RubyGems - le1t0-oauth-plugin - Versions diffs - 0.3.14.001 → 0.4.0.pre4.001 - Mend

le1t0-oauth-plugin 0.3.14.001 → 0.4.0.pre4.001

Files changed (120) hide show

data/.gitignore CHANGED Viewed

@@ -3,3 +3,6 @@ pkg
 *.log
 .DS_Store
 .svn
+*.gem
+.bundle
+.swp

data/CHANGELOG CHANGED Viewed

@@ -1,3 +1,23 @@
+  0.4.0-pre4
+  - Fixed bug when creating a new user from a new consumer token
+  - Fix typo in consumer token [krasio]
+  - Fix issue with mongoid not supporting find_by_x style queries. [3en]
+  0.4.0-pre3
+  - Experimental rack filter for OAuth 1.0a:
+    see lib/oauth/rack/oauth_filter.rb for details
+  0.4.0-pre2
+  - mongoid defaults to being embedded
+  - new :auto_login option in oauth_config.rb which lets you use eg. twitter as a primary authentication method
+  0.4.0-pre1
+	- mongoid support in rails 3 [Alexander Semyonov]
+	- OAUTH 2.0 authorization_code and password grant types
+	- Supports OAuth 2.0 draft 10 (Note this is incompatible with previous drafts)
+	- Refactored application_controller_methods to be a lot less intrusive
+	- Increased default token and key size in anticipation of OAuth2 support
+	- Rails 3 support
+	- Rails 3 generators [Paul Rosiana] and patches by [Alexander Flatter]
+	- Modularized Rails 3 generators [Alexander Semyonov]
+	- Callback urls now allow query parameters. Multiple patches but I used [Unk]'s.
 10/08/2009
   0.3.14
   - Fixed the class generation when you have a custom token defined. [Brian Morearty]

data/Gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+# Specify your gem's dependencies in oauth-plugin.gemspec
+gemspec

data/README.rdoc CHANGED Viewed

@@ -6,6 +6,10 @@ We support the revised OAuth 1.0a specs at:
 http://oauth.net/core/1.0a
+As well as support for OAuth 2.0:
+http://tools.ietf.org/html/draft-ietf-oauth-v2-10
 and the OAuth site at:
 http://oauth.net
@@ -16,15 +20,25 @@ http://mojodna.net/2009/05/20/an-idiots-guide-to-oauth-10a.html
 == Requirements
-You need to install the oauth gem (0.3.5) which is the core OAuth ruby library. It will NOT work on any previous version of the gem.
+You need to install the oauth gem (0.4.4) which is the core OAuth ruby library. It will likely NOT work on any previous version of the gem.
-  sudo gem install oauth
+  gem install oauth
+== Installation (Rails 3.0)
+Add the plugin to your Gemfile:
-== Installation
+  gem "oauth-plugin", ">=0.4.0.pre1"
+And install it:
+  bundle install
+== Installation (Rails 2.x)
 The plugin can now be installed as an gem from github, which is the easiest way to keep it up to date.
-  sudo gem install oauth-plugin
+  gem install oauth-plugin --pre
 You should add the following in the gem dependency section of environment.rb
@@ -35,7 +49,7 @@ Alternatively you can install it in vendors/plugin:
   script/plugin install git://github.com/pelle/oauth-plugin.git
-The Generator currently creates code (in particular views) that only work in Rails 2.
+The Generator currently creates code (in particular views) that only work in Rails 2 and 3.
 It should not be difficult to manually modify the code to work on Rails 1.2.x
@@ -43,7 +57,34 @@ I think the only real issue is that the views have .html.erb extensions. So thes
 Please let me know if this works and I will see if I can make the generator conditionally create .rhtml for pre 2.0 versions of RAILS.
-== OAuth Provider generator
+== OAuth Provider generator (Rails 3)
+This currently supports rspec, test_unit, haml, erb, active_record and mongoid:
+  rails g oauth_provider
+This generates OAuth and OAuth client controllers as well as the required models.
+It requires an authentication framework such as acts_as_authenticated, restful_authentication or restful_open_id_authentication. It also requires Rails 2.0.
+=== Generator Options
+The generator supports the defaults you have created in your application.rb file. eg:
+  config.generators do |g|
+    g.orm             :mongoid
+    g.template_engine :haml
+    g.test_framework  :rspec
+  end
+=== User Model
+Add the following lines to your user model:
+  has_many :client_applications
+  has_many :tokens, :class_name=>"OauthToken",:order=>"authorized_at desc",:include=>[:client_application]
+== OAuth Provider generator (Rails 2)
 While it isn't very flexible at the moment there is an oauth_provider generator which you can use like this:
@@ -255,18 +296,24 @@ You could add application specific information to the OauthToken and ClientAppli
 The oauth_consumer generator creates a controller to manage the authentication flow between your application and any number of external OAuth secured applications that you wish to connect to.
-To run it simply run:
+To run it in Rails 3 simply run:
+  rails g oauth_consumer
+In previous versions:
   ./script/generate oauth_consumer
 This generates the OauthConsumerController as well as the ConsumerToken model.
-=== Generator Options
+=== Generator Options (Rails 2)
 By default the generator generates ERB templates. The generator can instead create HAML templates. To do this use the following options:
   ./script/generate oauth_consumer --haml
+Rails 3 respects your application defaults, see the oauth provider generator section above for more info.
 === Configuration
 All configuration of applications is done in
@@ -315,7 +362,7 @@ eg. If you connect to Yahoo's FireEagle you would add the :fire_eagle entry to O
 This allows you to add a has_one association in your user model:
-  has_one  :fire_eagle,:class_name=>"FireEagleToken", :dependent=>:destroy
+  has_one  :fire_eagle, :class_name=>"FireEagleToken", :dependent=>:destroy
 And you could do:
@@ -359,8 +406,6 @@ Run them as any other normal migration in rails with:
 == More
-The Google Code project is http://code.google.com/p/oauth-plugin/
 The Mailing List for all things OAuth in Ruby is:
 http://groups.google.com/group/oauth-ruby
@@ -373,4 +418,4 @@ The OAuth Ruby Gem home page is http://oauth.rubyforge.org
 Please help documentation, patches and testing.
-Copyright (c) 2007-2009 Pelle Braendgaard, released under the MIT license
+Copyright (c) 2007-2010 Pelle Braendgaard and contributors, released under the MIT license

data/Rakefile CHANGED Viewed

@@ -1,43 +1,2 @@
-require 'rake'
-require 'rake/testtask'
-require 'rake/rdoctask'
-desc 'Default: run unit tests.'
-task :default => :test
-desc 'Test the oauth plugin.'
-Rake::TestTask.new(:test) do |t|
-  t.libs << 'lib'
-  t.pattern = 'test/**/*_test.rb'
-  t.verbose = true
-end
-desc 'Generate documentation for the oauth plugin.'
-Rake::RDocTask.new(:rdoc) do |rdoc|
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'Oauth'
-  rdoc.options << '--line-numbers' << '--inline-source'
-  rdoc.rdoc_files.include('README')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
-begin
-  require 'jeweler'
-  Jeweler::Tasks.new do |gemspec|
-    gemspec.name = "oauth-plugin"
-    gemspec.summary = "Ruby on Rails Plugin for OAuth Provider and Consumer"
-    gemspec.description = "Rails plugin for implementing an OAuth Provider or Consumer"
-    gemspec.email = "oauth-ruby@googlegroups.com"
-    gemspec.homepage = "http://github.com/pelle/oauth-plugin"
-    gemspec.authors = ["Pelle Braendgaard"]
-    gemspec.add_dependency('oauth', '>= 0.3.5')
-    gemspec.rubyforge_project = 'oauth'
-  end
-  Jeweler::RubyforgeTasks.new do |rubyforge|
-    rubyforge.doc_task = "rdoc"
-  end
-rescue LoadError
-  puts "Jeweler not available. Install it with: sudo gem install technicalpickles-jeweler -s http://gems.github.com"
-end
+require 'bundler'
+Bundler::GemHelper.install_tasks

data/UPGRADE.rdoc ADDED Viewed

@@ -0,0 +1,21 @@
+A few non backwards compatible changes have been made that are really easy to fix.
+If you are upgrading a oauth_consumer from 0.3.x to 0.4.x add the following line to your consumer_token model:
+  belongs_to :user
+So it looks like this:
+  require 'oauth/models/consumers/token'
+  class ConsumerToken < ActiveRecord::Base
+    include Oauth::Models::Consumers::Token
+    belongs_to :user
+  end
+You should also upgrade your oauth_consumer_controller as we no longer call login_required in the library. This should make it easier for implementing it with other authentication frameworks:
+  require 'oauth/controllers/consumer_controller'
+  class OauthConsumersController < ApplicationController
+    include Oauth::Controllers::ConsumerController
+    # Replace this with the equivalent for your authentication framework
+    before_filter :login_required, :only=>:index

data/generators/oauth_consumer/templates/consumer_token.rb CHANGED Viewed

@@ -2,4 +2,10 @@ require 'oauth/models/consumers/token'
 class ConsumerToken < ActiveRecord::Base
   include Oauth::Models::Consumers::Token
+  # You can safely remove this callback if you don't allow login from any of your services
+  before_create :create_user
+  # Modify this with class_name etc to match your application
+  belongs_to :user
 end

data/generators/oauth_consumer/templates/controller.rb CHANGED Viewed

@@ -7,6 +7,10 @@ class OauthConsumersController < ApplicationController
     @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
   end
+  def callback
+    super
+  end
   protected
   # Change this to decide where you want to redirect user to after callback is finished.

data/generators/oauth_consumer/templates/migration.rb CHANGED Viewed

@@ -9,7 +9,7 @@ class CreateOauthConsumerTokens < ActiveRecord::Migration
       t.timestamps
     end
-    add_index :consumer_tokens, :token, :unique
+    add_index :consumer_tokens, :token, :unique => true
   end

data/generators/oauth_provider/oauth_provider_generator.rb CHANGED Viewed

@@ -43,6 +43,8 @@ class OauthProviderGenerator < Rails::Generator::Base
       m.template 'oauth_token.rb',    File.join('app/models',"oauth_token.rb")
       m.template 'request_token.rb',  File.join('app/models',"request_token.rb")
       m.template 'access_token.rb',   File.join('app/models',"access_token.rb")
+      m.template 'oauth2_token.rb',    File.join('app/models',"oauth2_token.rb")
+      m.template 'oauth2_verifier.rb',    File.join('app/models',"oauth2_verifier.rb")
       m.template 'oauth_nonce.rb',    File.join('app/models',"oauth_nonce.rb")
       m.template 'controller.rb',File.join('app/controllers',controller_class_path,"#{controller_file_name}_controller.rb")
@@ -52,6 +54,7 @@ class OauthProviderGenerator < Rails::Generator::Base
       m.route_name 'authorize', '/oauth/authorize',:controller=>'oauth',:action=>'authorize'
       m.route_name 'request_token', '/oauth/request_token',:controller=>'oauth',:action=>'request_token'
       m.route_name 'access_token', '/oauth/access_token',:controller=>'oauth',:action=>'access_token'
+      m.route_name 'token', '/oauth/token',:controller=>'oauth',:action=>'token'
       m.route_name 'test_request', '/oauth/test_request',:controller=>'oauth',:action=>'test_request'
       m.route_resources "#{controller_file_name}_clients".to_sym
@@ -64,6 +67,8 @@ class OauthProviderGenerator < Rails::Generator::Base
         m.template 'client_application_spec.rb',File.join('spec/models',"client_application_spec.rb")
         m.template 'oauth_token_spec.rb',    File.join('spec/models',"oauth_token_spec.rb")
+        m.template 'oauth2_token_spec.rb',    File.join('spec/models',"oauth2_token_spec.rb")
+        m.template 'oauth2_verifier_spec.rb', File.join('spec/models',"oauth2_verifier_spec.rb")
         m.template 'oauth_nonce_spec.rb',    File.join('spec/models',"oauth_nonce_spec.rb")
         m.template 'client_applications.yml',File.join('spec/fixtures',"client_applications.yml")
         m.template 'oauth_tokens.yml',    File.join('spec/fixtures',"oauth_tokens.yml")
@@ -96,6 +101,7 @@ class OauthProviderGenerator < Rails::Generator::Base
       m.template "show.html.#{@template_extension}",  File.join('app/views', controller_class_path, 'oauth_clients', "show.html.#{@template_extension}")
       m.template "edit.html.#{@template_extension}",  File.join('app/views', controller_class_path, 'oauth_clients', "edit.html.#{@template_extension}")
       m.template "authorize.html.#{@template_extension}",  File.join('app/views', controller_class_path, controller_file_name, "authorize.html.#{@template_extension}")
+      m.template "oauth2_authorize.html.#{@template_extension}",  File.join('app/views', controller_class_path, controller_file_name, "oauth2_authorize.html.#{@template_extension}")
       m.template "authorize_success.html.#{@template_extension}",  File.join('app/views', controller_class_path, controller_file_name, "authorize_success.html.#{@template_extension}")
       m.template "authorize_failure.html.#{@template_extension}",  File.join('app/views', controller_class_path, controller_file_name, "authorize_failure.html.#{@template_extension}")

data/generators/oauth_provider/templates/access_token.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 class AccessToken < OauthToken
-  validates_presence_of :user
+  validates_presence_of :user, :secret
   before_create :set_authorized_at
   # Implement this to return a hash or array of the capabilities the access token has
@@ -13,4 +13,4 @@ class AccessToken < OauthToken
   def set_authorized_at
     self.authorized_at = Time.now
   end
-end
+end

data/generators/oauth_provider/templates/client_application.rb CHANGED Viewed

@@ -2,6 +2,9 @@ require 'oauth'
 class ClientApplication < ActiveRecord::Base
   belongs_to :user
   has_many :tokens, :class_name => "OauthToken"
+  has_many :access_tokens
+  has_many :oauth2_verifiers
+  has_many :oauth_tokens
   validates_presence_of :name, :url, :key, :secret
   validates_uniqueness_of :key
   before_validation_on_create :generate_keys
@@ -28,7 +31,6 @@ class ClientApplication < ActiveRecord::Base
       value = signature.verify
       value
     rescue OAuth::Signature::UnknownSignatureMethod => e
-      logger.info "ERROR"+e.to_s
       false
     end
   end
@@ -41,15 +43,15 @@ class ClientApplication < ActiveRecord::Base
     @oauth_client ||= OAuth::Consumer.new(key, secret)
   end
-  def create_request_token
-    RequestToken.create :client_application => self,:callback_url=>self.token_callback_url
+  # If your application requires passing in extra parameters handle it here
+  def create_request_token(params={})
+    RequestToken.create :client_application => self, :callback_url=>self.token_callback_url
   end
 protected
   def generate_keys
-    oauth_client = oauth_server.generate_consumer_credentials
-    self.key = oauth_client.key[0,20]
-    self.secret = oauth_client.secret[0,40]
+    self.key = OAuth::Helper.generate_key(40)[0,40]
+    self.secret = OAuth::Helper.generate_key(40)[0,40]
   end
 end

data/generators/oauth_provider/templates/client_applications.yml CHANGED Viewed

@@ -2,9 +2,9 @@
 one:
   id: 1
   name: MyString
-  url: MyString
-  support_url: MyString
-  callback_url: MyString
+  url: http://test.com
+  support_url: http://test.com/support
+  callback_url: http://test.com/callback
   key: one_key
   secret: MyString
   user_id: 1
@@ -13,9 +13,9 @@ one:
 two:
   id: 2
   name: MyString
-  url: MyString
-  support_url: MyString
-  callback_url: MyString
+  url: http://test.com
+  support_url: http://test.com/support
+  callback_url: http://test.com/callback
   key: two_key
   secret: MyString
   user_id: 1

data/generators/oauth_provider/templates/clients_controller_spec.rb CHANGED Viewed

@@ -2,238 +2,175 @@ require File.dirname(__FILE__) + '/../spec_helper'
 require File.dirname(__FILE__) + '/oauth_controller_spec_helper'
 require 'oauth/client/action_controller_request'
-describe OauthClientsController, "index" do
+describe OauthClientsController do
+  if defined?(Devise)
+    include Devise::TestHelpers
+  end
   include OAuthControllerSpecHelper
+  fixtures :client_applications, :oauth_tokens, :users
   before(:each) do
     login_as_application_owner
   end
-  def do_get
-    get :index
-  end
-  it "should be successful" do
-    do_get
-    response.should be_success
-  end
+  describe "index" do
+    before do
+      @client_applications = @user.client_applications
+    end
+    def do_get
+      get :index
+    end
-  it "should query current_users client applications" do
-    @user.should_receive(:client_applications).and_return(@client_applications)
-    do_get
-  end
+    it "should be successful" do
+      do_get
+      response.should be_success
+    end
-  it "should assign client_applications" do
-    do_get
-    assigns[:client_applications].should equal(@client_applications)
-  end
+    it "should assign client_applications" do
+      do_get
+      assigns[:client_applications].should==@client_applications
+    end
-  it "should render index template" do
-    do_get
-    response.should render_template('index')
+    it "should render index template" do
+      do_get
+      response.should render_template('index')
+    end
   end
-end
-describe OauthClientsController, "show" do
-  include OAuthControllerSpecHelper
-  before(:each) do
-    login_as_application_owner
-  end
-  def do_get
-    get :show, :id => '3'
-  end
-  it "should be successful" do
-    do_get
-    response.should be_success
-  end
-  it "should query current_users client applications" do
-    @user.should_receive(:client_applications).and_return(@client_applications)
-    @client_applications.should_receive(:find).with('3').and_return(@client_application)
-    do_get
-  end
-  it "should assign client_applications" do
-    do_get
-    assigns[:client_application].should equal(@client_application)
-  end
-  it "should render show template" do
-    do_get
-    response.should render_template('show')
-  end
-end
+  describe "show" do
-describe OauthClientsController, "new" do
-  include OAuthControllerSpecHelper
-  before(:each) do
-    login_as_application_owner
-    ClientApplication.stub!(:new).and_return(@client_application)
-  end
+    def do_get
+      get :show, :id => '1'
+    end
-  def do_get
-    get :new
-  end
+    it "should be successful" do
+      do_get
+      response.should be_success
+    end
-  it "should be successful" do
-    do_get
-    response.should be_success
-  end
+    it "should assign client_applications" do
+      do_get
+      assigns[:client_application].should==current_client_application
+    end
-  it "should assign client_applications" do
-    do_get
-    assigns[:client_application].should equal(@client_application)
-  end
+    it "should render show template" do
+      do_get
+      response.should render_template('show')
+    end
-  it "should render show template" do
-    do_get
-    response.should render_template('new')
   end
-end
-describe OauthClientsController, "edit" do
-  include OAuthControllerSpecHelper
-  before(:each) do
-    login_as_application_owner
-  end
-  def do_get
-    get :edit, :id => '3'
-  end
-  it "should be successful" do
-    do_get
-    response.should be_success
-  end
+  describe "new" do
-  it "should query current_users client applications" do
-    @user.should_receive(:client_applications).and_return(@client_applications)
-    @client_applications.should_receive(:find).with('3').and_return(@client_application)
-    do_get
-  end
+    def do_get
+      get :new
+    end
-  it "should assign client_applications" do
-    do_get
-    assigns[:client_application].should equal(@client_application)
-  end
+    it "should be successful" do
+      do_get
+      response.should be_success
+    end
-  it "should render edit template" do
-    do_get
-    response.should render_template('edit')
-  end
-end
-describe OauthClientsController, "create" do
-  include OAuthControllerSpecHelper
+    it "should assign client_applications" do
+      do_get
+      assigns[:client_application].class.should==ClientApplication
+    end
-  before(:each) do
-    login_as_application_owner
-    @client_applications.stub!(:build).and_return(@client_application)
-    @client_application.stub!(:save).and_return(true)
-  end
+    it "should render show template" do
+      do_get
+      response.should render_template('new')
+    end
-  def do_valid_post
-    @client_application.should_receive(:save).and_return(true)
-    post :create, 'client_application'=>{'name' => 'my site'}
   end
-  def do_invalid_post
-    @client_application.should_receive(:save).and_return(false)
-    post :create, :client_application=>{:name => 'my site'}
-  end
+  describe "edit" do
+    def do_get
+      get :edit, :id => '1'
+    end
-  it "should query current_users client applications" do
-    @client_applications.should_receive(:build).and_return(@client_application)
-    do_valid_post
-  end
+    it "should be successful" do
+      do_get
+      response.should be_success
+    end
-  it "should redirect to new client_application" do
-    do_valid_post
-    response.should be_redirect
-    response.should redirect_to(:action => "show", :id => @client_application.id)
-  end
+    it "should assign client_applications" do
+      do_get
+      assigns[:client_application].should==current_client_application
+    end
-  it "should assign client_applications" do
-    do_invalid_post
-    assigns[:client_application].should equal(@client_application)
-  end
+    it "should render edit template" do
+      do_get
+      response.should render_template('edit')
+    end
-  it "should render show template" do
-    do_invalid_post
-    response.should render_template('new')
   end
-end
-describe OauthClientsController, "destroy" do
-  include OAuthControllerSpecHelper
-  before(:each) do
-    login_as_application_owner
-    @client_application.stub!(:destroy)
-  end
-  def do_delete
-    delete :destroy, :id => '3'
-  end
+  describe "create" do
-  it "should query current_users client applications" do
-    @user.should_receive(:client_applications).and_return(@client_applications)
-    @client_applications.should_receive(:find).with('3').and_return(@client_application)
-    do_delete
-  end
+    def do_valid_post
+      post :create, 'client_application'=>{'name' => 'my site', :url=>"http://test.com"}
+      @client_application = ClientApplication.last
+    end
-  it "should destroy client applications" do
-    @client_application.should_receive(:destroy)
-    do_delete
-  end
+    def do_invalid_post
+      post :create
+    end
-  it "should redirect to list" do
-    do_delete
-    response.should be_redirect
-    response.should redirect_to(:action => 'index')
-  end
-end
-describe OauthClientsController, "update" do
-  include OAuthControllerSpecHelper
-  before(:each) do
-    login_as_application_owner
-  end
+    it "should redirect to new client_application" do
+      do_valid_post
+      response.should be_redirect
+      response.should redirect_to(:action => "show", :id => @client_application.id)
+    end
-  def do_valid_update
-    @client_application.should_receive(:update_attributes).and_return(true)
-    put :update, :id => '1', 'client_application'=>{'name' => 'my site'}
+    it "should render show template" do
+      do_invalid_post
+      response.should render_template('new')
+    end
   end
-  def do_invalid_update
-    @client_application.should_receive(:update_attributes).and_return(false)
-    put :update, :id => '1', 'client_application'=>{'name' => 'my site'}
-  end
-  it "should query current_users client applications" do
-    @user.should_receive(:client_applications).and_return(@client_applications)
-    @client_applications.should_receive(:find).with('1').and_return(@client_application)
-    do_valid_update
-  end
+  describe "destroy" do
-  it "should redirect to new client_application" do
-    do_valid_update
-    response.should be_redirect
-    response.should redirect_to(:action => "show", :id => @client_application.id)
-  end
+    def do_delete
+      delete :destroy, :id => '1'
+    end
+    it "should destroy client applications" do
+      do_delete
+      ClientApplication.should_not be_exists(1)
+    end
+    it "should redirect to list" do
+      do_delete
+      response.should be_redirect
+      response.should redirect_to(:action => 'index')
+    end
-  it "should assign client_applications" do
-    do_invalid_update
-    assigns[:client_application].should equal(@client_application)
   end
+  describe "update" do
-  it "should render show template" do
-    do_invalid_update
-    response.should render_template('edit')
+    def do_valid_update
+      put :update, :id => '1', 'client_application'=>{'name' => 'updated site'}
+    end
+    def do_invalid_update
+      put :update, :id => '1', 'client_application'=>{'name' => nil}
+    end
+    it "should redirect to show client_application" do
+      do_valid_update
+      response.should be_redirect
+      response.should redirect_to(:action => "show", :id => 1)
+    end
+    it "should assign client_applications" do
+      do_invalid_update
+      assigns[:client_application].should == ClientApplication.find(1)
+    end
+    it "should render show template" do
+      do_invalid_update
+      response.should render_template('edit')
+    end
   end
 end