oa-oauth 0.3.0 → 0.3.2
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/omniauth/oauth.rb +2 -0
- data/lib/omniauth/strategies/google_oauth2.rb +1 -1
- data/lib/omniauth/strategies/oauth/google.rb +5 -2
- data/lib/omniauth/strategies/oauth/my_space.rb +71 -0
- data/lib/omniauth/strategies/oauth/xing.rb +48 -0
- data/lib/omniauth/strategies/oauth2.rb +0 -2
- data/lib/omniauth/strategies/oauth2/facebook.rb +44 -5
- data/lib/omniauth/strategies/oauth2/gowalla.rb +31 -2
- data/lib/omniauth/strategies/oauth2/salesforce.rb +17 -5
- data/lib/omniauth/strategies/oauth2/thirty_seven_signals.rb +1 -1
- data/lib/omniauth/strategies/oauth2/yammer.rb +0 -2
- data/lib/omniauth/version.rb +1 -1
- data/spec/omniauth/strategies/oauth/my_space_spec.rb +5 -0
- data/spec/omniauth/strategies/oauth/xing_spec.rb +5 -0
- metadata +13 -7
data/lib/omniauth/oauth.rb
CHANGED
@@ -19,6 +19,7 @@ module OmniAuth
|
|
19
19
|
autoload :LinkedIn, 'omniauth/strategies/oauth/linked_in'
|
20
20
|
autoload :Meetup, 'omniauth/strategies/oauth/meetup'
|
21
21
|
autoload :Miso, 'omniauth/strategies/oauth/miso'
|
22
|
+
autoload :MySpace, 'omniauth/strategies/oauth/my_space'
|
22
23
|
autoload :Netflix, 'omniauth/strategies/oauth/netflix'
|
23
24
|
autoload :Orkut, 'omniauth/strategies/oauth/orkut'
|
24
25
|
autoload :Qzone, 'omniauth/strategies/oauth/qzone'
|
@@ -37,6 +38,7 @@ module OmniAuth
|
|
37
38
|
autoload :Vimeo, 'omniauth/strategies/oauth/vimeo'
|
38
39
|
autoload :Yahoo, 'omniauth/strategies/oauth/yahoo'
|
39
40
|
autoload :YouTube, 'omniauth/strategies/oauth/you_tube'
|
41
|
+
autoload :Xing, 'omniauth/strategies/oauth/xing'
|
40
42
|
|
41
43
|
autoload :OAuth2, 'omniauth/strategies/oauth2'
|
42
44
|
autoload :AngelList, 'omniauth/strategies/oauth2/angellist'
|
@@ -16,7 +16,7 @@ module OmniAuth
|
|
16
16
|
:token_url => '/o/oauth2/token'
|
17
17
|
}
|
18
18
|
|
19
|
-
super(app, :google_oauth2, client_id, client_secret, client_options, options, &block)
|
19
|
+
super(app, (options[:name] || :google_oauth2), client_id, client_secret, client_options, options, &block)
|
20
20
|
end
|
21
21
|
|
22
22
|
def request_phase
|
@@ -59,9 +59,12 @@ module OmniAuth
|
|
59
59
|
@user_hash ||= MultiJson.decode(@access_token.get('https://www.google.com/m8/feeds/contacts/default/full?max-results=1&alt=json').body)
|
60
60
|
end
|
61
61
|
|
62
|
-
# Monkeypatch OmniAuth to pass the scope in the consumer.get_request_token call
|
62
|
+
# Monkeypatch OmniAuth to pass the scope and authorize_params in the consumer.get_request_token call
|
63
63
|
def request_phase
|
64
|
-
|
64
|
+
request_options = {:scope => options[:scope]}
|
65
|
+
request_options.merge!(options[:authorize_params])
|
66
|
+
|
67
|
+
request_token = consumer.get_request_token({:oauth_callback => callback_url}, request_options)
|
65
68
|
session['oauth'] ||= {}
|
66
69
|
session['oauth'][name.to_s] = {'callback_confirmed' => request_token.callback_confirmed?, 'request_token' => request_token.token, 'request_secret' => request_token.secret}
|
67
70
|
r = Rack::Response.new
|
@@ -0,0 +1,71 @@
|
|
1
|
+
require 'json'
|
2
|
+
require 'omniauth/oauth'
|
3
|
+
|
4
|
+
module OmniAuth
|
5
|
+
module Strategies
|
6
|
+
class MySpace < OmniAuth::Strategies::OAuth
|
7
|
+
|
8
|
+
def initialize(app, consumer_key=nil, consumer_secret=nil, options={}, &block)
|
9
|
+
client_options = {
|
10
|
+
:site => 'http://api.myspace.com',
|
11
|
+
:access_token_path => '/access_token',
|
12
|
+
:authorize_path => '/authorize',
|
13
|
+
:request_token_path => '/request_token',
|
14
|
+
:http_method => "get"
|
15
|
+
}
|
16
|
+
options.merge! :http_method => :get
|
17
|
+
super(app, :my_space, consumer_key, consumer_secret, client_options, options, &block)
|
18
|
+
end
|
19
|
+
|
20
|
+
def callback_phase
|
21
|
+
session['oauth'][name.to_s]['callback_confirmed'] = true
|
22
|
+
super
|
23
|
+
end
|
24
|
+
|
25
|
+
def user_data
|
26
|
+
@access_token.options.merge!({:param_name => 'oauth_token', :mode => :query})
|
27
|
+
# response = @access_token.post('/simple/players.info')
|
28
|
+
# @data ||= MultiJson.decode(response.body)
|
29
|
+
end
|
30
|
+
|
31
|
+
def request_phase
|
32
|
+
request_token = consumer.get_request_token(:oauth_callback => callback_url)
|
33
|
+
session['oauth'] ||= {}
|
34
|
+
session['oauth'][name.to_s] = {'callback_confirmed' => request_token.callback_confirmed?, 'request_token' => request_token.token, 'request_secret' => request_token.secret}
|
35
|
+
sleep 1
|
36
|
+
if request_token.callback_confirmed?
|
37
|
+
redirect request_token.authorize_url(options[:authorize_params])
|
38
|
+
else
|
39
|
+
redirect request_token.authorize_url(options[:authorize_params].merge(:oauth_callback => callback_url))
|
40
|
+
end
|
41
|
+
|
42
|
+
rescue ::Timeout::Error => e
|
43
|
+
fail!(:timeout, e)
|
44
|
+
rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e
|
45
|
+
fail!(:service_unavailable, e)
|
46
|
+
end
|
47
|
+
|
48
|
+
def consumer
|
49
|
+
::OAuth::Consumer.new(consumer_key, consumer_secret, {
|
50
|
+
:http_method=>"get",
|
51
|
+
:site=>"http://api.myspace.com",
|
52
|
+
:request_token_path=>"/request_token",
|
53
|
+
:access_token_path=>"/access_token",
|
54
|
+
:authorize_path=>"/authorize"
|
55
|
+
})
|
56
|
+
end
|
57
|
+
|
58
|
+
def user_hash(access_token)
|
59
|
+
person = JSON.parse( access_token.get("/v2/people/@me/@self?format=json").body )["users"].first
|
60
|
+
|
61
|
+
hash = {
|
62
|
+
'id' => person['id'],
|
63
|
+
'first_name' => person['first_name'],
|
64
|
+
'last_name' => person['last_name'],
|
65
|
+
'image' => person["photo_urls"]["large"],
|
66
|
+
}
|
67
|
+
end
|
68
|
+
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
@@ -0,0 +1,48 @@
|
|
1
|
+
require 'json'
|
2
|
+
require 'omniauth/oauth'
|
3
|
+
|
4
|
+
module OmniAuth
|
5
|
+
module Strategies
|
6
|
+
class Xing < OmniAuth::Strategies::OAuth
|
7
|
+
|
8
|
+
def initialize(app, consumer_key=nil, consumer_secret=nil, options={}, &block)
|
9
|
+
client_options = {
|
10
|
+
:access_token_path => '/v1/access_token',
|
11
|
+
:authorize_path => '/v1/authorize',
|
12
|
+
:request_token_path => '/v1/request_token/',
|
13
|
+
:site => 'https://api.xing.com'
|
14
|
+
}
|
15
|
+
super(app, :xing, consumer_key, consumer_secret, client_options, options, &block)
|
16
|
+
end
|
17
|
+
|
18
|
+
def callback_phase
|
19
|
+
session['oauth'][name.to_s]['callback_confirmed'] = true
|
20
|
+
super
|
21
|
+
end
|
22
|
+
|
23
|
+
def auth_hash
|
24
|
+
hash = user_hash(@access_token)
|
25
|
+
|
26
|
+
OmniAuth::Utils.deep_merge(super,
|
27
|
+
{
|
28
|
+
'uid' => @access_token.params[:user_id],
|
29
|
+
'user_info' => hash,
|
30
|
+
}
|
31
|
+
)
|
32
|
+
end
|
33
|
+
|
34
|
+
def user_hash(access_token)
|
35
|
+
person = JSON.parse( access_token.get('/v1/users/me').body )["users"].first
|
36
|
+
|
37
|
+
hash = {
|
38
|
+
'id' => person['id'],
|
39
|
+
'first_name' => person['first_name'],
|
40
|
+
'last_name' => person['last_name'],
|
41
|
+
'image' => person["photo_urls"]["large"],
|
42
|
+
'email' => person["active_email"],
|
43
|
+
}
|
44
|
+
end
|
45
|
+
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
@@ -42,8 +42,6 @@ module OmniAuth
|
|
42
42
|
@access_token.options[:mode] = :query
|
43
43
|
@access_token.options[:param_name] = 'access_token'
|
44
44
|
@data ||= @access_token.get('/me').parsed
|
45
|
-
rescue ::OAuth2::Error => e
|
46
|
-
raise e.response.inspect
|
47
45
|
end
|
48
46
|
|
49
47
|
def request_phase
|
@@ -52,10 +50,13 @@ module OmniAuth
|
|
52
50
|
end
|
53
51
|
|
54
52
|
def build_access_token
|
55
|
-
if
|
56
|
-
|
57
|
-
|
53
|
+
if !signed_request.nil? && !signed_request.empty?
|
54
|
+
verifier = signed_request['code']
|
55
|
+
client.auth_code.get_token(verifier, {:redirect_uri => ''}.merge(options))
|
56
|
+
elsif !facebook_session.nil? && !facebook_session.empty?
|
58
57
|
@access_token = ::OAuth2::AccessToken.new(client, facebook_session['access_token'], {:mode => :query, :param_name => 'access_token'})
|
58
|
+
else
|
59
|
+
super
|
59
60
|
end
|
60
61
|
end
|
61
62
|
|
@@ -68,6 +69,15 @@ module OmniAuth
|
|
68
69
|
end
|
69
70
|
end
|
70
71
|
|
72
|
+
def signed_request
|
73
|
+
signed_request_cookie = request.cookies["fbsr_#{client.id}"]
|
74
|
+
if signed_request_cookie
|
75
|
+
signed_request = parse_signed_request(signed_request_cookie)
|
76
|
+
else
|
77
|
+
nil
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
71
81
|
def user_info
|
72
82
|
{
|
73
83
|
'nickname' => user_data['username'],
|
@@ -82,6 +92,35 @@ module OmniAuth
|
|
82
92
|
},
|
83
93
|
}
|
84
94
|
end
|
95
|
+
|
96
|
+
protected
|
97
|
+
# Borrowed from koala gem.
|
98
|
+
#
|
99
|
+
# Originally provided directly by Facebook, however this has changed
|
100
|
+
# as their concept of crypto changed. For historic purposes, this is their proposal:
|
101
|
+
# https://developers.facebook.com/docs/authentication/canvas/encryption_proposal/
|
102
|
+
# Currently see https://github.com/facebook/php-sdk/blob/master/src/facebook.php#L758
|
103
|
+
# for a more accurate reference implementation strategy.
|
104
|
+
def parse_signed_request(input)
|
105
|
+
encoded_sig, encoded_envelope = input.split('.', 2)
|
106
|
+
signature = base64_url_decode(encoded_sig).unpack("H*").first
|
107
|
+
envelope = MultiJson.decode(base64_url_decode(encoded_envelope))
|
108
|
+
|
109
|
+
raise "SignedRequest: Unsupported algorithm #{envelope['algorithm']}" if envelope['algorithm'] != 'HMAC-SHA256'
|
110
|
+
|
111
|
+
# now see if the signature is valid (digest, key, data)
|
112
|
+
hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, client.secret, encoded_envelope.tr("-_", "+/"))
|
113
|
+
raise 'SignedRequest: Invalid signature' if (signature != hmac)
|
114
|
+
|
115
|
+
return envelope
|
116
|
+
end
|
117
|
+
|
118
|
+
# base 64
|
119
|
+
# directly from https://github.com/facebook/crypto-request-examples/raw/master/sample.rb
|
120
|
+
def base64_url_decode(str)
|
121
|
+
str += '=' * (4 - str.length.modulo(4))
|
122
|
+
Base64.decode64(str.tr('-_', '+/'))
|
123
|
+
end
|
85
124
|
end
|
86
125
|
end
|
87
126
|
end
|
@@ -26,6 +26,7 @@ module OmniAuth
|
|
26
26
|
super, {
|
27
27
|
'uid' => user_data['url'].split('/').last,
|
28
28
|
'user_info' => user_info,
|
29
|
+
'credentials' => {'refresh_token' => @access_token.refresh_token},
|
29
30
|
'extra' => {
|
30
31
|
'user_hash' => user_data,
|
31
32
|
'refresh_token' => refresh_token,
|
@@ -34,10 +35,22 @@ module OmniAuth
|
|
34
35
|
}
|
35
36
|
)
|
36
37
|
end
|
37
|
-
|
38
38
|
def user_data
|
39
|
-
|
39
|
+
puts "user_data"
|
40
|
+
if(@data.nil?)
|
41
|
+
opts={
|
42
|
+
:raise_errors=>false,
|
43
|
+
:headers =>{:Accept => 'application/json','X-Gowalla-API-Key'=> self.client_id},
|
44
|
+
:params=>{:oauth_token=>@access_token.token}
|
45
|
+
}
|
46
|
+
response=@access_token.get('http://api.gowalla.com/users/me',opts)
|
47
|
+
|
48
|
+
@data = MultiJson.decode(response.body)
|
49
|
+
end
|
50
|
+
|
51
|
+
@data
|
40
52
|
end
|
53
|
+
|
41
54
|
|
42
55
|
def refresh_token
|
43
56
|
@refresh_token ||= @access_token.refresh_token
|
@@ -53,6 +66,7 @@ module OmniAuth
|
|
53
66
|
end
|
54
67
|
|
55
68
|
def user_info
|
69
|
+
|
56
70
|
{
|
57
71
|
'name' => "#{user_data['first_name']} #{user_data['last_name']}",
|
58
72
|
'nickname' => user_data['username'],
|
@@ -67,6 +81,21 @@ module OmniAuth
|
|
67
81
|
},
|
68
82
|
}
|
69
83
|
end
|
84
|
+
def build_access_token
|
85
|
+
token=super
|
86
|
+
##remove expires_at from token, invalid format
|
87
|
+
token=::OAuth2::AccessToken.new(token.client,token.token,{:expires_in=>token.expires_in,:refresh_token=>token.refresh_token}.merge(token.params))
|
88
|
+
## if token is expired refresh and again remove expires_at
|
89
|
+
if token.expired?
|
90
|
+
token=token.refresh!
|
91
|
+
token=::OAuth2::AccessToken.new(token.client,token.token,{:expires_in=>token.expires_in,:refresh_token=>token.refresh_token}.merge(token.params))
|
92
|
+
end
|
93
|
+
token
|
94
|
+
|
95
|
+
end
|
96
|
+
|
70
97
|
end
|
98
|
+
|
99
|
+
|
71
100
|
end
|
72
101
|
end
|
@@ -5,12 +5,22 @@ module OmniAuth
|
|
5
5
|
class Salesforce < OmniAuth::Strategies::OAuth2
|
6
6
|
def initialize(app, client_id=nil, client_secret=nil, options={}, &block)
|
7
7
|
client_options = {
|
8
|
-
:
|
9
|
-
:
|
8
|
+
:site => 'https://login.salesforce.com',
|
9
|
+
:authorize_url => '/services/oauth2/authorize',
|
10
|
+
:token_url => '/services/oauth2/token',
|
10
11
|
}
|
11
|
-
options.merge!(:response_type => 'code', :grant_type => 'authorization_code')
|
12
12
|
super(app, :salesforce, client_id, client_secret, client_options, options, &block)
|
13
13
|
end
|
14
|
+
|
15
|
+
def request_phase
|
16
|
+
options[:response_type] ||= 'code'
|
17
|
+
super
|
18
|
+
end
|
19
|
+
|
20
|
+
def callback_phase
|
21
|
+
options[:grant_type] ||= 'authorization_code'
|
22
|
+
super
|
23
|
+
end
|
14
24
|
|
15
25
|
def auth_hash
|
16
26
|
data = user_data
|
@@ -35,10 +45,12 @@ module OmniAuth
|
|
35
45
|
end
|
36
46
|
|
37
47
|
def user_data
|
38
|
-
@
|
48
|
+
@access_token.options[:header_format] = 'OAuth %s'
|
49
|
+
|
50
|
+
@data ||= @access_token.get(@access_token['id']).parsed
|
39
51
|
rescue ::OAuth2::Error => e
|
40
52
|
if e.response.status == 302
|
41
|
-
@data ||=
|
53
|
+
@data ||= @access_token.get(e.response.headers['location']).parsed
|
42
54
|
else
|
43
55
|
raise e
|
44
56
|
end
|
@@ -49,8 +49,6 @@ module OmniAuth
|
|
49
49
|
temp_access_token = client.auth_code.get_token(verifier, {:redirect_uri => callback_url}.merge(options))
|
50
50
|
token = eval(temp_access_token.token)['token']
|
51
51
|
@access_token = ::OAuth2::AccessToken.new(client, token, temp_access_token.params)
|
52
|
-
rescue ::OAuth2::Error => e
|
53
|
-
raise e.response.inspect
|
54
52
|
end
|
55
53
|
|
56
54
|
def user_hash
|
data/lib/omniauth/version.rb
CHANGED
metadata
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oa-oauth
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash:
|
4
|
+
hash: 23
|
5
5
|
prerelease:
|
6
6
|
segments:
|
7
7
|
- 0
|
8
8
|
- 3
|
9
|
-
-
|
10
|
-
version: 0.3.
|
9
|
+
- 2
|
10
|
+
version: 0.3.2
|
11
11
|
platform: ruby
|
12
12
|
authors:
|
13
13
|
- Michael Bleigh
|
@@ -16,7 +16,7 @@ autorequire:
|
|
16
16
|
bindir: bin
|
17
17
|
cert_chain: []
|
18
18
|
|
19
|
-
date: 2011-
|
19
|
+
date: 2011-10-20 00:00:00 -07:00
|
20
20
|
default_executable:
|
21
21
|
dependencies:
|
22
22
|
- !ruby/object:Gem::Dependency
|
@@ -75,12 +75,12 @@ dependencies:
|
|
75
75
|
requirements:
|
76
76
|
- - "="
|
77
77
|
- !ruby/object:Gem::Version
|
78
|
-
hash:
|
78
|
+
hash: 23
|
79
79
|
segments:
|
80
80
|
- 0
|
81
81
|
- 3
|
82
|
-
-
|
83
|
-
version: 0.3.
|
82
|
+
- 2
|
83
|
+
version: 0.3.2
|
84
84
|
type: :runtime
|
85
85
|
version_requirements: *id004
|
86
86
|
- !ruby/object:Gem::Dependency
|
@@ -289,6 +289,7 @@ files:
|
|
289
289
|
- lib/omniauth/strategies/oauth/linked_in.rb
|
290
290
|
- lib/omniauth/strategies/oauth/meetup.rb
|
291
291
|
- lib/omniauth/strategies/oauth/miso.rb
|
292
|
+
- lib/omniauth/strategies/oauth/my_space.rb
|
292
293
|
- lib/omniauth/strategies/oauth/netflix.rb
|
293
294
|
- lib/omniauth/strategies/oauth/orkut.rb
|
294
295
|
- lib/omniauth/strategies/oauth/plurk.rb
|
@@ -305,6 +306,7 @@ files:
|
|
305
306
|
- lib/omniauth/strategies/oauth/twitter.rb
|
306
307
|
- lib/omniauth/strategies/oauth/type_pad.rb
|
307
308
|
- lib/omniauth/strategies/oauth/vimeo.rb
|
309
|
+
- lib/omniauth/strategies/oauth/xing.rb
|
308
310
|
- lib/omniauth/strategies/oauth/yahoo.rb
|
309
311
|
- lib/omniauth/strategies/oauth/you_tube.rb
|
310
312
|
- lib/omniauth/strategies/oauth2.rb
|
@@ -355,6 +357,7 @@ files:
|
|
355
357
|
- spec/omniauth/strategies/oauth/linked_in_spec.rb
|
356
358
|
- spec/omniauth/strategies/oauth/meetup_spec.rb
|
357
359
|
- spec/omniauth/strategies/oauth/miso_spec.rb
|
360
|
+
- spec/omniauth/strategies/oauth/my_space_spec.rb
|
358
361
|
- spec/omniauth/strategies/oauth/netflix_spec.rb
|
359
362
|
- spec/omniauth/strategies/oauth/oauth_spec.rb
|
360
363
|
- spec/omniauth/strategies/oauth/orkut_spec.rb
|
@@ -369,6 +372,7 @@ files:
|
|
369
372
|
- spec/omniauth/strategies/oauth/twitter_spec.rb
|
370
373
|
- spec/omniauth/strategies/oauth/type_pad_spec.rb
|
371
374
|
- spec/omniauth/strategies/oauth/vimeo_spec.rb
|
375
|
+
- spec/omniauth/strategies/oauth/xing_spec.rb
|
372
376
|
- spec/omniauth/strategies/oauth/yahoo_spec.rb
|
373
377
|
- spec/omniauth/strategies/oauth/you_tube_spec.rb
|
374
378
|
- spec/omniauth/strategies/oauth2/angellist_spec.rb
|
@@ -451,6 +455,7 @@ test_files:
|
|
451
455
|
- spec/omniauth/strategies/oauth/linked_in_spec.rb
|
452
456
|
- spec/omniauth/strategies/oauth/meetup_spec.rb
|
453
457
|
- spec/omniauth/strategies/oauth/miso_spec.rb
|
458
|
+
- spec/omniauth/strategies/oauth/my_space_spec.rb
|
454
459
|
- spec/omniauth/strategies/oauth/netflix_spec.rb
|
455
460
|
- spec/omniauth/strategies/oauth/oauth_spec.rb
|
456
461
|
- spec/omniauth/strategies/oauth/orkut_spec.rb
|
@@ -465,6 +470,7 @@ test_files:
|
|
465
470
|
- spec/omniauth/strategies/oauth/twitter_spec.rb
|
466
471
|
- spec/omniauth/strategies/oauth/type_pad_spec.rb
|
467
472
|
- spec/omniauth/strategies/oauth/vimeo_spec.rb
|
473
|
+
- spec/omniauth/strategies/oauth/xing_spec.rb
|
468
474
|
- spec/omniauth/strategies/oauth/yahoo_spec.rb
|
469
475
|
- spec/omniauth/strategies/oauth/you_tube_spec.rb
|
470
476
|
- spec/omniauth/strategies/oauth2/angellist_spec.rb
|