :authorized_at, :invalidated_at
+      t.string :scope
+      t.timestamp :authorized_at, :invalidated_at, :valid_to
       t.timestamps
     end
-    add_index :oauth_tokens, :token, :unique
+    add_index :oauth_tokens, :token, :unique => true
     create_table :oauth_nonces do |t|
       t.string :nonce

data/generators/oauth_provider/templates/oauth2_authorize.html.erb ADDED Viewed

@@ -0,0 +1,16 @@
+<h1>Authorize access to your account</h1>
+<p>Would you like to authorize <%%= link_to @token.client_application.name,@token.client_application.url %> (<%%= link_to @token.client_application.url,@token.client_application.url %>) to access your account?</p>
+<%% form_tag authorize_url do %>
+  <%%= hidden_field_tag "response_type", params[:response_type]%>
+  <%%= hidden_field_tag "client_id", params[:client_id]%>
+  <%%= hidden_field_tag "redirect_url", params[:redirect_url]%>
+  <%%= hidden_field_tag "state", params[:state]%>
+  <%%= hidden_field_tag "scope", params[:scope]%>
+<p>
+  <%%= check_box_tag 'authorize' %> authorize access
+</p>
+<p>
+  <%%= submit_tag %>
+</p>
+<%% end %>

data/generators/oauth_provider/templates/oauth2_authorize.html.haml ADDED Viewed

@@ -0,0 +1,17 @@
+%h1 Authorize access to your account
+%p
+  Would you like to authorize
+  = link_to @client_application.name,@client_application.url
+  (
+  = link_to @client_application.url,@client_application.url
+  ) to access your account?
+- form_tag authorize_url do
+  = hidden_field_tag "response_type", params[:response_type]
+  = hidden_field_tag "client_id", params[:client_id]
+  = hidden_field_tag "redirect_url", params[:redirect_url]
+  = hidden_field_tag "state", params[:state]
+  = hidden_field_tag "scope", params[:scope]
+  = check_box_tag 'authorize'
+  authorize access
+  %p
+    = submit_tag

data/generators/oauth_provider/templates/oauth2_token.rb ADDED Viewed

@@ -0,0 +1,6 @@
+class Oauth2Token < AccessToken
+  def as_json(options={})
+    {:access_token=>token}
+  end
+end

data/generators/oauth_provider/templates/oauth2_token_spec.rb ADDED Viewed

@@ -0,0 +1,29 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe Oauth2Token do
+  fixtures :client_applications, :users, :oauth_tokens
+  before(:each) do
+    @token = Oauth2Token.create :client_application => client_applications(:one), :user=>users(:aaron)
+  end
+  it "should be valid" do
+    @token.should be_valid
+  end
+  it "should have a token" do
+    @token.token.should_not be_nil
+  end
+  it "should have a secret" do
+    @token.secret.should_not be_nil
+  end
+  it "should be authorized" do
+    @token.should be_authorized
+  end
+  it "should not be invalidated" do
+    @token.should_not be_invalidated
+  end
+end

data/generators/oauth_provider/templates/oauth2_verifier.rb ADDED Viewed

@@ -0,0 +1,28 @@
+class Oauth2Verifier < OauthToken
+  validates_presence_of :user
+  def exchange!(params={})
+    OauthToken.transaction do
+      token = Oauth2Token.create! :user=>user,:client_application=>client_application
+      invalidate!
+      token
+    end
+  end
+  def code
+    token
+  end
+  def redirect_url
+    callback_url
+  end
+  protected
+  def generate_keys
+    self.token = OAuth::Helper.generate_key(20)[0,20]
+    self.valid_to = 10.minutes.from_now
+    self.authorized_at = Time.now
+  end
+end

data/generators/oauth_provider/templates/oauth2_verifier_spec.rb ADDED Viewed

@@ -0,0 +1,54 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe Oauth2Verifier do
+  fixtures :client_applications, :users, :oauth_tokens
+  before(:each) do
+    @verifier = Oauth2Verifier.create :client_application => client_applications(:one), :user=>users(:aaron)
+  end
+  it "should be valid" do
+    @verifier.should be_valid
+  end
+  it "should have a code" do
+    @verifier.code.should_not be_nil
+  end
+  it "should not have a secret" do
+    @verifier.secret.should be_nil
+  end
+  it "should be authorized" do
+    @verifier.should be_authorized
+  end
+  it "should not be invalidated" do
+    @verifier.should_not be_invalidated
+  end
+  describe "exchange for oauth2 token" do
+    before(:each) do
+      @token = @verifier.exchange!
+    end
+    it "should invalidate verifier" do
+      @verifier.should be_invalidated
+    end
+    it "should set user on token" do
+      @token.user.should==@verifier.user
+    end
+    it "should set client application on token" do
+      @token.client_application.should == @verifier.client_application
+    end
+    it "should be authorized" do
+      @token.should be_authorized
+    end
+    it "should not be invalidated" do
+      @token.should_not be_invalidated
+    end
+  end
+end

data/generators/oauth_provider/templates/oauth_token.rb CHANGED Viewed

@@ -2,7 +2,7 @@ class OauthToken < ActiveRecord::Base
   belongs_to :client_application
   belongs_to :user
   validates_uniqueness_of :token
-  validates_presence_of :client_application, :token, :secret
+  validates_presence_of :client_application, :token
   before_validation_on_create :generate_keys
   def invalidated?
@@ -24,8 +24,7 @@ class OauthToken < ActiveRecord::Base
   protected
   def generate_keys
-    oauth_token = client_application.oauth_server.generate_credentials
-    self.token = oauth_token[0][0,20]
-    self.secret = oauth_token[1][0,40]
+    self.token = OAuth::Helper.generate_key(40)[0,40]
+    self.secret = OAuth::Helper.generate_key(40)[0,40]
   end
 end

data/generators/oauth_provider/templates/request_token.rb CHANGED Viewed

@@ -6,7 +6,7 @@ class RequestToken < OauthToken
     return false if authorized?
     self.user = user
     self.authorized_at = Time.now
-    self.verifier=OAuth::Helper.generate_key(16)[0,20] unless oauth10?
+    self.verifier=OAuth::Helper.generate_key(20)[0,20] unless oauth10?
     self.save
   end

data/lib/generators/active_record/oauth_consumer_generator.rb ADDED Viewed

@@ -0,0 +1,33 @@
+require 'rails/generators/active_record'
+module ActiveRecord
+  module Generators
+    class OauthConsumerGenerator < Rails::Generators::Base
+      include Rails::Generators::Migration
+      source_root File.expand_path('../oauth_consumer_templates', __FILE__)
+      # Implement the required interface for Rails::Generators::Migration.
+      def self.next_migration_number(dirname) #:nodoc:
+        next_migration_number = current_migration_number(dirname) + 1
+        if ActiveRecord::Base.timestamped_migrations
+          [Time.now.utc.strftime("%Y%m%d%H%M%S"), "%.14d" % next_migration_number].max
+        else
+          "%.3d" % next_migration_number
+        end
+      end
+      def check_class_collisions
+        class_collisions '', %w(ConsumerToken)
+      end
+      def copy_models
+        template 'consumer_token.rb', File.join('app/models', 'consumer_token.rb')
+      end
+      def copy_migration
+        migration_template 'migration.rb', 'db/migrate/create_oauth_consumer_tokens'
+      end
+    end
+  end
+end

data/lib/generators/active_record/oauth_consumer_templates/consumer_token.rb ADDED Viewed

@@ -0,0 +1,11 @@
+require 'oauth/models/consumers/token'
+class ConsumerToken < ActiveRecord::Base
+  include Oauth::Models::Consumers::Token
+  # You can safely remove this callback if you don't allow login from any of your services
+  before_create :create_user
+  # Modify this with class_name etc to match your application
+  belongs_to :user
+end

data/lib/generators/active_record/oauth_consumer_templates/migration.rb ADDED Viewed

@@ -0,0 +1,20 @@
+class CreateOauthConsumerTokens < ActiveRecord::Migration
+  def self.up
+    create_table :consumer_tokens do |t|
+      t.integer :user_id
+      t.string :type, :limit => 30
+      t.string :token, :limit => 1024 # This has to be huge because of Yahoo's excessively large tokens
+      t.string :secret
+      t.timestamps
+    end
+    add_index :consumer_tokens, :token, :unique => true
+  end
+  def self.down
+    drop_table :consumer_tokens
+  end
+end

data/lib/generators/active_record/oauth_provider_generator.rb ADDED Viewed

@@ -0,0 +1,39 @@
+require 'rails/generators/active_record'
+module ActiveRecord
+  module Generators
+    class OauthProviderGenerator < Rails::Generators::Base
+      include Rails::Generators::Migration
+      source_root File.expand_path('../oauth_provider_templates', __FILE__)
+      # Implement the required interface for Rails::Generators::Migration.
+      def self.next_migration_number(dirname) #:nodoc:
+        next_migration_number = current_migration_number(dirname) + 1
+        if ActiveRecord::Base.timestamped_migrations
+          [Time.now.utc.strftime("%Y%m%d%H%M%S"), "%.14d" % next_migration_number].max
+        else
+          "%.3d" % next_migration_number
+        end
+      end
+      def check_class_collisions
+        class_collisions '', %w(ClientApplication OauthNonce RequestToken AccessToken OauthToken)
+      end
+      def copy_models
+        template 'client_application.rb', File.join('app/models', 'client_application.rb')
+        template 'oauth_token.rb',        File.join('app/models', 'oauth_token.rb')
+        template 'request_token.rb',      File.join('app/models', 'request_token.rb')
+        template 'access_token.rb',       File.join('app/models', 'access_token.rb')
+        template 'oauth2_token.rb',       File.join('app/models', 'oauth2_token.rb')
+        template 'oauth2_verifier.rb',    File.join('app/models', 'oauth2_verifier.rb')
+        template 'oauth_nonce.rb',        File.join('app/models', 'oauth_nonce.rb')
+      end
+      def copy_migration
+        migration_template 'migration.rb', 'db/migrate/create_oauth_tables'
+      end
+    end
+  end
+end