oauth2-auth-server 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/.gitignore ADDED
@@ -0,0 +1,5 @@
1
+ *.gem
2
+ .bundle
3
+ Gemfile.lock
4
+ pkg/*
5
+ vendor
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --color
2
+ --format documentation
data/.travis.yml ADDED
@@ -0,0 +1,3 @@
1
+ language: ruby
2
+ rvm:
3
+ - 1.9.2
data/Gemfile ADDED
@@ -0,0 +1,10 @@
1
+ source "http://rubygems.org"
2
+
3
+ gem 'rails', '~> 3.0.10'
4
+
5
+ group :test, :development do
6
+ gem 'rspec', '~> 2.8.0'
7
+ end
8
+
9
+ # Specify your gem's dependencies in oauth2-auth-server.gemspec
10
+ gemspec
data/README.md ADDED
@@ -0,0 +1,3 @@
1
+ # Oauth2::Auth::Server
2
+
3
+ [![Build Status](https://secure.travis-ci.org/renatosnrg/oauth2-auth-server.png?branch=master)](http://travis-ci.org/renatosnrg/oauth2-auth-server)
data/Rakefile ADDED
@@ -0,0 +1,6 @@
1
+ require 'bundler/gem_tasks'
2
+ require 'rspec/core/rake_task'
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task :default => :spec
@@ -0,0 +1,41 @@
1
+ require 'rack/oauth2'
2
+
3
+ require 'oauth2-auth-server/version'
4
+ require 'oauth2-auth-server/schema'
5
+ require 'oauth2-auth-server/routes'
6
+
7
+ module Oauth2
8
+ module Auth
9
+ module Server
10
+ autoload :SecureToken, 'oauth2-auth-server/secure_token'
11
+ autoload :Authentication, 'oauth2-auth-server/authentication'
12
+
13
+ module Endpoints
14
+ autoload :Authorize, 'oauth2-auth-server/endpoints/authorize'
15
+ autoload :Token, 'oauth2-auth-server/endpoints/token'
16
+ end
17
+
18
+ module Models
19
+ autoload :AccessToken, 'oauth2-auth-server/models/access_token'
20
+ autoload :Client, 'oauth2-auth-server/models/client'
21
+ end
22
+
23
+ mattr_accessor :default_lifetime
24
+ @@default_lifetime = nil
25
+
26
+ def self.setup
27
+ yield self
28
+ end
29
+
30
+ def self.use_middleware(type)
31
+ token_type = case type
32
+ when :bearer then Rack::OAuth2::Server::Resource::Bearer
33
+ else raise("Token type '#{type}' is not supported")
34
+ end
35
+ Rails.application.config.middleware.use token_type, 'Rack::OAuth2 Protected Resources' do |req|
36
+ AccessToken.valid.find_by_token(req.access_token) || req.invalid_token!
37
+ end
38
+ end
39
+ end
40
+ end
41
+ end
@@ -0,0 +1,58 @@
1
+ module Oauth2
2
+ module Auth
3
+ module Server
4
+ module Authentication
5
+
6
+ def self.included(base)
7
+ base.send(:include, Authentication::HelperMethods)
8
+ base.send(:include, Authentication::ControllerMethods)
9
+ end
10
+
11
+ def self.extended(base)
12
+ base.send(:extend, Authentication::ClassMethods)
13
+ end
14
+
15
+ module HelperMethods
16
+ def current_token
17
+ @current_token
18
+ end
19
+
20
+ def current_client
21
+ @current_client
22
+ end
23
+ end
24
+
25
+ module ControllerMethods
26
+ def require_oauth_token(options = {})
27
+ @current_token = request.env[Rack::OAuth2::Server::Resource::ACCESS_TOKEN]
28
+ raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized unless @current_token
29
+ raise Rack::OAuth2::Server::Resource::Bearer::Forbidden.new(:insufficient_scope) unless @current_token.has_scope?(options[:scope])
30
+ end
31
+
32
+ def require_oauth_client_token(options = {})
33
+ require_oauth_token(options)
34
+ raise Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:invalid_token, 'Client token is required') if @current_token.user
35
+ @current_client = @current_token.client
36
+ end
37
+ end
38
+
39
+ module ClassMethods
40
+ def oauth_required(options = {})
41
+ scope = options.delete(:scope)
42
+ before_filter options do |controller|
43
+ controller.require_oauth_token(:scope => scope)
44
+ end
45
+ end
46
+
47
+ def oauth_client_required(options = {})
48
+ scope = options.delete(:scope)
49
+ before_filter options do |controller|
50
+ controller.require_oauth_client_token(:scope => scope)
51
+ end
52
+ end
53
+ end
54
+
55
+ end
56
+ end
57
+ end
58
+ end
@@ -0,0 +1,10 @@
1
+ module Oauth2
2
+ module Auth
3
+ module Server
4
+ module Endpoints
5
+ class Authorize
6
+ end
7
+ end
8
+ end
9
+ end
10
+ end
@@ -0,0 +1,38 @@
1
+ module Oauth2
2
+ module Auth
3
+ module Server
4
+ module Endpoints
5
+ class Token
6
+
7
+ def call(env)
8
+ authenticator.call(env)
9
+ end
10
+
11
+ private
12
+
13
+ def authenticator
14
+ Rack::OAuth2::Server::Token.new do |req, res|
15
+ client = Client.find_by_identifier(req.client_id) || req.invalid_client!
16
+ client.secret == req.client_secret || req.invalid_client!
17
+ case req.grant_type
18
+ when :authorization_code
19
+ req.unsupported_grant_type!
20
+ when :password
21
+ req.unsupported_grant_type!
22
+ when :client_credentials
23
+ # scope is a list of space delimited scopes. Rack::OAuth2 converts to an array.
24
+ res.access_token = client.access_tokens.create(:scope => req.scope).to_bearer_token
25
+ when :refresh_token
26
+ req.unsupported_grant_type!
27
+ else
28
+ # NOTE: extended assertion grant_types are not supported yet.
29
+ req.unsupported_grant_type!
30
+ end
31
+ end
32
+ end
33
+
34
+ end
35
+ end
36
+ end
37
+ end
38
+ end
@@ -0,0 +1,62 @@
1
+ module Oauth2
2
+ module Auth
3
+ module Server
4
+ module Models
5
+ class AccessToken < ActiveRecord::Base
6
+ cattr_accessor :default_lifetime
7
+ self.default_lifetime = Oauth2::Auth::Server.default_lifetime
8
+
9
+ belongs_to :client
10
+
11
+ before_validation :setup, :on => :create
12
+ before_validation :scope_to_string
13
+ validates :client, :presence => true
14
+ validates :token, :presence => true, :uniqueness => true
15
+
16
+ scope :valid, lambda {
17
+ where("expires_at is null or expires_at >= :date", :date => Time.now.utc)
18
+ }
19
+
20
+ def expires_in
21
+ (expires_at - Time.now.utc).to_i if expires_at
22
+ end
23
+
24
+ def expired!
25
+ self.expires_at = Time.now.utc
26
+ self.save!
27
+ end
28
+
29
+ def has_scope?(scope)
30
+ scope = Array(scope)
31
+ scope.collect! {|a| a.to_s }
32
+ current_scope = scope_to_array
33
+ (scope - current_scope).empty?
34
+ end
35
+
36
+ def to_bearer_token
37
+ Rack::OAuth2::AccessToken::Bearer.new(
38
+ :access_token => self.token,
39
+ :expires_in => self.expires_in,
40
+ :scope => self.scope
41
+ )
42
+ end
43
+
44
+ private
45
+
46
+ def setup
47
+ self.token = SecureToken.generate
48
+ self.expires_at ||= self.default_lifetime.from_now if self.default_lifetime
49
+ end
50
+
51
+ def scope_to_string
52
+ self.scope = self.scope.join(' ') if self.scope.is_a?(Array)
53
+ end
54
+
55
+ def scope_to_array
56
+ (self.scope.split(' ') if self.scope.is_a?(String)) or []
57
+ end
58
+ end
59
+ end
60
+ end
61
+ end
62
+ end
@@ -0,0 +1,22 @@
1
+ module Oauth2
2
+ module Auth
3
+ module Server
4
+ module Models
5
+ class Client < ActiveRecord::Base
6
+ has_many :access_tokens
7
+
8
+ before_validation :setup, :on => :create
9
+ validates :name, :redirect_uri, :secret, :presence => true
10
+ validates :identifier, :presence => true, :uniqueness => true
11
+
12
+ private
13
+
14
+ def setup
15
+ self.identifier = SecureToken.generate(16)
16
+ self.secret = SecureToken.generate
17
+ end
18
+ end
19
+ end
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,15 @@
1
+ # require 'action_dispatch/routing/mapper'
2
+
3
+ module Oauth2
4
+ module Auth
5
+ module Server
6
+ module ActionDispatch::Routing
7
+ class Mapper
8
+ def oauth2_token_endpoint(path = 'oauth2/token')
9
+ post path, :to => proc { |env| Endpoints::Token.new.call(env) }
10
+ end
11
+ end
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,26 @@
1
+ require 'active_record/connection_adapters/abstract/schema_definitions'
2
+
3
+ module Oauth2
4
+ module Auth
5
+ module Server
6
+ module Schema
7
+
8
+ def oauth2_client
9
+ string :identifier, :secret, :name, :redirect_uri, :null => false
10
+ end
11
+
12
+ def oauth2_access_token
13
+ belongs_to :client
14
+
15
+ string :token, :null => false
16
+ string :scope
17
+ datetime :expires_at
18
+ end
19
+
20
+ end
21
+ end
22
+ end
23
+ end
24
+
25
+ ActiveRecord::ConnectionAdapters::Table.send :include, Oauth2::Auth::Server::Schema
26
+ ActiveRecord::ConnectionAdapters::TableDefinition.send :include, Oauth2::Auth::Server::Schema
@@ -0,0 +1,11 @@
1
+ module Oauth2
2
+ module Auth
3
+ module Server
4
+ module SecureToken
5
+ def self.generate(bytes = 64)
6
+ ActiveSupport::SecureRandom.base64(bytes)
7
+ end
8
+ end
9
+ end
10
+ end
11
+ end
@@ -0,0 +1,7 @@
1
+ module Oauth2
2
+ module Auth
3
+ module Server
4
+ VERSION = "0.0.1"
5
+ end
6
+ end
7
+ end
@@ -0,0 +1,22 @@
1
+ # -*- encoding: utf-8 -*-
2
+ $:.push File.expand_path("../lib", __FILE__)
3
+ require "oauth2-auth-server/version"
4
+
5
+ Gem::Specification.new do |s|
6
+ s.name = "oauth2-auth-server"
7
+ s.version = Oauth2::Auth::Server::VERSION
8
+ s.authors = ["Renato Neves"]
9
+ s.email = ["renatosn_rg@yahoo.com.br"]
10
+ s.homepage = ""
11
+ s.summary = %q{An implementation of OAuth2 Authorization Server}
12
+ s.description = %q{An implementation of OAuth2 Authorization Server}
13
+
14
+ s.rubyforge_project = "oauth2-auth-server"
15
+
16
+ s.files = `git ls-files`.split("\n")
17
+ s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
18
+ s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
19
+ s.require_paths = ["lib"]
20
+
21
+ s.add_dependency("rack-oauth2", "~> 0.14.0")
22
+ end
@@ -0,0 +1,9 @@
1
+ require 'spec_helper'
2
+
3
+ describe Oauth2::Auth::Server do
4
+
5
+ it 'has a non-null VERSION constant' do
6
+ Oauth2::Auth::Server::VERSION.should_not be_nil
7
+ end
8
+
9
+ end
@@ -0,0 +1,2 @@
1
+ RSpec.configure do |config|
2
+ end
metadata ADDED
@@ -0,0 +1,79 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: oauth2-auth-server
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Renato Neves
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2012-02-16 00:00:00.000000000 -02:00
13
+ default_executable:
14
+ dependencies:
15
+ - !ruby/object:Gem::Dependency
16
+ name: rack-oauth2
17
+ requirement: &2156427280 !ruby/object:Gem::Requirement
18
+ none: false
19
+ requirements:
20
+ - - ~>
21
+ - !ruby/object:Gem::Version
22
+ version: 0.14.0
23
+ type: :runtime
24
+ prerelease: false
25
+ version_requirements: *2156427280
26
+ description: An implementation of OAuth2 Authorization Server
27
+ email:
28
+ - renatosn_rg@yahoo.com.br
29
+ executables: []
30
+ extensions: []
31
+ extra_rdoc_files: []
32
+ files:
33
+ - .gitignore
34
+ - .rspec
35
+ - .travis.yml
36
+ - Gemfile
37
+ - README.md
38
+ - Rakefile
39
+ - lib/oauth2-auth-server.rb
40
+ - lib/oauth2-auth-server/authentication.rb
41
+ - lib/oauth2-auth-server/endpoints/authorize.rb
42
+ - lib/oauth2-auth-server/endpoints/token.rb
43
+ - lib/oauth2-auth-server/models/access_token.rb
44
+ - lib/oauth2-auth-server/models/client.rb
45
+ - lib/oauth2-auth-server/routes.rb
46
+ - lib/oauth2-auth-server/schema.rb
47
+ - lib/oauth2-auth-server/secure_token.rb
48
+ - lib/oauth2-auth-server/version.rb
49
+ - oauth2-auth-server.gemspec
50
+ - spec/oauth2-auth-server_spec.rb
51
+ - spec/spec_helper.rb
52
+ has_rdoc: true
53
+ homepage: ''
54
+ licenses: []
55
+ post_install_message:
56
+ rdoc_options: []
57
+ require_paths:
58
+ - lib
59
+ required_ruby_version: !ruby/object:Gem::Requirement
60
+ none: false
61
+ requirements:
62
+ - - ! '>='
63
+ - !ruby/object:Gem::Version
64
+ version: '0'
65
+ required_rubygems_version: !ruby/object:Gem::Requirement
66
+ none: false
67
+ requirements:
68
+ - - ! '>='
69
+ - !ruby/object:Gem::Version
70
+ version: '0'
71
+ requirements: []
72
+ rubyforge_project: oauth2-auth-server
73
+ rubygems_version: 1.6.2
74
+ signing_key:
75
+ specification_version: 3
76
+ summary: An implementation of OAuth2 Authorization Server
77
+ test_files:
78
+ - spec/oauth2-auth-server_spec.rb
79
+ - spec/spec_helper.rb