RubyGems - oauth-plugin - Versions diffs - 0.4.0.pre4 → 0.4.0.pre5 - Mend

oauth-plugin 0.4.0.pre4 → 0.4.0.pre5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

data/.gitignore CHANGED Viewed

@@ -6,3 +6,5 @@ pkg
 *.gem
 .bundle
 .swp
+.idea
+.rvmrc

data/CHANGELOG CHANGED Viewed

@@ -1,3 +1,14 @@
+0.4.0-pre5
+  - protect oauth consumer relay with :expose configuration option. It's off by default. [pelle]
+  - Reenable twitter client. It is now configurable for twitter tokens. :client=>:twitter_gem or :oauth_gem [pelle]
+  - fix issues with new consumer tokens [afeld]
+  - More forgiving about oob callback values[chrisrhoden]
+  - Update Twitter consumer to use latest Twitter Gem [afeld]
+  - removed portable_contacts client from Google Token [p8]
+  - Fixes various mongoid issues [3en]
+  - Adds oauth2 consumer support
+  - Fixes oauth2 provider. parameter should be redirect_uri not redirect_url [Kimtaro]
+  - Most core OAuth functionality is being put into OAuthFilter. This means Rails 2.3 and above only
   0.4.0-pre4
   - Fixed bug when creating a new user from a new consumer token
   - Fix typo in consumer token [krasio]

data/Gemfile.lock ADDED Viewed

@@ -0,0 +1,66 @@
+PATH
+  remote: .
+  specs:
+    oauth-plugin (0.4.0.pre5)
+      multi_json
+      oauth (~> 0.4.4)
+      oauth2
+      rack
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.2.6)
+    diff-lcs (1.1.2)
+    fakeweb (1.3.0)
+    faraday (0.6.1)
+      addressable (~> 2.2.4)
+      multipart-post (~> 1.1.0)
+      rack (>= 1.1.0, < 2)
+    fuubar (0.0.5)
+      rspec (~> 2.0)
+      rspec-instafail (~> 0.1.4)
+      ruby-progressbar (~> 0.0.10)
+    growl (1.0.3)
+    guard (0.3.4)
+      thor (~> 0.14.6)
+    guard-rspec (0.3.1)
+      guard (>= 0.2.2)
+    multi_json (1.0.3)
+    multi_xml (0.2.2)
+    multipart-post (1.1.2)
+    oauth (0.4.4)
+    oauth2 (0.4.1)
+      faraday (~> 0.6.1)
+      multi_json (>= 0.0.5)
+    opentransact (0.1.2)
+      multi_json
+      multi_xml
+      oauth (~> 0.4.4)
+    rack (1.3.0)
+    rack-test (0.6.0)
+      rack (>= 1.0)
+    rspec (2.4.0)
+      rspec-core (~> 2.4.0)
+      rspec-expectations (~> 2.4.0)
+      rspec-mocks (~> 2.4.0)
+    rspec-core (2.4.0)
+    rspec-expectations (2.4.0)
+      diff-lcs (~> 1.1.2)
+    rspec-instafail (0.1.7)
+    rspec-mocks (2.4.0)
+    ruby-progressbar (0.0.10)
+    thor (0.14.6)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  fakeweb
+  fuubar
+  growl
+  guard-rspec
+  oauth-plugin!
+  opentransact
+  rack-test
+  rspec (~> 2.4.0)

data/Guardfile ADDED Viewed

@@ -0,0 +1,8 @@
+# A sample Guardfile
+# More info at http://github.com/guard/guard#readme
+guard 'rspec', :version => 2 do
+  watch('^spec/(.*)_spec.rb')
+  watch('^lib/oauth/(.*)\.rb')                              { |m| "spec/#{m[1]}_spec.rb" }
+  watch('^spec/spec_helper.rb')                       { "spec" }
+end

data/README.rdoc CHANGED Viewed

@@ -67,6 +67,14 @@ This generates OAuth and OAuth client controllers as well as the required models
 It requires an authentication framework such as acts_as_authenticated, restful_authentication or restful_open_id_authentication. It also requires Rails 2.0.
+=== INSTALL RACK FILTER (NEW)
+A big change over previous versions is that we now use a rack filter. You have to install this in your application.rb file:
+  require 'oauth/rack/oauth_filter'
+  config.middleware.use OAuth::Rack::OAuthFilter
 === Generator Options
 The generator supports the defaults you have created in your application.rb file. eg:
@@ -325,11 +333,14 @@ Add entries to OAUTH_CREDENTIALS for all OAuth Applications you wish to connect
   OAUTH_CREDENTIALS={
     :twitter=>{
       :key=>"key",
-      :secret=>"secret"
+      :secret=>"secret",
+      :client=>:twitter_gem, # :twitter_gem or :oauth_gem (defaults to :twitter_gem)
+      :expose => false, # set to true to expose client via the web
     },
     :agree2=>{
       :key=>"key",
-      :secret=>"secret"
+      :secret=>"secret",
+      :expose => false, # set to true to expose client via the web
     },
     :hour_feed=>{
       :key=>"",
@@ -370,6 +381,10 @@ And you could do:
 The client method gives you a OAuth::AccessToken which you can use to perform rest operations on the client site - see http://oauth.rubyforge.org/rdoc/classes/OAuth/AccessToken.html
+If you are using Mongoid you want to add an embeds_many association in your user model:
+  embeds_many :consumer_tokens
 === Custom ConsumerToken models
 Before creating the FireEagleToken model the plugin checks if a class already exists by that name or if we provide an api wrapper for it. This allows you to create a better token model that uses an existing ruby gem.
@@ -391,9 +406,33 @@ To connect a user to an external service link or redirect them to:
 Where SERVICE_NAME is the name you set in the OAUTH_CREDENTIALS hash. This will request the request token and redirect the user to the services authorization screen. When the user accepts the get redirected back to:
   /oauth_consumers/[SERVICE_NAME]/callback
 You can specify this url to the service you're calling when you register, but it will automatically be sent along anyway.
+=== Expose client
+This is designed to let your local javascript apps access remote OAuth apis. You have to specifically enable this by adding the expose flag to your oauth config file. eg:
+  OAUTH_CREDENTIALS={
+    :twitter=>{
+      :key=>"key",
+      :secret=>"secret",
+      :client=>:oauth_gem, # :twitter_gem or :oauth_gem (defaults to :twitter_gem)
+      :expose => true      # set to true to expose client via the web
+    }
+Once the user has authorized your application, you can access the client APIs via:
+  /oauth_consumers/[SERVICE_NAME]/client/[ENDPOINT]
+For example to get the user's Google Calendars in JSON (documented in their API as "https://www.google.com/calendar/feeds/default?alt=jsonc"), you would append that path as the ENDPOINT above, i.e.
+  /oauth_consumers/google/client/calendar/feeds/default?alt=jsonc
+As another example, to get my Twitter info as XML (available at "https://api.twitter.com/1/users/show.xml?screen_name=pelleb"), use:
+  /oauth_consumers/twitter/client/1/users/show.xml?screen_name=pelleb
 === Migrate database
 The database is defined in:
@@ -404,6 +443,13 @@ Run them as any other normal migration in rails with:
   rake db:migrate
+== Contribute and earn OAuth Karma
+Anyone who has a commit accepted into the official oauth-plugin git repo is awarded OAuthKarma:
+https://picomoney.com/oauth-karma/accounts
 == More
 The Mailing List for all things OAuth in Ruby is:
@@ -418,4 +464,4 @@ The OAuth Ruby Gem home page is http://oauth.rubyforge.org
 Please help documentation, patches and testing.
-Copyright (c) 2007-2010 Pelle Braendgaard and contributors, released under the MIT license
+Copyright (c) 2007-2011 Pelle Braendgaard and contributors, released under the MIT license

data/generators/oauth_consumer/templates/controller.rb CHANGED Viewed

@@ -7,6 +7,14 @@ class OauthConsumersController < ApplicationController
     @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
   end
+  def callback
+    super
+  end
+  def client
+    super
+  end
   protected
   # Change this to decide where you want to redirect user to after callback is finished.

data/generators/oauth_consumer/templates/oauth_config.rb CHANGED Viewed

@@ -6,13 +6,27 @@
 # OAUTH_CREDENTIALS={
 #   :twitter=>{
 #     :key=>"",
-#     :secret=>""
+#     :secret=>"",
+#     :client=>:twitter_gem, # :twitter_gem or :oauth_gem (defaults to :twitter_gem)
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
+#     :allow_login => true # Use :allow_login => true to allow user to login to account
 #   },
 #   :google=>{
 #     :key=>"",
 #     :secret=>"",
+#     :expose => false, # expose client at /oauth_consumers/google/client see docs
 #     :scope=>"" # see http://code.google.com/apis/gdata/faq.html#AuthScopes
 #   },
+#   :github=>{
+#     :key => "",
+#     :secret => "",
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
+#
+#   },
+#   :facebook=>{
+#     :key => "",
+#     :secret => ""
+#   },
 #   :agree2=>{
 #     :key=>"",
 #     :secret=>""
@@ -21,6 +35,14 @@
 #     :key=>"",
 #     :secret=>""
 #   },
+#   :oauth2_server => {
+#      :key=>"",
+#      :secret=>"",
+#      :oauth_version => 2
+#      :options=>{ # OAuth::Consumer options
+#        :site=>"http://hourfeed.com" # Remember to add a site for a generic OAuth site
+#      }
+#   },
 #   :hour_feed=>{
 #     :key=>"",
 #     :secret=>"",

data/generators/oauth_provider/oauth_provider_generator.rb CHANGED Viewed

@@ -73,8 +73,6 @@ class OauthProviderGenerator < Rails::Generator::Base
         m.template 'client_applications.yml',File.join('spec/fixtures',"client_applications.yml")
         m.template 'oauth_tokens.yml',    File.join('spec/fixtures',"oauth_tokens.yml")
         m.template 'oauth_nonces.yml',    File.join('spec/fixtures',"oauth_nonces.yml")
-        m.template 'controller_spec_helper.rb', File.join('spec/controllers', controller_class_path,"#{controller_file_name}_controller_spec_helper.rb")
-        m.template 'controller_spec.rb',File.join('spec/controllers',controller_class_path,"#{controller_file_name}_controller_spec.rb")
         m.template 'clients_controller_spec.rb',File.join('spec/controllers',controller_class_path,"#{controller_file_name}_clients_controller_spec.rb")
       else
         m.directory File.join('test')
@@ -87,8 +85,6 @@ class OauthProviderGenerator < Rails::Generator::Base
         m.template 'client_applications.yml',File.join('test/fixtures',"client_applications.yml")
         m.template 'oauth_tokens.yml',    File.join('test/fixtures',"oauth_tokens.yml")
         m.template 'oauth_nonces.yml',    File.join('test/fixtures',"oauth_nonces.yml")
-        m.template 'controller_test_helper.rb', File.join('test', controller_class_path,"#{controller_file_name}_controller_test_helper.rb")
-        m.template 'controller_test.rb',File.join('test/functional',controller_class_path,"#{controller_file_name}_controller_test.rb")
         m.template 'clients_controller_test.rb',File.join('test/functional',controller_class_path,"#{controller_file_name}_clients_controller_test.rb")
       end

data/generators/oauth_provider/templates/oauth2_authorize.html.erb CHANGED Viewed

@@ -3,7 +3,7 @@
 <%% form_tag authorize_url do %>
   <%%= hidden_field_tag "response_type", params[:response_type]%>
   <%%= hidden_field_tag "client_id", params[:client_id]%>
-  <%%= hidden_field_tag "redirect_url", params[:redirect_url]%>
+  <%%= hidden_field_tag "redirect_uri", params[:redirect_uri]%>
   <%%= hidden_field_tag "state", params[:state]%>
   <%%= hidden_field_tag "scope", params[:scope]%>
@@ -13,4 +13,4 @@
 <p>
   <%%= submit_tag %>
 </p>
-<%% end %>
+<%% end %>

data/generators/oauth_provider/templates/oauth2_authorize.html.haml CHANGED Viewed

@@ -8,7 +8,7 @@
 - form_tag authorize_url do
   = hidden_field_tag "response_type", params[:response_type]
   = hidden_field_tag "client_id", params[:client_id]
-  = hidden_field_tag "redirect_url", params[:redirect_url]
+  = hidden_field_tag "redirect_uri", params[:redirect_uri]
   = hidden_field_tag "state", params[:state]
   = hidden_field_tag "scope", params[:scope]
   = check_box_tag 'authorize'

data/generators/oauth_provider/templates/request_token.rb CHANGED Viewed

@@ -30,11 +30,11 @@ class RequestToken < OauthToken
   end
   def oob?
-    self.callback_url=='oob'
+    callback_url.nil? || callback_url.downcase == 'oob'
   end
   def oauth10?
     (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
   end
-end
+end

data/lib/generators/active_record/oauth_provider_templates/request_token.rb CHANGED Viewed

@@ -28,9 +28,9 @@ class RequestToken < OauthToken
       "#{super}&oauth_callback_confirmed=true"
     end
   end
   def oob?
-    self.callback_url=='oob'
+    callback_url.nil? || callback_url.downcase == 'oob'
   end
   def oauth10?

data/lib/generators/erb/oauth_provider_templates/oauth2_authorize.html.erb CHANGED Viewed

@@ -3,7 +3,7 @@
 <%% form_tag authorize_url do %>
   <%%= hidden_field_tag "response_type", params[:response_type]%>
   <%%= hidden_field_tag "client_id", params[:client_id]%>
-  <%%= hidden_field_tag "redirect_url", params[:redirect_url]%>
+  <%%= hidden_field_tag "redirect_uri", params[:redirect_uri]%>
   <%%= hidden_field_tag "state", params[:state]%>
   <%%= hidden_field_tag "scope", params[:scope]%>

data/lib/generators/haml/oauth_provider_templates/oauth2_authorize.html.haml CHANGED Viewed

@@ -8,7 +8,7 @@
 - form_tag authorize_url do
   = hidden_field_tag "response_type", params[:response_type]
   = hidden_field_tag "client_id", params[:client_id]
-  = hidden_field_tag "redirect_url", params[:redirect_url]
+  = hidden_field_tag "redirect_uri", params[:redirect_uri]
   = hidden_field_tag "state", params[:state]
   = hidden_field_tag "scope", params[:scope]
   = check_box_tag 'authorize'

data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb CHANGED Viewed

@@ -18,20 +18,22 @@ class ConsumerToken
   #   index "consumer_tokens.token"
   #
   embedded_in :user, :inverse_of => :consumer_tokens
   def self.find_or_create_from_access_token(user,access_token)
+    secret = access_token.respond_to?(:secret) ? access_token.secret : nil
     if user
-      user.consumer_tokens.first(:conditions=>{:_type=>self.to_s,:token=>access_token.token}) ||
-        user.consumer_tokens.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>access_token.secret)
+      user.consumer_tokens.where(:_type=>self.to_s,:token=>access_token.token).first ||
+        self.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>secret, :user=>user)
     else
-      # Is there a better way of doing this in mongoid?
-      # Please submit a patch
-      user = User.first(:conditions=>{:_type=>self.to_s,"consumer_tokens.token"=>access_token.token})
+      user = User.where("consumer_tokens._type"=>self.to_s,"consumer_tokens.token"=>access_token.token).first
       if user
         user.consumer_tokens.detect{|t| t.token==access_token.token && t.is_a?(self)}
       else
-        user = User.create
-        user.consumer_tokens.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>access_token.secret)
+        user = User.new
+        self.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>secret, :user=>user)
+        user.save!
+        user.consumer_tokens.last
       end
     end
   end

data/lib/generators/mongoid/oauth_provider_templates/request_token.rb CHANGED Viewed

@@ -25,9 +25,9 @@ class RequestToken < OauthToken
       "#{super}&oauth_callback_confirmed=true"
     end
   end
   def oob?
-    self.callback_url == 'oob'
+    callback_url.nil? || callback_url.downcase == 'oob'
   end
   def oauth10?

data/lib/generators/oauth_consumer/oauth_consumer_generator.rb CHANGED Viewed

@@ -19,7 +19,11 @@ class OauthConsumerGenerator < Rails::Generators::Base
   def add_route
     route <<-ROUTE.strip
 resources :oauth_consumers do
-    get :callback, :on => :member
+    member do
+      get :callback
+      get :callback2
+      match 'client/*endpoint' => 'oauth_consumers#client'
+    end
   end
 ROUTE
   end

data/lib/generators/oauth_consumer/templates/controller.rb CHANGED Viewed

@@ -12,6 +12,15 @@ class OauthConsumersController < ApplicationController
     @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
   end
+  def callback
+  	super
+  end
+  def client
+    super
+  end
   protected
   # Change this to decide where you want to redirect user to after callback is finished.

data/lib/generators/oauth_consumer/templates/oauth_config.rb CHANGED Viewed

@@ -7,13 +7,26 @@
 #   :twitter=>{
 #     :key=>"",
 #     :secret=>"",
+#     :client=>:twitter_gem, # :twitter_gem or :oauth_gem (defaults to :twitter_gem)
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
 #     :allow_login => true # Use :allow_login => true to allow user to login to account
 #   },
 #   :google=>{
 #     :key=>"",
 #     :secret=>"",
+#     :expose => false, # expose client at /oauth_consumers/google/client see docs
 #     :scope=>"" # see http://code.google.com/apis/gdata/faq.html#AuthScopes
 #   },
+#   :github=>{
+#     :key => "",
+#     :secret => "",
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
+#
+#   },
+#   :facebook=>{
+#     :key => "",
+#     :secret => ""
+#   },
 #   :agree2=>{
 #     :key=>"",
 #     :secret=>""
@@ -22,6 +35,14 @@
 #     :key=>"",
 #     :secret=>""
 #   },
+#   :oauth2_server => {
+#      :key=>"",
+#      :secret=>"",
+#      :oauth_version => 2
+#      :options=>{ # OAuth::Consumer options
+#        :site=>"http://hourfeed.com" # Remember to add a site for a generic OAuth site
+#      }
+#   },
 #   :hour_feed=>{
 #     :key=>"",
 #     :secret=>"",