oauth_consumer 0.1.0

data/lib/generators/oauth_consumer/templates/controller.rb

@@ -0,0 +1,59 @@
+require 'oauth/controllers/consumer_controller'
+class OauthConsumersController < ApplicationController
+  include Oauth::Controllers::ConsumerController
+  # Replace this with the equivalent for your authentication framework
+  # Eg. for devise
+  #
+  #   before_filter :authenticate_user!, :only=>:index
+  before_filter :login_required, :only=>:index
+
+  def index
+    @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
+    @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
+  end
+
+  def callback
+  	super
+  end
+
+  def client
+    super
+  end
+
+
+  protected
+
+  # Change this to decide where you want to redirect user to after callback is finished.
+  # params[:id] holds the service name so you could use this to redirect to various parts
+  # of your application depending on what service you're connecting to.
+  def go_back
+    redirect_to root_url
+  end
+
+  # The plugin requires logged_in? to return true or false if the user is logged in. Uncomment and
+  # call your auth frameworks equivalent below if different. eg. for devise:
+  #
+  # def logged_in?
+  #   user_signed_in?
+  # end
+
+  # The plugin requires current_user to return the current logged in user. Uncomment and
+  # call your auth frameworks equivalent below if different.
+  # def current_user
+  #   current_person
+  # end
+
+  # The plugin requires a way to log a user in. Call your auth frameworks equivalent below
+  # if different. eg. for devise:
+  #
+  # def current_user=(user)
+  #   sign_in(user)
+  # end
+
+  # Override this to deny the user or redirect to a login screen depending on your framework and app
+  # if different. eg. for devise:
+  #
+  # def deny_access!
+  #   raise Acl9::AccessDenied
+  # end
+end

data/lib/generators/oauth_consumer/templates/oauth_config.rb

@@ -0,0 +1,68 @@
+# edit this file to contain credentials for the OAuth services you support.
+# each entry needs a corresponding token model.
+#
+# eg. :twitter => TwitterToken, :hour_feed => HourFeedToken etc.
+#
+# OAUTH_CREDENTIALS={
+#   :twitter=>{
+#     :key=>"",
+#     :secret=>"",
+#     :client=>:twitter_gem, # :twitter_gem or :oauth_gem (defaults to :twitter_gem)
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
+#     :allow_login => true # Use :allow_login => true to allow user to login to account
+#   },
+#   :google=>{
+#     :key=>"",
+#     :secret=>"",
+#     :expose => false, # expose client at /oauth_consumers/google/client see docs
+#     :scope=>"" # see http://code.google.com/apis/gdata/faq.html#AuthScopes
+#   },
+#   :github=>{
+#     :key => "",
+#     :secret => "",
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
+#
+#   },
+#   :facebook=>{
+#     :key => "",
+#     :secret => ""
+#   },
+#   :agree2=>{
+#     :key=>"",
+#     :secret=>""
+#   },
+#   :fireeagle=>{
+#     :key=>"",
+#     :secret=>""
+#   },
+#   :oauth2_server => {
+#      :key=>"",
+#      :secret=>"",
+#      :oauth_version => 2
+#      :options=>{ # OAuth::Consumer options
+#        :site=>"http://hourfeed.com" # Remember to add a site for a generic OAuth site
+#      }
+#   },
+#   :hour_feed=>{
+#     :key=>"",
+#     :secret=>"",
+#     :options=>{ # OAuth::Consumer options
+#       :site=>"http://hourfeed.com" # Remember to add a site for a generic OAuth site
+#     }
+#   },
+#   :nu_bux=>{
+#     :key=>"",
+#     :secret=>"",
+#     :super_class=>"OpenTransactToken",  # if a OAuth service follows a particular standard
+#                                         # with a token implementation you can set the superclass
+#                                         # to use
+#     :options=>{ # OAuth::Consumer options
+#       :site=>"http://nubux.heroku.com"
+#     }
+#   }
+# }
+#
+OAUTH_CREDENTIALS={
+} unless defined? OAUTH_CREDENTIALS
+
+load 'oauth/models/consumers/service_loader.rb'

data/lib/generators/oauth_inflections.rb

@@ -0,0 +1,6 @@
+require 'active_support'
+require 'active_support/inflector'
+
+ActiveSupport::Inflector.inflections do |inflect|
+  inflect.uncountable %w(oauth)
+end

data/lib/oauth/controllers/consumer_controller.rb

@@ -0,0 +1,152 @@
+module Oauth
+  module Controllers
+    module ConsumerController
+      def self.included(controller)
+        controller.class_eval do
+          before_filter :load_consumer, :except=>:index
+          skip_before_filter :verify_authenticity_token,:only=>:callback
+        end
+      end
+
+      def index
+        @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
+        # The services the user hasn't already connected to
+        @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
+      end
+
+      # If the user has no token or <tt>force</tt> is set as a param, creates request token and
+      # redirects on to oauth provider's auth page.  Otherwise it displays a page with an option
+      # to disconnect and redo
+      def show
+        if @token && params[:force]
+          @token.destroy
+          @token = nil
+        end
+
+        unless @token
+          if @consumer.ancestors.include?(Oauth2Token)
+            request_url = callback2_oauth_consumer_url + callback2_querystring
+            redirect_to @consumer.authorize_url(request_url)
+          else
+            request_url = callback_oauth_consumer_url(params[:id]) + callback2_querystring
+            @request_token = @consumer.get_request_token(request_url)
+            session[@request_token.token]=@request_token.secret
+            if @request_token.callback_confirmed?
+              redirect_to @request_token.authorize_url
+            else
+              redirect_to(@request_token.authorize_url + "&oauth_callback=#{callback_oauth_consumer_url(params[:id])}")
+            end
+          end
+        end
+      end
+
+      def callback2_querystring
+        request.query_string.blank? ? '' : '?' + request.query_string
+      end
+
+      def callback2
+        @token = @consumer.access_token(current_user, params[:code], callback2_oauth_consumer_url)
+        if @token
+          # Log user in
+          if logged_in?
+            flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
+          else
+            self.current_user = @token.user
+            flash[:notice] = "You logged in with #{params[:id].humanize}"
+          end
+          go_back
+        else
+          flash[:error] = "An error happened, please try connecting again"
+          redirect_to oauth_consumer_url(params[:id])
+        end
+
+      end
+
+      def callback
+        @request_token_secret=session[params[:oauth_token]]
+        if @request_token_secret
+          @token=@consumer.find_or_create_from_request_token(current_user,params[:oauth_token],@request_token_secret,params[:oauth_verifier])
+          session[params[:oauth_token]] = nil
+          if @token
+            # Log user in
+            if logged_in?
+              flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
+            else
+              self.current_user = @token.user
+              flash[:notice] = "You logged in with #{params[:id].humanize}"
+            end
+            go_back
+          else
+            flash[:error] = "An error happened, please try connecting again"
+            redirect_to oauth_consumer_url(params[:id])
+          end
+        end
+
+      end
+
+      def client
+        method = request.method.downcase.to_sym
+        path = "/#{params[:endpoint]}?#{request.query_string}"
+        if consumer_credentials[:expose]
+          if @token
+            oauth_response = @token.client.send(method, path)
+            if oauth_response.is_a? Net::HTTPRedirection
+              # follow redirect
+              oauth_response = @token.client.send(method, oauth_response['Location'])
+            end
+
+            render :text => oauth_response.body
+          else
+            render :text => "Token needed.", :status => 403
+          end
+        else
+          render :text => "Not allowed", :status => 403
+        end
+      end
+
+      def destroy
+        throw RecordNotFound unless @token
+        @token.destroy
+        if params[:commit]=="Reconnect"
+          redirect_to oauth_consumer_url(params[:id])
+        else
+          flash[:notice] = "#{params[:id].humanize} was successfully disconnected from your account"
+
+          go_back
+        end
+      end
+
+      def callback2_oauth_consumer_url
+        @consumer.consumer.options[:redirect_uri]
+      end
+
+      protected
+
+      # Override this in your controller to decide where you want to redirect user to after callback is finished.
+      def go_back
+        redirect_to root_url
+      end
+
+      def consumer_credentials
+        OAUTH_CREDENTIALS[consumer_key]
+      end
+
+      def consumer_key
+        @consumer_key ||= params[:id].to_sym
+      end
+
+      def load_consumer
+        throw RecordNotFound unless OAUTH_CREDENTIALS.include?(consumer_key)
+        deny_access! unless logged_in? || consumer_credentials[:allow_login]
+        @consumer = "#{consumer_key.to_s.camelcase}Token".constantize
+        @token = @consumer.where(user_id: current_user.id.to_s).first
+      end
+
+      # Override this in you controller to deny user or redirect to login screen.
+      def deny_access!
+        head 401
+      end
+
+    end
+  end
+end

data/lib/oauth/models/consumers/service_loader.rb

@@ -0,0 +1,28 @@
+require 'oauth/controllers/consumer_controller'
+
+# Goes through the entries in your OAUTH_CREDENTIALS and either loads the class required
+# or subclasses ConsumerToken with the name.
+#
+# So an entry called "my_service" will create a class MyServiceToken which you can
+# connect with has_one to your user model.
+if defined? ConsumerToken && defined? OAUTH_CREDENTIALS
+  require File.join(File.dirname(__FILE__), 'services', 'oauth2_token')
+
+  OAUTH_CREDENTIALS.each do |key, value|
+    class_name=value[:class_name]||"#{key.to_s.classify}Token"
+    unless Object.const_defined?(class_name.to_sym)
+      if File.exists?(File.join(File.dirname(__FILE__), "services","#{key.to_s}_token.rb"))
+        Rails.logger.info File.join(File.dirname(__FILE__), "services","#{key.to_s}_token")
+        require File.join(File.dirname(__FILE__), "services","#{key.to_s}_token")
+      else
+        begin
+          # Let Rails auto-load from the models folder
+          eval class_name
+        rescue NameError
+          super_class = value[:super_class]||value[:oauth_version].to_i>=2 ? "Oauth2Token" : "ConsumerToken"
+          eval "class #{class_name} < #{super_class} ;end"
+        end
+      end
+    end
+  end
+end

data/lib/oauth/models/consumers/services/oauth2_token.rb

@@ -0,0 +1,50 @@
+require 'oauth2'
+class Oauth2Token < ConsumerToken
+  after_initialize :ensure_access, if: :expired_and_existing?
+
+  def self.consumer
+    @consumer ||= create_consumer
+  end
+
+  def self.create_consumer(options={})
+    OAuth2::Client.new(credentials[:key], credentials[:secret], credentials[:options])
+  end
+
+  def self.authorize_url(callback_url)
+    options = { redirect_uri: callback_url }
+    options[:scope] = credentials[:scope] if credentials[:scope].present?
+    options[:access_type] = credentials[:access_type] if credentials[:access_type].present?
+    consumer.auth_code.authorize_url(options)
+  end
+
+  def self.access_token(user, code, redirect_uri)
+    access_token = consumer.auth_code.get_token(code, { :redirect_uri => redirect_uri, :token_method => :post })
+    find_or_create_from_access_token user, access_token
+  end
+
+  def client
+    @client ||= OAuth2::AccessToken.new(self.class.consumer, token, { refresh_token: refresh_token, expires_at: expires_at, expires_in: expires_in })
+  end
+
+  # @return [Boolean] Is the access token expired and does the record exist in the datastore?
+  def expired_and_existing?
+    return true if !self.new_record? and Time.now.to_i >= self.expires_at.to_i
+    false
+  end
+
+  # Refreshes the access token to ensure access
+  def ensure_access
+    self.class.find_or_create_from_access_token user, self, client.refresh!
+  end
+
+  # Returns the expiration date (expires_in, expires_at)
+  #
+  # @return [String, String] Expires_in and expires_at, respectively
+  # @note It will return the default expiration time as defined in the OAuth 2.0 spec when no options are set
+  def expiration_date(token)
+    return token.expires_in, token.expires_at if !token.expires_in.nil? and !token.expires_at.nil?
+    return token.expires_in, (Time.now.to_i + token.expires_in.to_i) if token.expires_at.nil? and !token.expires_in.nil?
+    return (token.expires_at.to_i - Time.now.to_i), token.expires_at if token.expires_in.nil? and !token.expires_at.nil?
+    return "3600", (Time.now.to_i + 3600)
+  end
+end

data/lib/oauth/models/consumers/services/twitter_token.rb

@@ -0,0 +1,24 @@
+class TwitterToken < ConsumerToken
+  TWITTER_SETTINGS={
+    :site => "https://api.twitter.com",
+    :request_token_path => "/oauth/request_token",
+    :authorize_path => "/oauth/authorize",
+    :access_token_path => "/oauth/access_token",
+  }
+
+  def self.consumer(options={})
+    @consumer ||= OAuth::Consumer.new(credentials[:key], credentials[:secret], TWITTER_SETTINGS.merge(options))
+  end
+
+  def client
+    @client ||= begin 
+      if self.class.credentials[:client].to_sym == :oauth_gem
+        super
+      else
+        require 'twitter'
+        Twitter::Client.new(:consumer_key => self.class.consumer.key, :consumer_secret => self.class.consumer.secret)
+      end
+    end
+  end
+
+end

data/lib/oauth/models/consumers/simple_client.rb

@@ -0,0 +1,50 @@
+require 'json'
+module Oauth
+  module Models
+    module Consumers
+      # This is just a simple
+      class SimpleClient
+        attr_reader :token
+
+        def initialize(token)
+          @token = token
+        end
+
+
+        def put(path,params={})
+          parse(token.put(path,params, {'Accept' => 'application/json'}))
+        end
+
+        def delete(path)
+          parse(token.delete(path, {'Accept' => 'application/json'}))
+        end
+
+        def post(path,params={})
+          parse(token.post(path,params, {'Accept' => 'application/json'}))
+        end
+
+        def get(path)
+          parse(token.get(path, {'Accept' => 'application/json'}))
+        end
+
+        protected
+
+        def parse(response)
+          return false unless response
+          if ["200","201"].include? response.code
+            unless response.body.blank?
+              JSON.parse(response.body)
+            else
+              true
+            end
+          else
+            logger.debug "Got Response code: #{response.code}"
+            false
+          end
+
+        end
+
+      end
+    end
+  end
+end

data/lib/oauth/models/consumers/token.rb

@@ -0,0 +1,121 @@
+require 'oauth/consumer'
+require File.join(File.dirname(__FILE__), 'simple_client')
+
+module Oauth
+  module Models
+    module Consumers
+      module Token
+        def self.included(model)
+          model.class_eval do
+            validates_presence_of :user, :token
+          end
+
+          model.send(:include, InstanceMethods)
+          model.send(:extend, ClassMethods)
+
+        end
+
+        module ClassMethods
+
+          def service_name
+            @service_name||=self.to_s.underscore.scan(/^(.*?)(_token)?$/)[0][0].to_sym
+          end
+
+          def consumer
+            options = credentials[:options] || {}
+            @consumer||=OAuth::Consumer.new credentials[:key],credentials[:secret],options
+          end
+
+          def get_request_token(callback_url)
+            consumer.get_request_token(:oauth_callback=>callback_url)
+          end
+
+          def find_or_create_from_request_token(user,token,secret,oauth_verifier)
+            request_token=OAuth::RequestToken.new consumer,token,secret
+            options={}
+            options[:oauth_verifier]=oauth_verifier if oauth_verifier
+            access_token=request_token.get_access_token options
+            find_or_create_from_access_token user, access_token
+          end
+
+          # Finds, creates or updates a ConsumerToken by finding the token
+          # or taking it when it's given. It then updates the attributes and saves the changes/new record to a datastore.
+          # @param user [User] The user to which the access token should belong to
+          # @param access_token [AccessToken || Oauth2Token] Either a request token taken from the service or a ConsumerToken
+          # @param new_token [AccessToken] A new access token, used for refreshing the access token with OAuth 2.
+          #
+          # Usage example:
+          # find_or_create_from_access_token(current_user, access_token) <-- Find or create a new access token
+          # find_or_create_from_access-token(current_user, Oauth2Token.last, client.refresh!) <-- Edits existing record with new refreshed information
+          def find_or_create_from_access_token(user, access_token, new_token = nil)
+            if access_token.class.ancestors.include?(Oauth2Token)
+              token = access_token
+            else
+              if user
+                token = self.find_or_initialize_by_user_id_and_token(user.id, access_token.token)
+              else
+                token = self.find_or_initialize_by_token(access_token.token)
+              end
+            end
+
+            token = if new_token then set_details(new_token, access_token) else set_details(access_token, token) end
+
+            token.save! if token.new_record? or token.changed?
+
+            token
+          end
+
+          # Set the details such as the secret, refresh token and expiration time to an instance of ConsumerToken
+          # @return [ConsumerToken] A ConsumerToken
+          def set_details(access_token, token)
+            secret = access_token.respond_to?(:secret) ? access_token.secret : nil
+            refresh_token = access_token.respond_to?(:refresh_token) ? access_token.refresh_token : nil
+            expires_in, expires_at = token.expiration_date(access_token) if token.class.ancestors.include?(Oauth2Token)
+
+            token.token = access_token.token
+            token.refresh_token = refresh_token
+            token.secret = secret
+            token.expires_at = expires_at
+            token.expires_in = expires_in
+
+            token
+          end
+
+          def build_user_from_token
+          end
+
+          def credentials
+            @credentials ||= OAUTH_CREDENTIALS[service_name]
+          end
+
+        end
+
+        module InstanceMethods
+
+          # Main client for interfacing with remote service. Override this to use
+          # preexisting library eg. Twitter gem.
+          def client
+            @client||=OAuth::AccessToken.new(self.class.consumer, token, secret)
+          end
+
+          def simple_client
+            @simple_client ||= SimpleClient.new(client)
+          end
+
+          # Override this to return user data from service
+          def params_for_user
+            {}
+          end
+
+          def create_user
+            self.user ||= begin
+              User.new params_for_user
+              user.save(:validate=>false)
+            end
+          end
+
+        end
+      end
+    end
+  end
+end

data/lib/oauth_consumer/version.rb

@@ -0,0 +1,3 @@
+module OauthConsumer
+  VERSION = "0.1.0"
+end

data/lib/oauth_consumer.rb

@@ -0,0 +1,2 @@
+require 'oauth'
+require 'oauth/signature/hmac/sha1'

data/oauth_consumer.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "oauth_consumer/version"
+
+Gem::Specification.new do |s|
+  s.name = %q{oauth_consumer}
+  s.summary = %q{OAuth 1 & 2 helpers for Rails 3+}
+  s.description = %q{OAuth 1 & 2 and token management in Rails 3+}
+  s.homepage = %q{https://github.com/mgomes/oauth_consumer}
+  s.version = OauthConsumer::VERSION
+  s.authors = ["Mauricio Gomes", "Pelle Braendgaard"]
+  s.email = "mauricio@edge14.com"
+
+  s.add_dependency("oauth", ["~> 0.4.4"])
+  s.add_dependency("oauth2", '>= 0.5.0')
+  s.add_dependency("oj", '>= 2.1.7')
+  s.add_dependency("nokogiri", '>= 1.5.0')
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end
+

data/rails/init.rb

@@ -0,0 +1 @@
+require 'oauth_consumer'

data/spec/spec_helper.rb

@@ -0,0 +1,3 @@
+$LOAD_PATH.unshift(File.dirname(__FILE__))
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
+require 'rspec'

data/tasks/oauth_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :oauth do
+#   # Task goes here
+# end