oauth-plugin 0.3.8 → 0.3.9

data/CHANGELOG

@@ -1,3 +1,14 @@
+7/25/2009
+  0.3.9
+  - Added an Index to oauth consumers controller. Rerun generator to create index template
+  - Added invalidate action to provider, which allows a token to invalidate itself /oauth/invalidate
+  - Added capabilities action to provider. Lets you expand to allow auto discovery of permissions and services that token provides.
+  - Can override how authorize form indicates an authorization. To get around ugly checkbox
+  
+    def user_authorizes_token?
+      params[:commit] == 'Authorize'
+    end
+  
 7/23/2009
   0.3.8
   - Fixed Gem Plugins Loading

data/VERSION

@@ -1 +1 @@
-0.3.8
+0.3.9

data/generators/oauth_consumer/oauth_consumer_generator.rb

@@ -22,6 +22,7 @@ class OauthConsumerGenerator < Rails::Generator::Base
       @template_extension= options[:haml] ? "haml" : "erb"
       
       m.template "show.html.#{@template_extension}",  File.join('app/views', 'oauth_consumers', "show.html.#{@template_extension}")
+      m.template "index.html.#{@template_extension}",  File.join('app/views', 'oauth_consumers', "index.html.#{@template_extension}")
       
       unless options[:skip_migration] 
         m.migration_template 'migration.rb', 'db/migrate', :assigns => {

data/generators/oauth_consumer/templates/controller.rb

@@ -2,6 +2,11 @@ require 'oauth/controllers/consumer_controller'
 class OauthConsumersController < ApplicationController
   include Oauth::Controllers::ConsumerController
   
+  def index
+    @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
+    @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
+  end
+  
   protected
   
   # Change this to decide where you want to redirect user to after callback is finished.

data/generators/oauth_consumer/templates/index.html.erb

@@ -0,0 +1,27 @@
+<h1>Services</h1>
+
+<%% if @consumer_tokens.empty? %>
+  <p>
+    You are currently not connected to any external services.
+  </p>
+<%% else %>
+  <p>
+    You are connected to the following services:
+  </p>
+  <ul>
+    <%% @consumer_tokens.each do |token| %>
+      <li>
+        <%%= link_to token.class.service_name.to_s.humanize, oauth_consumer_path(token.class.service_name) %>
+      </li>
+    <%% end %>
+  </ul>
+
+<%% unless @services.empty? %>
+<h3>You can connect to the following services:</h3>
+<ul>
+  <%% @services.each do |service| %>
+    <li>
+      <%%= link_to service.to_s.humanize, oauth_consumer_path(service) %>
+    </li>
+  <%% end %>
+</ul>

data/generators/oauth_consumer/templates/index.html.haml

@@ -0,0 +1,18 @@
+%h1 Services
+
+-if @consumer_tokens.empty?
+  %p
+    You are currently not connected to any external services.
+-else
+  %p You are connected to the following services:
+  %ul
+    -@consumer_tokens.each do |token|
+      %li
+        =link_to token.class.service_name.to_s.humanize, oauth_consumer_path(token.class.service_name)
+
+-unless @services.empty?
+  %h3 You can connect to the following services:
+  %ul
+    -@services.each do |service|
+      %li
+        =link_to service.to_s.humanize,oauth_consumer_path(service)

data/generators/oauth_provider/oauth_provider_generator.rb

@@ -53,6 +53,7 @@ class OauthProviderGenerator < Rails::Generator::Base
       m.route_name 'request_token', '/oauth/request_token',:controller=>'oauth',:action=>'request_token'
       m.route_name 'access_token', '/oauth/access_token',:controller=>'oauth',:action=>'access_token'
       m.route_name 'test_request', '/oauth/test_request',:controller=>'oauth',:action=>'test_request'
+
       m.route_resources "#{controller_file_name}_clients".to_sym
       
       if !options[:test_unit]

data/generators/oauth_provider/templates/access_token.rb

@@ -2,6 +2,12 @@ class AccessToken < OauthToken
   validates_presence_of :user
   before_create :set_authorized_at
   
+  # Implement this to return a hash or array of the capabilities the access token has
+  # This is particularly useful if you have implemented user defined permissions.
+  # def capabilities
+  #   {:invalidate=>"/oauth/invalidate",:capabilities=>"/oauth/capabilities"}
+  # end
+  
   protected 
   
   def set_authorized_at

data/generators/oauth_provider/templates/controller.rb

@@ -2,4 +2,10 @@ require 'oauth/controllers/provider_controller'
 class OauthController < ApplicationController
   include OAuth::Controllers::ProviderController
   
+  # Override this to match your authorization page form
+  # It currently expects a checkbox called authorize
+  # def user_authorizes_token?
+  #   params[:authorize] == '1'
+  # end
+  
 end

data/lib/oauth/controllers/consumer_controller.rb

@@ -4,11 +4,18 @@ module Oauth
       def self.included(controller)
         controller.class_eval do  
           before_filter :login_required
-          before_filter :load_consumer
-          skip_before_filter :verify_authenticity_token
+          before_filter :load_consumer, :except=>:index
+          skip_before_filter :verify_authenticity_token,:only=>:callback
         end
       end
       
+      def index
+        @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
+        # The services the user hasn't already connected to
+        @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
+      end
+      
+      
       # creates request token and redirects on to oauth provider's auth page
       # If user is already connected it displays a page with an option to disconnect and redo
       def show
@@ -41,7 +48,7 @@ module Oauth
       def destroy
         throw RecordNotFound unless @token
         @token.destroy
-        if params[:Reconnect]
+        if params[:commit]=="Reconnect"
           redirect_to oauth_consumer_url(params[:id])
         else
           flash[:notice] = "#{params[:id].humanize} was successfully disconnected from your account"

data/lib/oauth/controllers/provider_controller.rb

@@ -4,8 +4,9 @@ module OAuth
     module ProviderController
       def self.included(controller)
         controller.class_eval do
-          before_filter :login_required, :except => [:request_token, :access_token, :test_request]
+          before_filter :login_required, :only => [:authorize,:revoke]
           before_filter :login_or_oauth_required, :only => [:test_request]
+          before_filter :oauth_required, :only => [:invalidate,:capabilities]
           before_filter :verify_oauth_consumer_signature, :only => [:request_token]
           before_filter :verify_oauth_request_token, :only => [:access_token]
           skip_before_filter :verify_authenticity_token
@@ -38,7 +39,7 @@ module OAuth
         @token = ::RequestToken.find_by_token params[:oauth_token]
         unless @token.invalidated?    
           if request.post? 
-            if params[:authorize] == '1'
+            if user_authorizes_token?
               @token.authorize!(current_user)
               if @token.oauth10?
                 @redirect_url = params[:oauth_callback] || @token.client_application.callback_url
@@ -55,7 +56,7 @@ module OAuth
               else
                 render :action => "authorize_success"
               end
-            elsif params[:authorize] == "0"
+            else
               @token.invalidate!
               render :action => "authorize_failure"
             end
@@ -73,6 +74,33 @@ module OAuth
         end
         redirect_to oauth_clients_url
       end
+      
+      # Invalidate current token
+      def invalidate
+        current_token.invalidate!
+        head :status=>410
+      end
+      
+      # Capabilities of current_token
+      def capabilities
+        if current_token.respond_to?(:capabilities)
+          @capabilities=current_token.capabilities
+        else
+          @capabilities={:invalidate=>url_for(:action=>:invalidate)}
+        end
+        
+        respond_to do |format|
+          format.json {render :json=>@capabilities}
+          format.xml {render :xml=>@capabilities}
+        end
+      end
+
+      protected
+      
+      # Override this to match your authorization page form
+      def user_authorizes_token?
+        params[:authorize] == '1'
+      end
     end
   end
 end

data/oauth-plugin.gemspec

@@ -2,11 +2,11 @@
 
 Gem::Specification.new do |s|
   s.name = %q{oauth-plugin}
-  s.version = "0.3.8"
+  s.version = "0.3.9"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["Pelle Braendgaard"]
-  s.date = %q{2009-07-23}
+  s.date = %q{2009-07-26}
   s.description = %q{Rails plugin for implementing an OAuth Provider or Consumer}
   s.email = %q{oauth-ruby@googlegroups.com}
   s.extra_rdoc_files = [
@@ -23,6 +23,8 @@ Gem::Specification.new do |s|
      "generators/oauth_consumer/oauth_consumer_generator.rb",
      "generators/oauth_consumer/templates/consumer_token.rb",
      "generators/oauth_consumer/templates/controller.rb",
+     "generators/oauth_consumer/templates/index.html.erb",
+     "generators/oauth_consumer/templates/index.html.haml",
      "generators/oauth_consumer/templates/migration.rb",
      "generators/oauth_consumer/templates/oauth_config.rb",
      "generators/oauth_consumer/templates/show.html.erb",

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: oauth-plugin
 version: !ruby/object:Gem::Version 
-  version: 0.3.8
+  version: 0.3.9
 platform: ruby
 authors: 
 - Pelle Braendgaard
@@ -9,7 +9,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-07-23 00:00:00 -04:00
+date: 2009-07-26 00:00:00 -04:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -41,6 +41,8 @@ files:
 - generators/oauth_consumer/oauth_consumer_generator.rb
 - generators/oauth_consumer/templates/consumer_token.rb
 - generators/oauth_consumer/templates/controller.rb
+- generators/oauth_consumer/templates/index.html.erb
+- generators/oauth_consumer/templates/index.html.haml
 - generators/oauth_consumer/templates/migration.rb
 - generators/oauth_consumer/templates/oauth_config.rb
 - generators/oauth_consumer/templates/show.html.erb