le1t0-oauth-plugin 0.3.14.001 → 0.4.0.pre4.001

data/lib/generators/mongoid/oauth_provider_templates/oauth_nonce.rb

@@ -0,0 +1,24 @@
+# Simple store of nonces. The OAuth Spec requires that any given pair of nonce and timestamps are unique.
+# Thus you can use the same nonce with a different timestamp and viceversa.
+class OauthNonce
+  include Mongoid::Document
+  include Mongoid::Timestamps
+
+  field :nonce,     :type => String
+  field :timestamp, :type => Integer
+
+  index [
+    [:nonce, Mongo::ASCENDING],
+    [:timestamp, Mongo::ASCENDING]
+  ], :unique => true
+
+  validates_presence_of :nonce, :timestamp
+  validates_uniqueness_of :nonce, :scope => :timestamp
+
+  # Remembers a nonce and it's associated timestamp. It returns false if it has already been used
+  def self.remember(nonce, timestamp)
+    oauth_nonce = OauthNonce.create(:nonce => nonce, :timestamp => timestamp)
+    return false if oauth_nonce.new_record?
+    oauth_nonce
+  end
+end

data/lib/generators/mongoid/oauth_provider_templates/oauth_token.rb

@@ -0,0 +1,44 @@
+class OauthToken
+  include Mongoid::Document
+  include Mongoid::Timestamps
+
+  field :token, :type => String
+  field :secret, :type => String
+  field :callback_url, :type => String
+  field :verifier, :type => String
+  field :scope, :type => String
+  field :authorized_at, :type => Time
+  field :invalidated_at, :type => Time
+  field :valid_to, :type => Time
+
+  index :token, :unique => true
+
+  referenced_in :user
+  referenced_in :client_application
+
+  validates_uniqueness_of :token
+  validates_presence_of :client_application, :token
+  before_validation :generate_keys, :on => :create
+
+  def invalidated?
+    !invalidated_at.nil?
+  end
+
+  def invalidate!
+    update_attribute(:invalidated_at, Time.now)
+  end
+
+  def authorized?
+    !authorized_at.nil? && !invalidated?
+  end
+
+  def to_query
+    "oauth_token=#{token}&oauth_token_secret=#{secret}"
+  end
+
+  protected
+  def generate_keys
+    self.token = OAuth::Helper.generate_key(40)[0,40]
+    self.secret = OAuth::Helper.generate_key(40)[0,40]
+  end
+end

data/lib/generators/mongoid/oauth_provider_templates/request_token.rb

@@ -0,0 +1,36 @@
+class RequestToken < OauthToken
+  attr_accessor :provided_oauth_verifier
+
+  def authorize!(user)
+    return false if authorized?
+    self.user           = user
+    self.authorized_at  = Time.now
+    self.verifier       = OAuth::Helper.generate_key(20)[0,20] unless oauth10?
+    self.save
+  end
+
+  def exchange!
+    return false unless authorized?
+    return false unless oauth10? || verifier == provided_oauth_verifier
+
+    AccessToken.create(:user => user, :client_application => client_application).tap do
+      invalidate!
+    end
+  end
+
+  def to_query
+    if oauth10?
+      super
+    else
+      "#{super}&oauth_callback_confirmed=true"
+    end
+  end
+
+  def oob?
+    self.callback_url == 'oob'
+  end
+
+  def oauth10?
+    (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
+  end
+end

data/lib/generators/oauth_consumer/USAGE

@@ -0,0 +1,11 @@
+This creates an OAuth Consumer controller as well as requisite models.
+
+It requires an authentication framework such as acts_as_authenticated, restful_authentication or restful_open_id_authentication that provides the methods "login_required" and "current_user".
+
+See comments in generated controller for more info about overriding these.
+
+If you generated the migration file (true by default), make sure you run
+
+  rake db:migrate
+
+See README.rdoc for more.

data/lib/generators/oauth_consumer/oauth_consumer_generator.rb

@@ -0,0 +1,27 @@
+require 'rails/generators/migration'
+require 'rails/generators/active_record'
+
+class OauthConsumerGenerator < Rails::Generators::Base
+  source_root File.expand_path("../templates", __FILE__)
+  
+  hook_for :orm
+    
+  def copy_models
+    template 'oauth_config.rb',   File.join('config', 'initializers', 'oauth_consumers.rb')
+  end
+  
+  def copy_controller
+    template 'controller.rb', File.join('app', 'controllers', 'oauth_consumers_controller.rb')
+  end
+  
+  hook_for :template_engine
+  
+  def add_route
+    route <<-ROUTE.strip
+resources :oauth_consumers do
+    get :callback, :on => :member
+  end
+ROUTE
+  end
+    
+end

data/lib/generators/oauth_consumer/templates/controller.rb

@@ -0,0 +1,50 @@
+require 'oauth/controllers/consumer_controller'
+class OauthConsumersController < ApplicationController
+  include Oauth::Controllers::ConsumerController
+  # Replace this with the equivalent for your authentication framework
+  # Eg. for devise
+  #
+  #   before_filter :authenticate_user!, :only=>:index
+  before_filter :login_required, :only=>:index
+  
+  def index
+    @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
+    @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
+  end
+  
+  protected
+  
+  # Change this to decide where you want to redirect user to after callback is finished.
+  # params[:id] holds the service name so you could use this to redirect to various parts
+  # of your application depending on what service you're connecting to.
+  def go_back
+    redirect_to root_url
+  end
+  
+  # The plugin requires logged_in? to return true or false if the user is logged in. Uncomment and
+  # call your auth frameworks equivalent below if different. eg. for devise:
+  #
+  # def logged_in?
+  #   user_signed_in?
+  # end
+    
+  # The plugin requires current_user to return the current logged in user. Uncomment and
+  # call your auth frameworks equivalent below if different.
+  # def current_user
+  #   current_person
+  # end
+
+  # The plugin requires a way to log a user in. Call your auth frameworks equivalent below 
+  # if different. eg. for devise:
+  #
+  # def current_user=(user)
+  #   sign_in(user)
+  # end
+  
+  # Override this to deny the user or redirect to a login screen depending on your framework and app
+  # if different. eg. for devise:
+  #
+  # def deny_access!
+  #   raise Acl9::AccessDenied
+  # end
+end

data/lib/generators/oauth_consumer/templates/oauth_config.rb

@@ -0,0 +1,47 @@
+# edit this file to contain credentials for the OAuth services you support.
+# each entry needs a corresponding token model.
+#
+# eg. :twitter => TwitterToken, :hour_feed => HourFeedToken etc.
+#
+# OAUTH_CREDENTIALS={
+#   :twitter=>{
+#     :key=>"",
+#     :secret=>"",
+#     :allow_login => true # Use :allow_login => true to allow user to login to account
+#   },
+#   :google=>{
+#     :key=>"",
+#     :secret=>"",
+#     :scope=>"" # see http://code.google.com/apis/gdata/faq.html#AuthScopes
+#   },
+#   :agree2=>{
+#     :key=>"",
+#     :secret=>""
+#   },
+#   :fireeagle=>{
+#     :key=>"",
+#     :secret=>""
+#   },
+#   :hour_feed=>{
+#     :key=>"",
+#     :secret=>"",
+#     :options=>{ # OAuth::Consumer options
+#       :site=>"http://hourfeed.com" # Remember to add a site for a generic OAuth site
+#     }
+#   },
+#   :nu_bux=>{
+#     :key=>"",
+#     :secret=>"",
+#     :super_class=>"OpenTransactToken",  # if a OAuth service follows a particular standard 
+#                                         # with a token implementation you can set the superclass
+#                                         # to use
+#     :options=>{ # OAuth::Consumer options
+#       :site=>"http://nubux.heroku.com" 
+#     }
+#   }
+# }
+# 
+OAUTH_CREDENTIALS={
+} unless defined? OAUTH_CREDENTIALS
+
+load 'oauth/models/consumers/service_loader.rb'

data/lib/generators/oauth_inflections.rb

@@ -0,0 +1,6 @@
+require 'active_support'
+require 'active_support/inflector'
+
+ActiveSupport::Inflector.inflections do |inflect|
+  inflect.uncountable %w(oauth)
+end

data/lib/generators/oauth_provider/USAGE

@@ -0,0 +1,18 @@
+This creates an OAuth Provider controller as well as the requisite models.
+
+It requires an authentication framework such as acts_as_authenticated, restful_authentication or restful_open_id_authentication.
+
+If you generated the migration file (true by default), make sure you run
+
+  rake db:migrate
+
+include the following in your user.rb
+
+  has_many :client_applications
+  has_many :tokens, :class_name=>"OauthToken",:order=>"authorized_at desc",:include=>[:client_application]
+
+For legacy OAUTH 1.0 support add the following constant in your environment.rb
+
+  OAUTH_10_SUPPORT = true
+
+Note, you should only do this if you really positively require to support old OAuth1.0 clients. There is a serious security issue with this.

data/lib/generators/oauth_provider/oauth_provider_generator.rb

@@ -0,0 +1,47 @@
+require 'generators/oauth_inflections'
+
+class OauthProviderGenerator < Rails::Generators::NamedBase
+  source_root File.expand_path("../templates", __FILE__)
+
+  argument :name, :type => :string, :default => 'Oauth'
+
+  desc 'This creates an OAuth Provider controller as well as the requisite models.'
+
+  hook_for :orm
+
+  def check_class_collisions
+    # Check for class naming collisions.
+    class_collisions class_path, "#{class_name}Controller", # Oauth Controller
+                                 "#{class_name}Helper",
+                                 "#{class_name}ClientsController",
+                                 "#{class_name}ClientsHelper"
+  end
+
+  def copy_controller_files
+    template 'controller.rb',         File.join('app/controllers', class_path, "#{file_name}_controller.rb")
+    template 'clients_controller.rb', File.join('app/controllers', class_path, "#{file_name}_clients_controller.rb")
+  end
+
+  hook_for :test_framework, :template_engine
+
+  def add_routes
+    route "match '/oauth',               :to => 'oauth#index',         :as => :oauth"
+    route "match '/oauth/authorize',     :to => 'oauth#authorize',     :as => :authorize"
+    route "match '/oauth/request_token', :to => 'oauth#request_token', :as => :request_token"
+    route "match '/oauth/access_token',  :to => 'oauth#access_token',  :as => :access_token"
+    route "match '/oauth/token',         :to => 'oauth#token',         :as => :token"
+    route "match '/oauth/test_request',  :to => 'oauth#test_request',  :as => :test_request"
+
+    route "resources :#{file_name}_clients"
+  end
+  def add_routes
+    route "match '/oauth',               :to => 'oauth#index',         :as => :oauth"
+    route "match '/oauth/authorize',     :to => 'oauth#authorize',     :as => :authorize"
+    route "match '/oauth/request_token', :to => 'oauth#request_token', :as => :request_token"
+    route "match '/oauth/access_token',  :to => 'oauth#access_token',  :as => :access_token"
+    route "match '/oauth/token',         :to => 'oauth#token',         :as => :token"
+    route "match '/oauth/test_request',  :to => 'oauth#test_request',  :as => :test_request"
+
+    route "resources :#{file_name}_clients"
+  end
+end

data/lib/generators/oauth_provider/templates/clients_controller.rb

@@ -0,0 +1,52 @@
+class OauthClientsController < ApplicationController
+  before_filter :login_required
+  before_filter :get_client_application, :only => [:show, :edit, :update, :destroy]
+
+  def index
+    @client_applications = current_user.client_applications
+    @tokens = current_user.tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null'
+  end
+
+  def new
+    @client_application = ClientApplication.new
+  end
+
+  def create
+    @client_application = current_user.client_applications.build(params[:client_application])
+    if @client_application.save
+      flash[:notice] = "Registered the information successfully"
+      redirect_to :action => "show", :id => @client_application.id
+    else
+      render :action => "new"
+    end
+  end
+
+  def show
+  end
+
+  def edit
+  end
+
+  def update
+    if @client_application.update_attributes(params[:client_application])
+      flash[:notice] = "Updated the client information successfully"
+      redirect_to :action => "show", :id => @client_application.id
+    else
+      render :action => "edit"
+    end
+  end
+
+  def destroy
+    @client_application.destroy
+    flash[:notice] = "Destroyed the client application registration"
+    redirect_to :action => "index"
+  end
+
+  private
+  def get_client_application
+    unless @client_application = current_user.client_applications.find(params[:id])
+      flash.now[:error] = "Wrong application id"
+      raise ActiveRecord::RecordNotFound
+    end
+  end
+end

data/lib/generators/oauth_provider/templates/controller.rb

@@ -0,0 +1,23 @@
+require 'oauth/controllers/provider_controller'
+class OauthController < ApplicationController
+  include OAuth::Controllers::ProviderController
+
+  protected
+  # Override this to match your authorization page form
+  # It currently expects a checkbox called authorize
+  # def user_authorizes_token?
+  #   params[:authorize] == '1'
+  # end
+
+  # should authenticate and return a user if valid password.
+  # This example should work with most Authlogic or Devise. Uncomment it
+  # def authenticate_user(username,password)
+  #   user = User.find_by_email params[:username]
+  #   if user && user.valid_password?(params[:password])
+  #     user
+  #   else
+  #     nil
+  #   end
+  # end
+
+end

data/lib/generators/rspec/oauth_provider_generator.rb

@@ -0,0 +1,39 @@
+require 'generators/rspec'
+
+module Rspec
+  module Generators
+    class OauthProviderGenerator < Rails::Generators::NamedBase
+      source_root File.expand_path('../templates', __FILE__)
+
+      argument :name, :type => :string, :default => 'Oauth'
+      class_option :fixture, :type => :boolean
+
+      def copy_controller_spec_files
+        template 'controller_spec_helper.rb',
+          File.join('spec/controllers', class_path, "#{file_name}_controller_spec_helper.rb")
+        template 'controller_spec.rb',
+          File.join('spec/controllers', class_path, "#{file_name}_controller_spec.rb")
+        template 'clients_controller_spec.rb',
+          File.join('spec/controllers', class_path, "#{file_name}_clients_controller_spec.rb")
+      end
+
+      def copy_models_spec_files
+        template 'client_application_spec.rb',  File.join('spec/models', 'client_application_spec.rb')
+        template 'oauth_token_spec.rb',         File.join('spec/models', 'oauth_token_spec.rb')
+        template 'oauth2_token_spec.rb',        File.join('spec/models', 'oauth2_token_spec.rb')
+        template 'oauth2_verifier_spec.rb',     File.join('spec/models', 'oauth2_verifier_spec.rb')
+        template 'oauth_nonce_spec.rb',         File.join('spec/models', 'oauth_nonce_spec.rb')
+      end
+
+      hook_for :fixture_replacement
+
+      def create_fixture_file
+        if options[:fixtures] && options[:fixture_replacement].nil?
+          template 'client_applications.yml', File.join('test/fixtures', 'client_applications.yml')
+          template 'oauth_tokens.yml',        File.join('test/fixtures', 'oauth_tokens.yml')
+          template 'oauth_nonces.yml',        File.join('test/fixtures', 'oauth_nonces.yml')
+        end
+      end
+    end
+  end
+end