oauth-plugin 0.4.0.rc2 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (60) hide show
  1. data/CHANGELOG +7 -0
  2. data/README.rdoc +1 -1
  3. data/UPGRADE.rdoc +1 -1
  4. data/generators/oauth_consumer/oauth_consumer_generator.rb +9 -9
  5. data/generators/oauth_consumer/templates/consumer_token.rb +3 -3
  6. data/generators/oauth_consumer/templates/controller.rb +5 -5
  7. data/generators/oauth_consumer/templates/migration.rb +3 -3
  8. data/generators/oauth_consumer/templates/oauth_config.rb +3 -3
  9. data/generators/oauth_consumer/templates/show.html.haml +1 -1
  10. data/generators/oauth_provider/USAGE +1 -1
  11. data/generators/oauth_provider/lib/insert_routes.rb +8 -8
  12. data/generators/oauth_provider/oauth_provider_generator.rb +10 -10
  13. data/generators/oauth_provider/templates/_form.html.haml +4 -4
  14. data/generators/oauth_provider/templates/access_token.rb +4 -4
  15. data/generators/oauth_provider/templates/client_application.rb +8 -8
  16. data/generators/oauth_provider/templates/client_application_spec.rb +5 -5
  17. data/generators/oauth_provider/templates/client_application_test.rb +7 -7
  18. data/generators/oauth_provider/templates/clients_controller.rb +4 -4
  19. data/generators/oauth_provider/templates/clients_controller_spec.rb +30 -30
  20. data/generators/oauth_provider/templates/clients_controller_test.rb +54 -54
  21. data/generators/oauth_provider/templates/controller.rb +3 -3
  22. data/generators/oauth_provider/templates/index.html.erb +2 -2
  23. data/generators/oauth_provider/templates/index.html.haml +2 -2
  24. data/generators/oauth_provider/templates/migration.rb +5 -5
  25. data/generators/oauth_provider/templates/oauth2_authorize.html.erb +1 -1
  26. data/generators/oauth_provider/templates/oauth_nonce.rb +1 -1
  27. data/generators/oauth_provider/templates/oauth_nonce_spec.rb +3 -3
  28. data/generators/oauth_provider/templates/oauth_nonce_test.rb +4 -4
  29. data/generators/oauth_provider/templates/oauth_token.rb +6 -6
  30. data/generators/oauth_provider/templates/oauth_token_spec.rb +38 -38
  31. data/generators/oauth_provider/templates/oauth_token_test.rb +10 -10
  32. data/generators/oauth_provider/templates/request_token.rb +7 -7
  33. data/generators/oauth_provider/templates/show.html.haml +3 -3
  34. data/init.rb +1 -1
  35. data/lib/generators/active_record/oauth_consumer_templates/consumer_token.rb +3 -3
  36. data/lib/generators/active_record/oauth_consumer_templates/migration.rb +3 -3
  37. data/lib/generators/active_record/oauth_provider_templates/migration.rb +1 -1
  38. data/lib/generators/active_record/oauth_provider_templates/request_token.rb +1 -1
  39. data/lib/generators/haml/oauth_consumer_templates/show.html.haml +1 -1
  40. data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb +6 -6
  41. data/lib/generators/mongoid/oauth_provider_templates/oauth_token.rb +1 -1
  42. data/lib/generators/mongoid/oauth_provider_templates/request_token.rb +1 -1
  43. data/lib/generators/oauth_consumer/oauth_consumer_generator.rb +6 -6
  44. data/lib/generators/oauth_consumer/templates/controller.rb +10 -10
  45. data/lib/generators/oauth_consumer/templates/oauth_config.rb +3 -3
  46. data/lib/oauth-plugin.rb +7 -5
  47. data/lib/oauth-plugin/version.rb +1 -1
  48. data/lib/oauth/controllers/application_controller_methods.rb +19 -19
  49. data/lib/oauth/controllers/consumer_controller.rb +25 -15
  50. data/lib/oauth/models/consumers/service_loader.rb +1 -1
  51. data/lib/oauth/models/consumers/services/agree2_token.rb +2 -2
  52. data/lib/oauth/models/consumers/services/fireeagle_token.rb +7 -7
  53. data/lib/oauth/models/consumers/services/oauth2_token.rb +9 -9
  54. data/lib/oauth/models/consumers/services/opentransact_token.rb +4 -4
  55. data/lib/oauth/models/consumers/services/picomoney_token.rb +2 -2
  56. data/lib/oauth/models/consumers/services/twitter_token.rb +5 -5
  57. data/lib/oauth/models/consumers/simple_client.rb +5 -5
  58. data/lib/oauth/models/consumers/token.rb +13 -14
  59. data/oauth-plugin.gemspec +1 -1
  60. metadata +160 -111
@@ -1,7 +1,7 @@
1
1
  class RequestToken < OauthToken
2
-
2
+
3
3
  attr_accessor :provided_oauth_verifier
4
-
4
+
5
5
  def authorize!(user)
6
6
  return false if authorized?
7
7
  self.user = user
@@ -9,18 +9,18 @@ class RequestToken < OauthToken
9
9
  self.verifier=OAuth::Helper.generate_key(20)[0,20] unless oauth10?
10
10
  self.save
11
11
  end
12
-
12
+
13
13
  def exchange!
14
14
  return false unless authorized?
15
15
  return false unless oauth10? || verifier==provided_oauth_verifier
16
-
16
+
17
17
  RequestToken.transaction do
18
18
  access_token = AccessToken.create(:user => user, :client_application => client_application)
19
19
  invalidate!
20
20
  access_token
21
21
  end
22
22
  end
23
-
23
+
24
24
  def to_query
25
25
  if oauth10?
26
26
  super
@@ -28,11 +28,11 @@ class RequestToken < OauthToken
28
28
  "#{super}&oauth_callback_confirmed=true"
29
29
  end
30
30
  end
31
-
31
+
32
32
  def oob?
33
33
  callback_url.nil? || callback_url.downcase == 'oob'
34
34
  end
35
-
35
+
36
36
  def oauth10?
37
37
  (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
38
38
  end
@@ -1,12 +1,12 @@
1
- %h1
2
- OAuth details for
1
+ %h1
2
+ OAuth details for
3
3
  =@client_application.name
4
4
  %p
5
5
  %strong Consumer Key:
6
6
  %code=@client_application.key
7
7
  %p
8
8
  %strong Consumer Secret:
9
- %code=@client_application.secret
9
+ %code=@client_application.secret
10
10
 
11
11
  %p
12
12
  %strong Request Token URL
data/init.rb CHANGED
@@ -1 +1 @@
1
- require File.dirname(__FILE__) + "/rails/init"
1
+ require File.dirname(__FILE__) + "/rails/init"
@@ -1,11 +1,11 @@
1
1
  require 'oauth/models/consumers/token'
2
2
  class ConsumerToken < ActiveRecord::Base
3
3
  include Oauth::Models::Consumers::Token
4
-
4
+
5
5
  # You can safely remove this callback if you don't allow login from any of your services
6
6
  before_create :create_user
7
-
7
+
8
8
  # Modify this with class_name etc to match your application
9
9
  belongs_to :user
10
-
10
+
11
11
  end
@@ -1,6 +1,6 @@
1
1
  class CreateOauthConsumerTokens < ActiveRecord::Migration
2
2
  def self.up
3
-
3
+
4
4
  create_table :consumer_tokens do |t|
5
5
  t.integer :user_id
6
6
  t.string :type, :limit => 30
@@ -8,9 +8,9 @@ class CreateOauthConsumerTokens < ActiveRecord::Migration
8
8
  t.string :secret
9
9
  t.timestamps
10
10
  end
11
-
11
+
12
12
  add_index :consumer_tokens, :token, :unique => true
13
-
13
+
14
14
  end
15
15
 
16
16
  def self.down
@@ -22,7 +22,7 @@ class CreateOauthTables < ActiveRecord::Migration
22
22
  t.string :callback_url
23
23
  t.string :verifier, :limit => 20
24
24
  t.string :scope
25
- t.timestamp :authorized_at, :invalidated_at, :valid_to
25
+ t.timestamp :authorized_at, :invalidated_at, :expires_at
26
26
  t.timestamps
27
27
  end
28
28
 
@@ -28,7 +28,7 @@ class RequestToken < OauthToken
28
28
  "#{super}&oauth_callback_confirmed=true"
29
29
  end
30
30
  end
31
-
31
+
32
32
  def oob?
33
33
  callback_url.nil? || callback_url.downcase == 'oob'
34
34
  end
@@ -1,4 +1,4 @@
1
- %h1
1
+ %h1
2
2
  You are already Connected to
3
3
  =params[:id].humanize
4
4
  -form_tag oauth_consumer_path(params[:id]),:method=>:delete do
@@ -3,7 +3,7 @@ class ConsumerToken
3
3
  include Mongoid::Document
4
4
  include Mongoid::Timestamps
5
5
  include Oauth::Models::Consumers::Token
6
-
6
+
7
7
  # You can safely remove this callback if you don't allow login from any of your services
8
8
  before_create :create_user
9
9
 
@@ -13,22 +13,22 @@ class ConsumerToken
13
13
  index :token
14
14
 
15
15
  # Add the following to your user model:
16
- #
17
- # embeds_many :consumer_tokens
16
+ #
17
+ # embeds_many :consumer_tokens
18
18
  # index "consumer_tokens.token"
19
19
  #
20
20
  embedded_in :user, :inverse_of => :consumer_tokens
21
-
21
+
22
22
  def self.find_or_create_from_access_token(user,access_token)
23
23
  secret = access_token.respond_to?(:secret) ? access_token.secret : nil
24
-
24
+
25
25
  if user
26
26
  user.consumer_tokens.where(:_type=>self.to_s,:token=>access_token.token).first ||
27
27
  self.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>secret, :user=>user)
28
28
  else
29
29
  user = User.where("consumer_tokens._type"=>self.to_s,"consumer_tokens.token"=>access_token.token).first
30
30
  if user
31
- user.consumer_tokens.detect{|t| t.token==access_token.token && t.is_a?(self)}
31
+ user.consumer_tokens.detect{|t| t.token==access_token.token && t.is_a?(self)}
32
32
  else
33
33
  user = User.new
34
34
  self.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>secret, :user=>user)
@@ -9,7 +9,7 @@ class OauthToken
9
9
  field :scope, :type => String
10
10
  field :authorized_at, :type => Time
11
11
  field :invalidated_at, :type => Time
12
- field :valid_to, :type => Time
12
+ field :expires_at, :type => Time
13
13
 
14
14
  index :token, :unique => true
15
15
 
@@ -25,7 +25,7 @@ class RequestToken < OauthToken
25
25
  "#{super}&oauth_callback_confirmed=true"
26
26
  end
27
27
  end
28
-
28
+
29
29
  def oob?
30
30
  callback_url.nil? || callback_url.downcase == 'oob'
31
31
  end
@@ -3,19 +3,19 @@ require 'rails/generators/active_record'
3
3
 
4
4
  class OauthConsumerGenerator < Rails::Generators::Base
5
5
  source_root File.expand_path("../templates", __FILE__)
6
-
6
+
7
7
  hook_for :orm
8
-
8
+
9
9
  def copy_models
10
10
  template 'oauth_config.rb', File.join('config', 'initializers', 'oauth_consumers.rb')
11
11
  end
12
-
12
+
13
13
  def copy_controller
14
14
  template 'controller.rb', File.join('app', 'controllers', 'oauth_consumers_controller.rb')
15
15
  end
16
-
16
+
17
17
  hook_for :template_engine
18
-
18
+
19
19
  def add_route
20
20
  route <<-ROUTE.strip
21
21
  resources :oauth_consumers do
@@ -27,5 +27,5 @@ resources :oauth_consumers do
27
27
  end
28
28
  ROUTE
29
29
  end
30
-
30
+
31
31
  end
@@ -6,50 +6,50 @@ class OauthConsumersController < ApplicationController
6
6
  #
7
7
  # before_filter :authenticate_user!, :only=>:index
8
8
  before_filter :login_required, :only=>:index
9
-
9
+
10
10
  def index
11
11
  @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
12
12
  @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
13
13
  end
14
-
14
+
15
15
  def callback
16
16
  super
17
17
  end
18
-
18
+
19
19
  def client
20
20
  super
21
21
  end
22
-
23
-
22
+
23
+
24
24
  protected
25
-
25
+
26
26
  # Change this to decide where you want to redirect user to after callback is finished.
27
27
  # params[:id] holds the service name so you could use this to redirect to various parts
28
28
  # of your application depending on what service you're connecting to.
29
29
  def go_back
30
30
  redirect_to root_url
31
31
  end
32
-
32
+
33
33
  # The plugin requires logged_in? to return true or false if the user is logged in. Uncomment and
34
34
  # call your auth frameworks equivalent below if different. eg. for devise:
35
35
  #
36
36
  # def logged_in?
37
37
  # user_signed_in?
38
38
  # end
39
-
39
+
40
40
  # The plugin requires current_user to return the current logged in user. Uncomment and
41
41
  # call your auth frameworks equivalent below if different.
42
42
  # def current_user
43
43
  # current_person
44
44
  # end
45
45
 
46
- # The plugin requires a way to log a user in. Call your auth frameworks equivalent below
46
+ # The plugin requires a way to log a user in. Call your auth frameworks equivalent below
47
47
  # if different. eg. for devise:
48
48
  #
49
49
  # def current_user=(user)
50
50
  # sign_in(user)
51
51
  # end
52
-
52
+
53
53
  # Override this to deny the user or redirect to a login screen depending on your framework and app
54
54
  # if different. eg. for devise:
55
55
  #
@@ -53,15 +53,15 @@
53
53
  # :nu_bux=>{
54
54
  # :key=>"",
55
55
  # :secret=>"",
56
- # :super_class=>"OpenTransactToken", # if a OAuth service follows a particular standard
56
+ # :super_class=>"OpenTransactToken", # if a OAuth service follows a particular standard
57
57
  # # with a token implementation you can set the superclass
58
58
  # # to use
59
59
  # :options=>{ # OAuth::Consumer options
60
- # :site=>"http://nubux.heroku.com"
60
+ # :site=>"http://nubux.heroku.com"
61
61
  # }
62
62
  # }
63
63
  # }
64
- #
64
+ #
65
65
  OAUTH_CREDENTIALS={
66
66
  } unless defined? OAUTH_CREDENTIALS
67
67
 
@@ -11,11 +11,13 @@ else
11
11
  end
12
12
 
13
13
 
14
- module OAuth
15
- module Plugin
16
- class OAuthRailtie < Rails::Railtie
17
- initializer "oauth-plugin.configure_rails_initialization" do |app|
18
- ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
14
+ if Rails.version =~ /^3\./
15
+ module OAuth
16
+ module Plugin
17
+ class OAuthRailtie < Rails::Railtie
18
+ initializer "oauth-plugin.configure_rails_initialization" do |app|
19
+ ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
20
+ end
19
21
  end
20
22
  end
21
23
  end
@@ -1,5 +1,5 @@
1
1
  module Oauth
2
2
  module Plugin
3
- VERSION = "0.4.0.rc2"
3
+ VERSION = "0.4.0"
4
4
  end
5
5
  end
@@ -1,14 +1,14 @@
1
1
  module OAuth
2
2
  module Controllers
3
-
3
+
4
4
  module ApplicationControllerMethods
5
-
5
+
6
6
  def self.included(controller)
7
- controller.class_eval do
7
+ controller.class_eval do
8
8
  extend ClassMethods
9
9
  end
10
10
  end
11
-
11
+
12
12
  module ClassMethods
13
13
  def oauthenticate(options={})
14
14
  filter_options = {}
@@ -17,7 +17,7 @@ module OAuth
17
17
  before_filter Filter.new(options), filter_options
18
18
  end
19
19
  end
20
-
20
+
21
21
  class Filter
22
22
  def initialize(options={})
23
23
  @options={
@@ -27,19 +27,19 @@ module OAuth
27
27
  @strategies = Array(@options[:strategies])
28
28
  @strategies << :interactive if @options[:interactive]
29
29
  end
30
-
30
+
31
31
  def filter(controller)
32
32
  Authenticator.new(controller,@strategies).allow?
33
33
  end
34
34
  end
35
-
35
+
36
36
  class Authenticator
37
37
  attr_accessor :controller, :strategies, :strategy
38
38
  def initialize(controller,strategies)
39
39
  @controller = controller
40
40
  @strategies = strategies
41
41
  end
42
-
42
+
43
43
  def allow?
44
44
  if @strategies.include?(:interactive) && interactive
45
45
  true
@@ -47,7 +47,7 @@ module OAuth
47
47
  @controller.send :current_user=, token.user if token
48
48
  true
49
49
  else
50
- if @strategies.include?(:interactive)
50
+ if @strategies.include?(:interactive)
51
51
  controller.send :access_denied
52
52
  else
53
53
  controller.send :invalid_oauth_response
@@ -70,7 +70,7 @@ module OAuth
70
70
  def oauth10_access_token
71
71
  oauth10_token && oauth10_token.is_a?(::AccessToken) ? oauth10_token : nil
72
72
  end
73
-
73
+
74
74
  def token
75
75
  oauth20_token || oauth10_access_token || nil
76
76
  end
@@ -82,7 +82,7 @@ module OAuth
82
82
  def two_legged
83
83
  env["oauth.version"]==1 && client_application
84
84
  end
85
-
85
+
86
86
  def interactive
87
87
  @controller.send :logged_in?
88
88
  end
@@ -96,36 +96,36 @@ module OAuth
96
96
  end
97
97
 
98
98
  end
99
-
99
+
100
100
  protected
101
-
101
+
102
102
  def current_token
103
103
  request.env["oauth.token"]
104
104
  end
105
-
105
+
106
106
  def current_client_application
107
107
  request.env["oauth.version"]==1 && request.env["oauth.client_application"] || current_token.try(:client_application)
108
108
  end
109
-
109
+
110
110
  def oauth?
111
111
  current_token
112
112
  end
113
-
113
+
114
114
  # use in a before_filter. Note this is for compatibility purposes. Better to use oauthenticate now
115
115
  def oauth_required
116
116
  Authenticator.new(self,[:oauth10_access_token]).allow?
117
117
  end
118
-
118
+
119
119
  # use in before_filter. Note this is for compatibility purposes. Better to use oauthenticate now
120
120
  def login_or_oauth_required
121
121
  Authenticator.new(self,[:oauth10_access_token,:interactive]).allow?
122
122
  end
123
-
123
+
124
124
  def invalid_oauth_response(code=401,message="Invalid OAuth Request")
125
125
  render :text => message, :status => code
126
126
  false
127
127
  end
128
-
128
+
129
129
  # override this in your controller
130
130
  def access_denied
131
131
  head 401
@@ -2,27 +2,33 @@ module Oauth
2
2
  module Controllers
3
3
  module ConsumerController
4
4
  def self.included(controller)
5
- controller.class_eval do
5
+ controller.class_eval do
6
6
  before_filter :load_consumer, :except=>:index
7
7
  skip_before_filter :verify_authenticity_token,:only=>:callback
8
8
  end
9
9
  end
10
-
10
+
11
11
  def index
12
12
  @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
13
13
  # The services the user hasn't already connected to
14
14
  @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
15
15
  end
16
16
 
17
- # creates request token and redirects on to oauth provider's auth page
18
- # If user is already connected it displays a page with an option to disconnect and redo
17
+ # If the user has no token or <tt>force</tt> is set as a param, creates request token and
18
+ # redirects on to oauth provider's auth page. Otherwise it displays a page with an option
19
+ # to disconnect and redo
19
20
  def show
21
+ if @token && params[:force]
22
+ @token.destroy
23
+ @token = nil
24
+ end
25
+
20
26
  unless @token
21
27
  if @consumer.ancestors.include?(Oauth2Token)
22
- request_url = callback2_oauth_consumer_url(params[:id]) + '?' + request.query_string
28
+ request_url = callback2_oauth_consumer_url(params[:id]) + callback2_querystring
23
29
  redirect_to @consumer.authorize_url(request_url)
24
30
  else
25
- request_url = callback_oauth_consumer_url(params[:id]) + '?' + request.query_string
31
+ request_url = callback_oauth_consumer_url(params[:id]) + callback2_querystring
26
32
  @request_token = @consumer.get_request_token(request_url)
27
33
  session[@request_token.token]=@request_token.secret
28
34
  if @request_token.callback_confirmed?
@@ -34,6 +40,10 @@ module Oauth
34
40
  end
35
41
  end
36
42
 
43
+ def callback2_querystring
44
+ request.query_string.blank? ? '' : '?' + request.query_string
45
+ end
46
+
37
47
  def callback2
38
48
  @token = @consumer.access_token(current_user,params[:code], callback2_oauth_consumer_url(params[:id]))
39
49
  logger.info @token.inspect
@@ -42,7 +52,7 @@ module Oauth
42
52
  if logged_in?
43
53
  flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
44
54
  else
45
- self.current_user = @token.user
55
+ self.current_user = @token.user
46
56
  flash[:notice] = "You logged in with #{params[:id].humanize}"
47
57
  end
48
58
  go_back
@@ -64,7 +74,7 @@ module Oauth
64
74
  if logged_in?
65
75
  flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
66
76
  else
67
- self.current_user = @token.user
77
+ self.current_user = @token.user
68
78
  flash[:notice] = "You logged in with #{params[:id].humanize}"
69
79
  end
70
80
  go_back
@@ -103,38 +113,38 @@ module Oauth
103
113
  redirect_to oauth_consumer_url(params[:id])
104
114
  else
105
115
  flash[:notice] = "#{params[:id].humanize} was successfully disconnected from your account"
106
-
116
+
107
117
  go_back
108
118
  end
109
119
  end
110
120
 
111
121
  protected
112
-
122
+
113
123
  # Override this in your controller to decide where you want to redirect user to after callback is finished.
114
124
  def go_back
115
125
  redirect_to root_url
116
126
  end
117
-
127
+
118
128
  def consumer_credentials
119
129
  OAUTH_CREDENTIALS[consumer_key]
120
130
  end
121
-
131
+
122
132
  def consumer_key
123
133
  @consumer_key ||= params[:id].to_sym
124
134
  end
125
-
135
+
126
136
  def load_consumer
127
137
  throw RecordNotFound unless OAUTH_CREDENTIALS.include?(consumer_key)
128
138
  deny_access! unless logged_in? || consumer_credentials[:allow_login]
129
139
  @consumer="#{consumer_key.to_s.camelcase}Token".constantize
130
140
  @token=@consumer.find(:first, :conditions=>{:user_id=>current_user.id.to_s}) if logged_in?
131
141
  end
132
-
142
+
133
143
  # Override this in you controller to deny user or redirect to login screen.
134
144
  def deny_access!
135
145
  head 401
136
146
  end
137
-
147
+
138
148
  end
139
149
  end
140
150
  end