RubyGems - oauth-plugin - Versions diffs - 0.4.0.pre4 → 0.4.0.pre5 - Mend

oauth-plugin 0.4.0.pre4 → 0.4.0.pre5

Files changed (43) hide show

data/.gitignore CHANGED Viewed

@@ -6,3 +6,5 @@ pkg
 *.gem
 .bundle
 .swp
+.idea
+.rvmrc

data/CHANGELOG CHANGED Viewed

@@ -1,3 +1,14 @@
+0.4.0-pre5
+  - protect oauth consumer relay with :expose configuration option. It's off by default. [pelle]
+  - Reenable twitter client. It is now configurable for twitter tokens. :client=>:twitter_gem or :oauth_gem [pelle]
+  - fix issues with new consumer tokens [afeld]
+  - More forgiving about oob callback values[chrisrhoden]
+  - Update Twitter consumer to use latest Twitter Gem [afeld]
+  - removed portable_contacts client from Google Token [p8]
+  - Fixes various mongoid issues [3en]
+  - Adds oauth2 consumer support
+  - Fixes oauth2 provider. parameter should be redirect_uri not redirect_url [Kimtaro]
+  - Most core OAuth functionality is being put into OAuthFilter. This means Rails 2.3 and above only
   0.4.0-pre4
   - Fixed bug when creating a new user from a new consumer token
   - Fix typo in consumer token [krasio]

data/Gemfile.lock ADDED Viewed

@@ -0,0 +1,66 @@
+PATH
+  remote: .
+  specs:
+    oauth-plugin (0.4.0.pre5)
+      multi_json
+      oauth (~> 0.4.4)
+      oauth2
+      rack
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.2.6)
+    diff-lcs (1.1.2)
+    fakeweb (1.3.0)
+    faraday (0.6.1)
+      addressable (~> 2.2.4)
+      multipart-post (~> 1.1.0)
+      rack (>= 1.1.0, < 2)
+    fuubar (0.0.5)
+      rspec (~> 2.0)
+      rspec-instafail (~> 0.1.4)
+      ruby-progressbar (~> 0.0.10)
+    growl (1.0.3)
+    guard (0.3.4)
+      thor (~> 0.14.6)
+    guard-rspec (0.3.1)
+      guard (>= 0.2.2)
+    multi_json (1.0.3)
+    multi_xml (0.2.2)
+    multipart-post (1.1.2)
+    oauth (0.4.4)
+    oauth2 (0.4.1)
+      faraday (~> 0.6.1)
+      multi_json (>= 0.0.5)
+    opentransact (0.1.2)
+      multi_json
+      multi_xml
+      oauth (~> 0.4.4)
+    rack (1.3.0)
+    rack-test (0.6.0)
+      rack (>= 1.0)
+    rspec (2.4.0)
+      rspec-core (~> 2.4.0)
+      rspec-expectations (~> 2.4.0)
+      rspec-mocks (~> 2.4.0)
+    rspec-core (2.4.0)
+    rspec-expectations (2.4.0)
+      diff-lcs (~> 1.1.2)
+    rspec-instafail (0.1.7)
+    rspec-mocks (2.4.0)
+    ruby-progressbar (0.0.10)
+    thor (0.14.6)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  fakeweb
+  fuubar
+  growl
+  guard-rspec
+  oauth-plugin!
+  opentransact
+  rack-test
+  rspec (~> 2.4.0)

data/Guardfile ADDED Viewed

@@ -0,0 +1,8 @@
+# A sample Guardfile
+# More info at http://github.com/guard/guard#readme
+guard 'rspec', :version => 2 do
+  watch('^spec/(.*)_spec.rb')
+  watch('^lib/oauth/(.*)\.rb')                              { |m| "spec/#{m[1]}_spec.rb" }
+  watch('^spec/spec_helper.rb')                       { "spec" }
+end

data/README.rdoc CHANGED Viewed

@@ -67,6 +67,14 @@ This generates OAuth and OAuth client controllers as well as the required models
 It requires an authentication framework such as acts_as_authenticated, restful_authentication or restful_open_id_authentication. It also requires Rails 2.0.
+=== INSTALL RACK FILTER (NEW)
+A big change over previous versions is that we now use a rack filter. You have to install this in your application.rb file:
+  require 'oauth/rack/oauth_filter'
+  config.middleware.use OAuth::Rack::OAuthFilter
 === Generator Options
 The generator supports the defaults you have created in your application.rb file. eg:
@@ -325,11 +333,14 @@ Add entries to OAUTH_CREDENTIALS for all OAuth Applications you wish to connect
   OAUTH_CREDENTIALS={
     :twitter=>{
       :key=>"key",
-      :secret=>"secret"
+      :secret=>"secret",
+      :client=>:twitter_gem, # :twitter_gem or :oauth_gem (defaults to :twitter_gem)
+      :expose => false, # set to true to expose client via the web
     },
     :agree2=>{
       :key=>"key",
-      :secret=>"secret"
+      :secret=>"secret",
+      :expose => false, # set to true to expose client via the web
     },
     :hour_feed=>{
       :key=>"",
@@ -370,6 +381,10 @@ And you could do:
 The client method gives you a OAuth::AccessToken which you can use to perform rest operations on the client site - see http://oauth.rubyforge.org/rdoc/classes/OAuth/AccessToken.html
+If you are using Mongoid you want to add an embeds_many association in your user model:
+  embeds_many :consumer_tokens
 === Custom ConsumerToken models
 Before creating the FireEagleToken model the plugin checks if a class already exists by that name or if we provide an api wrapper for it. This allows you to create a better token model that uses an existing ruby gem.
@@ -391,9 +406,33 @@ To connect a user to an external service link or redirect them to:
 Where SERVICE_NAME is the name you set in the OAUTH_CREDENTIALS hash. This will request the request token and redirect the user to the services authorization screen. When the user accepts the get redirected back to:
   /oauth_consumers/[SERVICE_NAME]/callback
 You can specify this url to the service you're calling when you register, but it will automatically be sent along anyway.
+=== Expose client
+This is designed to let your local javascript apps access remote OAuth apis. You have to specifically enable this by adding the expose flag to your oauth config file. eg:
+  OAUTH_CREDENTIALS={
+    :twitter=>{
+      :key=>"key",
+      :secret=>"secret",
+      :client=>:oauth_gem, # :twitter_gem or :oauth_gem (defaults to :twitter_gem)
+      :expose => true      # set to true to expose client via the web
+    }
+Once the user has authorized your application, you can access the client APIs via:
+  /oauth_consumers/[SERVICE_NAME]/client/[ENDPOINT]
+For example to get the user's Google Calendars in JSON (documented in their API as "https://www.google.com/calendar/feeds/default?alt=jsonc"), you would append that path as the ENDPOINT above, i.e.
+  /oauth_consumers/google/client/calendar/feeds/default?alt=jsonc
+As another example, to get my Twitter info as XML (available at "https://api.twitter.com/1/users/show.xml?screen_name=pelleb"), use:
+  /oauth_consumers/twitter/client/1/users/show.xml?screen_name=pelleb
 === Migrate database
 The database is defined in:
@@ -404,6 +443,13 @@ Run them as any other normal migration in rails with:
   rake db:migrate
+== Contribute and earn OAuth Karma
+Anyone who has a commit accepted into the official oauth-plugin git repo is awarded OAuthKarma:
+https://picomoney.com/oauth-karma/accounts
 == More
 The Mailing List for all things OAuth in Ruby is:
@@ -418,4 +464,4 @@ The OAuth Ruby Gem home page is http://oauth.rubyforge.org
 Please help documentation, patches and testing.
-Copyright (c) 2007-2010 Pelle Braendgaard and contributors, released under the MIT license
+Copyright (c) 2007-2011 Pelle Braendgaard and contributors, released under the MIT license

data/generators/oauth_consumer/templates/controller.rb CHANGED Viewed

@@ -7,6 +7,14 @@ class OauthConsumersController < ApplicationController
     @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
   end
+  def callback
+    super
+  end
+  def client
+    super
+  end
   protected
   # Change this to decide where you want to redirect user to after callback is finished.

data/generators/oauth_consumer/templates/oauth_config.rb CHANGED Viewed

@@ -6,13 +6,27 @@
 # OAUTH_CREDENTIALS={
 #   :twitter=>{
 #     :key=>"",
-#     :secret=>""
+#     :secret=>"",
+#     :client=>:twitter_gem, # :twitter_gem or :oauth_gem (defaults to :twitter_gem)
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
+#     :allow_login => true # Use :allow_login => true to allow user to login to account
 #   },
 #   :google=>{
 #     :key=>"",
 #     :secret=>"",
+#     :expose => false, # expose client at /oauth_consumers/google/client see docs
 #     :scope=>"" # see http://code.google.com/apis/gdata/faq.html#AuthScopes
 #   },
+#   :github=>{
+#     :key => "",
+#     :secret => "",
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
+#
+#   },
+#   :facebook=>{
+#     :key => "",
+#     :secret => ""
+#   },
 #   :agree2=>{
 #     :key=>"",
 #     :secret=>""
@@ -21,6 +35,14 @@
 #     :key=>"",
 #     :secret=>""
 #   },
+#   :oauth2_server => {
+#      :key=>"",
+#      :secret=>"",
+#      :oauth_version => 2
+#      :options=>{ # OAuth::Consumer options
+#        :site=>"http://hourfeed.com" # Remember to add a site for a generic OAuth site
+#      }
+#   },
 #   :hour_feed=>{
 #     :key=>"",
 #     :secret=>"",

data/generators/oauth_provider/oauth_provider_generator.rb CHANGED Viewed

@@ -73,8 +73,6 @@ class OauthProviderGenerator < Rails::Generator::Base
         m.template 'client_applications.yml',File.join('spec/fixtures',"client_applications.yml")
         m.template 'oauth_tokens.yml',    File.join('spec/fixtures',"oauth_tokens.yml")
         m.template 'oauth_nonces.yml',    File.join('spec/fixtures',"oauth_nonces.yml")
-        m.template 'controller_spec_helper.rb', File.join('spec/controllers', controller_class_path,"#{controller_file_name}_controller_spec_helper.rb")
-        m.template 'controller_spec.rb',File.join('spec/controllers',controller_class_path,"#{controller_file_name}_controller_spec.rb")
         m.template 'clients_controller_spec.rb',File.join('spec/controllers',controller_class_path,"#{controller_file_name}_clients_controller_spec.rb")
       else
         m.directory File.join('test')
@@ -87,8 +85,6 @@ class OauthProviderGenerator < Rails::Generator::Base
         m.template 'client_applications.yml',File.join('test/fixtures',"client_applications.yml")
         m.template 'oauth_tokens.yml',    File.join('test/fixtures',"oauth_tokens.yml")
         m.template 'oauth_nonces.yml',    File.join('test/fixtures',"oauth_nonces.yml")
-        m.template 'controller_test_helper.rb', File.join('test', controller_class_path,"#{controller_file_name}_controller_test_helper.rb")
-        m.template 'controller_test.rb',File.join('test/functional',controller_class_path,"#{controller_file_name}_controller_test.rb")
         m.template 'clients_controller_test.rb',File.join('test/functional',controller_class_path,"#{controller_file_name}_clients_controller_test.rb")
       end

data/generators/oauth_provider/templates/oauth2_authorize.html.erb CHANGED Viewed

@@ -3,7 +3,7 @@
 <%% form_tag authorize_url do %>
   <%%= hidden_field_tag "response_type", params[:response_type]%>
   <%%= hidden_field_tag "client_id", params[:client_id]%>
-  <%%= hidden_field_tag "redirect_url", params[:redirect_url]%>
+  <%%= hidden_field_tag "redirect_uri", params[:redirect_uri]%>
   <%%= hidden_field_tag "state", params[:state]%>
   <%%= hidden_field_tag "scope", params[:scope]%>
@@ -13,4 +13,4 @@
 <p>
   <%%= submit_tag %>
 </p>
-<%% end %>
+<%% end %>

data/generators/oauth_provider/templates/oauth2_authorize.html.haml CHANGED Viewed

@@ -8,7 +8,7 @@
 - form_tag authorize_url do
   = hidden_field_tag "response_type", params[:response_type]
   = hidden_field_tag "client_id", params[:client_id]
-  = hidden_field_tag "redirect_url", params[:redirect_url]
+  = hidden_field_tag "redirect_uri", params[:redirect_uri]
   = hidden_field_tag "state", params[:state]
   = hidden_field_tag "scope", params[:scope]
   = check_box_tag 'authorize'

data/generators/oauth_provider/templates/request_token.rb CHANGED Viewed

@@ -30,11 +30,11 @@ class RequestToken < OauthToken
   end
   def oob?
-    self.callback_url=='oob'
+    callback_url.nil? || callback_url.downcase == 'oob'
   end
   def oauth10?
     (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
   end
-end
+end

data/lib/generators/active_record/oauth_provider_templates/request_token.rb CHANGED Viewed

@@ -28,9 +28,9 @@ class RequestToken < OauthToken
       "#{super}&oauth_callback_confirmed=true"
     end
   end
   def oob?
-    self.callback_url=='oob'
+    callback_url.nil? || callback_url.downcase == 'oob'
   end
   def oauth10?

data/lib/generators/erb/oauth_provider_templates/oauth2_authorize.html.erb CHANGED Viewed

@@ -3,7 +3,7 @@
 <%% form_tag authorize_url do %>
   <%%= hidden_field_tag "response_type", params[:response_type]%>
   <%%= hidden_field_tag "client_id", params[:client_id]%>
-  <%%= hidden_field_tag "redirect_url", params[:redirect_url]%>
+  <%%= hidden_field_tag "redirect_uri", params[:redirect_uri]%>
   <%%= hidden_field_tag "state", params[:state]%>
   <%%= hidden_field_tag "scope", params[:scope]%>

data/lib/generators/haml/oauth_provider_templates/oauth2_authorize.html.haml CHANGED Viewed

@@ -8,7 +8,7 @@
 - form_tag authorize_url do
   = hidden_field_tag "response_type", params[:response_type]
   = hidden_field_tag "client_id", params[:client_id]
-  = hidden_field_tag "redirect_url", params[:redirect_url]
+  = hidden_field_tag "redirect_uri", params[:redirect_uri]
   = hidden_field_tag "state", params[:state]
   = hidden_field_tag "scope", params[:scope]
   = check_box_tag 'authorize'

data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb CHANGED Viewed

@@ -18,20 +18,22 @@ class ConsumerToken
   #   index "consumer_tokens.token"
   #
   embedded_in :user, :inverse_of => :consumer_tokens
   def self.find_or_create_from_access_token(user,access_token)
+    secret = access_token.respond_to?(:secret) ? access_token.secret : nil
     if user
-      user.consumer_tokens.first(:conditions=>{:_type=>self.to_s,:token=>access_token.token}) ||
-        user.consumer_tokens.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>access_token.secret)
+      user.consumer_tokens.where(:_type=>self.to_s,:token=>access_token.token).first ||
+        self.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>secret, :user=>user)
     else
-      # Is there a better way of doing this in mongoid?
-      # Please submit a patch
-      user = User.first(:conditions=>{:_type=>self.to_s,"consumer_tokens.token"=>access_token.token})
+      user = User.where("consumer_tokens._type"=>self.to_s,"consumer_tokens.token"=>access_token.token).first
       if user
         user.consumer_tokens.detect{|t| t.token==access_token.token && t.is_a?(self)}
       else
-        user = User.create
-        user.consumer_tokens.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>access_token.secret)
+        user = User.new
+        self.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>secret, :user=>user)
+        user.save!
+        user.consumer_tokens.last
       end
     end
   end

data/lib/generators/mongoid/oauth_provider_templates/request_token.rb CHANGED Viewed

@@ -25,9 +25,9 @@ class RequestToken < OauthToken
       "#{super}&oauth_callback_confirmed=true"
     end
   end
   def oob?
-    self.callback_url == 'oob'
+    callback_url.nil? || callback_url.downcase == 'oob'
   end
   def oauth10?

data/lib/generators/oauth_consumer/oauth_consumer_generator.rb CHANGED Viewed

@@ -19,7 +19,11 @@ class OauthConsumerGenerator < Rails::Generators::Base
   def add_route
     route <<-ROUTE.strip
 resources :oauth_consumers do
-    get :callback, :on => :member
+    member do
+      get :callback
+      get :callback2
+      match 'client/*endpoint' => 'oauth_consumers#client'
+    end
   end
 ROUTE
   end

data/lib/generators/oauth_consumer/templates/controller.rb CHANGED Viewed

@@ -12,6 +12,15 @@ class OauthConsumersController < ApplicationController
     @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
   end
+  def callback
+  	super
+  end
+  def client
+    super
+  end
   protected
   # Change this to decide where you want to redirect user to after callback is finished.

data/lib/generators/oauth_consumer/templates/oauth_config.rb CHANGED Viewed

@@ -7,13 +7,26 @@
 #   :twitter=>{
 #     :key=>"",
 #     :secret=>"",
+#     :client=>:twitter_gem, # :twitter_gem or :oauth_gem (defaults to :twitter_gem)
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
 #     :allow_login => true # Use :allow_login => true to allow user to login to account
 #   },
 #   :google=>{
 #     :key=>"",
 #     :secret=>"",
+#     :expose => false, # expose client at /oauth_consumers/google/client see docs
 #     :scope=>"" # see http://code.google.com/apis/gdata/faq.html#AuthScopes
 #   },
+#   :github=>{
+#     :key => "",
+#     :secret => "",
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
+#
+#   },
+#   :facebook=>{
+#     :key => "",
+#     :secret => ""
+#   },
 #   :agree2=>{
 #     :key=>"",
 #     :secret=>""
@@ -22,6 +35,14 @@
 #     :key=>"",
 #     :secret=>""
 #   },
+#   :oauth2_server => {
+#      :key=>"",
+#      :secret=>"",
+#      :oauth_version => 2
+#      :options=>{ # OAuth::Consumer options
+#        :site=>"http://hourfeed.com" # Remember to add a site for a generic OAuth site
+#      }
+#   },
 #   :hour_feed=>{
 #     :key=>"",
 #     :secret=>"",