RubyGems - oauth-plugin - Versions diffs - 0.4.0.rc2 → 0.4.0 - Mend

oauth-plugin 0.4.0.rc2 → 0.4.0

Files changed (60) hide show

data/generators/oauth_provider/templates/request_token.rb CHANGED

@@ -1,7 +1,7 @@
 class RequestToken < OauthToken
   attr_accessor :provided_oauth_verifier
   def authorize!(user)
     return false if authorized?
     self.user = user
@@ -9,18 +9,18 @@ class RequestToken < OauthToken
     self.verifier=OAuth::Helper.generate_key(20)[0,20] unless oauth10?
     self.save
   end
   def exchange!
     return false unless authorized?
     return false unless oauth10? || verifier==provided_oauth_verifier
     RequestToken.transaction do
       access_token = AccessToken.create(:user => user, :client_application => client_application)
       invalidate!
       access_token
     end
   end
   def to_query
     if oauth10?
       super
@@ -28,11 +28,11 @@ class RequestToken < OauthToken
       "#{super}&oauth_callback_confirmed=true"
     end
   end
   def oob?
     callback_url.nil? || callback_url.downcase == 'oob'
   end
   def oauth10?
     (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
   end

data/generators/oauth_provider/templates/show.html.haml CHANGED

@@ -1,12 +1,12 @@
-%h1
-  OAuth details for
+%h1
+  OAuth details for
   =@client_application.name
 %p
   %strong Consumer Key:
   %code=@client_application.key
 %p
   %strong Consumer Secret:
-  %code=@client_application.secret
+  %code=@client_application.secret
 %p
   %strong Request Token URL

data/init.rb CHANGED

	@@ -1 +1 @@
1	- require File.dirname(__FILE__) + "/rails/init"
1	+ require File.dirname(__FILE__) + "/rails/init"

data/lib/generators/active_record/oauth_consumer_templates/consumer_token.rb CHANGED

@@ -1,11 +1,11 @@
 require 'oauth/models/consumers/token'
 class ConsumerToken < ActiveRecord::Base
   include Oauth::Models::Consumers::Token
   # You can safely remove this callback if you don't allow login from any of your services
   before_create :create_user
   # Modify this with class_name etc to match your application
   belongs_to :user
 end

data/lib/generators/active_record/oauth_consumer_templates/migration.rb CHANGED

@@ -1,6 +1,6 @@
 class CreateOauthConsumerTokens < ActiveRecord::Migration
   def self.up
     create_table :consumer_tokens do |t|
       t.integer :user_id
       t.string :type, :limit => 30
@@ -8,9 +8,9 @@ class CreateOauthConsumerTokens < ActiveRecord::Migration
       t.string :secret
       t.timestamps
     end
     add_index :consumer_tokens, :token, :unique => true
   end
   def self.down

data/lib/generators/active_record/oauth_provider_templates/migration.rb CHANGED

@@ -22,7 +22,7 @@ class CreateOauthTables < ActiveRecord::Migration
       t.string :callback_url
       t.string :verifier, :limit => 20
       t.string :scope
-      t.timestamp :authorized_at, :invalidated_at, :valid_to
+      t.timestamp :authorized_at, :invalidated_at, :expires_at
       t.timestamps
     end

data/lib/generators/active_record/oauth_provider_templates/request_token.rb CHANGED

@@ -28,7 +28,7 @@ class RequestToken < OauthToken
       "#{super}&oauth_callback_confirmed=true"
     end
   end
   def oob?
     callback_url.nil? || callback_url.downcase == 'oob'
   end

data/lib/generators/haml/oauth_consumer_templates/show.html.haml CHANGED

@@ -1,4 +1,4 @@
-%h1
+%h1
   You are already Connected to
   =params[:id].humanize
 -form_tag oauth_consumer_path(params[:id]),:method=>:delete do

data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb CHANGED

@@ -3,7 +3,7 @@ class ConsumerToken
   include Mongoid::Document
   include Mongoid::Timestamps
   include Oauth::Models::Consumers::Token
   # You can safely remove this callback if you don't allow login from any of your services
   before_create :create_user
@@ -13,22 +13,22 @@ class ConsumerToken
   index :token
   # Add the following to your user model:
-  #
-  #   embeds_many :consumer_tokens
+  #
+  #   embeds_many :consumer_tokens
   #   index "consumer_tokens.token"
   #
   embedded_in :user, :inverse_of => :consumer_tokens
   def self.find_or_create_from_access_token(user,access_token)
     secret = access_token.respond_to?(:secret) ? access_token.secret : nil
     if user
       user.consumer_tokens.where(:_type=>self.to_s,:token=>access_token.token).first ||
         self.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>secret, :user=>user)
     else
       user = User.where("consumer_tokens._type"=>self.to_s,"consumer_tokens.token"=>access_token.token).first
       if user
-        user.consumer_tokens.detect{|t| t.token==access_token.token && t.is_a?(self)}
+        user.consumer_tokens.detect{|t| t.token==access_token.token && t.is_a?(self)}
       else
         user = User.new
         self.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>secret, :user=>user)

data/lib/generators/mongoid/oauth_provider_templates/oauth_token.rb CHANGED

@@ -9,7 +9,7 @@ class OauthToken
   field :scope, :type => String
   field :authorized_at, :type => Time
   field :invalidated_at, :type => Time
-  field :valid_to, :type => Time
+  field :expires_at, :type => Time
   index :token, :unique => true

data/lib/generators/mongoid/oauth_provider_templates/request_token.rb CHANGED

@@ -25,7 +25,7 @@ class RequestToken < OauthToken
       "#{super}&oauth_callback_confirmed=true"
     end
   end
   def oob?
     callback_url.nil? || callback_url.downcase == 'oob'
   end

data/lib/generators/oauth_consumer/oauth_consumer_generator.rb CHANGED

@@ -3,19 +3,19 @@ require 'rails/generators/active_record'
 class OauthConsumerGenerator < Rails::Generators::Base
   source_root File.expand_path("../templates", __FILE__)
   hook_for :orm
   def copy_models
     template 'oauth_config.rb',   File.join('config', 'initializers', 'oauth_consumers.rb')
   end
   def copy_controller
     template 'controller.rb', File.join('app', 'controllers', 'oauth_consumers_controller.rb')
   end
   hook_for :template_engine
   def add_route
     route <<-ROUTE.strip
 resources :oauth_consumers do
@@ -27,5 +27,5 @@ resources :oauth_consumers do
   end
 ROUTE
   end
 end

data/lib/generators/oauth_consumer/templates/controller.rb CHANGED

@@ -6,50 +6,50 @@ class OauthConsumersController < ApplicationController
   #
   #   before_filter :authenticate_user!, :only=>:index
   before_filter :login_required, :only=>:index
   def index
     @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
     @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
   end
   def callback
   	super
   end
   def client
     super
   end
   protected
   # Change this to decide where you want to redirect user to after callback is finished.
   # params[:id] holds the service name so you could use this to redirect to various parts
   # of your application depending on what service you're connecting to.
   def go_back
     redirect_to root_url
   end
   # The plugin requires logged_in? to return true or false if the user is logged in. Uncomment and
   # call your auth frameworks equivalent below if different. eg. for devise:
   #
   # def logged_in?
   #   user_signed_in?
   # end
   # The plugin requires current_user to return the current logged in user. Uncomment and
   # call your auth frameworks equivalent below if different.
   # def current_user
   #   current_person
   # end
-  # The plugin requires a way to log a user in. Call your auth frameworks equivalent below
+  # The plugin requires a way to log a user in. Call your auth frameworks equivalent below
   # if different. eg. for devise:
   #
   # def current_user=(user)
   #   sign_in(user)
   # end
   # Override this to deny the user or redirect to a login screen depending on your framework and app
   # if different. eg. for devise:
   #

data/lib/generators/oauth_consumer/templates/oauth_config.rb CHANGED

@@ -53,15 +53,15 @@
 #   :nu_bux=>{
 #     :key=>"",
 #     :secret=>"",
-#     :super_class=>"OpenTransactToken",  # if a OAuth service follows a particular standard
+#     :super_class=>"OpenTransactToken",  # if a OAuth service follows a particular standard
 #                                         # with a token implementation you can set the superclass
 #                                         # to use
 #     :options=>{ # OAuth::Consumer options
-#       :site=>"http://nubux.heroku.com"
+#       :site=>"http://nubux.heroku.com"
 #     }
 #   }
 # }
-#
+#
 OAUTH_CREDENTIALS={
 } unless defined? OAUTH_CREDENTIALS

data/lib/oauth-plugin.rb CHANGED

@@ -11,11 +11,13 @@ else
 end
-module OAuth
-  module Plugin
-    class OAuthRailtie < Rails::Railtie
-      initializer "oauth-plugin.configure_rails_initialization" do |app|
-        ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
+if Rails.version =~ /^3\./
+  module OAuth
+    module Plugin
+      class OAuthRailtie < Rails::Railtie
+        initializer "oauth-plugin.configure_rails_initialization" do |app|
+          ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
+        end
       end
     end
   end

data/lib/oauth-plugin/version.rb CHANGED

@@ -1,5 +1,5 @@
 module Oauth
   module Plugin
-    VERSION = "0.4.0.rc2"
+    VERSION = "0.4.0"
   end
 end

data/lib/oauth/controllers/application_controller_methods.rb CHANGED

@@ -1,14 +1,14 @@
 module OAuth
   module Controllers
     module ApplicationControllerMethods
       def self.included(controller)
-        controller.class_eval do
+        controller.class_eval do
           extend ClassMethods
         end
       end
       module ClassMethods
         def oauthenticate(options={})
           filter_options = {}
@@ -17,7 +17,7 @@ module OAuth
           before_filter Filter.new(options), filter_options
         end
       end
       class Filter
         def initialize(options={})
           @options={
@@ -27,19 +27,19 @@ module OAuth
           @strategies = Array(@options[:strategies])
           @strategies << :interactive if @options[:interactive]
         end
         def filter(controller)
           Authenticator.new(controller,@strategies).allow?
         end
       end
       class Authenticator
         attr_accessor :controller, :strategies, :strategy
         def initialize(controller,strategies)
           @controller = controller
           @strategies = strategies
         end
         def allow?
           if @strategies.include?(:interactive) && interactive
             true
@@ -47,7 +47,7 @@ module OAuth
             @controller.send :current_user=, token.user if token
             true
           else
-            if @strategies.include?(:interactive)
+            if @strategies.include?(:interactive)
               controller.send :access_denied
             else
               controller.send :invalid_oauth_response
@@ -70,7 +70,7 @@ module OAuth
         def oauth10_access_token
           oauth10_token && oauth10_token.is_a?(::AccessToken) ? oauth10_token : nil
         end
         def token
           oauth20_token || oauth10_access_token || nil
         end
@@ -82,7 +82,7 @@ module OAuth
         def two_legged
            env["oauth.version"]==1 && client_application
         end
         def interactive
           @controller.send :logged_in?
         end
@@ -96,36 +96,36 @@ module OAuth
         end
       end
       protected
       def current_token
         request.env["oauth.token"]
       end
       def current_client_application
         request.env["oauth.version"]==1 && request.env["oauth.client_application"] || current_token.try(:client_application)
       end
       def oauth?
         current_token
       end
       # use in a before_filter. Note this is for compatibility purposes. Better to use oauthenticate now
       def oauth_required
         Authenticator.new(self,[:oauth10_access_token]).allow?
       end
       # use in before_filter. Note this is for compatibility purposes. Better to use oauthenticate now
       def login_or_oauth_required
         Authenticator.new(self,[:oauth10_access_token,:interactive]).allow?
       end
       def invalid_oauth_response(code=401,message="Invalid OAuth Request")
         render :text => message, :status => code
         false
       end
       # override this in your controller
       def access_denied
         head 401

data/lib/oauth/controllers/consumer_controller.rb CHANGED

@@ -2,27 +2,33 @@ module Oauth
   module Controllers
     module ConsumerController
       def self.included(controller)
-        controller.class_eval do
+        controller.class_eval do
           before_filter :load_consumer, :except=>:index
           skip_before_filter :verify_authenticity_token,:only=>:callback
         end
       end
       def index
         @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
         # The services the user hasn't already connected to
         @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
       end
-      # creates request token and redirects on to oauth provider's auth page
-      # If user is already connected it displays a page with an option to disconnect and redo
+      # If the user has no token or <tt>force</tt> is set as a param, creates request token and
+      # redirects on to oauth provider's auth page.  Otherwise it displays a page with an option
+      # to disconnect and redo
       def show
+        if @token && params[:force]
+          @token.destroy
+          @token = nil
+        end
         unless @token
           if @consumer.ancestors.include?(Oauth2Token)
-            request_url = callback2_oauth_consumer_url(params[:id]) + '?' + request.query_string
+            request_url = callback2_oauth_consumer_url(params[:id]) + callback2_querystring
             redirect_to @consumer.authorize_url(request_url)
           else
-            request_url = callback_oauth_consumer_url(params[:id]) + '?' + request.query_string
+            request_url = callback_oauth_consumer_url(params[:id]) + callback2_querystring
             @request_token = @consumer.get_request_token(request_url)
             session[@request_token.token]=@request_token.secret
             if @request_token.callback_confirmed?
@@ -34,6 +40,10 @@ module Oauth
         end
       end
+      def callback2_querystring
+        request.query_string.blank? ? '' : '?' + request.query_string
+      end
       def callback2
         @token = @consumer.access_token(current_user,params[:code], callback2_oauth_consumer_url(params[:id]))
         logger.info @token.inspect
@@ -42,7 +52,7 @@ module Oauth
           if logged_in?
             flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
           else
-            self.current_user = @token.user
+            self.current_user = @token.user
             flash[:notice] = "You logged in with #{params[:id].humanize}"
           end
           go_back
@@ -64,7 +74,7 @@ module Oauth
             if logged_in?
               flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
             else
-              self.current_user = @token.user
+              self.current_user = @token.user
               flash[:notice] = "You logged in with #{params[:id].humanize}"
             end
             go_back
@@ -103,38 +113,38 @@ module Oauth
           redirect_to oauth_consumer_url(params[:id])
         else
           flash[:notice] = "#{params[:id].humanize} was successfully disconnected from your account"
           go_back
         end
       end
       protected
       # Override this in your controller to decide where you want to redirect user to after callback is finished.
       def go_back
         redirect_to root_url
       end
       def consumer_credentials
         OAUTH_CREDENTIALS[consumer_key]
       end
       def consumer_key
         @consumer_key ||= params[:id].to_sym
       end
       def load_consumer
         throw RecordNotFound unless OAUTH_CREDENTIALS.include?(consumer_key)
         deny_access! unless logged_in? || consumer_credentials[:allow_login]
         @consumer="#{consumer_key.to_s.camelcase}Token".constantize
         @token=@consumer.find(:first, :conditions=>{:user_id=>current_user.id.to_s}) if logged_in?
       end
       # Override this in you controller to deny user or redirect to login screen.
       def deny_access!
         head 401
       end
     end
   end
 end