mbleigh-twitter-auth 0.1.1 → 0.1.3

data/README.markdown

@@ -6,6 +6,8 @@ TwitterAuth aims to provide a complete authentication and API access solution fo
 Installation
 ============
 
+**NOTE:** The GemPlugin version of TwitterAuth is currently broken...Rails isn't picking up namespaced models in the Engines. I'm working on a fix, but please use the plugin version until then.
+
 You can include TwitterAuth as a gem in your project like so:
 
     config.gem 'mbleigh-twitter-auth', :source => 'http://gems.github.com'

data/Rakefile

@@ -0,0 +1,31 @@
+require 'rake'
+require 'spec/rake/spectask'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc 'Run the specs'
+Spec::Rake::SpecTask.new(:spec) do |t|
+  t.spec_opts = ['--colour --format progress --loadby mtime --reverse']
+  t.spec_files = FileList['spec/**/*_spec.rb']
+end
+
+begin
+  require 'jeweler'
+  Jeweler::Tasks.new do |s|
+    s.name = "twitter-auth"
+    s.summary = "TwitterAuth is a Rails plugin gem that provides Single Sign-On capabilities for Rails applications via Twitter."
+    s.email = "michael@intridea.com"
+    s.homepage = "http://github.com/mbleigh/twitter-auth"
+    s.description = "TwitterAuth is a Rails plugin gem that provides Single Sign-On capabilities for Rails applications via Twitter. Both OAuth and HTTP Basic are supported."
+s.files =  FileList["[A-Z]*", "{bin,generators,lib,spec,config,app,rails}/**/*"]
+    s.add_dependency 'schacon-git'
+    
+    s.authors = ["Michael Bleigh"]
+    s.add_dependency('oauth', '>= 0.3.1')
+    s.add_dependency('ezcrypto', '>= 0.7.2')
+  end
+rescue LoadError
+  puts "Jeweler not available. Install it with: sudo gem install technicalpickles-jeweler -s http://gems.github.com"
+end
+

data/VERSION.yml

@@ -1,4 +1,4 @@
 --- 
 :minor: 1
-:patch: 1
+:patch: 3
 :major: 0

data/app/controllers/sessions_controller.rb

@@ -0,0 +1,62 @@
+class SessionsController < ApplicationController
+  def new
+    if TwitterAuth.oauth?
+      @request_token = TwitterAuth.consumer.get_request_token
+      session[:request_token] = @request_token.token
+      session[:request_token_secret] = @request_token.secret
+     
+      url = @request_token.authorize_url
+      url << "&oauth_callback=#{CGI.escape(TwitterAuth.oauth_callback)}" if TwitterAuth.oauth_callback?      
+      redirect_to url
+    else
+      # we don't have to do anything, it's just a simple form for HTTP basic!
+    end
+  end
+
+  def create
+    logout_keeping_session!
+    if user = User.authenticate(params[:login], params[:password])
+      self.current_user = user
+      authentication_succeeded and return
+    else
+      authentication_failed('Unable to verify your credentials through Twitter. Please try again.', '/login') and return
+    end
+  end
+
+  def oauth_callback
+    unless session[:request_token] && session[:request_token_secret] 
+      authentication_failed('No authentication information was found in the session. Please try again.') and return
+    end
+
+   unless params[:oauth_token].blank? || session[:request_token] ==  params[:oauth_token]
+     authentication_failed('Authentication information does not match session information. Please try again.') and return
+   end
+
+    @request_token = OAuth::RequestToken.new(TwitterAuth.consumer, session[:request_token], session[:request_token_secret])
+
+    @access_token = @request_token.get_access_token
+    
+    # The request token has been invalidated
+    # so we nullify it in the session.
+    session[:request_token] = nil
+    session[:request_token_secret] = nil
+
+    @user = User.identify_or_create_from_access_token(@access_token)
+
+    session[:user_id] = @user.id
+
+    authentication_succeeded 
+  rescue Net::HTTPServerException => e
+    case e.message
+      when '401 "Unauthorized"'
+        authentication_failed('This authentication request is no longer valid. Please try again.') and return
+      else
+        authentication_failed('There was a problem trying to authenticate you. Please try again.') and return
+    end 
+  end
+  
+  def destroy
+    logout_keeping_session!
+    redirect_back_or_default('/')
+  end
+end

data/app/models/twitter_auth/basic_user.rb

@@ -0,0 +1,63 @@
+require 'net/http'
+
+module TwitterAuth
+  module BasicUser
+    def self.included(base)
+      base.class_eval do
+        attr_protected :crypted_password, :salt
+      end
+
+      base.extend TwitterAuth::BasicUser::ClassMethods
+    end
+
+    module ClassMethods
+      def verify_credentials(login, password)
+        response = TwitterAuth.net.start { |http|
+          request = Net::HTTP::Get.new('/account/verify_credentials.json')
+          request.basic_auth login, password
+          http.request(request)
+        }
+
+        if response.code == '200'
+          JSON.parse(response.body)
+        else
+          false
+        end
+      end
+
+      def authenticate(login, password)
+        if twitter_hash = verify_credentials(login, password)
+          user = identify_or_create_from_twitter_hash_and_password(twitter_hash, password)
+          user
+        else
+          nil
+        end
+      end
+
+      def identify_or_create_from_twitter_hash_and_password(twitter_hash, password)
+        if user = User.find_by_login(twitter_hash['screen_name']) 
+          user.assign_twitter_attributes(twitter_hash)
+          user.password = password
+          user.save
+          user
+        else
+          user = User.new_from_twitter_hash(twitter_hash)
+          user.password = password
+          user.save
+          user
+        end
+      end
+    end
+   
+    def password=(new_password)
+      encrypted = TwitterAuth::Cryptify.encrypt(new_password)
+      self.crypted_password = encrypted[:encrypted_data]
+      self.salt = encrypted[:salt]
+    end
+
+    def password
+      TwitterAuth::Cryptify.decrypt(self.crypted_password, self.salt)
+    end
+  end
+end
+

data/app/models/twitter_auth/generic_user.rb

@@ -0,0 +1,70 @@
+module TwitterAuth
+  class GenericUser < ActiveRecord::Base
+    attr_protected :login
+
+    TWITTER_ATTRIBUTES = [
+      :name,
+      :location,
+      :description,
+      :profile_image_url,
+      :url,
+      :protected,
+      :profile_background_color,
+      :profile_sidebar_fill_color,
+      :profile_link_color,
+      :profile_sidebar_border_color,
+      :profile_text_color,
+      :friends_count,
+      :statuses_count,
+      :followers_count,      
+      :favourites_count,
+      :time_zone,
+      :utc_offset
+    ]
+    
+    validates_presence_of :login
+    validates_format_of :login, :with => /\A[a-z0-9_]+\z/
+    validates_length_of :login, :in => 1..15
+    validates_uniqueness_of :login
+    
+    def self.table_name; 'users' end
+
+    def self.new_from_twitter_hash(hash)
+      raise ArgumentError, 'Invalid hash: must include screen_name.' unless hash.key?('screen_name')
+
+      user = User.new
+      user.login = hash['screen_name']
+
+      TWITTER_ATTRIBUTES.each do |att|
+        user.send("#{att}=", hash[att.to_s]) if user.respond_to?("#{att}=")
+      end
+
+      user
+    end
+      
+    def assign_twitter_attributes(hash)
+      TWITTER_ATTRIBUTES.each do |att|
+        send("#{att}=", hash[att.to_s]) if respond_to?("#{att}=")
+      end
+    end
+
+    def update_twitter_attributes(hash)
+      assign_twitter_attributes(hash)
+      save
+    end
+
+    if TwitterAuth.oauth?
+      include TwitterAuth::OauthUser
+    else
+      include TwitterAuth::BasicUser
+    end
+
+    def twitter
+      if TwitterAuth.oauth?
+        TwitterAuth::Dispatcher::Oauth.new(self)
+      else
+        TwitterAuth::Dispatcher::Basic.new(self)
+      end
+    end
+  end
+end

data/app/models/twitter_auth/oauth_user.rb

@@ -0,0 +1,38 @@
+module TwitterAuth
+  module OauthUser
+    def self.included(base)
+      base.class_eval do
+        attr_protected :access_token, :access_secret
+      end
+
+      base.extend TwitterAuth::OauthUser::ClassMethods
+    end
+    
+    module ClassMethods
+      def identify_or_create_from_access_token(token, secret=nil)
+        raise ArgumentError, 'Must authenticate with an OAuth::AccessToken or the string access token and secret.' unless (token && secret) || token.is_a?(OAuth::AccessToken)
+
+        user_info = JSON.parse(token.get('/account/verify_credentials.json').body)
+
+        if user = User.find_by_login(user_info['screen_name'])
+          user.update_twitter_attributes(user_info)
+          user
+        else
+          User.create_from_twitter_hash_and_token(user_info, token) 
+        end
+      end
+
+      def create_from_twitter_hash_and_token(user_info, access_token)
+        user = User.new_from_twitter_hash(user_info)
+        user.access_token = access_token.token
+        user.access_secret = access_token.secret
+        user.save
+        user
+      end
+    end
+
+    def token
+      OAuth::AccessToken.new(TwitterAuth.consumer, access_token, access_secret)
+    end 
+  end
+end

data/app/views/sessions/_login_form.html.erb

@@ -0,0 +1,17 @@
+<% form_tag session_path, :id => 'login_form' do %>
+  <div class='field'>
+    <label for='login'>Twitter Username:</label>
+    <%= text_field_tag 'login', nil, :class => 'text_field' %>
+  </div>
+  <div class='field'>
+    <label for='password'>Password:</label>
+    <%= password_field_tag 'password', nil, :class => 'password_field' %>
+  </div>
+  <!--<div class='checkbox-field'>
+<%= check_box_tag 'remember_me' %> <label for='remember_me'>Keep Me Logged In</label>
+</div>-->
+  <div class='field submit'>
+    <%= submit_tag 'Log In', :class => 'submit' %>
+  </div>
+<% end %>
+

data/app/views/sessions/new.html.erb

@@ -0,0 +1,5 @@
+<h1>Log In Via Twitter</h1>
+
+<p>This application utilizes your Twitter username and password for authentication; you do not have to create a separate account here. To log in, just enter your Twitter credentials in the form below.</p>
+
+<%= render :partial => 'login_form' %>

data/config/routes.rb

@@ -0,0 +1,6 @@
+ActionController::Routing::Routes.draw do |map|
+  map.login '/login', :controller => 'sessions', :action => 'new'
+  map.logout '/logout', :controller => 'sessions', :action => 'destroy'
+  map.resource :session
+  map.oauth_callback '/oauth_callback', :controller => 'sessions', :action => 'oauth_callback'
+end

data/rails/init.rb

@@ -0,0 +1,8 @@
+# Gem Dependencies
+config.gem 'oauth'
+config.gem 'ezcrypto'
+
+require 'json'
+require 'twitter_auth'
+
+RAILS_DEFAULT_LOGGER.info("** TwitterAuth initialized properly.")

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: mbleigh-twitter-auth
 version: !ruby/object:Gem::Version 
-  version: 0.1.1
+  version: 0.1.3
 platform: ruby
 authors: 
 - Michael Bleigh
@@ -12,6 +12,16 @@ cert_chain: []
 date: 2009-03-20 00:00:00 -07:00
 default_executable: 
 dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: schacon-git
+  type: :runtime
+  version_requirement: 
+  version_requirements: !ruby/object:Gem::Requirement 
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        version: "0"
+    version: 
 - !ruby/object:Gem::Dependency 
   name: oauth
   type: :runtime
@@ -41,6 +51,7 @@ extensions: []
 extra_rdoc_files: 
 - README.markdown
 files: 
+- Rakefile
 - README.markdown
 - VERSION.yml
 - generators/twitter_auth
@@ -84,6 +95,19 @@ files:
 - spec/twitter_auth/dispatcher/basic_spec.rb
 - spec/twitter_auth/dispatcher/oauth_spec.rb
 - spec/twitter_auth_spec.rb
+- config/routes.rb
+- app/controllers
+- app/controllers/sessions_controller.rb
+- app/models
+- app/models/twitter_auth
+- app/models/twitter_auth/basic_user.rb
+- app/models/twitter_auth/generic_user.rb
+- app/models/twitter_auth/oauth_user.rb
+- app/views
+- app/views/sessions
+- app/views/sessions/_login_form.html.erb
+- app/views/sessions/new.html.erb
+- rails/init.rb
 has_rdoc: true
 homepage: http://github.com/mbleigh/twitter-auth
 post_install_message: