oauth2_provider 0.0.1 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
data/CHANGELOG ADDED
@@ -0,0 +1,296 @@
1
+ [20b81b6 | Sat Jul 24 00:30:26 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
2
+
3
+ * Bump up version number for release.
4
+
5
+ [9ff5a1e | Sat Jul 24 00:27:04 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
6
+
7
+ * Add tasks to check license notices before creating the gem.
8
+
9
+ [7b6ad1e | Fri Jul 23 20:43:55 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
10
+
11
+ * A workaround for the "A copy of ApplicationController has been removed from the module tree but is still active!" error.
12
+
13
+ See:
14
+ * https://rails.lighthouseapp.com/projects/8994/tickets/2948
15
+ * https://rails.lighthouseapp.com/projects/8994/tickets/2873
16
+
17
+ [961a5dd | Fri Jul 23 18:31:00 UTC 2010] David Rice <david.rice@gmail.com>
18
+
19
+ * fix development environment hack
20
+
21
+ [2d4c7bf | Fri Jul 23 18:26:11 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
22
+
23
+ * Add Copyright notice and MIT License reference in all ruby scripts
24
+
25
+ [155723e | Thu Jul 22 23:24:21 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
26
+
27
+ * Fix the generator to not die out on a missing db/migrate directory.
28
+
29
+ [d04ea6b | Thu Jul 22 20:28:26 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
30
+
31
+ * Updated the gem task with the correct information.
32
+
33
+ [a8cbece | Thu Jul 22 20:16:51 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
34
+
35
+ * Add MIT license, update readme with the new license text.
36
+
37
+ [91fe9a7 | Thu Jul 22 17:40:17 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
38
+
39
+ * updated Readme
40
+
41
+ [659d8e9 | Wed Jul 21 00:30:42 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
42
+
43
+ * Add a task to generate a nice gem.
44
+
45
+ [4ff4ce2 | Tue Jul 20 20:16:58 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
46
+
47
+ * Add a generator plugin that generates the right db migrations and initializer when executed.
48
+
49
+ [4298f4c | Tue Jul 20 18:36:42 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
50
+
51
+ * remove all hooks; host apps now required to supply initializer to configure plugin controller
52
+
53
+ [45d1e73 | Mon Jul 19 21:39:35 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
54
+
55
+ * Explicitly set the controller class in the link, this is needed as a workaround for mingle because it seems to monkey patch link_to in order to check if the user has access to the particular resource.
56
+
57
+ [1423124 | Mon Jul 19 20:35:03 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
58
+
59
+ * Fix the readme to add new callback api and a recent change in the name of the 'skip_authentication' method.
60
+
61
+ [0e1fff1 | Mon Jul 19 20:31:55 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
62
+
63
+ * Fix broken HTML when rendering the table containing oauth tokens for a user.
64
+
65
+ [050d930 | Mon Jul 19 20:31:30 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
66
+
67
+ * Ensure that the user_tokens controller uses the correct HTTP methods for its actions.
68
+
69
+ [6a122da | Mon Jul 19 20:30:53 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
70
+
71
+ * Added callbacks to skip filters for the OAuth2 CRUD controllers that are setup by the host app.
72
+
73
+ [70a9b8f | Fri Jul 16 22:13:51 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
74
+
75
+ * Added support for sending blocks to 'oauth_allowed' method that returns a boolean in addition to the :only and :except options.
76
+
77
+ This is similar to rails' before/after filters.
78
+
79
+ [e5f1ce5 | Fri Jul 16 22:11:31 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
80
+
81
+ * Renamed the 'skip_authentication' method to 'skip_authentication_for_oauth' to reflect that this is used by oauth, and 'skip_authentication' is a bit confusing as to "why this is needed ?"
82
+
83
+ [61e1a73 | Fri Jul 16 22:10:42 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
84
+
85
+ * Renamed the 'current_user_id' method to 'current_user_id_for_oauth' to reflect that this is used by oauth.
86
+
87
+ [a2fe95e | Thu Jul 15 16:05:25 UTC 2010] David Rice <david.rice@gmail.com>
88
+
89
+ * fix plugin reload issue in dev env
90
+
91
+ [17bcef3 | Thu Jul 15 00:06:20 UTC 2010] David Rice <david.rice@gmail.com>
92
+
93
+ * fix some issues with sample host app and message for authorization
94
+
95
+ [6b1acac | Tue Jul 13 23:46:36 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
96
+
97
+ * now there's a general hook for skipping auth on get_token action
98
+
99
+ [646b57c | Tue Jul 13 23:18:02 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
100
+
101
+ * README file
102
+
103
+ [bb7f271 | Tue Jul 13 21:00:30 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
104
+
105
+ * minors changes to readme
106
+
107
+ [611bbd3 | Mon Jul 12 18:30:12 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
108
+
109
+ * #20 - implement refresh-token grant type; for now refresh tokens do not expire
110
+
111
+ [783c9be | Fri Jul 09 21:56:31 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
112
+
113
+ * delete the authorization code premptively if the client_id and client_secret do not match.
114
+
115
+ [902a7b7 | Fri Jul 09 21:24:40 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
116
+
117
+ * split the oauth_token model into two. There is now an oauth_token and an oauth_authorization
118
+
119
+ [7fb59bd | Fri Jul 09 20:23:31 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
120
+
121
+ * add verification instructions to README
122
+
123
+ [5b35a0a | Fri Jul 09 18:49:12 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
124
+
125
+ * Added a more detailed README file.
126
+
127
+ [3f0ebe2 | Fri Jul 09 16:37:51 UTC 2010] David Rice <david.rice@gmail.com>
128
+
129
+ * remove obsolete secure_random implementation
130
+
131
+ [ba4ccdd | Fri Jul 09 16:18:51 UTC 2010] David Rice <david.rice@gmail.com>
132
+
133
+ * remove now redundant foreign_key option for token <> client relationship
134
+
135
+ [ef2c6e7 | Fri Jul 09 16:11:45 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
136
+
137
+ * change from o_auth to oauth in all file and class names as it was annoying everyone
138
+
139
+ [17aadda | Thu Jul 08 18:52:59 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
140
+
141
+ * The controller was unable to identify oauth requests because it was looking at the params instead of the 'Authorization' header.
142
+
143
+ See:
144
+ * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-5.1.1
145
+
146
+ [152dfae | Thu Jul 08 01:15:38 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
147
+
148
+ * #21 - added a screen that allows a logged in user to revoke oauth tokens
149
+
150
+ [8a60621 | Thu Jul 08 00:35:22 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
151
+
152
+ * #21 - added a screen that lists out tokens for the logged in user
153
+
154
+ [a562d5c | Wed Jul 07 23:42:02 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
155
+
156
+ * #15 - add fairly pathetic URL validation for client redirect_uri
157
+
158
+ [7ea201d | Wed Jul 07 23:22:46 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
159
+
160
+ * added tests for the oauth client controller CRUD
161
+
162
+ [e2345c5 | Wed Jul 07 22:44:07 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
163
+
164
+ * #15 try integrate provider with gadget rendering server, fix conditional routes, make oauth protected action look at header instead of query parameter
165
+
166
+ [2303d17 | Wed Jul 07 21:52:06 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
167
+
168
+ * #15 - remove oauth param helper
169
+
170
+ [c9959bc | Wed Jul 07 21:44:12 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
171
+
172
+ * #15 - the /oauth/token endpoint is POST only.
173
+
174
+ [9e3ea87 | Wed Jul 07 21:28:00 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
175
+
176
+ * #15 - only access authorize request via POST method
177
+
178
+ [b185305 | Wed Jul 07 20:01:11 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
179
+
180
+ * Some rails convention over configuration yakshaving for moving our oauth_client CRUD behind a different url under a '/oauth' namespace.
181
+
182
+ [03749ba | Wed Jul 07 00:40:10 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
183
+
184
+ * Add support for an OPTIONAL state param for the /authorize endpoint
185
+
186
+ See:
187
+ * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-3
188
+
189
+ [18676f8 | Tue Jul 06 23:45:44 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
190
+
191
+ * renamed the association between oauth tokens and oauth clients
192
+
193
+ [6fb7a91 | Tue Jul 06 23:39:24 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
194
+
195
+ * #15 - fix some class loading issues; unfortunately we are no longer using hooks, but requiring code be written within the host app itself
196
+
197
+ [af8e619 | Tue Jul 06 23:27:28 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
198
+
199
+ * moved things into correct namespaces.
200
+
201
+ [f5b7d9a | Tue Jul 06 22:06:10 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
202
+
203
+ * moving a file
204
+
205
+ [9b52a22 | Tue Jul 06 21:53:00 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
206
+
207
+ * #15 - fix incorrect storage of oauth_options in controller classes
208
+
209
+ [9142343 | Tue Jul 06 21:09:51 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
210
+
211
+ * #15 - added hooks for allowing oauth access to application actions
212
+
213
+ [21776d0 | Tue Jul 06 17:48:06 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
214
+
215
+ * #15 - access tokens now have 90 days validity
216
+
217
+ [8272aba | Fri Jul 02 02:07:42 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
218
+
219
+ * Added validations around /authorize?response_type=code.
220
+
221
+ Currently the only response_type allowed is 'code'.
222
+
223
+ See:
224
+ * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-3
225
+ * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-3.2.1
226
+
227
+ [21f0705 | Thu Jul 01 22:10:46 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
228
+
229
+ * Ensure that token expires in 1 hour after it is created.
230
+
231
+ [1cba937 | Thu Jul 01 22:05:50 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
232
+
233
+ * The /authorize action gives a token that is valid for 1 hour(default)
234
+
235
+ See:
236
+ * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-3.1
237
+
238
+ [d7f0402 | Thu Jul 01 20:06:24 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
239
+
240
+ * #17 - /token?grant_type=authorization-code
241
+
242
+ Disallow posting same authorization code twice.
243
+
244
+ See:
245
+
246
+ * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-3.1
247
+ * http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-4.3.1
248
+
249
+ [85d2374 | Thu Jul 01 07:12:23 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
250
+
251
+ * Ensure that the 'expires_in' and 'refresh_token' are rendered as part of /authorize?grant_type=authorization_code
252
+
253
+ [2f84103 | Thu Jul 01 05:45:44 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
254
+
255
+ * Take control of time, we need to test the token expiry.
256
+
257
+ [110c309 | Wed Jun 30 22:50:14 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
258
+
259
+ * added a happy path for getting access tokens. need to work on edge cases
260
+
261
+ [15846ec | Wed Jun 30 21:45:32 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
262
+
263
+ * redirect_uri is now a required param for requesting authorization code
264
+
265
+ [56836ba | Wed Jun 30 20:49:57 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
266
+
267
+ * moved a file into the vendor/plugin
268
+
269
+ [411f559 | Wed Jun 30 19:20:20 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
270
+
271
+ * #15 - we can now provide an authorization code; validations should be complete too.
272
+
273
+ [89202cf | Wed Jun 30 01:10:10 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
274
+
275
+ * added some controller tests for the authorization controller
276
+
277
+ [10ad5c5 | Tue Jun 29 22:14:25 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
278
+
279
+ * fixed an error caused because of the user logging out
280
+
281
+ [635cfc8 | Tue Jun 29 22:09:36 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
282
+
283
+ * adding scaffold for creating users and managing user sessions.
284
+
285
+ [2ab3793 | Tue Jun 29 21:42:16 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
286
+
287
+ * adding some gems to enable user auth
288
+
289
+ [5d45d38 | Tue Jun 29 21:21:10 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
290
+
291
+ * KP/SJ #15 more setup
292
+
293
+ [2c6ef15 | Tue Jun 29 20:49:06 UTC 2010] Sherry Jin <sjin@thoughtworks.com>
294
+
295
+ * KP/SJ #15 can keep track of authorized clients
296
+
data/README.textile CHANGED
@@ -5,9 +5,13 @@ The latest version of the spec is available at "http://tools.ietf.org/html/draft
5
5
 
6
6
  Currently only the web-server profile "http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-1.4.1":http://tools.ietf.org/html/draft-ietf-oauth-v2-09#section-1.4.1 is supported.
7
7
 
8
+ h1. Hacking/Contributing
9
+
10
+ See "HACKING.textile":HACKING.textile for information on how to hack on this code.
11
+
8
12
  h1. What is OAuth?
9
13
 
10
- OAuth is an open-source specification for building a framework for allowing a third-party app (the "client") to access protected resources from another application (the "provider," or "resource owner") at the request of a "user" of the client app. Oauth allows the user to enter his user credentials (ex. username and password) only to the provider app, which then grants the client app permission to view the protected resources on behalf of the user.
14
+ OAuth is an open-source specification for building a framework for allowing a third-party app (the "client") to access protected resources from another application (the "provider," or "resource owner") at the request of a "user" of the client app. Oauth allows the user to enter his user credentials (ex. username and password) only to the provider app, which then grants the client app permission to view the protected resources on behalf of the user.
11
15
 
12
16
  A very good overview of the basic OAuth workflow is "here":http://hueniverse.com/2007/10/beginners-guide-to-oauth-part-ii-protocol-workflow/.
13
17
 
@@ -57,7 +61,20 @@ It is the responsibility of the host application to avoid routing conflicts. The
57
61
 
58
62
  h1. Installation
59
63
 
60
- Copy the plugin into your rails application's vendor/plugins directory.
64
+ $ [sudo] gem install oauth2_provider
65
+
66
+ Add the following to your RAILS_ROOT/config/environment.rb:
67
+
68
+ <pre>
69
+ Rails::Initializer.run do |config|
70
+ config.gem 'oauth2_provider'
71
+ end
72
+ </pre>
73
+
74
+ We recommend that you vendor all your gems:
75
+
76
+ $ rake gems:unpack
77
+ $ rake gems:unpack:dependencies
61
78
 
62
79
  Execute the configuration script from your RAILS_ROOT:
63
80
 
@@ -71,9 +88,14 @@ This will create:
71
88
 
72
89
  h2. Configuration
73
90
 
74
- h3. Host Application
91
+ h3. Database
75
92
 
76
- h4. Rails initializer
93
+ This plugin stores OAuth2 client, authorization codes, and access token into a DB table. It is therefore required that a host app create the necessary ActiveRecord migrations in their application.
94
+
95
+ * In your RAILS_ROOT, run rake db:migrate, this will run all the migrations that were created as when you executed the oauth2_provider generator. You can't do this step until you do the initializers file.
96
+
97
+
98
+ h3. Rails initializer
77
99
 
78
100
  Edit the file config/initializers/oauth2_provider.rb in which you
79
101
  * must call filter skipping methods on OauthTokenController, ensuring any authentication filters to not run for this controllers actions
@@ -95,11 +117,10 @@ module Oauth2
95
117
 
96
118
  end
97
119
  end
98
-
99
120
  </pre>
100
121
 
101
122
 
102
- h4. ApplicationController
123
+ h3. ApplicationController
103
124
 
104
125
  Make the following changes:
105
126
  * Include Oauth2::Provider::ApplicationControllerMethods module
@@ -195,7 +216,7 @@ class ApplicationController < ActionController::Base
195
216
  end
196
217
  </pre>
197
218
 
198
- h4. Oauth enable particular controller actions
219
+ h3. Oauth enable particular controller actions
199
220
 
200
221
  By default, no action supports OAuth. That is, if you would like for OAuth to work for any particular action you must declare that in the controller. Below is a simple example where a concrete controller definition specifies where Oauth is allowed. If you look at the plugin source you'll see that oauth_allowed can also be passed a block, returning true or false, for more sophisticated implementations.
201
222
 
@@ -219,14 +240,9 @@ class ProtectedResourceController < ApplicationController
219
240
  end
220
241
  </pre>
221
242
 
222
- h3. Database
223
-
224
- This plugin stores OAuth2 client, authorization codes, and access token into a DB table. It is therefore required that a host app create the necessary ActiveRecord migrations in their application.
225
-
226
- * In your RAILS_ROOT, run rake db:migrate, this will run all the migrations that were created as when you executed the oauth2_provider generator. You can't do this step until you do the initializers file.
227
243
 
228
244
 
229
- h1. Verify plugin working correctly in your application
245
+ h1. Verify that everything is working correctly!
230
246
 
231
247
  * OAuth enable the actions for which you wish to allow OAuth as an authentication means
232
248
  * Setup a new OAuth client at /oauth/clients
@@ -244,13 +260,13 @@ h1. Verify plugin working correctly in your application
244
260
  * You should expect to see the contents of the protected resource now.
245
261
 
246
262
 
247
- h1. License (Stuff that lawyers make us say)
263
+ h1. License
248
264
 
249
265
  OAuth2 Provider Generator is MIT Licensed.
250
266
 
251
267
  The MIT License
252
268
 
253
- Copyright © 2010 ThoughtWorks, Inc. (http://thoughtworks.com)
269
+ Copyright (c) 2010 ThoughtWorks, Inc. (http://thoughtworks.com)
254
270
 
255
271
  Permission is hereby granted, free of charge, to any person obtaining a copy
256
272
  of this software and associated documentation files (the “Software”), to deal
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  module Oauth2
2
5
  module Provider
3
6
  class OauthAuthorizeController < ::ApplicationController
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  module Oauth2
2
5
  module Provider
3
6
  class OauthClientsController < ApplicationController
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  module Oauth2
2
5
  module Provider
3
6
  class OauthTokenController < ApplicationController
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  module Oauth2
2
5
  module Provider
3
6
  class OauthUserTokensController < ApplicationController
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  module Oauth2
2
5
  module Provider
3
6
  class OauthAuthorization < ::ActiveRecord::Base
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  module Oauth2
2
5
  module Provider
3
6
  class OauthClient < ActiveRecord::Base
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  module Oauth2
2
5
  module Provider
3
6
  class OauthToken < ::ActiveRecord::Base
data/config/routes.rb CHANGED
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  ActionController::Routing::Routes.draw do |map|
2
5
 
3
6
  map.resources :oauth_clients, :controller => 'Oauth2::Provider::OauthClients', :as => 'oauth/clients'
@@ -1,8 +1,12 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  class Oauth2ProviderGenerator < Rails::Generator::Base
2
5
  def manifest
3
6
  record do |m|
4
7
  m.template 'config/initializers/oauth2_provider.rb', "config/initializers/oauth2_provider.rb"
5
-
8
+
9
+ m.directory 'db/migrate'
6
10
  ['create_oauth_clients', 'create_oauth_tokens', 'create_oauth_authorizations'].each_with_index do |file_name, index|
7
11
  m.template "db/migrate/#{file_name}.rb", "db/migrate/#{version_with_prefix(index)}_#{file_name}.rb", :migration_file_name => file_name
8
12
  end
@@ -1,9 +1,24 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  module Oauth2
2
5
  module Provider
3
6
 
4
7
  raise 'OAuth2 provider not configured yet!'
5
8
  # please go through the readme and configure this file before you can use this plugin!
6
9
 
10
+ # A fix for the stupid "A copy of ApplicationController has been removed from the module tree but is still active!"
11
+ # error message that is caused in rails >= v2.3.3
12
+ #
13
+ # This error is caused because the application controller is unloaded but, the controllers in the plugin are still
14
+ # referring to the super class that is unloaded!
15
+ #
16
+ # Uncommenting these lines fixes the issue, but makes the ApplicationController not reloadable in dev mode.
17
+ #
18
+ # if RAILS_ENV == 'development'
19
+ # ActiveSupport::Dependencies.load_once_paths << File.join(RAILS_ROOT, 'app/controllers/application_controller')
20
+ # end
21
+
7
22
  # make sure no authentication for OauthTokenController
8
23
  OauthTokenController.skip_before_filter(:login_required)
9
24
 
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  class CreateOauthAuthorizations < ActiveRecord::Migration
2
5
  def self.up
3
6
  create_table :oauth_authorizations do |t|
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  class CreateOauthClients < ActiveRecord::Migration
2
5
  def self.up
3
6
  create_table :oauth_clients do |t|
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  class CreateOauthTokens < ActiveRecord::Migration
2
5
  def self.up
3
6
  create_table :oauth_tokens do |t|
data/init.rb CHANGED
@@ -1,3 +1,5 @@
1
- if RAILS_ENV == 'development'
2
- ActiveSupport::Dependencies.load_once_paths.reject!{|x| x =~ /^#{Regexp.escape(File.dirname(__FILE__))}/}
3
- end
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
4
+ # DO NOT REMOVE
5
+ # this file is required when this plugin is used as a plugin!
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  module Oauth2
2
5
  module Provider
3
6
  module ApplicationControllerMethods
@@ -1,3 +1,6 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  module Oauth2
2
5
  module Provider
3
6
 
@@ -0,0 +1,5 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
4
+ # DO NOT REMOVE
5
+ # this file is required when this plugin is used as a gem!
@@ -0,0 +1,28 @@
1
+ # -*- encoding: utf-8 -*-
2
+
3
+ Gem::Specification.new do |s|
4
+ s.name = %q{oauth2_provider}
5
+ s.version = "0.1.0"
6
+
7
+ s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
8
+ s.authors = ["ThoughtWorks, Inc."]
9
+ s.date = %q{2010-07-23}
10
+ s.description = %q{A Rails plugin to OAuth v2.0 enable your rails application. This plugin implements v09 of the OAuth2 draft spec http://tools.ietf.org/html/draft-ietf-oauth-v2-09.}
11
+ s.email = %q{ketan@thoughtworks.com}
12
+ s.extra_rdoc_files = ["README.textile", "MIT-LICENSE.txt"]
13
+ s.files = ["app/controllers/oauth2/provider/oauth_authorize_controller.rb", "app/controllers/oauth2/provider/oauth_clients_controller.rb", "app/controllers/oauth2/provider/oauth_token_controller.rb", "app/controllers/oauth2/provider/oauth_user_tokens_controller.rb", "app/models/oauth2/provider/oauth_authorization.rb", "app/models/oauth2/provider/oauth_client.rb", "app/models/oauth2/provider/oauth_token.rb", "app/views/oauth2/provider/layouts/oauth_clients.html.erb", "app/views/oauth2/provider/oauth_authorize/index.html.erb", "app/views/oauth2/provider/oauth_clients/edit.html.erb", "app/views/oauth2/provider/oauth_clients/index.html.erb", "app/views/oauth2/provider/oauth_clients/new.html.erb", "app/views/oauth2/provider/oauth_clients/show.html.erb", "app/views/oauth2/provider/oauth_user_tokens/index.html.erb", "config/routes.rb", "generators/oauth2_provider/oauth2_provider_generator.rb", "generators/oauth2_provider/templates/config/initializers/oauth2_provider.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_authorizations.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_clients.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_tokens.rb", "init.rb", "lib/oauth2/provider/application_controller_methods.rb", "lib/oauth2/provider/clock.rb", "lib/oauth2_provider.rb", "MIT-LICENSE.txt", "oauth2_provider.gemspec", "README.textile", "tasks/gem.rake", "CHANGELOG"]
14
+ s.homepage = %q{http://github.com/ThoughtWorksStudios/oauth2_provider}
15
+ s.require_paths = ["lib"]
16
+ s.rubygems_version = %q{1.3.7}
17
+ s.summary = %q{A Rails plugin to OAuth v2.0 enable your rails application}
18
+
19
+ if s.respond_to? :specification_version then
20
+ current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
21
+ s.specification_version = 3
22
+
23
+ if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
24
+ else
25
+ end
26
+ else
27
+ end
28
+ end
data/tasks/gem.rake CHANGED
@@ -1,33 +1,88 @@
1
+ # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
2
+ # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
3
+
1
4
  require 'rubygems'
2
5
  require 'rake/gempackagetask'
3
6
 
4
- desc 'Create a the oauth2_provider gem'
5
- task :gem do
6
- cd File.join(File.expand_path(File.dirname(__FILE__)), '..') do
7
-
8
- cp "#{RAILS_ROOT}/../README.textile", '.'
9
- cp "#{RAILS_ROOT}/../MIT-LICENSE.txt", '.'
10
-
11
- spec = Gem::Specification.new do |s|
12
- s.name = "oauth2_provider"
13
- s.version = "0.0.1"
14
- s.author = "ThoughtWorks, Inc."
15
- s.email = "ketan@thoughtworks.com"
16
- s.homepage = "http://github.com/ThoughtWorksStudios/oauth2_provider"
17
- s.platform = Gem::Platform::RUBY
18
- s.summary = "A Rails plugin to OAuth v2.0 enable your rails application"
19
- s.description = "A Rails plugin to OAuth v2.0 enable your rails application"
20
- s.files = Dir["**/*.*"]
21
- s.has_rdoc = false
22
- s.extra_rdoc_files = ["README.textile", "MIT-LICENSE.txt"]
7
+ namespace :release do
8
+
9
+ desc 'Update the changelog'
10
+ task :changelog do
11
+ File.open(File.join(File.dirname(__FILE__), '..', 'CHANGELOG'), 'w+') do |changelog|
12
+ `git log -z --abbrev-commit vendor/plugins/oauth2_provider`.split("\0").each do |commit|
13
+ next if commit =~ /^Merge: \d*/
14
+ ref, author, time, _, title, _, message = commit.split("\n", 7)
15
+ ref = ref[/commit ([0-9a-f]+)/, 1]
16
+ author = author[/Author: (.*)/, 1].strip
17
+ time = Time.parse(time[/Date: (.*)/, 1]).utc
18
+ title.strip!
19
+
20
+ changelog.puts "[#{ref} | #{time}] #{author}"
21
+ changelog.puts '', " * #{title}"
22
+ changelog.puts '', message.rstrip if message
23
+ changelog.puts
24
+ end
25
+ end
26
+ end
27
+
28
+ desc 'Create the oauth2_provider gem'
29
+ task :gem => :changelog do
30
+ Rake::Task[:copyright].invoke
31
+ cd File.join(File.expand_path(File.dirname(__FILE__)), '..') do
32
+
33
+ cp "#{RAILS_ROOT}/../README.textile", '.', :verbose => false
34
+ cp "#{RAILS_ROOT}/../MIT-LICENSE.txt", '.', :verbose => false
35
+
36
+ spec = Gem::Specification.new do |s|
37
+ s.name = "oauth2_provider"
38
+ s.version = "0.1.0"
39
+ s.author = "ThoughtWorks, Inc."
40
+ s.email = "ketan@thoughtworks.com"
41
+ s.homepage = "http://github.com/ThoughtWorksStudios/oauth2_provider"
42
+ s.platform = Gem::Platform::RUBY
43
+ s.summary = "A Rails plugin to OAuth v2.0 enable your rails application"
44
+ s.description = "A Rails plugin to OAuth v2.0 enable your rails application. This plugin implements v09 of the OAuth2 draft spec http://tools.ietf.org/html/draft-ietf-oauth-v2-09."
45
+ s.files = Dir["**/*.*"] + ["#{s.name}.gemspec", "README.textile", "CHANGELOG"]
46
+ s.has_rdoc = false
47
+ s.extra_rdoc_files = ["README.textile", "MIT-LICENSE.txt"]
48
+ end
49
+
50
+ File.open("#{spec.name}.gemspec", "w") { |f| f << spec.to_ruby }
51
+
52
+ sh "gem build #{spec.name}.gemspec"
53
+
54
+ # move it into a proper directory
55
+ rm_rf "#{RAILS_ROOT}/pkg", :verbose => false
56
+ mkdir "#{RAILS_ROOT}/pkg", :verbose => false
57
+ mv "#{spec.name}-#{spec.version}.gem", "#{RAILS_ROOT}/pkg", :verbose => false
58
+
59
+ #cleanup
60
+ rm "README.textile", :verbose => false
61
+ rm "MIT-LICENSE.txt", :verbose => false
23
62
  end
24
- File.open("oauth2_provider.gemspec", "w") { |f| f << spec.to_ruby }
25
- rm_rf "#{RAILS_ROOT}/pkg"
26
- sh "gem build #{spec.name}.gemspec"
27
- mkdir "#{RAILS_ROOT}/pkg"
28
- mv "#{spec.name}-#{spec.version}.gem", "#{RAILS_ROOT}/pkg"
63
+ end
64
+
65
+ desc 'Push the gem out to gemcutter'
66
+ task :push => [:test, :gem] do
67
+
68
+ puts <<-INSTRUCTIONS
29
69
 
30
- rm "README.textile"
31
- rm "MIT-LICENSE.txt"
70
+ ==============================================================
71
+ Instructions before you push out:
72
+ * Make sure everything is good
73
+ * Bump the version number in the `gem.rake' file
74
+ * Check in
75
+ * Run this task again to:
76
+ * verify everything is good
77
+ * generate a new gem with the new version number
78
+ * Create a tag in git:
79
+ $ git tag -a -m 'Tag for version X.Y.Z' 'vX.Y.Z'
80
+ $ gem push pkg/oauth2_provider-X.Y.Z.gem
81
+ ==============================================================
82
+ INSTRUCTIONS
83
+ # sh("gem push pkg/*.gem") do |res, ok|
84
+ # raise 'Could not push gem' if !ok
85
+ # end
32
86
  end
87
+
33
88
  end
metadata CHANGED
@@ -1,7 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: oauth2_provider
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.1
4
+ hash: 27
5
+ prerelease: false
6
+ segments:
7
+ - 0
8
+ - 1
9
+ - 0
10
+ version: 0.1.0
5
11
  platform: ruby
6
12
  authors:
7
13
  - ThoughtWorks, Inc.
@@ -9,11 +15,11 @@ autorequire:
9
15
  bindir: bin
10
16
  cert_chain: []
11
17
 
12
- date: 2010-07-22 00:00:00 -07:00
18
+ date: 2010-07-23 00:00:00 -07:00
13
19
  default_executable:
14
20
  dependencies: []
15
21
 
16
- description: A Rails plugin to OAuth v2.0 enable your rails application
22
+ description: A Rails plugin to OAuth v2.0 enable your rails application. This plugin implements v09 of the OAuth2 draft spec http://tools.ietf.org/html/draft-ietf-oauth-v2-09.
17
23
  email: ketan@thoughtworks.com
18
24
  executables: []
19
25
 
@@ -46,9 +52,12 @@ files:
46
52
  - init.rb
47
53
  - lib/oauth2/provider/application_controller_methods.rb
48
54
  - lib/oauth2/provider/clock.rb
55
+ - lib/oauth2_provider.rb
49
56
  - MIT-LICENSE.txt
57
+ - oauth2_provider.gemspec
50
58
  - README.textile
51
59
  - tasks/gem.rake
60
+ - CHANGELOG
52
61
  has_rdoc: true
53
62
  homepage: http://github.com/ThoughtWorksStudios/oauth2_provider
54
63
  licenses: []
@@ -59,21 +68,27 @@ rdoc_options: []
59
68
  require_paths:
60
69
  - lib
61
70
  required_ruby_version: !ruby/object:Gem::Requirement
71
+ none: false
62
72
  requirements:
63
73
  - - ">="
64
74
  - !ruby/object:Gem::Version
75
+ hash: 3
76
+ segments:
77
+ - 0
65
78
  version: "0"
66
- version:
67
79
  required_rubygems_version: !ruby/object:Gem::Requirement
80
+ none: false
68
81
  requirements:
69
82
  - - ">="
70
83
  - !ruby/object:Gem::Version
84
+ hash: 3
85
+ segments:
86
+ - 0
71
87
  version: "0"
72
- version:
73
88
  requirements: []
74
89
 
75
90
  rubyforge_project:
76
- rubygems_version: 1.3.5
91
+ rubygems_version: 1.3.7
77
92
  signing_key:
78
93
  specification_version: 3
79
94
  summary: A Rails plugin to OAuth v2.0 enable your rails application