oauth2-client 1.0.0

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+coverage
+InstalledFiles
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+
+# YARD artifacts
+.yardoc
+_yardoc
+doc/

data/.travis.yml

@@ -0,0 +1,6 @@
+language: ruby
+rvm:
+  - "1.9.2"
+  - "1.9.3"
+# uncomment this line if your project needs to run something other than `rake`:
+# # script: bundle exec rspec spec

data/Gemfile

@@ -0,0 +1,17 @@
+source 'https://rubygems.org'
+
+gem 'json'
+
+gem 'bcrypt-ruby', '~> 3.0.0'
+
+gem 'addressable'
+
+gem 'rake'
+
+gem 'rspec', '~>2.12'
+
+gem 'simplecov'
+
+gem 'activesupport', '~> 3.2.8'
+
+# gem 'mocha', '>=0.12.1', :require => false

data/Gemfile.lock

@@ -0,0 +1,37 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    activesupport (3.2.8)
+      i18n (~> 0.6)
+      multi_json (~> 1.0)
+    addressable (2.3.2)
+    bcrypt-ruby (3.0.1)
+    diff-lcs (1.1.3)
+    i18n (0.6.1)
+    json (1.7.5)
+    multi_json (1.3.6)
+    rake (0.9.2.2)
+    rspec (2.12.0)
+      rspec-core (~> 2.12.0)
+      rspec-expectations (~> 2.12.0)
+      rspec-mocks (~> 2.12.0)
+    rspec-core (2.12.2)
+    rspec-expectations (2.12.1)
+      diff-lcs (~> 1.1.3)
+    rspec-mocks (2.12.1)
+    simplecov (0.7.1)
+      multi_json (~> 1.0)
+      simplecov-html (~> 0.7.1)
+    simplecov-html (0.7.1)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  activesupport (~> 3.2.8)
+  addressable
+  bcrypt-ruby (~> 3.0.0)
+  json
+  rake
+  rspec (~> 2.12)
+  simplecov

data/LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2012, Kevin Mutyaba
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,152 @@
+# OAuth2 Ruby Client
+
+[![Build Status](https://secure.travis-ci.org/tiabas/oauth2-client.png?branch=master)][travis]
+
+[travis]: http://travis-ci.org/tiabas/oauth2-client
+
+A Ruby wrapper for the OAuth 2.0 specification. It is designed with the philosophy that not
+every service that claims to support OAuth 2.0 actually implements it according to the
+[standard]( http://tools.ietf.org/html/rfc6749). This version therefore, affords 
+the developer some degree of flexibility in generating the URLs and requests
+needed to authorize an OAuth 2.0 application.
+
+For more about the standard, take a look at http://tools.ietf.org/html/rfc6749 
+
+## Installation
+Download the library and include the its location in your Gemfile
+
+## Resources
+* [View Source on GitHub][code]
+* [Report Issues on GitHub][issues]
+
+[code]: https://github.com/tiabas/oauth2-client
+[issues]: https://github.com/tiabas/oauth2-client/issues
+
+## Usage Examples
+
+```ruby
+require 'oauth2-client'
+
+@client  = OAuth2::Client.new('https://example.com', 's6BhdRkqt3', '4hJZY88TCBB9q8IpkeualA2lZsUhOSclkkSKw3RXuE')
+
+client.authorization_code.authorization_path(:redirect_uri => 'http://localhost/oauth2/cb')
+# => "/oauth/authorize?response_type=code&client_id={client_id}&redirect_uri=http%3A%2F%2Flocalhost%2Foauth2%2Fcb"
+
+```
+
+## Authorization Grants
+The client wraps around the creation of any given grant and passing in the parameters defined in the configuration
+file. The supported grants include Authorization Code, Implicit, Resource Owner Password Credentials, Client Credentials.
+There is also support for device authentication as described in Google's OAuth 2.0 authentication methods(https://developers.google.com/accounts/docs/OAuth2ForDevices). They are available via the #authorization_code, #implicit, #password, #client_credentials, #refresh_token
+and #device methods on a client object.
+
+The #get_token method on the grants does not make any assumptions about the format ofthe response from the OAuth provider. The ideal
+case would be to treat all responses as JSON. However, some services may respond with in XML instead of JSON. The #get_token method
+therefore, returns with an HTTPResponse object.
+
+### Authorization Code
+```ruby
+auth_url = client.authorization_code.authorization_path(:redirect_uri => 'http://localhost/oauth2/cb')
+# => "/oauth/authorize?response_type=code&client_id={client_id}&redirect_uri=http%3A%2F%2Flocalhost%2Foauth2%2Fcb"
+
+token_url = client.authorization_code.token_path(
+    :code => aXW2c6bYz, 
+    :redirect_uri => 'http://localhost/oauth2/cb')
+# => "/oauth/token?redirect_uri=http%3A%2F%2Flocalhost%2Foauth%2Fcb&client_secret={client_secret}&grant_type=authorization_code&client_id={client_id}&code=aXW2c6bYz"
+```
+
+### Implicit Grant
+```ruby
+auth_url = client.implicit.authorization_path(:redirect_uri => 'http://localhost/oauth2/cb')
+# => "oauth/?redirect_uri=http%3A%2F%2Flocalhost%2Foauth%2Fcb&response_type=token&client_id={client_id}"
+```
+
+### Password Credentials
+```ruby
+token = client.password.get_token('username', 'password')
+```
+
+### Refresh Token
+```ruby
+token = client.refresh_token.get_token(refresh_token_value, :params => {:scope => 'abc xyz', :state => 'state'})
+```
+
+### Client Credentials
+```ruby
+token = client.client_credentials.get_token
+```
+
+### Device Code
+```ruby
+auth_url = client.device_code.authorization_path(:scope => 'abc xyz', :state => 'state')
+# => "/oauth/device/code?scope=abc+xyz&state=state&client_id={client_id}"
+
+# exchange device authorization code for access token
+token = client.device_code.get_token(device_auth_code)
+```
+
+# Client Examples
+This library comes bundled with two sample implementations of Google and Yammer OAuth clients. These clients are 
+meant to showcase the degree of flexibilty that you get when using this library to interact with other OAuth 2.0
+providers.
+
+## Google Client
+
+```ruby
+
+google_client = GoogleClient.new(
+  'https://accounts.google.com',
+  '827502413694.apps.googleusercontent.com',
+  'a2nQpcUm2Dgq1chWdAvbXGTk',
+  {
+    :token_path     => '/o/oauth2/token',
+    :authorize_path => '/o/oauth2/auth',
+    :device_path    => '/o/oauth2/device/code'
+  }
+)
+
+```
+
+### Client-side authorization URL(Implicit grant)
+```ruby
+auth_url = google_client.webserver_authorization_url(
+    :scope => 'https://www.googleapis.com/auth/userinfo.email',
+    :state => '/profile',
+    :redirect_uri => 'https://oauth2-login-demo.appspot.com/code',
+    :approval_prompt => 'force')
+# => https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&state=%2Fprofile&redirect_uri=https%3A%2F%2Foauth2-login-demo.appspot.com%2Ftoken&approval_prompt=force&response_type=token&client_id=812741506391.apps.googleusercontent.com
+```
+
+### Server-side authorization URL(Authorization code grant)
+```ruby
+auth_url = google_client.clientside_authorization_url(
+    :scope => 'https://www.googleapis.com/auth/userinfo.email',
+    :state => '/profile',
+    :redirect_uri => 'http://localhost/oauth/code',
+    :approval_prompt => 'force')
+# => https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&state=%2Fprofile&redirect_uri=https%3A%2F%2Foauth2-login-demo.appspot.com%2Fcode&approval_prompt=force&response_type=code&client_id=812741506391.apps.googleusercontent.com
+
+# exchange authorization code for access token. we will get back a Net::HTTPResponse
+response = google_client.exchange_auth_code_for_token(
+  :params => {
+    :code => '4/dbB0-UD1cvrQg2EuEFtRtHwPEmvR.IrScsjgB5M4VuJJVnL49Cc8QdUjRdAI',
+    :redirect_uri => 'http://localhost/oauth/token'
+  }
+)
+response.inspect 
+# => #<Net::HTTPOK:0x007ff8bc7c1200>
+
+response.body
+# => {
+  "access_token" : "ya91.AHES8ZS-oCZnc5yHepnsosFjNln9ZKLuioF6FcMRCGUIzA",
+  "token_type" : "Bearer",
+  "expires_in" : 3600,
+  "id_token" : "eyJhbGciOiJSUzI1NiIsImtpZCI6IjY4ZGM2ZmIxNDQ5OGJmMWRhNjNiMWYyMDA2YmRmMDA2N2Q4MzY",
+  "refresh_token" : "6/Ju8uhi9xOctGEyHRzWwHhaYimfxmY0tiJ_qW3qvjWXM"
+}
+```
+
+## Copyright
+Copyright (c) 2012 Kevin Mutyaba
+See [LICENSE][] for details.
+[license]: https://github.com/tiabas/oauth2-client/blob/master/LICENSE

data/Rakefile

@@ -0,0 +1,11 @@
+#Rakefile
+require 'rake'
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec) do |t|
+  t.verbose = true
+end
+
+desc "Run spec"
+task :default => :spec
+task :test    => :spec

data/TODO

@@ -0,0 +1,10 @@
+TODO:
+- Streamline configuration of client
+
+- Add documentation for connection class
+
+- Make gem 1.8.7 compatible
+
+- Update documentation
+
+- Submit to gem library

data/examples/google_client.rb

@@ -0,0 +1,159 @@
+class GoogleClient < OAuth2::Client
+
+  def normalize_scope(scope, sep=' ')
+    unless (scope.is_a?(String) || scope.is_a?(Array))
+      raise ArgumentError.new("Expected scope of type String or Array but was: #{scope.class.name}")
+    end
+    return scope if scope.is_a?(String)
+    scope.join(sep)
+  end
+
+  # Generates the Google URL that the user will be redirected to in order to
+  # authorize your application
+  #
+  # @see https://developers.google.com/accounts/docs/OAuth2UserAgent#formingtheurl
+  #
+  # @params [Hash] additional parameters to be include in URL eg. scope, state, etc
+  #
+  # client = GoogleClient.new('https://accounts.google.com', '827502413694.apps.googleusercontent.com', 'a2nQpcUm2Dgq1chWdAvbXGTk',{
+  #   :token_path     => '/o/oauth2/token',
+  #   :authorize_path => '/o/oauth2/auth',
+  #   :device_path    => '/o/oauth2/device/code'
+  # })
+  # client.clientside_authorization_url({
+  #      :scope => 'https://www.googleapis.com/auth/userinfo.email',
+  #      :state => '/profile',
+  #      :redirect_uri => 'https://oauth2-login-demo.appspot.com/code',
+  #      :approval_prompt => 'force',
+  #    })
+  # #=>
+  def clientside_authorization_url(params={})
+    params[:scope] = normalize_scope(params[:scope]) if params[:scope]
+    implicit.token_url(params)
+  end
+
+  # Generates the Google URL that the user will be redirected to in order to
+  # authorize your application
+  #
+  # @see https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl
+  #
+  # @params [Hash] additional parameters to be include in URL eg. scope, state, etc
+  #
+  # client = GoogleClient.new('https://accounts.google.com', '827502413694.apps.googleusercontent.com', 'a2nQpcUm2Dgq1chWdAvbXGTk',{
+  #   :token_path     => '/o/oauth2/token',
+  #   :authorize_path => '/o/oauth2/auth',
+  #   :device_path    => '/o/oauth2/device/code'
+  # })
+  # client.webserver_authorization_url({
+  #      :scope => 'https://www.googleapis.com/auth/userinfo.email',
+  #      :state => '/profile',
+  #      :redirect_uri => 'https://oauth2-login-demo.appspot.com/code',
+  #      :approval_prompt => 'force',
+  #    })
+  # #=>
+  def webserver_authorization_url(params={})
+    params[:scope] = normalize_scope(params[:scope]) if params[:scope]
+    authorization_code.authorization_url(params)
+  end
+
+  # Generates the Google URL that allows a user to obtain an authorization
+  # code for a given device
+  #
+  # @see https://developers.google.com/accounts/docs/OAuth2ForDevices
+  # def device_authorization_url(params={})
+  #   params[:scope] = normalize_scope(params[:scope]) if params[:scope]
+  #   device.authorization_url(params)
+  # end
+
+  # Makes a request to google server that will swap your authorization code for an access
+  # token
+  #
+  # @see https://developers.google.com/accounts/docs/OAuth2WebServer#handlingtheresponse
+  #
+  # @params [Hash] additional parameters to be include in URL eg. scope, state, etc
+  #
+  # client = GoogleClient.new('https://accounts.google.com', '827502413694.apps.googleusercontent.com', 'a2nQpcUm2Dgq1chWdAvbXGTk',{
+  #   :token_path     => '/o/oauth2/token',
+  #   :authorize_path => '/o/oauth2/auth',
+  #   :device_path    => '/o/oauth2/device/code'
+  # })
+  # client.exchange_auth_code_for_token({
+  #      :scope => 'https://www.googleapis.com/auth/userinfo.email',
+  #      :state => '/profile',
+  #      :code => 'G3Y6jU3a',
+  #    })
+  # #=>
+  def exchange_auth_code_for_token(opts={})
+    unless (opts[:params] && opts[:params][:code])
+      raise ArgumentError.new("You must include an authorization code as a parameter")
+    end
+    code = opts[:params].delete(:code)
+    authorization_code.get_token(code, opts)
+  end
+
+  # Makes a request to google server that will generate a new access token given that your
+  # application was not deauthorized by the user
+  #
+  # @see https://developers.google.com/accounts/docs/OAuth2InstalledApp#refresh
+  #
+  # @params [Hash] additional parameters to be include in URL eg. state
+  #
+  # client = GoogleClient.new('https://accounts.google.com', '827502413694.apps.googleusercontent.com', 'a2nQpcUm2Dgq1chWdAvbXGTk',{
+  #   :token_path     => '/o/oauth2/token',
+  #   :authorize_path => '/o/oauth2/auth',
+  #   :device_path    => '/o/oauth2/device/code'
+  # })
+  # client.refresh_access_token({
+  #      :state => '/profile',
+  #      :refresh_token => '2YotnFZFEjr1zCsicMWpAA'
+  #    })
+  # #=>
+  def refresh_access_token(opts={})
+    unless (opts[:params] && opts[:params][:refresh_token])
+      raise ArgumentError.new("You must provide a refresh_token as a parameter")
+    end
+    token = opts[:params].delete(:refresh_token)
+    refresh_token.get_token(token, opts)
+  end
+
+  # @see https://developers.google.com/accounts/docs/OAuth2ForDevices#obtainingacode
+  #
+  # @params [Hash] additional parameters to be include in URL eg. state
+  #
+  # client = GoogleClient.new('https://accounts.google.com', '827502413694.apps.googleusercontent.com', 'a2nQpcUm2Dgq1chWdAvbXGTk',{
+  #   :token_path     => '/o/oauth2/token',
+  #   :authorize_path => '/o/oauth2/auth',
+  #   :device_path    => '/o/oauth2/device/code'
+  # })
+  # client.device_code({
+  #   :state => '/profile',
+  # })
+  # #=>
+  def get_device_code(opts={})
+    opts[:params] ||= {}
+    opts[:params][:scope] = normalize_scope(opts[:params][:scope]) if opts[:params][:scope]
+    device_code.get_code(opts)
+  end
+
+  # @see https://developers.google.com/accounts/docs/OAuth2ForDevices#obtainingatoken
+  #
+  # @params [Hash] additional parameters to be include in URL eg. state
+  #
+  # client = GoogleClient.new('https://accounts.google.com', '827502413694.apps.googleusercontent.com', 'a2nQpcUm2Dgq1chWdAvbXGTk',{
+  #   :token_path     => '/o/oauth2/token',
+  #   :authorize_path => '/o/oauth2/auth',
+  #   :device_path    => '/o/oauth2/device/code'
+  # })
+  # client.exchange_device_code_for_token({
+  #      :state => '/profile',
+  #      :code => 'G3Y6jU3a',
+  #    })
+  # #=>
+  def exchange_device_code_for_token(opts={})
+    unless (opts[:params] && opts[:params][:code])
+      raise ArgumentError.new("You must include an device code as a parameter")
+    end
+    code = opts[:params].delete(:code)
+    device_code.get_token(code, opts)
+  end
+end

data/lib/oauth2.rb

@@ -0,0 +1,7 @@
+require 'oauth2/version'
+require 'oauth2/error'
+require 'oauth2/helper'
+require 'oauth2/grant'
+require 'oauth2/client'
+require 'oauth2/connection'
+