openstax_connect 0.0.10 → 0.1.0

data/README.md

@@ -1,7 +1,7 @@
 connect-rails
 =============
 
-A rails engine for interfacing with OpenStax's common services server.
+A rails engine for interfacing with OpenStax's common accounts server.
 
 Usage
 -----
@@ -21,13 +21,13 @@ You can use whatever path you want instead of `/connect`, just make sure to make
 Create an `openstax_connect.rb` initializer in `config/initializers`, with the following contents:
 
     OpenStax::Connect.configure do |config|
-      config.openstax_application_id = 'value_from_openstax_services_here'
-      config.openstax_application_secret = 'value_from_openstax_services_here'
+      config.openstax_application_id = 'value_from_openstax_accounts_here'
+      config.openstax_application_secret = 'value_from_openstax_accounts_here'
     end
 
-If you're running OpenStax Services in a dev instance on your machine, you can specify that instance's local URL with:
+If you're running OpenStax Accounts in a dev instance on your machine, you can specify that instance's local URL with:
 
-    config.openstax_services_url = 'http://localhost:2999/'
+    config.openstax_accounts_url = 'http://localhost:2999/'
 
 To have users login, direct them to `/connect/sessions/new`.  This is also available through the `openstax_connect.login` route helper, e.g. `<%= link_to 'Sign in!', openstax_connect.login_path %>`.
 
@@ -75,13 +75,30 @@ Make sure to install the engine's migrations:
 
     rake openstax_connect:install:migrations
 
+Accounts API
+------------
+
+OpenStax::Connect provides convenience methods for accessing the OpenStax Accounts API.
+
+`OpenStax::Connect.create_application_user(user, version = nil)` takes
+an OpenStax::Connect::User and, optionally, an API version argument, and creates
+an ApplicationUser for the configured application and the given user. Call this method
+when users finish the registration process in your app.
+
+`OpenStax::Connect.api_call(http_method, url, options = {})` provides a generic
+convenience method capable of making API calls to Accounts. `http_method` can be
+any valid HTTP method, and `url` is the desired API URL, without the 'api/' prefix.
+Options is a hash that can contain any option that OAuth2 requests accept, such
+as :headers, :params, :body, etc, plus the optional values :api_version (to specify
+an API version) and :access_token (to specify an OAuth access token).
+
 Example Application
 -------------------
 
 There is an example application included in the gem in the `example` folder.  Here are steps
 to follow:
 
-1. Download (clone) the OpenStax Services site from github.com/openstax/services.  
+1. Download (clone) the OpenStax Accounts site from github.com/openstax/accounts.  
 1. In the site's `config` folder put a `secret_settings.yml` file that has values for the 
 following keys: `facebook_app_id`, `facebook_app_secret`, `twitter_consumer_key`, `twitter_consumer_secret`.  If you
 don't have access to these values, you can always make dummy apps on facebook and twitter.
@@ -89,7 +106,7 @@ don't have access to these values, you can always make dummy apps on facebook an
     1. Run `bundle install --without production`
     2. Run `bundle exec rake db:migrate`
     3. Run `bundle exec rails server`
-2. Open this services site in a web browser (defaults to http://localhost:2999)
+2. Open this accounts site in a web browser (defaults to http://localhost:2999)
 3. Navigate to http://localhost:2999/oauth/applications
 4. Click `New application`
     5. Set the callback URL to `http://localhost:4000/connect/auth/openstax/callback`.  
@@ -98,9 +115,9 @@ Port 4000 is where you'll be running the example application.
     2. Click the `Trusted?` checkbox.
     3. Click `Submit`.
     4. Keep this window open so you can copy the application ID and secret into the example app
-5. Leave the services app running
+5. Leave the accounts app running
 6. Download (clone) the OpenStax Connect gem from github.com/openstax/connect-rails.  The
 example application is in the `example` folder.  In that folder's config folder, create a `secret_settings.yml` file 
 according to the instructions in `secret_settings.yml.example`.  Run the example server in the normal way (bundle install..., migrate db, rails server).
-7. Navigate to the home page, http://localhost:4000.  Click log in and play around.  You can also refresh the services site and see yourself logged in, log out, etc.
+7. Navigate to the home page, http://localhost:4000.  Click log in and play around.  You can also refresh the accounts site and see yourself logged in, log out, etc.
 8. For fun, change example/config/openstax_connect.rb to set `enable_stubbing` to `true`.  Now when you click login you'll be taken to a developer-only page where you can login as other users, generate new users, create new users, etc.

data/Rakefile

@@ -1,49 +1,22 @@
 #!/usr/bin/env rake
 
-require 'bundler/gem_tasks'
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
 
-# begin
-#   require 'bundler/setup'
-# rescue LoadError
-#   puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
-# end
-# begin
-#   require 'rdoc/task'
-# rescue LoadError
-#   require 'rdoc/rdoc'
-#   require 'rake/rdoctask'
-#   RDoc::Task = Rake::RDocTask
-# end
+APP_RAKEFILE = File.expand_path('../spec/dummy/Rakefile', __FILE__)
+load 'rails/tasks/engine.rake'
 
-# RDoc::Task.new(:rdoc) do |rdoc|
-#   rdoc.rdoc_dir = 'rdoc'
-#   rdoc.title    = 'OpenstaxConnect'
-#   rdoc.options << '--line-numbers'
-#   rdoc.rdoc_files.include('README.rdoc')
-#   rdoc.rdoc_files.include('lib/**/*.rb')
-# end
+Bundler::GemHelper.install_tasks
 
-# APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
-# load 'rails/tasks/engine.rake'
-
-
-
-# Bundler::GemHelper.install_tasks
-
-# require 'rake/testtask'
-
-# Rake::TestTask.new(:test) do |t|
-#   t.libs << 'lib'
-#   t.libs << 'test'
-#   t.pattern = 'test/**/*_test.rb'
-#   t.verbose = false
-# end
-
-
-# task :default => :test
+Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each {|f| load f }
 
+require 'rspec/core'
 require 'rspec/core/rake_task'
 
-RSpec::Core::RakeTask.new('spec')
+desc 'Run all specs in spec directory (excluding plugin specs)'
+RSpec::Core::RakeTask.new(:spec => 'app:db:test:prepare')
 
 task :default => :spec

data/app/controllers/openstax/connect/application_controller.rb

@@ -1,12 +1,23 @@
-# References:
-#  http://edgeguides.rubyonrails.org/engines.html#using-a-class-provided-by-the-application
-
 module OpenStax
   module Connect
 
-    # Inherit from the applications ApplicationController to share some methods
     class ApplicationController < ActionController::Base
       include Lev::HandleWith
+
+      # Override current_user to always return an OpenStax::Connect::User
+      def current_user
+        current_user_manager.connect_current_user
+      end
+
+    protected
+
+      def return_url(include_referrer=false)
+        referrer = include_referrer ? request.referrer : nil
+        # Always clear the session
+        session_return_to = session.delete(:return_to)
+        params[:return_to] || session_return_to || referrer || main_app.root_url
+      end
+
     end
 
   end

data/app/controllers/openstax/connect/dev/dev_controller.rb

@@ -5,11 +5,8 @@ module OpenStax
     module Dev
       class DevController < ApplicationController
 
-        skip_before_filter :authenticate_user!
-
         before_filter Proc.new{ 
-          raise SecurityTransgression unless !Rails.env.production? || 
-                                             current_user.is_administrator? 
+          raise SecurityTransgression if Rails.env.production?
         }
         
       end

data/app/controllers/openstax/connect/dev/users_controller.rb

@@ -10,6 +10,11 @@ module OpenStax
                       complete: lambda { render 'search' })
         end
 
+        def become
+          sign_in(User.find(params[:user_id]))
+          redirect_to return_url(true)
+        end
+
       end
     end
   end

data/app/controllers/openstax/connect/sessions_controller.rb

@@ -4,29 +4,32 @@ module OpenStax
   module Connect
     class SessionsController < ApplicationController
 
-      skip_before_filter :authenticate_user!
-
       def new
+        session[:return_to] ||= request.referrer
         redirect_to RouteHelper.get_path(:login)
       end
 
       def omniauth_authenticated
         handle_with(SessionsOmniauthAuthenticated,
-                    complete: lambda { 
+                    success: lambda {
                       sign_in(@handler_result.outputs[:connect_user_to_sign_in])
-                      redirect_to return_url(true)
+                      # referrer is in Accounts, so don't include it
+                      redirect_to return_url
+                    },
+                    failure: lambda {
+                      failure
                     })
       end
 
       def destroy
         sign_out!
 
-        # If we're using the Services server, need to sign out of it so can't 
+        # If we're using the Accounts server, need to sign out of it so can't 
         # log back in automagically
         redirect_to OpenStax::Connect.configuration.enable_stubbing? ?
                       return_url :
                       OpenStax::Utilities.generate_url(
-                        OpenStax::Connect.configuration.openstax_services_url + "/logout",
+                        OpenStax::Connect.configuration.openstax_accounts_url + "/logout",
                         return_to: return_url
                       )
       end
@@ -35,19 +38,6 @@ module OpenStax
         redirect_to return_url, alert: "Authentication failed, please try again."
       end
 
-      def become
-        raise SecurityTransgression unless !Rails.env.production? || current_user.is_administrator?
-        sign_in(User.find(params[:user_id]))
-        redirect_to return_url(true)
-      end
-
-    protected
-
-      def return_url(include_referrer=false)
-        referrer = include_referrer ? request.referrer : nil
-        params[:return_to] || session.delete(:return_to) || referrer || main_app.root_url
-      end
-
     end
   end
 end

data/app/handlers/openstax/connect/sessions_omniauth_authenticated.rb

@@ -28,9 +28,12 @@ module OpenStax::Connect
 
       new_user = User.create do |user|
         user.openstax_uid = @auth_data.uid
-        user.username     = @auth_data.info.username
+        user.username     = @auth_data.info.nickname
         user.first_name   = @auth_data.info.first_name
         user.last_name    = @auth_data.info.last_name
+        user.full_name    = @auth_data.info.name
+        user.title        = @auth_data.info.title
+        user.access_token = @auth_data.credentials.token
       end
 
       transfer_errors_from(new_user, {type: :verbatim})

data/app/views/openstax/connect/dev/users/login.html.erb

@@ -7,10 +7,10 @@
 
   <%= osu.section_block "Development Login" do %>
 
-    <p>You need to login, but we're not connected to the Services server. Search for a user below 
+    <p>You need to login, but we're not connected to the Accounts server. Search for a user below 
        and click the sign in link next to him or her.</p>
 
-    <%= render 'openstax/connect/users/action_search', action_search_path: dev_users_search_path %>
+    <%= render 'openstax/connect/users/action_search', action_search_path: search_dev_users_path %>
 
   <% end %>
 

data/app/views/openstax/connect/dev/users/search.js.erb

@@ -12,7 +12,7 @@
                          Proc.new { |user| user.username },
                          Proc.new { |user| 
                           link_to 'Sign in as', 
-                                  sessions_become_path(:user_id => user.id), 
+                                  become_dev_users_path(:user_id => user.id), 
                                   method: :post 
                          }
                        ]

data/config/routes.rb

@@ -1,16 +1,21 @@
 OpenStax::Connect::Engine.routes.draw do
   match '/auth/openstax/callback', to: 'sessions#omniauth_authenticated' #omniauth route
   get '/auth/openstax', :as => 'openstax_login'
+
   get 'sessions/new', :as => 'login'
-  post 'sessions/become'
-  
   # See https://github.com/plataformatec/devise/commit/f3385e96abf50e80d2ae282e1fb9bdad87a83d3c
-  match 'sessions/destroy', :as => 'logout', :via => OpenStax::Connect.configuration.logout_via
+  match 'sessions/destroy', :as => 'logout',
+                            :via => OpenStax::Connect.configuration.logout_via
 
   if OpenStax::Connect.configuration.enable_stubbing?
     namespace :dev do
-      get 'users/login'
-      post 'users/search'
+      resources :users, :only => [] do
+        collection do
+          get 'login'
+          post 'search'
+          post 'become'
+        end
+      end
     end
   end
 end
@@ -20,7 +25,7 @@ module OpenStax
   module Connect
     hh = Engine.routes.url_helpers
 
-    RouteHelper.register_path(:login, hh.openstax_login_path) { hh.dev_users_login_path }
+    RouteHelper.register_path(:login, hh.openstax_login_path) { hh.login_dev_users_path }
   end
 end
 

data/db/migrate/20140410194004_add_fields_to_openstax_connect_users.rb

@@ -0,0 +1,7 @@
+class AddFieldsToOpenStaxConnectUsers < ActiveRecord::Migration
+  def change
+    add_column :openstax_connect_users, :full_name, :string
+    add_column :openstax_connect_users, :title, :string
+    add_column :openstax_connect_users, :access_token, :string
+  end
+end

data/lib/omniauth/strategies/openstax.rb

@@ -7,18 +7,27 @@ module OmniAuth
       option :name, "openstax"
 
       option :client_options, {
-        :site => OpenStax::Connect.configuration.openstax_services_url,
+        :site => OpenStax::Connect.configuration.openstax_accounts_url,
         :authorize_url => "/oauth/authorize"
       }
 
-      uid        { raw_info["id"] }
+      uid { raw_info["id"] }
 
       info do
+        username = raw_info["username"]
+        title = raw_info["title"]
+        first_name = raw_info["first_name"]
+        last_name = raw_info["last_name"]
+        full_name = raw_info["full_name"] || "#{first_name} #{last_name}"
+        full_name = username if full_name.blank?
+
+        # Changed to conform to the omniauth schema
         {
-          username: raw_info["username"],
-          first_name: raw_info["first_name"],
-          last_name: raw_info["last_name"]
-          # and anything else you want to return to your API consumers
+          name: full_name,
+          nickname: username,
+          first_name: first_name,
+          last_name: last_name,
+          title: title
         }
       end
 

data/lib/openstax/connect/current_user_manager.rb

@@ -34,13 +34,13 @@ module OpenStax::Connect
       !connect_current_user.is_anonymous?
     end
 
-  protected
-
     # Returns the current connect user
     def connect_current_user
       load_current_users
       @connect_current_user
-    end  
+    end
+
+  protected
 
     # If they are nil (unset), sets the current users based on the session state
     def load_current_users

data/lib/openstax/connect/engine.rb

@@ -1,7 +1,4 @@
-ActiveSupport::Inflector.inflections do |inflect|
-  inflect.acronym 'OpenStax'
-end
-
+require 'openstax/connect/inflections'
 require 'omniauth'
 require 'squeel'
 

data/lib/openstax/connect/inflections.rb

@@ -0,0 +1,3 @@
+ActiveSupport::Inflector.inflections do |inflect|
+  inflect.acronym 'OpenStax'
+end

data/lib/openstax/connect/version.rb

@@ -1,5 +1,5 @@
 module OpenStax
   module Connect
-    VERSION = "0.0.10"
+    VERSION = "0.1.0"
   end
 end

data/lib/openstax_connect.rb

@@ -1,5 +1,5 @@
+require "lev"
 require "openstax/connect/version"
-require "openstax/connect/exceptions"
 require "openstax/connect/engine"
 require "openstax/connect/utilities"
 require "openstax/connect/route_helper"
@@ -25,7 +25,7 @@ module OpenStax
       #   end
       #
       # Set enable_stubbing to true iff you want this engine to fake all 
-      #   interaction with the services site.
+      #   interaction with the accounts site.
       #
       
       def configure
@@ -40,7 +40,7 @@ module OpenStax
         attr_accessor :openstax_application_id
         attr_accessor :openstax_application_secret
         attr_accessor :enable_stubbing
-        attr_reader :openstax_services_url
+        attr_reader :openstax_accounts_url
         attr_accessor :logout_via
         attr_accessor :default_errors_partial
         attr_accessor :default_errors_html_id
@@ -50,16 +50,16 @@ module OpenStax
         # See the "user_provider" discussion in the README 
         attr_accessor :user_provider
 
-        def openstax_services_url=(url)
+        def openstax_accounts_url=(url)
           url.gsub!(/https|http/,'https') if !(url =~ /localhost/)
           url = url + "/" if url[url.size-1] != '/'
-          @openstax_services_url = url
+          @openstax_accounts_url = url
         end
 
         def initialize      
           @openstax_application_id = 'SET ME!'
           @openstax_application_secret = 'SET ME!'
-          @openstax_services_url = 'https://services.openstax.org/'
+          @openstax_accounts_url = 'https://accounts.openstax.org/'
           @enable_stubbing = true
           @logout_via = :get
           @default_errors_partial = 'openstax/connect/shared/attention'
@@ -75,6 +75,52 @@ module OpenStax
         end
       end
 
+      # Executes an OpenStax Accounts API call, using the given HTTP method,
+      # API url and request options.
+      # Any options accepted by OAuth2 requests can be used, such as
+      # :params, :body, :headers, etc, plus the :access_token option, which can
+      # be used to manually specify an OAuth access token.
+      # On failure, it can throw Faraday::ConnectionFailed for connection errors
+      # or OAuth2::Error if Accounts returns an HTTP 400 error,
+      # such as 422 Unprocessable Entity.
+      # On success, returns an OAuth2::Response object.
+      def api_call(http_method, url, options = {})
+        version = options.delete(:api_version)
+        unless version.blank?
+          options[:headers] ||= {}
+          options[:headers].merge!({ 'Accept' => "application/vnd.accounts.openstax.#{version.to_s}" })
+        end
+
+        token_string = options.delete(:access_token)
+        token = token_string.blank? ? client.client_credentials.get_token :
+                OAuth2::AccessToken.new(client, token_string)
+
+        api_url = URI.join(configuration.openstax_accounts_url, 'api/', url)
+
+        token.request(http_method, api_url, options)
+      end
+
+      # Creates an ApplicationUser in Accounts for this app and the given
+      # OpenStax::Connect::User.
+      # Also takes an optional API version parameter. Defaults to :v1.
+      # On failure, throws an Exception, just like api_call.
+      # On success, returns an OAuth2::Response object.
+      def create_application_user(user, version = nil)
+        options = {:access_token => user.access_token,
+                   :api_version => (version.nil? ? :v1 : version)}
+        api_call(:post, 'application_users', options)
+      end
+
+    protected
+
+      def client
+        @client ||= OAuth2::Client.new(
+                      configuration.openstax_application_id,
+                      configuration.openstax_application_secret,
+                      :site => configuration.openstax_accounts_url
+                    )
+      end
+
     end
 
   end