oauth2_provider 0.1.0 → 0.2.0

data/CHANGELOG

@@ -1,3 +1,97 @@
+[f15eb88 | Tue Aug 31 23:25:50 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Bumping up version number for a 0.2.0 release!
+
+[05c5534 | Wed Aug 25 17:40:04 UTC 2010] Janmejay Singh <singh.janmejay@gmail.com>
+
+  * plugin when loaded in jruby/rails app(initialized by jruby-rack servlet), in production mode, was failing to find files/load missing constants(even though files are present in path). Fixed the problem by eger loading necessary files.
+
+[79c14f0 | Mon Aug 23 18:24:17 UTC 2010] David Rice <david.rice@gmail.com>
+
+  * add ids and classes to HTML to allow for styling by host application; remove oauth client show view as it was redundant to the list view
+
+[0ff4cc7 | Tue Aug 10 21:23:00 UTC 2010] Janmejay Singh <singh.janmejay@gmail.com>
+
+  * allowed silencing 'using datasource...' message by an environment variable, message is shown unless ENV['LOAD_OAUTH_SILENTLY'] is set
+
+[c59ef9f | Tue Aug 10 20:43:53 UTC 2010] Janmejay Singh <singh.janmejay@gmail.com>
+
+  * added environment variables to make route prefixing possible
+
+[e051873 | Fri Aug 06 02:18:36 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * user_id_for_oauth_access_token is nil if the token passed using the 'Authorization' header has expired.
+
+[740104a | Fri Aug 06 01:19:28 UTC 2010] Janmejay Singh <singh.janmejay@gmail.com>
+
+  * refactored model_base to pick datasource using a method instead of @@datasource, this makes it easy for plugin users to override what datasource instance is used. jruby-rack initializes @app on first request(insteed of servlet initialization), so it is important to do this lazily
+
+[a3728a9 | Fri Aug 06 01:16:27 UTC 2010] Janmejay Singh <singh.janmejay@gmail.com>
+
+  * user level service approval now has forgery protection enabled + disabled forgery_protection for api request(/oauth/token)
+
+[2145cd2 | Tue Aug 03 18:15:15 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Fixed url munging issues because our model objects are not AR based. Duck typing!!
+
+[c6d43b3 | Mon Aug 02 17:37:14 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * KP/WPC -
+
+    * Autodiscover the datasource based on whether ActiveRecord is available.
+    * Default to using InMemoryDatasource if ActiveRecord is not available, and print a warning.
+
+[ddc56ca | Sat Jul 31 00:55:47 UTC 2010] wpc <alex.hal9000@gmail.com>
+
+  * Specify data type for column for ModelBase. (by default is string type)
+
+[9546cd7 | Fri Jul 30 23:22:43 UTC 2010] wpc <alex.hal9000@gmail.com>
+
+  * KP/WPC use eval instead of constantize for intiailze custom data source, because constantize dose not work on java class
+
+[c52a5b6 | Fri Jul 30 23:19:14 UTC 2010] wpc <alex.hal9000@gmail.com>
+
+  * KP/WPC refactoring for removing all find_all_* methods
+
+[136bca5 | Fri Jul 30 22:57:51 UTC 2010] wpc <alex.hal9000@gmail.com>
+
+  * KP/WPC - removed some find methods.
+
+[233b20c | Fri Jul 30 22:37:00 UTC 2010] wpc <alex.hal9000@gmail.com>
+
+  * KP/WPC - Add some tests for ModelBase. Removed some redundant tests from oauth_client_test which were really ModelBase tests.
+
+[5e43b90 | Fri Jul 30 21:05:40 UTC 2010] wpc <alex.hal9000@gmail.com>
+
+  * KP/WPC change expires_at type to integer, so that DataSource don't need to do Date type converting.
+
+[027ded7 | Fri Jul 30 00:41:36 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Renamed a class.
+
+[31903c2 | Fri Jul 30 00:05:24 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * KP/WPC - Added an example in memory datasource to store oauth DTO objects.
+
+[bd4f9db | Thu Jul 29 22:24:06 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * KP/WPC - Remove all dependencies on AR.
+
+[cf2b818 | Thu Jul 29 20:53:09 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * KP/WPC - [cleanup] refactored our classes into their own files.
+
+[1f8f120 | Thu Jul 29 20:46:36 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * Remove empty file.
+
+[4072a40 | Thu Jul 29 19:16:32 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
+
+  * KP/WPC - Remove dependency on AR.
+
+    Decouple the OauthClient from AR.
+    Rolled out our own AR 'clone' that delegates DB operations to a DTO behind the source.
+
 [20b81b6 | Sat Jul 24 00:30:26 UTC 2010] Ketan Padegaonkar <KetanPadegaonkar@gmail.com>
 
   * Bump up version number for release.

data/README.textile

@@ -15,6 +15,8 @@ OAuth is an open-source specification for building a framework for allowing a th
 
 A very good overview of the basic OAuth workflow is "here":http://hueniverse.com/2007/10/beginners-guide-to-oauth-part-ii-protocol-workflow/.
 
+As some of this is not always easy to grok on first pass, we also put together "some videos":http://www.youtube.com/view_play_list?p=675281900139F609 to give a step-by-step introduction to OAuth.
+
 Common terms:
 
 * Provider/Resource Owner - the app that hosts the protected resource.  A real world example is Twitter which uses OAuth as the protocol for all its clients.

data/app/controllers/oauth2/provider/oauth_authorize_controller.rb

@@ -48,7 +48,7 @@ module Oauth2
           return false
         end
     
-        @client = OauthClient.find_by_client_id(params[:client_id])
+        @client = OauthClient.find_one(:client_id, params[:client_id])
     
         if @client.nil?
           redirect_to "#{params[:redirect_uri]}?error=invalid-client-id"

data/app/controllers/oauth2/provider/oauth_clients_controller.rb

@@ -26,7 +26,8 @@ module Oauth2
         
         if @oauth_client.save
           flash[:notice] = 'OauthClient was successfully created.'
-          redirect_to(@oauth_client)
+          redirect_to :action => 'index'
+          return
         else
           render :action => "new" 
         end
@@ -37,7 +38,8 @@ module Oauth2
 
         if @oauth_client.update_attributes(params[:oauth_client])
           flash[:notice] = 'OauthClient was successfully updated.'
-          redirect_to(@oauth_client)
+          redirect_to :action => 'index'
+          return
         else
           render :action => "edit"
         end

data/app/controllers/oauth2/provider/oauth_token_controller.rb

@@ -4,43 +4,42 @@
 module Oauth2
   module Provider
     class OauthTokenController < ApplicationController
+      skip_before_filter :verify_authenticity_token
 
       def get_token
         
-        authorization = OauthAuthorization.find_by_code(params[:code])
-        authorization.delete unless authorization.nil?
+        authorization = OauthAuthorization.find_one(:code, params[:code])
+        authorization.destroy unless authorization.nil?
         
-        original_token = OauthToken.find_by_refresh_token(params[:refresh_token])
-        original_token.delete unless original_token.nil?
+        original_token = OauthToken.find_one(:refresh_token, params[:refresh_token])
+        original_token.destroy unless original_token.nil?
     
         unless ['authorization-code', 'refresh-token'].include?(params[:grant_type])
-          render_error('unsupported-grant-type')
+          render_error('unsupported-grant-type', "Grant type #{params[:grant_type]} is not supported!")
           return
         end
     
-        client = OauthClient.find_by_client_id_and_client_secret(
-          params[:client_id], params[:client_secret]
-        )
-    
-        if client.nil?
-          render_error('invalid-client-credentials')
+        client = OauthClient.find_one(:client_id, params[:client_id])
+
+        if client.nil? || client.client_secret != params[:client_secret]
+          render_error('invalid-client-credentials', 'Invalid client credentials!')
           return
         end
     
         if client.redirect_uri != params[:redirect_uri]
-          render_error('invalid-grant')
+          render_error('invalid-grant', 'Redirect uri mismatch!')
           return
         end
     
         if params[:grant_type] == 'authorization-code'
-          if authorization.nil? || authorization.expired? || authorization.oauth_client != client
-            render_error('invalid-grant')
+          if authorization.nil? || authorization.expired? || authorization.oauth_client.id != client.id
+            render_error('invalid-grant', "Authorization expired or invalid!")
             return
           end
           token = authorization.generate_access_token
         else # refresh-token
-          if original_token.nil? || original_token.oauth_client != client
-            render_error('invalid-grant')
+          if original_token.nil? || original_token.oauth_client.id != client.id
+            render_error('invalid-grant', 'Refresh token is invalid!')
             return
           end
           token = original_token.refresh
@@ -50,8 +49,8 @@ module Oauth2
       end
   
       private
-      def render_error(error_code)
-         render :status => :bad_request, :json => {:error => error_code}.to_json
+      def render_error(error_code, description)
+         render :status => :bad_request, :json => {:error => error_code, :error_description => description}.to_json
       end
   
     end

data/app/controllers/oauth2/provider/oauth_user_tokens_controller.rb

@@ -6,7 +6,7 @@ module Oauth2
     class OauthUserTokensController < ApplicationController
       
       def index
-        @tokens = OauthToken.find_all_by_user_id(current_user_id_for_oauth)
+        @tokens = OauthToken.find_all_with(:user_id, current_user_id_for_oauth)
       end
     
       def revoke
@@ -15,12 +15,12 @@ module Oauth2
           render :text => "User not authorized to perform this action!", :status => :bad_request
           return
         end
-        if token.user_id != current_user_id_for_oauth
+        if token.user_id.to_s != current_user_id_for_oauth
           render :text => "User not authorized to perform this action!", :status => :bad_request
           return
         end
         
-        token.delete
+        token.destroy
         redirect_to :action => :index
       end
       

data/app/models/oauth2/provider/oauth_authorization.rb

@@ -3,32 +3,34 @@
 
 module Oauth2
   module Provider
-    class OauthAuthorization < ::ActiveRecord::Base
+    class OauthAuthorization < ModelBase
 
-      belongs_to :oauth_client, :class_name => "Oauth2::Provider::OauthClient"
-  
       EXPIRY_TIME = 1.hour
-  
+      columns :user_id, :oauth_client_id, :code, :expires_at => :integer
+
+      def oauth_client
+        OauthClient.find_by_id(oauth_client_id)
+      end
+
       def generate_access_token
         token = oauth_client.create_token_for_user_id(user_id)
-        self.delete
+        self.destroy
         token
       end
-  
+
       def expires_in
         (Time.at(expires_at.to_i) - Clock.now).to_i
       end
-  
+
       def expired?
         expires_in <= 0
       end
-  
-      protected
+
       def before_create
-        self.expires_at = Clock.now + EXPIRY_TIME
+        self.expires_at = (Clock.now + EXPIRY_TIME).to_i
         self.code = ActiveSupport::SecureRandom.hex(32)
       end
-  
+
     end
   end
 end

data/app/models/oauth2/provider/oauth_client.rb

@@ -3,31 +3,41 @@
 
 module Oauth2
   module Provider
-    class OauthClient < ActiveRecord::Base
-
+    class OauthClient < ModelBase
+      
       validates_presence_of :name, :redirect_uri
-      before_create :generate_keys
-      has_many :oauth_tokens, :class_name => "Oauth2::Provider::OauthToken", :dependent => :delete_all
-      has_many :oauth_authorizations, :class_name => "Oauth2::Provider::OauthAuthorization", :dependent => :delete_all
       validates_format_of :redirect_uri, :with => Regexp.new("^(https|http)://.+$")
+      
+      columns :name, :client_id, :client_secret, :redirect_uri
 
       def create_token_for_user_id(user_id)
-        oauth_tokens.create!(:user_id => user_id)
+        OauthToken.create!(:user_id => user_id, :oauth_client_id => id)
       end
       
       def create_authorization_for_user_id(user_id)
-        oauth_authorizations.create!(:user_id => user_id)
+        OauthAuthorization.create!(:user_id => user_id, :oauth_client_id => id)
       end
-      
       def self.model_name
         ActiveSupport::ModelName.new('OauthClient')
       end
+
+      def oauth_tokens
+        OauthToken.find_all_with(:oauth_client_id, id)
+      end
+      
+      def oauth_authorizations
+        OauthAuthorization.find_all_with(:oauth_client_id, id)
+      end
       
-      private
-      def generate_keys
+      def before_create
         self.client_id = ActiveSupport::SecureRandom.hex(32)
         self.client_secret = ActiveSupport::SecureRandom.hex(32)
       end
+      
+      def before_destroy
+        oauth_tokens.each(&:destroy)
+        oauth_authorizations.each(&:destroy)
+      end
     
     end
   end

data/app/models/oauth2/provider/oauth_token.rb

@@ -3,36 +3,39 @@
 
 module Oauth2
   module Provider
-    class OauthToken < ::ActiveRecord::Base
+    class OauthToken < ModelBase
+
+      columns :user_id, :oauth_client_id, :access_token, :refresh_token, :expires_at => :integer
 
-      belongs_to :oauth_client, :class_name => "Oauth2::Provider::OauthClient"
-  
       EXPIRY_TIME = 90.days
-  
+
+      def oauth_client
+        OauthClient.find_by_id(oauth_client_id)
+      end
+
       def access_token_attributes
         {:access_token => access_token, :expires_in => expires_in, :refresh_token => refresh_token}
       end
-  
+
       def expires_in
         (Time.at(expires_at.to_i) - Clock.now).to_i
       end
-  
+
       def expired?
         expires_in <= 0
       end
-      
+
       def refresh
-        self.delete
+        self.destroy
         oauth_client.create_token_for_user_id(user_id)
       end
 
-      protected
       def before_create
         self.access_token = ActiveSupport::SecureRandom.hex(32)
-        self.expires_at = Clock.now + EXPIRY_TIME
+        self.expires_at = (Clock.now + EXPIRY_TIME).to_i
         self.refresh_token = ActiveSupport::SecureRandom.hex(32)
       end
-  
+
     end
   end
 end

data/app/views/oauth2/provider/oauth_authorize/index.html.erb

@@ -1,8 +1,8 @@
-<form action="<%= url_for(:action => :authorize) %>" method="post" id="oauth_authorize">
+<% form_for(url_for(:action => :authorize), :html => {:id => 'oauth_authorize_form'}) do |f| -%>
   Do you wish to allow the service named '<%= @client.name %>' to access this application on your behalf? <input type="checkbox" name="authorize" id="authorize" value="1" />
   <input type="hidden" name="client_id" id="client_id" value="<%= params[:client_id] %>" />
   <input type="hidden" name="redirect_uri" id="redirect_uri" value="<%= params[:redirect_uri] %>" />
   <input type="hidden" name="response_type" id="response_type" value="<%= params[:response_type] %>" />
   <input type="hidden" name="state" id="state" value="<%= params[:state] %>" />
   <input type="submit" value="Submit" />
-</form>
+<% end -%>

data/app/views/oauth2/provider/oauth_clients/edit.html.erb

@@ -1,20 +1,20 @@
 <h1>Editing oauth_client</h1>
 
-<% form_for(@oauth_client) do |f| %>
+<% form_for(@oauth_client, :html => {:id => 'oauth_client_edit_form', :class => nil}) do |f| %>
   <%= f.error_messages %>
 
-  <p>
-    <%= f.label :name %><br />
+  <div>
+    <%= f.label :name %>
     <%= f.text_field :name %>
-  </p>
-  <p>
-    <%= f.label :redirect_uri %><br />
+  </div>
+  <div>
+    <%= f.label :redirect_uri %>
     <%= f.text_field :redirect_uri %>
-  </p>
-  <p>
+  </div>
+  <div>
     <%= f.submit 'Update' %>
-  </p>
+  </div>
 <% end %>
 
-<%= link_to 'Show', @oauth_client %> |
-<%= link_to 'Back', oauth_clients_path %>
+<%= link_to 'Show', @oauth_client, :class => 'show_link' %> |
+<%= link_to 'Back', oauth_clients_path, :class => 'back_link' %>

data/app/views/oauth2/provider/oauth_clients/index.html.erb

@@ -1,11 +1,12 @@
 <h1>Listing oauth_clients</h1>
 
-<table>
+<table id="oauth_clients_table" class="list_table">
   <tr>
     <th>Name</th>
     <th>Client id</th>
     <th>Client secret</th>
     <th>Redirect URI</th>
+    <th>Actions</th>
   </tr>
 
 <% @oauth_clients.each do |oauth_client| %>
@@ -14,13 +15,14 @@
     <td><%=h oauth_client.client_id %></td>
     <td><%=h oauth_client.client_secret %></td>
     <td><%=h oauth_client.redirect_uri %></td>
-    <td><%= link_to 'Show', oauth_client %></td>
-    <td><%= link_to 'Edit', edit_oauth_client_path(oauth_client) %></td>
-    <td><%= link_to 'Destroy', oauth_client, :confirm => 'Are you sure?', :method => :delete %></td>
+    <td>
+        <%= link_to 'Edit', edit_oauth_client_path(oauth_client),  :class => 'edit_link' %>
+        <%= link_to 'Destroy', oauth_client, :confirm => 'Are you sure?', :method => :delete, :class => 'delete_link' %>
+    </td>
   </tr>
 <% end %>
 </table>
 
 <br />
 
-<%= link_to 'New oauth_client', new_oauth_client_path %>
+<%= link_to 'New oauth_client', new_oauth_client_path,  :class => 'link_as_button', :id => 'new_oauth_client_button' %>

data/app/views/oauth2/provider/oauth_clients/new.html.erb

@@ -1,19 +1,21 @@
 <h1>New oauth_client</h1>
 
-<% form_for(@oauth_client) do |f| %>
+<!-- add in an ID for the form -->
+
+<% form_for(@oauth_client, :html => {:id => 'oauth_client_create_form', :class => nil}) do |f| %>
   <%= f.error_messages %>
 
-  <p>
-    <%= f.label :name %><br />
+  <div>
+    <%= f.label :name %>
     <%= f.text_field :name %>
-  </p>
-  <p>
-    <%= f.label :redirect_uri %><br />
+  </div>
+  <div>
+    <%= f.label :redirect_uri %>
     <%= f.text_field :redirect_uri %>
-  </p>
-  <p>
+  </div>
+  <div>
     <%= f.submit 'Create' %>
-  </p>
+  </div>
 <% end %>
 
-<%= link_to 'Back', oauth_clients_path %>
+<%= link_to 'Back', oauth_clients_path, :class => 'back_link' %>

data/app/views/oauth2/provider/oauth_user_tokens/index.html.erb

@@ -1,4 +1,4 @@
-<table>
+<table id="oauth_user_token_table" class="list_table">
   <tr>
     <th>Client</th>
     <th>Token</th>
@@ -8,7 +8,7 @@
     <tr>
       <td><%= token.oauth_client.name %></td>
       <td><%= token.access_token %></td>
-      <td><%= link_to('Destroy', {:action => :revoke, :token_id => token.id, :controller => 'Oauth2::Provider::OauthUserTokens'}, {:confirm => 'Are you sure?', :method => :delete})%></td>
+      <td><%= link_to('Destroy', {:action => :revoke, :token_id => token.id, :controller => 'Oauth2::Provider::OauthUserTokens'}, {:confirm => 'Are you sure?', :method => :delete,  :class => 'delete_link'})%></td>
     </tr>
   <% end -%>
 </table>

data/config/routes.rb

@@ -2,13 +2,18 @@
 # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
 
 ActionController::Routing::Routes.draw do |map|
-  
-  map.resources :oauth_clients, :controller => 'Oauth2::Provider::OauthClients', :as => 'oauth/clients'
-  
-  map.connect '/oauth/authorize', :controller => 'Oauth2::Provider::OauthAuthorize', :action => :authorize, :conditions => {:method => :post}
-  map.connect '/oauth/authorize', :controller => 'Oauth2::Provider::OauthAuthorize', :action => :index, :conditions => {:method => :get}
-  map.connect '/oauth/token', :controller => 'Oauth2::Provider::OauthToken', :action => :get_token, :conditions => {:method => :post}
-  
-  map.connect '/oauth/user_tokens/revoke/:token_id', :controller => 'Oauth2::Provider::OauthUserTokens', :action => :revoke, :conditions => {:method => :delete}
-  map.connect '/oauth/user_tokens', :controller => 'Oauth2::Provider::OauthUserTokens', :action => :index, :conditions => {:method => :get}
+
+  admin_prefix=ENV['ADMIN_OAUTH_URL_PREFIX']
+
+  map.resources :oauth_clients, :controller => 'Oauth2::Provider::OauthClients', :as => "#{admin_prefix}oauth/clients"
+
+  user_prefix=ENV['USER_OAUTH_URL_PREFIX']
+
+  map.connect "#{user_prefix}/oauth/authorize", :controller => 'Oauth2::Provider::OauthAuthorize', :action => :authorize, :conditions => {:method => :post}
+  map.connect "#{user_prefix}/oauth/authorize", :controller => 'Oauth2::Provider::OauthAuthorize', :action => :index, :conditions => {:method => :get}
+  map.connect "#{user_prefix}/oauth/token", :controller => 'Oauth2::Provider::OauthToken', :action => :get_token, :conditions => {:method => :post}
+
+  map.connect "#{user_prefix}/oauth/user_tokens/revoke/:token_id", :controller => 'Oauth2::Provider::OauthUserTokens', :action => :revoke, :conditions => {:method => :delete}
+  map.connect "#{user_prefix}/oauth/user_tokens", :controller => 'Oauth2::Provider::OauthUserTokens', :action => :index, :conditions => {:method => :get}
+
 end

data/generators/oauth2_provider/templates/db/migrate/create_oauth_authorizations.rb

@@ -7,7 +7,7 @@ class CreateOauthAuthorizations < ActiveRecord::Migration
       t.string :user_id
       t.integer :oauth_client_id
       t.string :code
-      t.timestamp :expires_at
+      t.integer :expires_at
       
       t.timestamps
     end

data/generators/oauth2_provider/templates/db/migrate/create_oauth_tokens.rb

@@ -8,7 +8,7 @@ class CreateOauthTokens < ActiveRecord::Migration
       t.integer :oauth_client_id
       t.string :access_token
       t.string :refresh_token
-      t.timestamp :expires_at
+      t.integer :expires_at
       
       t.timestamps
     end

data/init.rb

@@ -1,5 +1,5 @@
 # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
 # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
 
-# DO NOT REMOVE
-# this file is required when this plugin is used as a plugin! 
+# !!perform any initialization in oauth2_provider!!
+require 'oauth2_provider'

data/lib/oauth2/provider/a_r_datasource.rb

@@ -0,0 +1,108 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
+if defined?(ActiveRecord)
+  module Oauth2
+    module Provider
+      class ARDatasource
+
+        class OauthClientDto < ActiveRecord::Base
+          set_table_name :oauth_clients
+        end
+
+        class OauthAuthorizationDto < ActiveRecord::Base
+          set_table_name :oauth_authorizations
+        end
+
+        class OauthTokenDto < ActiveRecord::Base
+          set_table_name :oauth_tokens
+        end
+
+        # used in tests, use it to clear datasource
+        def reset
+
+        end
+
+        def find_oauth_client_by_id(id)
+          OauthClientDto.find_by_id(id)
+        end
+
+        def find_oauth_client_by_client_id(client_id)
+          OauthClientDto.find_by_client_id(client_id)
+        end
+
+        def find_all_oauth_client
+          OauthClientDto.all
+        end
+
+        def save_oauth_client(attrs)
+          save(OauthClientDto, attrs)
+        end
+
+        def delete_oauth_client(id)
+          OauthClientDto.delete(id)
+        end
+
+        def find_all_oauth_authorization_by_oauth_client_id(client_id)
+          OauthAuthorizationDto.find_all_by_oauth_client_id(client_id)
+        end
+
+        def find_oauth_authorization_by_id(id)
+          OauthAuthorizationDto.find_by_id(id)
+        end
+
+        def find_oauth_authorization_by_code(code)
+          OauthAuthorizationDto.find_by_code(code)
+        end
+
+        def save_oauth_authorization(attrs)
+          save(OauthAuthorizationDto, attrs)
+        end
+
+        def delete_oauth_authorization(id)
+          OauthAuthorizationDto.delete(id)
+        end
+
+        def find_oauth_token_by_id(id)
+          OauthTokenDto.find_by_id(id)
+        end
+
+        def find_all_oauth_token_by_oauth_client_id(client_id)
+          OauthTokenDto.find_all_by_oauth_client_id(client_id)
+        end
+
+        def find_all_oauth_token_by_user_id(user_id)
+          OauthTokenDto.find_all_by_user_id(user_id)
+        end
+
+        def find_oauth_token_by_access_token(access_token)
+          OauthTokenDto.find_by_access_token(access_token)
+        end
+
+        def find_oauth_token_by_refresh_token(refresh_token)
+          OauthTokenDto.find_by_refresh_token(refresh_token)
+        end
+
+        def save_oauth_token(attrs)
+          save(OauthTokenDto, attrs)
+        end
+
+        def delete_oauth_token(id)
+          OauthTokenDto.delete(id)
+        end
+
+        private
+
+        def save(dto_klass, attrs)
+          dto = dto_klass.find_by_id(attrs[:id])
+          if dto
+            dto.update_attributes(attrs)
+          else
+            dto = dto_klass.create(attrs)
+          end
+          dto
+        end
+      end
+    end
+  end
+end

data/lib/oauth2/provider/application_controller_methods.rb

@@ -29,8 +29,8 @@ module Oauth2
         header_field = request.headers["Authorization"]
         
         if header_field =~ /Token token="(.*)"/          
-          token = OauthToken.find_by_access_token($1)
-          token.user_id if token
+          token = OauthToken.find_one(:access_token, $1)
+          token.user_id if (token && !token.expired?)
         end
       end
   

data/lib/oauth2/provider/in_memory_datasource.rb

@@ -0,0 +1,121 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
+require 'ostruct'
+module Oauth2
+  module Provider
+    class InMemoryDatasource
+      
+      class MyStruct < OpenStruct
+        
+        attr_accessor :id
+        
+        def initialize(id, attrs)
+          self.id = id
+          super(attrs)
+        end
+      end
+      
+      @@id = 0
+      
+      @@oauth_clients = []
+      @@oauth_tokens = []
+      @@oauth_authorizations = []
+      
+      def reset
+        @@id = 0
+        @@oauth_clients = []
+        @@oauth_tokens = []
+        @@oauth_authorizations = []
+      end
+      
+      def find_oauth_client_by_id(id)
+        @@oauth_clients.find{|i| i.id.to_s == id.to_s}
+      end
+
+      def find_oauth_client_by_client_id(client_id)
+        @@oauth_clients.find{|i| i.client_id.to_s == client_id.to_s}
+      end
+
+      def find_all_oauth_client
+        @@oauth_clients
+      end
+
+      def save_oauth_client(attrs)
+        save(@@oauth_clients, attrs)
+      end
+
+      def delete_oauth_client(id)
+        @@oauth_clients.delete_if {|i| i.id.to_s == id.to_s}
+      end
+
+      def find_all_oauth_authorization_by_oauth_client_id(client_id)
+        @@oauth_authorizations.select {|i| i.oauth_client_id.to_s == client_id.to_s}
+      end
+
+      def find_oauth_authorization_by_id(id)
+        @@oauth_authorizations.find{|i| i.id.to_s == id.to_s}
+      end
+
+      def find_oauth_authorization_by_code(code)
+        @@oauth_authorizations.find{|i| i.code.to_s == code.to_s}
+      end
+
+      def save_oauth_authorization(attrs)
+        save(@@oauth_authorizations, attrs)
+      end
+
+      def delete_oauth_authorization(id)
+        @@oauth_authorizations.delete_if {|i| i.id.to_s == id.to_s}
+      end
+
+      def find_oauth_token_by_id(id)
+        @@oauth_tokens.find{|i| i.id.to_s == id.to_s}
+      end
+
+      def find_all_oauth_token_by_oauth_client_id(client_id)
+        @@oauth_tokens.select {|i| i.oauth_client_id.to_s == client_id.to_s}
+      end
+
+      def find_all_oauth_token_by_user_id(user_id)
+        @@oauth_tokens.select {|i| i.user_id.to_s == user_id.to_s}
+      end
+
+      def find_oauth_token_by_access_token(access_token)
+        @@oauth_tokens.find {|i| i.access_token.to_s == access_token.to_s}
+      end
+
+      def find_oauth_token_by_refresh_token(refresh_token)
+        @@oauth_tokens.find {|i| i.refresh_token.to_s == refresh_token.to_s}
+      end
+
+      def save_oauth_token(attrs)
+        save(@@oauth_tokens, attrs)
+      end
+
+      def delete_oauth_token(id)
+        @@oauth_tokens.delete_if { |i| i.id.to_s == id .to_s}
+      end
+      
+      private
+      def save(collection, attrs)
+        dto = collection.find {|i| i.id.to_s == attrs[:id].to_s}
+        
+        if dto
+          attrs.each do |k, v|
+            dto.send("#{k}=", v)
+          end
+        else
+          dto = MyStruct.new(next_id, attrs)
+          collection << dto
+        end
+        dto
+      end
+      
+      def next_id
+        @@id += 1
+        @@id.to_s
+      end
+    end
+  end
+end

data/lib/oauth2/provider/model_base.rb

@@ -0,0 +1,204 @@
+# Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
+# Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
+
+module Oauth2
+  module Provider
+    class NotFoundException < StandardError
+    end
+
+    class RecordNotSaved < StandardError
+    end
+
+    class ModelBase
+      include Validatable
+      CONVERTORS =  {
+        :integer => Proc.new { |v| v.to_i },
+        :string  => Proc.new { |v| v.to_s }
+      }.with_indifferent_access
+
+      class_inheritable_hash :db_columns
+      self.db_columns = {}
+
+      def self.columns(*names)
+        names.each do |name|
+          column_name, convertor = (Hash === name) ?
+            [name.keys.first, CONVERTORS[name.values.first]] :
+            [name, CONVERTORS[:string]]
+          attr_accessor column_name
+          self.db_columns[column_name.to_s] = convertor
+        end
+      end
+
+      columns :id
+
+      def initialize(attributes={})
+        assign_attributes(attributes)
+      end
+
+      cattr_accessor :datasource
+
+      def self.datasource=(ds)
+        @@datasource =  case ds
+                        when NilClass
+                          default_datasource
+                        when String
+                          eval(ds).new
+                        when Class
+                          ds.new
+                        else
+                          ds
+                        end
+      end
+
+      def self.datasource
+        @@datasource ||= default_datasource
+      end
+
+      def datasource
+        self.class.datasource
+      end
+
+      def self.default_datasource
+        if defined?(ActiveRecord)
+          ARDatasource.new
+        else
+          unless ENV['LOAD_OAUTH_SILENTLY']
+            puts "*"*80
+            puts "*** Activerecord is not defined! Using InMemoryDatasource, which will not persist across application restarts!! ***"
+            puts "*"*80
+          end
+          InMemoryDatasource.new
+        end
+      end
+
+      def self.find(id)
+        find_by_id(id) || raise(NotFoundException.new("Record not found!"))
+      end
+
+      def self.find_by_id(id)
+        find_one(:id, id)
+      end
+
+      def self.find_all_with(column_name, column_value)
+        datasource.send("find_all_#{compact_name}_by_#{column_name}", convert(column_name, column_value)).collect do |dto|
+          new.update_from_dto(dto)
+        end
+      end
+
+      def self.find_one(column_name, column_value)
+        if dto = datasource.send("find_#{compact_name}_by_#{column_name}", convert(column_name, column_value))
+          self.new.update_from_dto(dto)
+        end
+      end
+
+      def self.all
+        datasource.send("find_all_#{compact_name}").collect do |dto|
+          new.update_from_dto(dto)
+        end
+      end
+
+      def self.count
+        all.size
+      end
+
+      def self.size
+        all.size
+      end
+
+      def self.compact_name
+        self.name.split('::').last.underscore
+      end
+
+      def self.create(attributes={})
+        client = self.new(attributes)
+        client.save
+        client
+      end
+
+      def self.create!(attributes={})
+        client = self.new(attributes)
+        client.save!
+        client
+      end
+
+      def update_attributes(attributes={})
+        assign_attributes(attributes)
+        save
+      end
+
+      def save!
+        save || raise(RecordNotSaved.new("Could not save model!"))
+      end
+
+      def save
+        before_create if new_record?
+        attrs = db_columns.keys.inject({}) do |result, column_name|
+          result[column_name] = read_attribute(column_name)
+          result
+        end
+
+        if self.valid?
+          dto = datasource.send("save_#{self.class.compact_name}", attrs.with_indifferent_access)
+          update_from_dto(dto)
+          return true
+        end
+        false
+      end
+
+      def reload
+        update_from_dto(self.class.find(id))
+      end
+
+      def destroy
+        before_destroy
+        datasource.send("delete_#{self.class.compact_name}", convert(:id, id) )
+      end
+
+      def before_create
+        # for subclasses to override to support hooks.
+      end
+
+      def before_destroy
+        # for subclasses to override to support hooks.
+      end
+
+      def update_from_dto(dto)
+        db_columns.keys.each do |column_name|
+          write_attribute(column_name, dto.send(column_name))
+        end
+        self
+      end
+
+      def new_record?
+        id.nil?
+      end
+
+      def to_param
+        id.nil? ? nil: id.to_s
+      end
+
+      def assign_attributes(attrs={})
+        attrs.each { |k, v| write_attribute(k, v) }
+      end
+
+      private
+
+      def self.convert(column_name, value)
+        db_columns[column_name.to_s].call(value)
+      end
+
+      def convert(column_name, value)
+        self.class.convert(column_name, value)
+      end
+
+      def read_attribute(column_name)
+        convert(column_name, self.send(column_name))
+      end
+
+      def write_attribute(column_name, value)
+        self.send("#{column_name}=", convert(column_name, value))
+      end
+
+    end
+  end
+end

data/lib/oauth2_provider.rb

@@ -1,5 +1,20 @@
 # Copyright (c) 2010 ThoughtWorks Inc. (http://thoughtworks.com)
 # Licenced under the MIT License (http://www.opensource.org/licenses/mit-license.php)
 
-# DO NOT REMOVE
-# this file is required when this plugin is used as a gem!
+require 'oauth2/provider/a_r_datasource'
+require 'oauth2/provider/in_memory_datasource'
+require 'oauth2/provider/model_base'
+require 'oauth2/provider/clock'
+
+Oauth2::Provider::ModelBase.datasource = ENV["OAUTH2_PROVIDER_DATASOURCE"]
+
+unless ENV['LOAD_OAUTH_SILENTLY']
+  puts "*"*80
+  puts "*** Using data source: #{Oauth2::Provider::ModelBase.datasource.class}"
+  puts "*"*80
+end
+
+Dir[File.join(File.dirname(__FILE__), "..", "app", "**", '*.rb')].each do |rb_file|
+  require File.expand_path(rb_file)
+end
+

data/oauth2_provider.gemspec

@@ -2,15 +2,15 @@
 
 Gem::Specification.new do |s|
   s.name = %q{oauth2_provider}
-  s.version = "0.1.0"
+  s.version = "0.2.0"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
   s.authors = ["ThoughtWorks, Inc."]
-  s.date = %q{2010-07-23}
+  s.date = %q{2010-08-31}
   s.description = %q{A Rails plugin to OAuth v2.0 enable your rails application. This plugin implements v09 of the OAuth2 draft spec http://tools.ietf.org/html/draft-ietf-oauth-v2-09.}
   s.email = %q{ketan@thoughtworks.com}
   s.extra_rdoc_files = ["README.textile", "MIT-LICENSE.txt"]
-  s.files = ["app/controllers/oauth2/provider/oauth_authorize_controller.rb", "app/controllers/oauth2/provider/oauth_clients_controller.rb", "app/controllers/oauth2/provider/oauth_token_controller.rb", "app/controllers/oauth2/provider/oauth_user_tokens_controller.rb", "app/models/oauth2/provider/oauth_authorization.rb", "app/models/oauth2/provider/oauth_client.rb", "app/models/oauth2/provider/oauth_token.rb", "app/views/oauth2/provider/layouts/oauth_clients.html.erb", "app/views/oauth2/provider/oauth_authorize/index.html.erb", "app/views/oauth2/provider/oauth_clients/edit.html.erb", "app/views/oauth2/provider/oauth_clients/index.html.erb", "app/views/oauth2/provider/oauth_clients/new.html.erb", "app/views/oauth2/provider/oauth_clients/show.html.erb", "app/views/oauth2/provider/oauth_user_tokens/index.html.erb", "config/routes.rb", "generators/oauth2_provider/oauth2_provider_generator.rb", "generators/oauth2_provider/templates/config/initializers/oauth2_provider.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_authorizations.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_clients.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_tokens.rb", "init.rb", "lib/oauth2/provider/application_controller_methods.rb", "lib/oauth2/provider/clock.rb", "lib/oauth2_provider.rb", "MIT-LICENSE.txt", "oauth2_provider.gemspec", "README.textile", "tasks/gem.rake", "CHANGELOG"]
+  s.files = ["app/controllers/oauth2/provider/oauth_authorize_controller.rb", "app/controllers/oauth2/provider/oauth_clients_controller.rb", "app/controllers/oauth2/provider/oauth_token_controller.rb", "app/controllers/oauth2/provider/oauth_user_tokens_controller.rb", "app/models/oauth2/provider/oauth_authorization.rb", "app/models/oauth2/provider/oauth_client.rb", "app/models/oauth2/provider/oauth_token.rb", "app/views/oauth2/provider/layouts/oauth_clients.html.erb", "app/views/oauth2/provider/oauth_authorize/index.html.erb", "app/views/oauth2/provider/oauth_clients/edit.html.erb", "app/views/oauth2/provider/oauth_clients/index.html.erb", "app/views/oauth2/provider/oauth_clients/new.html.erb", "app/views/oauth2/provider/oauth_clients/show.html.erb", "app/views/oauth2/provider/oauth_user_tokens/index.html.erb", "config/routes.rb", "generators/oauth2_provider/oauth2_provider_generator.rb", "generators/oauth2_provider/templates/config/initializers/oauth2_provider.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_authorizations.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_clients.rb", "generators/oauth2_provider/templates/db/migrate/create_oauth_tokens.rb", "init.rb", "lib/oauth2/provider/a_r_datasource.rb", "lib/oauth2/provider/application_controller_methods.rb", "lib/oauth2/provider/clock.rb", "lib/oauth2/provider/in_memory_datasource.rb", "lib/oauth2/provider/model_base.rb", "lib/oauth2_provider.rb", "MIT-LICENSE.txt", "oauth2_provider.gemspec", "README.textile", "tasks/gem.rake", "CHANGELOG"]
   s.homepage = %q{http://github.com/ThoughtWorksStudios/oauth2_provider}
   s.require_paths = ["lib"]
   s.rubygems_version = %q{1.3.7}

data/tasks/gem.rake

@@ -35,7 +35,7 @@ namespace :release do
 
       spec = Gem::Specification.new do |s|
         s.name = "oauth2_provider"
-        s.version           = "0.1.0"
+        s.version           = "0.2.0"
         s.author            = "ThoughtWorks, Inc."
         s.email             = "ketan@thoughtworks.com"
         s.homepage          = "http://github.com/ThoughtWorksStudios/oauth2_provider"

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: oauth2_provider
 version: !ruby/object:Gem::Version 
-  hash: 27
+  hash: 23
   prerelease: false
   segments: 
   - 0
-  - 1
+  - 2
   - 0
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors: 
 - ThoughtWorks, Inc.
@@ -15,7 +15,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2010-07-23 00:00:00 -07:00
+date: 2010-08-31 00:00:00 -07:00
 default_executable: 
 dependencies: []
 
@@ -50,8 +50,11 @@ files:
 - generators/oauth2_provider/templates/db/migrate/create_oauth_clients.rb
 - generators/oauth2_provider/templates/db/migrate/create_oauth_tokens.rb
 - init.rb
+- lib/oauth2/provider/a_r_datasource.rb
 - lib/oauth2/provider/application_controller_methods.rb
 - lib/oauth2/provider/clock.rb
+- lib/oauth2/provider/in_memory_datasource.rb
+- lib/oauth2/provider/model_base.rb
 - lib/oauth2_provider.rb
 - MIT-LICENSE.txt
 - oauth2_provider.gemspec