oauth2_provider 0.0.1 → 0.1.0

data/CHANGELOG

@@ -0,0 +1,296 @@
+[20b81b6 | Sat Jul 24 00:30:26 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Bump up version number for release.
+
+[9ff5a1e | Sat Jul 24 00:27:04 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Add tasks to check license notices before creating the gem.
+
+[7b6ad1e | Fri Jul 23 20:43:55 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * A workaround for the "A copy of ApplicationController has been removed from the module tree but is still active!" error.
+
+    See:
+    * https://rails.lighthouseapp.com/projects/8994/tickets/2948
+    * https://rails.lighthouseapp.com/projects/8994/tickets/2873
+
+[961a5dd | Fri Jul 23 18:31:00 UTC 2010] David Rice <david.rice@gmail.com>
+
+  * fix development environment hack
+
+[2d4c7bf | Fri Jul 23 18:26:11 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Add Copyright notice and MIT License reference in all ruby scripts
+
+[155723e | Thu Jul 22 23:24:21 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Fix the generator to not die out on a missing db/migrate directory.
+
+[d04ea6b | Thu Jul 22 20:28:26 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Updated the gem task with the correct information.
+
+[a8cbece | Thu Jul 22 20:16:51 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Add MIT license, update readme with the new license text.
+
+[91fe9a7 | Thu Jul 22 17:40:17 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
+
+  * updated Readme
+
+[659d8e9 | Wed Jul 21 00:30:42 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Add a task to generate a nice gem.
+
+[4ff4ce2 | Tue Jul 20 20:16:58 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Add a generator plugin that generates the right db migrations and initializer when executed.
+
+[4298f4c | Tue Jul 20 18:36:42 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * remove all hooks; host apps now required to supply initializer to configure plugin controller
+
+[45d1e73 | Mon Jul 19 21:39:35 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Explicitly set the controller class in the link, this is needed as a workaround for mingle because it seems to monkey patch link_to in order to check if the user has access to the particular resource.
+
+[1423124 | Mon Jul 19 20:35:03 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Fix the readme to add new callback api and a recent change in the name of the 'skip_authentication' method.
+
+[0e1fff1 | Mon Jul 19 20:31:55 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Fix broken HTML when rendering the table containing oauth tokens for a user.
+
+[050d930 | Mon Jul 19 20:31:30 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Ensure that the user_tokens controller uses the correct HTTP methods for its actions.
+
+[6a122da | Mon Jul 19 20:30:53 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Added callbacks to skip filters for the OAuth2 CRUD controllers that are setup by the host app.
+
+[70a9b8f | Fri Jul 16 22:13:51 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Added support for sending blocks to 'oauth_allowed' method that returns a boolean in addition to the :only and :except options.
+
+    This is similar to rails' before/after filters.
+
+[e5f1ce5 | Fri Jul 16 22:11:31 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Renamed the 'skip_authentication' method to 'skip_authentication_for_oauth' to reflect that this is used by oauth, and 'skip_authentication' is a bit confusing as to "why this is needed ?"
+
+[61e1a73 | Fri Jul 16 22:10:42 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Renamed the 'current_user_id' method to 'current_user_id_for_oauth' to reflect that this is used by oauth.
+
+[a2fe95e | Thu Jul 15 16:05:25 UTC 2010] David Rice <david.rice@gmail.com>
+
+  * fix plugin reload issue in dev env
+
+[17bcef3 | Thu Jul 15 00:06:20 UTC 2010] David Rice <david.rice@gmail.com>
+
+  * fix some issues with sample host app and message for authorization
+
+[6b1acac | Tue Jul 13 23:46:36 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
+
+  * now there's a general hook for skipping auth on get_token action
+
+[646b57c | Tue Jul 13 23:18:02 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
+
+  * README file
+
+[bb7f271 | Tue Jul 13 21:00:30 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * minors changes to readme
+
+[611bbd3 | Mon Jul 12 18:30:12 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
+
+  * #20 - implement refresh-token grant type; for now refresh tokens do not expire
+
+[783c9be | Fri Jul 09 21:56:31 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * delete the authorization code premptively if the client_id and client_secret do not match.
+
+[902a7b7 | Fri Jul 09 21:24:40 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * split the oauth_token model into two. There is now an oauth_token and an oauth_authorization
+
+[7fb59bd | Fri Jul 09 20:23:31 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * add verification instructions to README
+
+[5b35a0a | Fri Jul 09 18:49:12 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Added a more detailed README file.
+
+[3f0ebe2 | Fri Jul 09 16:37:51 UTC 2010] David Rice <david.rice@gmail.com>
+
+  * remove obsolete secure_random implementation
+
+[ba4ccdd | Fri Jul 09 16:18:51 UTC 2010] David Rice <david.rice@gmail.com>
+
+  * remove now redundant foreign_key option for token <> client relationship
+
+[ef2c6e7 | Fri Jul 09 16:11:45 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * change from o_auth to oauth in all file and class names as it was annoying everyone
+
+[17aadda | Thu Jul 08 18:52:59 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * The controller was unable to identify oauth requests because it was looking at the params instead of the 'Authorization' header.
+
+    See:
+    * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-5.1.1
+
+[152dfae | Thu Jul 08 01:15:38 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #21 - added a screen that allows a logged in user to revoke oauth tokens
+
+[8a60621 | Thu Jul 08 00:35:22 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #21 - added a screen that lists out tokens for the logged in user
+
+[a562d5c | Wed Jul 07 23:42:02 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #15 - add fairly pathetic URL validation for client redirect_uri
+
+[7ea201d | Wed Jul 07 23:22:46 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * added tests for the oauth client controller CRUD
+
+[e2345c5 | Wed Jul 07 22:44:07 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #15 try integrate provider with gadget rendering server, fix conditional routes, make oauth protected action look at header instead of query parameter
+
+[2303d17 | Wed Jul 07 21:52:06 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #15 - remove oauth param helper
+
+[c9959bc | Wed Jul 07 21:44:12 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #15 - the /oauth/token endpoint is POST only.
+
+[9e3ea87 | Wed Jul 07 21:28:00 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #15 - only access authorize request via POST method
+
+[b185305 | Wed Jul 07 20:01:11 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Some rails convention over configuration yakshaving for moving our oauth_client CRUD behind a different url under a '/oauth' namespace.
+
+[03749ba | Wed Jul 07 00:40:10 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Add support for an OPTIONAL state param for the /authorize endpoint
+
+    See:
+    * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-3
+
+[18676f8 | Tue Jul 06 23:45:44 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * renamed the association between oauth tokens and oauth clients
+
+[6fb7a91 | Tue Jul 06 23:39:24 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #15 - fix some class loading issues; unfortunately we are no longer using hooks, but requiring code be written within the host app itself
+
+[af8e619 | Tue Jul 06 23:27:28 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * moved things into correct namespaces.
+
+[f5b7d9a | Tue Jul 06 22:06:10 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * moving a file
+
+[9b52a22 | Tue Jul 06 21:53:00 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #15 - fix incorrect storage of oauth_options in controller classes
+
+[9142343 | Tue Jul 06 21:09:51 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #15 - added hooks for allowing oauth access to application actions
+
+[21776d0 | Tue Jul 06 17:48:06 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #15 - access tokens now have 90 days validity
+
+[8272aba | Fri Jul 02 02:07:42 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Added validations around /authorize?response_type=code.
+
+    Currently the only response_type allowed is 'code'.
+    
+    See:
+    * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-3
+    * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-3.2.1
+
+[21f0705 | Thu Jul 01 22:10:46 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Ensure that token expires in 1 hour after it is created.
+
+[1cba937 | Thu Jul 01 22:05:50 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * The /authorize action gives a token that is valid for 1 hour(default)
+
+    See:
+    * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-3.1
+
+[d7f0402 | Thu Jul 01 20:06:24 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #17 - /token?grant_type=authorization-code
+
+    Disallow posting same authorization code twice.
+    
+    See:
+    
+    * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-3.1
+    * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-4.3.1
+
+[85d2374 | Thu Jul 01 07:12:23 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Ensure that the 'expires_in' and 'refresh_token' are rendered as part of /authorize?grant_type=authorization_code
+
+[2f84103 | Thu Jul 01 05:45:44 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Take control of time, we need to test the token expiry.
+
+[110c309 | Wed Jun 30 22:50:14 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * added a happy path for getting access tokens. need to work on edge cases
+
+[15846ec | Wed Jun 30 21:45:32 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * redirect_uri is now a required param for requesting authorization code
+
+[56836ba | Wed Jun 30 20:49:57 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * moved a file into the vendor/plugin
+
+[411f559 | Wed Jun 30 19:20:20 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * #15 - we can now provide an authorization code; validations should be complete too.
+
+[89202cf | Wed Jun 30 01:10:10 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * added some controller tests for the authorization controller
+
+[10ad5c5 | Tue Jun 29 22:14:25 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * fixed an error caused because of the user logging out
+
+[635cfc8 | Tue Jun 29 22:09:36 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * adding scaffold for creating users and managing user sessions.
+
+[2ab3793 | Tue Jun 29 21:42:16 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * adding some gems to enable user auth
+
+[5d45d38 | Tue Jun 29 21:21:10 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
+
+  * KP/SJ #15 more setup
+
+[2c6ef15 | Tue Jun 29 20:49:06 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
+
+  * KP/SJ #15 can keep track of authorized clients
+

data/README.textile

@@ -5,9 +5,13 @@ The latest version of the spec is available at "http://tools.ietf.org/html/draft
 
 Currently only the web-server profile "http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-1.4.1":http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-1.4.1 is supported.
 
+h1. Hacking/Contributing
+
+See "HACKING.textile":HACKING.textile for information on how to hack on this code.
+
 h1. What is OAuth?
 
-OAuth is an open-source specification for building a framework for allowing a third-party app (the "client") to access protected resources from another application (the "provider," or "resource owner") at the request of a "user" of the client app.  Oauth allows the user to enter his user credentials (ex. username and password) only to the provider app, which then grants the client app permission to view the protected resources on behalf of the user.  
+OAuth is an open-source specification for building a framework for allowing a third-party app (the "client") to access protected resources from another application (the "provider," or "resource owner") at the request of a "user" of the client app.  Oauth allows the user to enter his user credentials (ex. username and password) only to the provider app, which then grants the client app permission to view the protected resources on behalf of the user.
 
 A very good overview of the basic OAuth workflow is "here":http://hueniverse.com/2007/10/beginners-guide-to-oauth-part-ii-protocol-workflow/.
 
@@ -57,7 +61,20 @@ It is the responsibility of the host application to avoid routing conflicts. The
 
 h1. Installation
 
-Copy the plugin into your rails application's vendor/plugins directory.
+ $ [sudo] gem install oauth2_provider
+
+Add the following to your RAILS_ROOT/config/environment.rb:
+
+<pre>
+Rails::Initializer.run do |config|
+  config.gem 'oauth2_provider'
+end
+</pre>
+
+We recommend that you vendor all your gems:
+
+ $ rake gems:unpack
+ $ rake gems:unpack:dependencies
 
 Execute the configuration script from your RAILS_ROOT:
 
@@ -71,9 +88,14 @@ This will create:
 
 h2. Configuration
 
-h3. Host Application
+h3. Database
 
-h4. Rails initializer 
+This plugin stores OAuth2 client, authorization codes, and access token into a DB table. It is therefore required that a host app create the necessary ActiveRecord migrations in their application.
+
+* In your RAILS_ROOT, run rake db:migrate, this will run all the migrations that were created as when you executed the oauth2_provider generator.  You can't do this step until you do the initializers file.
+
+
+h3. Rails initializer
 
 Edit the file config/initializers/oauth2_provider.rb in which you
 * must call filter skipping methods on OauthTokenController, ensuring any authentication filters to not run for this controllers actions
@@ -95,11 +117,10 @@ module Oauth2
     
   end
 end
-  
 </pre>
 
 
-h4. ApplicationController
+h3. ApplicationController
 
 Make the following changes:
 * Include Oauth2::Provider::ApplicationControllerMethods module
@@ -195,7 +216,7 @@ class ApplicationController < ActionController::Base
 end
 </pre>
 
-h4. Oauth enable particular controller actions
+h3. Oauth enable particular controller actions
 
 By default, no action supports OAuth.  That is, if you would like for OAuth to work for any particular action you must declare that in the controller. Below is a simple example where a concrete controller definition specifies where Oauth is allowed. If you look at the plugin source you'll see that oauth_allowed can also be passed a block, returning true or false, for more sophisticated implementations.
 
@@ -219,14 +240,9 @@ class ProtectedResourceController < ApplicationController
 end
 </pre>
 
-h3. Database
-
-This plugin stores OAuth2 client, authorization codes, and access token into a DB table. It is therefore required that a host app create the necessary ActiveRecord migrations in their application.
-
-* In your RAILS_ROOT, run rake db:migrate, this will run all the migrations that were created as when you executed the oauth2_provider generator.  You can't do this step until you do the initializers file.
 
 
-h1. Verify plugin working correctly in your application
+h1. Verify that everything is working correctly!
 
 * OAuth enable the actions for which you wish to allow OAuth as an authentication means
 * Setup a new OAuth client at /oauth/clients
@@ -244,13 +260,13 @@ h1. Verify plugin working correctly in your application
 * You should expect to see the contents of the protected resource now.
 
 
-h1. License (Stuff that lawyers make us say)
+h1. License
 
 OAuth2 Provider Generator is MIT Licensed.
 
 The MIT License
 
-Copyright © 2010 ThoughtWorks, Inc. (http://thoughtworks.com)
+Copyright (c) 2010 ThoughtWorks, Inc. (http://thoughtworks.com)
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the “Software”), to deal

data/app/controllers/oauth2/provider/oauth_authorize_controller.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 module Oauth2
   module Provider
     class OauthAuthorizeController < ::ApplicationController

data/app/controllers/oauth2/provider/oauth_clients_controller.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 module Oauth2
   module Provider
     class OauthClientsController < ApplicationController

data/app/controllers/oauth2/provider/oauth_token_controller.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 module Oauth2
   module Provider
     class OauthTokenController < ApplicationController

data/app/controllers/oauth2/provider/oauth_user_tokens_controller.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 module Oauth2
   module Provider
     class OauthUserTokensController < ApplicationController

data/app/models/oauth2/provider/oauth_authorization.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 module Oauth2
   module Provider
     class OauthAuthorization < ::ActiveRecord::Base

data/app/models/oauth2/provider/oauth_client.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 module Oauth2
   module Provider
     class OauthClient < ActiveRecord::Base

data/app/models/oauth2/provider/oauth_token.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 module Oauth2
   module Provider
     class OauthToken < ::ActiveRecord::Base

data/config/routes.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 ActionController::Routing::Routes.draw do |map|
   
   map.resources :oauth_clients, :controller => 'Oauth2::Provider::OauthClients', :as => 'oauth/clients'

data/generators/oauth2_provider/oauth2_provider_generator.rb

@@ -1,8 +1,12 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 class Oauth2ProviderGenerator < Rails::Generator::Base
   def manifest
     record do |m|
       m.template 'config/initializers/oauth2_provider.rb', "config/initializers/oauth2_provider.rb"
-      
+
+      m.directory 'db/migrate'
       ['create_oauth_clients', 'create_oauth_tokens', 'create_oauth_authorizations'].each_with_index do |file_name, index|
         m.template "db/migrate/#{file_name}.rb", "db/migrate/#{version_with_prefix(index)}_#{file_name}.rb", :migration_file_name => file_name
       end

data/generators/oauth2_provider/templates/config/initializers/oauth2_provider.rb

@@ -1,9 +1,24 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 module Oauth2
   module Provider
 
     raise 'OAuth2 provider not configured yet!'
     # please go through the readme and configure this file before you can use this plugin!
     
+    # A fix for the stupid "A copy of ApplicationController has been removed from the module tree but is still active!"
+    # error message that is caused in rails >= v2.3.3
+    #
+    # This error is caused because the application controller is unloaded but, the controllers in the plugin are still
+    # referring to the super class that is unloaded!
+    #
+    # Uncommenting these lines fixes the issue, but makes the ApplicationController not reloadable in dev mode.
+    #
+    # if RAILS_ENV == 'development'
+    #   ActiveSupport::Dependencies.load_once_paths << File.join(RAILS_ROOT, 'app/controllers/application_controller')
+    # end
+    
     # make sure no authentication for OauthTokenController
     OauthTokenController.skip_before_filter(:login_required)
     

data/generators/oauth2_provider/templates/db/migrate/create_oauth_authorizations.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 class CreateOauthAuthorizations < ActiveRecord::Migration
   def self.up
     create_table :oauth_authorizations do |t|

data/generators/oauth2_provider/templates/db/migrate/create_oauth_clients.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 class CreateOauthClients < ActiveRecord::Migration
   def self.up
     create_table :oauth_clients do |t|

data/generators/oauth2_provider/templates/db/migrate/create_oauth_tokens.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 class CreateOauthTokens < ActiveRecord::Migration
   def self.up
     create_table :oauth_tokens do |t|

data/init.rb

@@ -1,3 +1,5 @@
-if RAILS_ENV == 'development'
-  ActiveSupport::Dependencies.load_once_paths.reject!{|x| x =~ /^#{Regexp.escape(File.dirname(__FILE__))}/}
-end
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
+# DO NOT REMOVE
+# this file is required when this plugin is used as a plugin! 

data/lib/oauth2/provider/application_controller_methods.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 module Oauth2
   module Provider
     module ApplicationControllerMethods

data/lib/oauth2/provider/clock.rb

@@ -1,3 +1,6 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 module Oauth2
   module Provider
 

data/lib/oauth2_provider.rb

@@ -0,0 +1,5 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
+# DO NOT REMOVE
+# this file is required when this plugin is used as a gem!

data/oauth2_provider.gemspec

@@ -0,0 +1,28 @@
+# -*- encoding: utf-8 -*-
+
+Gem::Specification.new do |s|
+  s.name = %q{oauth2_provider}
+  s.version = "0.1.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["ThoughtWorks, Inc."]
+  s.date = %q{2010-07-23}
+  s.description = %q{A Rails plugin to OAuth v2.0 enable your rails application. This plugin implements v09 of the OAuth2 draft spec http://tools.ietf.org/html/draft-ietf-oauth-v2-09.}
+  s.email = %q{ketan@thoughtworks.com}
+  s.extra_rdoc_files = ["README.textile", "MIT-LICENSE.txt"]
+  s.files = ["app/controllers/oauth2/provider/oauth_authorize_controller.rb", "app/controllers/oauth2/provider/oauth_clients_controller.rb", "app/controllers/oauth2/provider/oauth_token_controller.rb", "app/controllers/oauth2/provider/oauth_user_tokens_controller.rb", "app/models/oauth2/provider/oauth_authorization.rb", "app/models/oauth2/provider/oauth_client.rb", "app/models/oauth2/provider/oauth_token.rb", "app/views/oauth2/provider/layouts/oauth_clients.html.erb", "app/views/oauth2/provider/oauth_authorize/index.html.erb", "app/views/oauth2/provider/oauth_clients/edit.html.erb", "app/views/oauth2/provider/oauth_clients/index.html.erb", "app/views/oauth2/provider/oauth_clients/new.html.erb", "app/views/oauth2/provider/oauth_clients/show.html.erb", "app/views/oauth2/provider/oauth_user_tokens/index.html.erb", "config/routes.rb", "generators/oauth2_provider/oauth2_provider_generator.rb", "generators/oauth2_provider/templates/config/initializers/oauth2_provider.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_authorizations.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_clients.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_tokens.rb", "init.rb", "lib/oauth2/provider/application_controller_methods.rb", "lib/oauth2/provider/clock.rb", "lib/oauth2_provider.rb", "MIT-LICENSE.txt", "oauth2_provider.gemspec", "README.textile", "tasks/gem.rake", "CHANGELOG"]
+  s.homepage = %q{http://github.com/ThoughtWorksStudios/oauth2_provider}
+  s.require_paths = ["lib"]
+  s.rubygems_version = %q{1.3.7}
+  s.summary = %q{A Rails plugin to OAuth v2.0 enable your rails application}
+
+  if s.respond_to? :specification_version then
+    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+    else
+    end
+  else
+  end
+end

data/tasks/gem.rake

@@ -1,33 +1,88 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
 require 'rubygems'
 require 'rake/gempackagetask'
 
-desc 'Create a the oauth2_provider gem'
-task :gem do
-  cd File.join(File.expand_path(File.dirname(__FILE__)), '..') do
-    
-    cp "#{RAILS_ROOT}/../README.textile", '.'
-    cp "#{RAILS_ROOT}/../MIT-LICENSE.txt", '.'
-    
-    spec = Gem::Specification.new do |s|
-      s.name = "oauth2_provider"
-      s.version           = "0.0.1"
-      s.author            = "ThoughtWorks, Inc."
-      s.email             = "ketan@thoughtworks.com"
-      s.homepage          = "http://github.com/ThoughtWorksStudios/oauth2_provider"
-      s.platform          = Gem::Platform::RUBY
-      s.summary           = "A Rails plugin to OAuth v2.0 enable your rails application"
-      s.description       = "A Rails plugin to OAuth v2.0 enable your rails application"
-      s.files             = Dir["**/*.*"]
-      s.has_rdoc          = false
-      s.extra_rdoc_files  = ["README.textile", "MIT-LICENSE.txt"]
+namespace :release do
+  
+  desc 'Update the changelog'
+  task :changelog do
+    File.open(File.join(File.dirname(__FILE__), '..', 'CHANGELOG'), 'w+') do |changelog|
+      `git log -z --abbrev-commit vendor/plugins/oauth2_provider`.split("\0").each do |commit|
+        next if commit =~ /^Merge: \d*/
+        ref, author, time, _, title, _, message = commit.split("\n", 7)
+        ref    = ref[/commit ([0-9a-f]+)/, 1]
+        author = author[/Author: (.*)/, 1].strip
+        time   = Time.parse(time[/Date: (.*)/, 1]).utc
+        title.strip!
+
+        changelog.puts "[#{ref} | #{time}] #{author}"
+        changelog.puts '', "  * #{title}"
+        changelog.puts '', message.rstrip if message
+        changelog.puts
+      end
+    end
+  end
+  
+  desc 'Create the oauth2_provider gem'
+  task :gem => :changelog do
+    Rake::Task[:copyright].invoke
+    cd File.join(File.expand_path(File.dirname(__FILE__)), '..') do
+
+      cp "#{RAILS_ROOT}/../README.textile", '.', :verbose => false
+      cp "#{RAILS_ROOT}/../MIT-LICENSE.txt", '.', :verbose => false
+
+      spec = Gem::Specification.new do |s|
+        s.name = "oauth2_provider"
+        s.version           = "0.1.0"
+        s.author            = "ThoughtWorks, Inc."
+        s.email             = "ketan@thoughtworks.com"
+        s.homepage          = "http://github.com/ThoughtWorksStudios/oauth2_provider"
+        s.platform          = Gem::Platform::RUBY
+        s.summary           = "A Rails plugin to OAuth v2.0 enable your rails application"
+        s.description       = "A Rails plugin to OAuth v2.0 enable your rails application. This plugin implements v09 of the OAuth2 draft spec http://tools.ietf.org/html/draft-ietf-oauth-v2-09."
+        s.files             = Dir["**/*.*"] + ["#{s.name}.gemspec", "README.textile", "CHANGELOG"]
+        s.has_rdoc          = false
+        s.extra_rdoc_files  = ["README.textile", "MIT-LICENSE.txt"]
+      end
+      
+      File.open("#{spec.name}.gemspec", "w") { |f| f << spec.to_ruby }
+      
+      sh "gem build #{spec.name}.gemspec"
+      
+      # move it into a proper directory
+      rm_rf "#{RAILS_ROOT}/pkg", :verbose => false
+      mkdir "#{RAILS_ROOT}/pkg", :verbose => false
+      mv "#{spec.name}-#{spec.version}.gem", "#{RAILS_ROOT}/pkg", :verbose => false
+
+      #cleanup
+      rm "README.textile", :verbose => false
+      rm "MIT-LICENSE.txt", :verbose => false
     end
-    File.open("oauth2_provider.gemspec", "w") { |f| f << spec.to_ruby }
-    rm_rf "#{RAILS_ROOT}/pkg"
-    sh "gem build #{spec.name}.gemspec"
-    mkdir "#{RAILS_ROOT}/pkg"
-    mv "#{spec.name}-#{spec.version}.gem", "#{RAILS_ROOT}/pkg"
+  end
+  
+  desc 'Push the gem out to gemcutter'
+  task :push => [:test, :gem] do
+    
+    puts <<-INSTRUCTIONS
     
-    rm "README.textile"
-    rm "MIT-LICENSE.txt"
+      ==============================================================
+      Instructions before you push out:
+      * Make sure everything is good
+      * Bump the version number in the `gem.rake' file
+      * Check in
+      * Run this task again to:
+        * verify everything is good
+        * generate a new gem with the new version number
+      * Create a tag in git:
+        $ git tag -a -m 'Tag for version X.Y.Z' 'vX.Y.Z'
+        $ gem push pkg/oauth2_provider-X.Y.Z.gem
+      ==============================================================
+    INSTRUCTIONS
+    # sh("gem push pkg/*.gem") do |res, ok|
+    #   raise 'Could not push gem' if !ok
+    # end
   end
+
 end

metadata

@@ -1,7 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: oauth2_provider
 version: !ruby/object:Gem::Version 
-  version: 0.0.1
+  hash: 27
+  prerelease: false
+  segments: 
+  - 0
+  - 1
+  - 0
+  version: 0.1.0
 platform: ruby
 authors: 
 - ThoughtWorks, Inc.
@@ -9,11 +15,11 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-07-22 00:00:00 -07:00
+date: 2010-07-23 00:00:00 -07:00
 default_executable: 
 dependencies: []
 
-description: A Rails plugin to OAuth v2.0 enable your rails application
+description: A Rails plugin to OAuth v2.0 enable your rails application. This plugin implements v09 of the OAuth2 draft spec http://tools.ietf.org/html/draft-ietf-oauth-v2-09.
 email: ketan@thoughtworks.com
 executables: []
 
@@ -46,9 +52,12 @@ files:
 - init.rb
 - lib/oauth2/provider/application_controller_methods.rb
 - lib/oauth2/provider/clock.rb
+- lib/oauth2_provider.rb
 - MIT-LICENSE.txt
+- oauth2_provider.gemspec
 - README.textile
 - tasks/gem.rake
+- CHANGELOG
 has_rdoc: true
 homepage: http://github.com/ThoughtWorksStudios/oauth2_provider
 licenses: []
@@ -59,21 +68,27 @@ rdoc_options: []
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
       version: "0"
-  version: 
 required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
       version: "0"
-  version: 
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.3.5
+rubygems_version: 1.3.7
 signing_key: 
 specification_version: 3
 summary: A Rails plugin to OAuth v2.0 enable your rails application