oa-oauth 0.1.6 → 0.2.5

data/lib/omniauth/strategies/facebook.rb

@@ -7,39 +7,57 @@ module OmniAuth
     # basic user information.
     #
     # @example Basic Usage
-    #   use OmniAuth::Strategies::Facebook, 'app_id', 'app_secret'
+    #   use OmniAuth::Strategies::Facebook, 'client_id', 'client_secret'
     class Facebook < OAuth2
       # @param [Rack Application] app standard middleware application parameter
-      # @param [String] app_id the application id as [registered on Facebook](http://www.facebook.com/developers/)
-      # @param [String] app_secret the application secret as registered on Facebook
+      # @param [String] client_id the application id as [registered on Facebook](http://www.facebook.com/developers/)
+      # @param [String] client_secret the application secret as registered on Facebook
       # @option options [String] :scope ('email,offline_access') comma-separated extended permissions such as `email` and `manage_pages`
-      def initialize(app, app_id, app_secret, options = {})
-        options[:site] = 'https://graph.facebook.com/'
-        super(app, :facebook, app_id, app_secret, options)
+      def initialize(app, client_id = nil, client_secret = nil, options = {}, &block)
+        super(app, :facebook, client_id, client_secret, {:site => 'https://graph.facebook.com/'}, options, &block)
       end
-      
+
       def user_data
         @data ||= MultiJson.decode(@access_token.get('/me', {}, { "Accept-Language" => "en-us,en;"}))
       end
-      
+
       def request_phase
         options[:scope] ||= "email,offline_access"
         super
       end
-      
+
+      def build_access_token
+        if facebook_session.nil? || facebook_session.empty?
+          super
+        else
+          @access_token = ::OAuth2::AccessToken.new(client, facebook_session['access_token'])
+        end
+      end
+
+      def facebook_session
+        session_cookie = request.cookies["fbs_#{client.id}"]
+        if session_cookie
+          @facebook_session ||= Rack::Utils.parse_query(request.cookies["fbs_#{client.id}"].gsub('"', ''))
+        else
+          nil
+        end
+      end
+
       def user_info
         {
           'nickname' => user_data["link"].split('/').last,
+          'email' => (user_data["email"] if user_data["email"]),
           'first_name' => user_data["first_name"],
           'last_name' => user_data["last_name"],
           'name' => "#{user_data['first_name']} #{user_data['last_name']}",
+          'image' => "http://graph.facebook.com/#{user_data['id']}/picture?type=square",
           'urls' => {
             'Facebook' => user_data["link"],
             'Website' => user_data["website"],
           }
         }
       end
-      
+
       def auth_hash
         OmniAuth::Utils.deep_merge(super, {
           'uid' => user_data['id'],
@@ -49,4 +67,4 @@ module OmniAuth
       end
     end
   end
-end
+end

data/lib/omniauth/strategies/foursquare.rb

@@ -1,39 +1,62 @@
+require 'omniauth/oauth'
+require 'multi_json'
+
 module OmniAuth
   module Strategies
-    class Foursquare < OAuth
-      def initialize(app, consumer_key, consumer_secret)
-        super(app, :foursquare, consumer_key, consumer_secret,
-                :site => 'http://foursquare.com')
+    class Foursquare < OAuth2
+      # Initialize the middleware
+      #
+      # @option options [Boolean, true] :sign_in When true, use a sign-in flow instead of the authorization flow.
+      # @option options [Boolean, false] :mobile When true, use the mobile sign-in interface.
+      def initialize(app, client_id = nil, client_secret = nil, options = {}, &block)
+        options[:sign_in] ||= true
+        super(app, :foursquare, client_id, client_secret, {
+          :site => "https://api.foursquare.com/v2",
+          :authorize_url      => authorize_url(options),
+          :access_token_url   => "https://foursquare.com/oauth2/access_token"
+        }, options, &block)
       end
-      
-      def auth_hash
-        OmniAuth::Utils.deep_merge(super, {
-          'uid' => user_hash['id'],
-          'user_info' => user_info,
-          'extra' => {'user_hash' => user_hash}
-        })
+
+      def authorize_url(options)
+        "https://foursquare.com/#{'mobile/' if options[:mobile]}oauth2/#{options[:sign_in] ? 'authenticate' : 'authorize'}"
+      end
+
+      def user_data
+        @data ||= MultiJson.decode(@access_token.get(client.site+'/users/self', {'oauth_token' => @access_token.token}))
+      end
+
+      def request_phase
+        options[:response_type] ||= 'code'
+        super
       end
-      
+
+      def callback_phase
+        options[:grant_type] ||= 'authorization_code'
+        super
+      end
+
       def user_info
-        user_hash = self.user_hash
-        
         {
-          'nickname' => user_hash['twitter'],
-          'first_name' => user_hash['firstname'],
-          'last_name' => user_hash['lastname'],
-          'email' => user_hash['email'],
-          'name' => "#{user_hash['firstname']} #{user_hash['lastname']}".strip,
-        # 'location' => user_hash['location'],
-          'image' => user_hash['photo'],
-        # 'description' => user_hash['description'],
-          'phone' => user_hash['phone'],
+          'nickname' => user_data['response']['user']['contact']['twitter'],
+          'first_name' => user_data['response']['user']['firstName'],
+          'last_name' => user_data['response']['user']['lastName'],
+          'email' => user_data['response']['user']['contact']['email'],
+          'name' => "#{user_data['response']['user']['firstName']} #{user_data['response']['user']['lastName']}".strip,
+        # 'location' => user_data['response']['user']['location'],
+          'image' => user_data['response']['user']['photo'],
+        # 'description' => user_data['response']['user']['description'],
+          'phone' => user_data['response']['user']['contact']['phone'],
           'urls' => {}
         }
       end
-      
-      def user_hash
-        @user_hash ||= MultiJson.decode(@access_token.get('http://api.foursquare.com/v1/user.json').body)['user']
+
+      def auth_hash
+        OmniAuth::Utils.deep_merge(super, {
+          'uid' => user_data['response']['user']['id'],
+          'user_info' => user_info,
+          'extra' => {'user_hash' => user_data['response']['user']}
+        })
       end
     end
   end
-end
+end

data/lib/omniauth/strategies/github.rb

@@ -3,26 +3,29 @@ require 'multi_json'
 
 module OmniAuth
   module Strategies
-    # OAuth 2.0 based authentication with GitHub. In order to 
+    # OAuth 2.0 based authentication with GitHub. In order to
     # sign up for an application, you need to [register an application](http://github.com/account/applications/new)
     # and provide the proper credentials to this middleware.
     class GitHub < OAuth2
       # @param [Rack Application] app standard middleware application argument
-      # @param [String] app_id the application ID for your client
-      # @param [String] app_secret the application secret
-      def initialize(app, app_id, app_secret, options = {})
-        options[:site] = 'https://github.com/'
-        options[:authorize_path] = '/login/oauth/authorize'
-        options[:access_token_path] = '/login/oauth/access_token'
-        super(app, :github, app_id, app_secret, options)
+      # @param [String] client_id the application ID for your client
+      # @param [String] client_secret the application secret
+      def initialize(app, client_id = nil, client_secret = nil, options = {}, &block)
+        client_options = {
+          :site => 'https://github.com/',
+          :authorize_path => '/login/oauth/authorize',
+          :access_token_path => '/login/oauth/access_token'
+        }
+
+        super(app, :github, client_id, client_secret, client_options, options, &block)
       end
-      
+
       protected
-      
+
       def user_data
         @data ||= MultiJson.decode(@access_token.get('/api/v2/json/user/show'))['user']
       end
-      
+
       def user_info
         {
           'nickname' => user_data["login"],
@@ -34,7 +37,7 @@ module OmniAuth
           }
         }
       end
-      
+
       def auth_hash
         OmniAuth::Utils.deep_merge(super, {
           'uid' => user_data['id'],

data/lib/omniauth/strategies/goodreads.rb

@@ -0,0 +1,44 @@
+require 'multi_xml'
+require 'omniauth/oauth'
+
+module OmniAuth
+  module Strategies
+    class Goodreads < OmniAuth::Strategies::OAuth
+
+      def initialize(app, consumer_key = nil, consumer_secret = nil, options = {}, &block)
+        client_options = {
+          :site => 'http://www.goodreads.com',
+        }
+        @consumer_key = consumer_key
+        super(app, :goodreads, consumer_key, consumer_secret, client_options, options, &block)
+      end
+
+      def auth_hash
+        hash = user_hash(@access_token)
+
+        OmniAuth::Utils.deep_merge(super, {
+          'uid' => hash.delete('id'),
+          'user_info' => hash
+        })
+      end
+
+      def user_hash(access_token)
+        authenticated_user = MultiXml.parse(@access_token.get('/api/auth_user').body)
+        id = authenticated_user.xpath('GoodreadsResponse/user').attribute('id').value.to_i
+        response_doc = MultiXml.parse(open("http://www.goodreads.com/user/show/#{id}.xml?key=#{@consumer_key}").read)
+        user = response_doc.xpath('GoodreadsResponse/user')
+
+        hash = {
+          'id' => id,
+          'name' => user.xpath('name').text,
+          'user_name' => user.xpath('user_name').text,
+          'image_url' => user.xpath('image_url').text,
+          'about' => user.xpath('about').text,
+          'location' => user.xpath('location').text,
+          'website' => user.xpath('website').text,
+        }
+      end
+    end
+  end
+end
+

data/lib/omniauth/strategies/google.rb

@@ -0,0 +1,80 @@
+require 'omniauth/oauth'
+require 'multi_json'
+
+module OmniAuth
+  module Strategies
+    #
+    # Authenticate to Google via OAuth and retrieve basic
+    # user information.
+    #
+    # Usage:
+    #
+    #    use OmniAuth::Strategies::Google, 'consumerkey', 'consumersecret'
+    #
+    class Google < OmniAuth::Strategies::OAuth
+      def initialize(app, consumer_key = nil, consumer_secret = nil, options = {}, &block)
+        client_options = {
+          :site => 'https://www.google.com',
+          :request_token_path => '/accounts/OAuthGetRequestToken',
+          :access_token_path => '/accounts/OAuthGetAccessToken',
+          :authorize_path => '/accounts/OAuthAuthorizeToken'
+        }
+
+        google_contacts_auth = "http://www.google.com/m8/feeds"
+        options[:scope] ||= google_contacts_auth
+        options[:scope] << " #{google_contacts_auth}" unless options[:scope].include?(google_contacts_auth)
+
+        super(app, :google, consumer_key, consumer_secret, client_options, options)
+      end
+
+      def auth_hash
+        ui = user_info
+        OmniAuth::Utils.deep_merge(super, {
+          'uid' => ui['uid'],
+          'user_info' => ui,
+          'extra' => {'user_hash' => user_hash}
+        })
+      end
+
+      def user_info
+        email = user_hash['feed']['id']['$t']
+
+        name = user_hash['feed']['author'].first['name']['$t']
+        name = email if name.strip == '(unknown)'
+
+        {
+          'email' => email,
+          'uid' => email,
+          'name' => name
+        }
+      end
+
+      def user_hash
+        # Google is very strict about keeping authorization and
+        # authentication separated.
+        # They give no endpoint to get a user's profile directly that I can
+        # find. We *can* get their name and email out of the contacts feed,
+        # however. It will fail in the extremely rare case of a user who has
+        # a Google Account but has never even signed up for Gmail. This has
+        # not been seen in the field.
+        @user_hash ||= MultiJson.decode(@access_token.get("http://www.google.com/m8/feeds/contacts/default/full?max-results=1&alt=json").body)
+      end
+
+      # Monkeypatch OmniAuth to pass the scope in the consumer.get_request_token call
+      def request_phase
+        request_token = consumer.get_request_token({:oauth_callback => callback_url}, {:scope => options[:scope]})
+        session['oauth'] ||= {}
+        session['oauth'][name.to_s] = {'callback_confirmed' => request_token.callback_confirmed?, 'request_token' => request_token.token, 'request_secret' => request_token.secret}
+        r = Rack::Response.new
+
+        if request_token.callback_confirmed?
+          r.redirect(request_token.authorize_url)
+        else
+          r.redirect(request_token.authorize_url(:oauth_callback => callback_url))
+        end
+
+        r.finish
+      end
+    end
+  end
+end

data/lib/omniauth/strategies/gowalla.rb

@@ -14,24 +14,27 @@ module OmniAuth
       # @param [String] api_key the application id as [registered on Gowalla](http://gowalla.com/api/keys)
       # @param [String] secret_key the application secret as [registered on Gowalla](http://gowalla.com/api/keys)
       # @option options ['read','read-write'] :scope ('read') the scope of your authorization request; must be `read` or `read-write`
-      def initialize(app, api_key, secret_key, options = {})
-        options[:site] = 'https://api.gowalla.com/api/oauth'
-        options[:authorize_url] = 'https://gowalla.com/api/oauth/new'
-        options[:access_token_url] = 'https://api.gowalla.com/api/oauth/token'
-        super(app, :gowalla, api_key, secret_key, options)
+      def initialize(app, api_key = nil, secret_key = nil, options = {}, &block)
+        client_options = {
+          :site => 'https://api.gowalla.com/api/oauth',
+          :authorize_url => 'https://gowalla.com/api/oauth/new',
+          :access_token_url => 'https://api.gowalla.com/api/oauth/token'
+        }
+
+        super(app, :gowalla, api_key, secret_key, client_options, options, &block)
       end
-      
+
       protected
-      
+
       def user_data
         @data ||= MultiJson.decode(@access_token.get("/users/me.json"))
       end
-      
+
       def request_phase
         options[:scope] ||= "read"
         super
       end
-      
+
       def user_info
         {
           'name' => "#{user_data['first_name']} #{user_data['last_name']}",
@@ -48,7 +51,7 @@ module OmniAuth
           }
         }
       end
-      
+
       def auth_hash
         OmniAuth::Utils.deep_merge(super, {
           'uid' => user_data["url"].split('/').last,

data/lib/omniauth/strategies/hyves.rb

@@ -0,0 +1,67 @@
+require 'omniauth/oauth'
+require 'multi_json'
+
+
+module OmniAuth
+  module Strategies
+    class Hyves < OmniAuth::Strategies::OAuth
+      def initialize(app, consumer_key = nil, consumer_secret = nil, options = {}, &block)
+        client_options = {
+          :request_token_path => request_token_path,
+          :authorize_path => "http://www.hyves.nl/api/authorize",
+          :access_token_path => access_token_path,
+          :http_method => :get,
+          :scheme => :header
+        }
+        super(app, :hyves, consumer_key, consumer_secret, client_options, options, &block)
+      end
+
+      def auth_hash
+        hash = user_hash(@access_token)
+
+        {
+          "provider" => "hyves",
+          "uid" => hash["userid"],
+          "user_info" => {
+            "name" => hash["firstname"] + " " + hash["lastname"],
+            "first_name" => hash["firstname"],
+            "last_name" => hash["lastname"]
+          },
+          "credentials" => {
+            "token" => @access_token.token,
+            "secret" => @access_token.secret
+          }
+        }
+      end
+
+      def user_hash(access_token)
+        rsp = MultiJson.decode( access_token.get("http://data.hyves-api.nl/?userid=#{access_token.params[:userid]}&ha_method=users.get&#{default_options}").body )
+        rsp["user"].first
+      end
+
+      def request_token_path
+        "http://data.hyves-api.nl/?#{request_token_options}&#{default_options}"
+      end
+
+      def access_token_path
+        "http://data.hyves-api.nl/?#{access_token_options}&#{default_options}"
+      end
+
+      def default_options
+        to_params( { :ha_version => "2.0", :ha_format => "json", :ha_fancylayout => false } )
+      end
+
+      def request_token_options
+        to_params( { :methods => "users.get,friends.get,wwws.create", :ha_method => "auth.requesttoken", :strict_oauth_spec_response => true } )
+      end
+
+      def access_token_options
+        to_params( { :ha_method => "auth.accesstoken", :strict_oauth_spec_response => true } )
+      end
+
+      def to_params(options)
+        options.collect { |key, value| "#{key}=#{value}"}.join('&')
+      end
+    end
+  end
+end