panjiva-oauth-plugin 0.4.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (167) hide show
  1. checksums.yaml +15 -0
  2. data/.gitignore +12 -0
  3. data/CHANGELOG +178 -0
  4. data/Gemfile +27 -0
  5. data/Guardfile +8 -0
  6. data/MIT-LICENSE +20 -0
  7. data/README.rdoc +531 -0
  8. data/Rakefile +2 -0
  9. data/UPGRADE.rdoc +21 -0
  10. data/generators/oauth_consumer/USAGE +10 -0
  11. data/generators/oauth_consumer/oauth_consumer_generator.rb +50 -0
  12. data/generators/oauth_consumer/templates/consumer_token.rb +11 -0
  13. data/generators/oauth_consumer/templates/controller.rb +27 -0
  14. data/generators/oauth_consumer/templates/index.html.erb +29 -0
  15. data/generators/oauth_consumer/templates/index.html.haml +18 -0
  16. data/generators/oauth_consumer/templates/migration.rb +20 -0
  17. data/generators/oauth_consumer/templates/oauth_config.rb +73 -0
  18. data/generators/oauth_consumer/templates/show.html.erb +7 -0
  19. data/generators/oauth_consumer/templates/show.html.haml +8 -0
  20. data/generators/oauth_provider/USAGE +20 -0
  21. data/generators/oauth_provider/lib/insert_routes.rb +67 -0
  22. data/generators/oauth_provider/oauth_provider_generator.rb +127 -0
  23. data/generators/oauth_provider/templates/_form.html.erb +17 -0
  24. data/generators/oauth_provider/templates/_form.html.haml +21 -0
  25. data/generators/oauth_provider/templates/access_token.rb +16 -0
  26. data/generators/oauth_provider/templates/authorize.html.erb +14 -0
  27. data/generators/oauth_provider/templates/authorize.html.haml +16 -0
  28. data/generators/oauth_provider/templates/authorize_failure.html.erb +1 -0
  29. data/generators/oauth_provider/templates/authorize_failure.html.haml +1 -0
  30. data/generators/oauth_provider/templates/authorize_success.html.erb +1 -0
  31. data/generators/oauth_provider/templates/authorize_success.html.haml +1 -0
  32. data/generators/oauth_provider/templates/client_application.rb +57 -0
  33. data/generators/oauth_provider/templates/client_application_spec.rb +29 -0
  34. data/generators/oauth_provider/templates/client_application_test.rb +42 -0
  35. data/generators/oauth_provider/templates/client_applications.yml +23 -0
  36. data/generators/oauth_provider/templates/clients_controller.rb +52 -0
  37. data/generators/oauth_provider/templates/clients_controller_spec.rb +176 -0
  38. data/generators/oauth_provider/templates/clients_controller_test.rb +280 -0
  39. data/generators/oauth_provider/templates/controller.rb +23 -0
  40. data/generators/oauth_provider/templates/edit.html.erb +7 -0
  41. data/generators/oauth_provider/templates/edit.html.haml +4 -0
  42. data/generators/oauth_provider/templates/index.html.erb +43 -0
  43. data/generators/oauth_provider/templates/index.html.haml +39 -0
  44. data/generators/oauth_provider/templates/migration.rb +47 -0
  45. data/generators/oauth_provider/templates/new.html.erb +5 -0
  46. data/generators/oauth_provider/templates/new.html.haml +5 -0
  47. data/generators/oauth_provider/templates/oauth2_authorize.html.erb +16 -0
  48. data/generators/oauth_provider/templates/oauth2_authorize.html.haml +17 -0
  49. data/generators/oauth_provider/templates/oauth2_token.rb +20 -0
  50. data/generators/oauth_provider/templates/oauth2_token_spec.rb +52 -0
  51. data/generators/oauth_provider/templates/oauth2_verifier.rb +35 -0
  52. data/generators/oauth_provider/templates/oauth2_verifier_spec.rb +44 -0
  53. data/generators/oauth_provider/templates/oauth_nonce.rb +13 -0
  54. data/generators/oauth_provider/templates/oauth_nonce_spec.rb +24 -0
  55. data/generators/oauth_provider/templates/oauth_nonce_test.rb +26 -0
  56. data/generators/oauth_provider/templates/oauth_nonces.yml +13 -0
  57. data/generators/oauth_provider/templates/oauth_token.rb +30 -0
  58. data/generators/oauth_provider/templates/oauth_token_spec.rb +309 -0
  59. data/generators/oauth_provider/templates/oauth_token_test.rb +57 -0
  60. data/generators/oauth_provider/templates/oauth_tokens.yml +17 -0
  61. data/generators/oauth_provider/templates/request_token.rb +40 -0
  62. data/generators/oauth_provider/templates/show.html.erb +27 -0
  63. data/generators/oauth_provider/templates/show.html.haml +30 -0
  64. data/init.rb +1 -0
  65. data/install.rb +2 -0
  66. data/lib/generators/active_record/oauth_consumer_generator.rb +33 -0
  67. data/lib/generators/active_record/oauth_consumer_templates/consumer_token.rb +11 -0
  68. data/lib/generators/active_record/oauth_consumer_templates/migration.rb +20 -0
  69. data/lib/generators/active_record/oauth_provider_generator.rb +39 -0
  70. data/lib/generators/active_record/oauth_provider_templates/access_token.rb +16 -0
  71. data/lib/generators/active_record/oauth_provider_templates/client_application.rb +57 -0
  72. data/lib/generators/active_record/oauth_provider_templates/migration.rb +47 -0
  73. data/lib/generators/active_record/oauth_provider_templates/oauth2_token.rb +20 -0
  74. data/lib/generators/active_record/oauth_provider_templates/oauth2_verifier.rb +35 -0
  75. data/lib/generators/active_record/oauth_provider_templates/oauth_nonce.rb +13 -0
  76. data/lib/generators/active_record/oauth_provider_templates/oauth_token.rb +30 -0
  77. data/lib/generators/active_record/oauth_provider_templates/request_token.rb +40 -0
  78. data/lib/generators/erb/oauth_consumer_generator.rb +14 -0
  79. data/lib/generators/erb/oauth_consumer_templates/index.html.erb +29 -0
  80. data/lib/generators/erb/oauth_consumer_templates/show.html.erb +7 -0
  81. data/lib/generators/erb/oauth_provider_generator.rb +23 -0
  82. data/lib/generators/erb/oauth_provider_templates/_form.html.erb +17 -0
  83. data/lib/generators/erb/oauth_provider_templates/authorize.html.erb +14 -0
  84. data/lib/generators/erb/oauth_provider_templates/authorize_failure.html.erb +1 -0
  85. data/lib/generators/erb/oauth_provider_templates/authorize_success.html.erb +1 -0
  86. data/lib/generators/erb/oauth_provider_templates/edit.html.erb +7 -0
  87. data/lib/generators/erb/oauth_provider_templates/index.html.erb +43 -0
  88. data/lib/generators/erb/oauth_provider_templates/new.html.erb +5 -0
  89. data/lib/generators/erb/oauth_provider_templates/oauth2_authorize.html.erb +16 -0
  90. data/lib/generators/erb/oauth_provider_templates/show.html.erb +27 -0
  91. data/lib/generators/haml/oauth_consumer_generator.rb +21 -0
  92. data/lib/generators/haml/oauth_consumer_templates/index.html.haml +18 -0
  93. data/lib/generators/haml/oauth_consumer_templates/show.html.haml +8 -0
  94. data/lib/generators/haml/oauth_provider_generator.rb +28 -0
  95. data/lib/generators/haml/oauth_provider_templates/_form.html.haml +21 -0
  96. data/lib/generators/haml/oauth_provider_templates/authorize.html.haml +16 -0
  97. data/lib/generators/haml/oauth_provider_templates/authorize_failure.html.haml +1 -0
  98. data/lib/generators/haml/oauth_provider_templates/authorize_success.html.haml +1 -0
  99. data/lib/generators/haml/oauth_provider_templates/edit.html.haml +4 -0
  100. data/lib/generators/haml/oauth_provider_templates/index.html.haml +39 -0
  101. data/lib/generators/haml/oauth_provider_templates/new.html.haml +5 -0
  102. data/lib/generators/haml/oauth_provider_templates/oauth2_authorize.html.haml +17 -0
  103. data/lib/generators/haml/oauth_provider_templates/show.html.haml +30 -0
  104. data/lib/generators/mongoid/oauth_consumer_generator.rb +15 -0
  105. data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb +41 -0
  106. data/lib/generators/mongoid/oauth_provider_generator.rb +21 -0
  107. data/lib/generators/mongoid/oauth_provider_templates/access_token.rb +16 -0
  108. data/lib/generators/mongoid/oauth_provider_templates/client_application.rb +71 -0
  109. data/lib/generators/mongoid/oauth_provider_templates/oauth2_token.rb +20 -0
  110. data/lib/generators/mongoid/oauth_provider_templates/oauth2_verifier.rb +35 -0
  111. data/lib/generators/mongoid/oauth_provider_templates/oauth_nonce.rb +24 -0
  112. data/lib/generators/mongoid/oauth_provider_templates/oauth_token.rb +44 -0
  113. data/lib/generators/mongoid/oauth_provider_templates/request_token.rb +36 -0
  114. data/lib/generators/oauth_consumer/USAGE +11 -0
  115. data/lib/generators/oauth_consumer/oauth_consumer_generator.rb +31 -0
  116. data/lib/generators/oauth_consumer/templates/controller.rb +59 -0
  117. data/lib/generators/oauth_consumer/templates/oauth_config.rb +68 -0
  118. data/lib/generators/oauth_inflections.rb +6 -0
  119. data/lib/generators/oauth_plugin.rb +0 -0
  120. data/lib/generators/oauth_provider/USAGE +18 -0
  121. data/lib/generators/oauth_provider/oauth_provider_generator.rb +37 -0
  122. data/lib/generators/oauth_provider/templates/clients_controller.rb +52 -0
  123. data/lib/generators/oauth_provider/templates/controller.rb +23 -0
  124. data/lib/generators/rspec/oauth_provider_generator.rb +35 -0
  125. data/lib/generators/rspec/templates/client_application_spec.rb +29 -0
  126. data/lib/generators/rspec/templates/client_applications.yml +23 -0
  127. data/lib/generators/rspec/templates/clients_controller_spec.rb +176 -0
  128. data/lib/generators/rspec/templates/oauth2_token_spec.rb +52 -0
  129. data/lib/generators/rspec/templates/oauth2_verifier_spec.rb +44 -0
  130. data/lib/generators/rspec/templates/oauth_nonce_spec.rb +24 -0
  131. data/lib/generators/rspec/templates/oauth_nonces.yml +13 -0
  132. data/lib/generators/rspec/templates/oauth_token_spec.rb +309 -0
  133. data/lib/generators/rspec/templates/oauth_tokens.yml +17 -0
  134. data/lib/generators/test_unit/oauth_provider_generator.rb +33 -0
  135. data/lib/generators/test_unit/templates/client_application_test.rb +42 -0
  136. data/lib/generators/test_unit/templates/client_applications.yml +23 -0
  137. data/lib/generators/test_unit/templates/clients_controller_test.rb +280 -0
  138. data/lib/generators/test_unit/templates/oauth_nonce_test.rb +26 -0
  139. data/lib/generators/test_unit/templates/oauth_nonces.yml +13 -0
  140. data/lib/generators/test_unit/templates/oauth_token_test.rb +57 -0
  141. data/lib/generators/test_unit/templates/oauth_tokens.yml +17 -0
  142. data/lib/oauth-plugin.rb +24 -0
  143. data/lib/oauth-plugin/version.rb +5 -0
  144. data/lib/oauth/controllers/application_controller_methods.rb +136 -0
  145. data/lib/oauth/controllers/consumer_controller.rb +150 -0
  146. data/lib/oauth/controllers/provider_controller.rb +181 -0
  147. data/lib/oauth/models/consumers/service_loader.rb +28 -0
  148. data/lib/oauth/models/consumers/services/agree2_token.rb +15 -0
  149. data/lib/oauth/models/consumers/services/fireeagle_token.rb +39 -0
  150. data/lib/oauth/models/consumers/services/google_token.rb +21 -0
  151. data/lib/oauth/models/consumers/services/oauth2_token.rb +27 -0
  152. data/lib/oauth/models/consumers/services/opentransact_token.rb +15 -0
  153. data/lib/oauth/models/consumers/services/picomoney_token.rb +17 -0
  154. data/lib/oauth/models/consumers/services/twitter_token.rb +24 -0
  155. data/lib/oauth/models/consumers/simple_client.rb +50 -0
  156. data/lib/oauth/models/consumers/token.rb +93 -0
  157. data/lib/oauth/provider/authorizer.rb +83 -0
  158. data/lib/oauth/rack/oauth_filter.rb +93 -0
  159. data/oauth-plugin.gemspec +39 -0
  160. data/rails/init.rb +1 -0
  161. data/spec/dummy_provider_models.rb +53 -0
  162. data/spec/oauth/provider/authorizer_spec.rb +202 -0
  163. data/spec/rack/oauth_filter_spec.rb +244 -0
  164. data/spec/spec_helper.rb +3 -0
  165. data/tasks/oauth_tasks.rake +4 -0
  166. data/uninstall.rb +1 -0
  167. metadata +362 -0
@@ -0,0 +1,17 @@
1
+ # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
2
+ one:
3
+ id: 1
4
+ user_id: 1
5
+ client_application_id: 1
6
+ token: one
7
+ secret: MyString
8
+ created_at: 2007-11-19 07:31:46
9
+ updated_at: 2007-11-19 07:31:46
10
+ two:
11
+ id: 2
12
+ user_id: 1
13
+ client_application_id: 1
14
+ token: two
15
+ secret: MyString
16
+ created_at: 2007-11-19 07:31:46
17
+ updated_at: 2007-11-19 07:31:46
@@ -0,0 +1,24 @@
1
+ require 'oauth'
2
+ require 'oauth/signature/hmac/sha1'
3
+ require 'oauth/request_proxy/rack_request'
4
+ require 'oauth/server'
5
+ require 'oauth/controllers/application_controller_methods'
6
+ if Rails.version =~ /^3\./
7
+ require 'oauth/request_proxy/rack_request'
8
+ else
9
+ require 'oauth/request_proxy/action_controller_request'
10
+ ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
11
+ end
12
+
13
+
14
+ if Rails.version =~ /^3\./
15
+ module OAuth
16
+ module Plugin
17
+ class OAuthRailtie < Rails::Railtie
18
+ initializer "oauth-plugin.configure_rails_initialization" do |app|
19
+ ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods
20
+ end
21
+ end
22
+ end
23
+ end
24
+ end
@@ -0,0 +1,5 @@
1
+ module Oauth
2
+ module Plugin
3
+ VERSION = "0.4.1"
4
+ end
5
+ end
@@ -0,0 +1,136 @@
1
+ module OAuth
2
+ module Controllers
3
+
4
+ module ApplicationControllerMethods
5
+
6
+ def self.included(controller)
7
+ controller.class_eval do
8
+ extend ClassMethods
9
+ end
10
+ end
11
+
12
+ module ClassMethods
13
+ def oauthenticate(options={})
14
+ filter_options = {}
15
+ filter_options[:only] = options.delete(:only) if options[:only]
16
+ filter_options[:except] = options.delete(:except) if options[:except]
17
+ before_filter Filter.new(options), filter_options
18
+ end
19
+ end
20
+
21
+ class Filter
22
+ def initialize(options={})
23
+ @options={
24
+ :interactive=>true,
25
+ :strategies => [:token,:two_legged]
26
+ }.merge(options)
27
+ @strategies = Array(@options[:strategies])
28
+ @strategies << :interactive if @options[:interactive]
29
+ end
30
+
31
+ def filter(controller)
32
+ Authenticator.new(controller,@strategies).allow?
33
+ end
34
+ end
35
+
36
+ class Authenticator
37
+ attr_accessor :controller, :strategies, :strategy
38
+ def initialize(controller,strategies)
39
+ @controller = controller
40
+ @strategies = strategies
41
+ end
42
+
43
+ def allow?
44
+ if @strategies.include?(:interactive) && interactive
45
+ true
46
+ elsif !(@strategies & env["oauth.strategies"].to_a).empty?
47
+ @controller.send :current_user=, token.user if token
48
+ true
49
+ else
50
+ if @strategies.include?(:interactive)
51
+ controller.send :access_denied
52
+ else
53
+ controller.send :invalid_oauth_response
54
+ end
55
+ end
56
+ end
57
+
58
+ def oauth20_token
59
+ env["oauth.version"]==2 && env["oauth.token"]
60
+ end
61
+
62
+ def oauth10_token
63
+ env["oauth.version"]==1 && env["oauth.token"]
64
+ end
65
+
66
+ def oauth10_request_token
67
+ oauth10_token && oauth10_token.is_a?(::RequestToken) ? oauth10_token : nil
68
+ end
69
+
70
+ def oauth10_access_token
71
+ oauth10_token && oauth10_token.is_a?(::AccessToken) ? oauth10_token : nil
72
+ end
73
+
74
+ def token
75
+ oauth20_token || oauth10_access_token || nil
76
+ end
77
+
78
+ def client_application
79
+ env["oauth.version"]==1 && env["oauth.client_application"] || oauth20_token.try(:client_application)
80
+ end
81
+
82
+ def two_legged
83
+ env["oauth.version"]==1 && client_application
84
+ end
85
+
86
+ def interactive
87
+ @controller.send :logged_in?
88
+ end
89
+
90
+ def env
91
+ request.env
92
+ end
93
+
94
+ def request
95
+ controller.send :request
96
+ end
97
+
98
+ end
99
+
100
+ protected
101
+
102
+ def current_token
103
+ request.env["oauth.token"]
104
+ end
105
+
106
+ def current_client_application
107
+ request.env["oauth.version"]==1 && request.env["oauth.client_application"] || current_token.try(:client_application)
108
+ end
109
+
110
+ def oauth?
111
+ current_token
112
+ end
113
+
114
+ # use in a before_filter. Note this is for compatibility purposes. Better to use oauthenticate now
115
+ def oauth_required
116
+ Authenticator.new(self,[:oauth10_access_token]).allow?
117
+ end
118
+
119
+ # use in before_filter. Note this is for compatibility purposes. Better to use oauthenticate now
120
+ def login_or_oauth_required
121
+ Authenticator.new(self,[:oauth10_access_token,:interactive]).allow?
122
+ end
123
+
124
+ def invalid_oauth_response(code=401,message="Invalid OAuth Request")
125
+ render :text => message, :status => code
126
+ false
127
+ end
128
+
129
+ # override this in your controller
130
+ def access_denied
131
+ head 401
132
+ end
133
+
134
+ end
135
+ end
136
+ end
@@ -0,0 +1,150 @@
1
+ module Oauth
2
+ module Controllers
3
+ module ConsumerController
4
+ def self.included(controller)
5
+ controller.class_eval do
6
+ before_filter :load_consumer, :except=>:index
7
+ skip_before_filter :verify_authenticity_token,:only=>:callback
8
+ end
9
+ end
10
+
11
+ def index
12
+ @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
13
+ # The services the user hasn't already connected to
14
+ @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
15
+ end
16
+
17
+ # If the user has no token or <tt>force</tt> is set as a param, creates request token and
18
+ # redirects on to oauth provider's auth page. Otherwise it displays a page with an option
19
+ # to disconnect and redo
20
+ def show
21
+ if @token && params[:force]
22
+ @token.destroy
23
+ @token = nil
24
+ end
25
+
26
+ unless @token
27
+ if @consumer.ancestors.include?(Oauth2Token)
28
+ request_url = callback2_oauth_consumer_url(params[:id]) + callback2_querystring
29
+ redirect_to @consumer.authorize_url(request_url)
30
+ else
31
+ request_url = callback_oauth_consumer_url(params[:id]) + callback2_querystring
32
+ @request_token = @consumer.get_request_token(request_url)
33
+ session[@request_token.token]=@request_token.secret
34
+ if @request_token.callback_confirmed?
35
+ redirect_to @request_token.authorize_url
36
+ else
37
+ redirect_to(@request_token.authorize_url + "&oauth_callback=#{callback_oauth_consumer_url(params[:id])}")
38
+ end
39
+ end
40
+ end
41
+ end
42
+
43
+ def callback2_querystring
44
+ request.query_string.blank? ? '' : '?' + request.query_string
45
+ end
46
+
47
+ def callback2
48
+ @token = @consumer.access_token(current_user,params[:code], callback2_oauth_consumer_url(params[:id]))
49
+ logger.info @token.inspect
50
+ if @token
51
+ # Log user in
52
+ if logged_in?
53
+ flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
54
+ else
55
+ self.current_user = @token.user
56
+ flash[:notice] = "You logged in with #{params[:id].humanize}"
57
+ end
58
+ go_back
59
+ else
60
+ flash[:error] = "An error happened, please try connecting again"
61
+ redirect_to oauth_consumer_url(params[:id])
62
+ end
63
+
64
+ end
65
+
66
+ def callback
67
+ logger.info "CALLBACK"
68
+ @request_token_secret=session[params[:oauth_token]]
69
+ if @request_token_secret
70
+ @token=@consumer.find_or_create_from_request_token(current_user,params[:oauth_token],@request_token_secret,params[:oauth_verifier])
71
+ session[params[:oauth_token]] = nil
72
+ if @token
73
+ # Log user in
74
+ if logged_in?
75
+ flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
76
+ else
77
+ self.current_user = @token.user
78
+ flash[:notice] = "You logged in with #{params[:id].humanize}"
79
+ end
80
+ go_back
81
+ else
82
+ flash[:error] = "An error happened, please try connecting again"
83
+ redirect_to oauth_consumer_url(params[:id])
84
+ end
85
+ end
86
+
87
+ end
88
+
89
+ def client
90
+ method = request.method.downcase.to_sym
91
+ path = "/#{params[:endpoint]}?#{request.query_string}"
92
+ if consumer_credentials[:expose]
93
+ if @token
94
+ oauth_response = @token.client.send(method, path)
95
+ if oauth_response.is_a? Net::HTTPRedirection
96
+ # follow redirect
97
+ oauth_response = @token.client.send(method, oauth_response['Location'])
98
+ end
99
+
100
+ render :text => oauth_response.body
101
+ else
102
+ render :text => "Token needed.", :status => 403
103
+ end
104
+ else
105
+ render :text => "Not allowed", :status => 403
106
+ end
107
+ end
108
+
109
+ def destroy
110
+ throw RecordNotFound unless @token
111
+ @token.destroy
112
+ if params[:commit]=="Reconnect"
113
+ redirect_to oauth_consumer_url(params[:id])
114
+ else
115
+ flash[:notice] = "#{params[:id].humanize} was successfully disconnected from your account"
116
+
117
+ go_back
118
+ end
119
+ end
120
+
121
+ protected
122
+
123
+ # Override this in your controller to decide where you want to redirect user to after callback is finished.
124
+ def go_back
125
+ redirect_to root_url
126
+ end
127
+
128
+ def consumer_credentials
129
+ OAUTH_CREDENTIALS[consumer_key]
130
+ end
131
+
132
+ def consumer_key
133
+ @consumer_key ||= params[:id].to_sym
134
+ end
135
+
136
+ def load_consumer
137
+ throw RecordNotFound unless OAUTH_CREDENTIALS.include?(consumer_key)
138
+ deny_access! unless logged_in? || consumer_credentials[:allow_login]
139
+ @consumer="#{consumer_key.to_s.camelcase}Token".constantize
140
+ @token=@consumer.find(:first, :conditions=>{:user_id=>current_user.id.to_s}) if logged_in?
141
+ end
142
+
143
+ # Override this in you controller to deny user or redirect to login screen.
144
+ def deny_access!
145
+ head 401
146
+ end
147
+
148
+ end
149
+ end
150
+ end
@@ -0,0 +1,181 @@
1
+ require 'oauth/provider/authorizer'
2
+ module OAuth
3
+ module Controllers
4
+
5
+ module ProviderController
6
+ def self.included(controller)
7
+ controller.class_eval do
8
+ before_filter :login_required, :only => [:authorize,:revoke]
9
+ oauthenticate :only => [:test_request]
10
+ oauthenticate :strategies => :token, :interactive => false, :only => [:invalidate,:capabilities]
11
+ oauthenticate :strategies => :two_legged, :interactive => false, :only => [:request_token]
12
+ oauthenticate :strategies => :oauth10_request_token, :interactive => false, :only => [:access_token]
13
+ skip_before_filter :verify_authenticity_token, :only=>[:request_token, :access_token, :invalidate, :test_request, :token]
14
+ end
15
+ end
16
+
17
+ def request_token
18
+ @token = current_client_application.create_request_token params
19
+ if @token
20
+ render :text => @token.to_query
21
+ else
22
+ render :nothing => true, :status => 401
23
+ end
24
+ end
25
+
26
+ def access_token
27
+ @token = current_token && current_token.exchange!
28
+ if @token
29
+ render :text => @token.to_query
30
+ else
31
+ render :nothing => true, :status => 401
32
+ end
33
+ end
34
+
35
+ def token
36
+ @client_application = ClientApplication.find_by_key! params[:client_id]
37
+ if @client_application.secret != params[:client_secret]
38
+ oauth2_error "invalid_client"
39
+ return
40
+ end
41
+ # older drafts used none for client_credentials
42
+ params[:grant_type] = 'client_credentials' if params[:grant_type] == 'none'
43
+ logger.info "grant_type=#{params[:grant_type]}"
44
+ if ["authorization_code", "password", "client_credentials"].include?(params[:grant_type])
45
+ send "oauth2_token_#{params[:grant_type].underscore}"
46
+ else
47
+ oauth2_error "unsupported_grant_type"
48
+ end
49
+ end
50
+
51
+ def test_request
52
+ render :text => params.collect{|k,v|"#{k}=#{v}"}.join("&")
53
+ end
54
+
55
+ def authorize
56
+ if params[:oauth_token]
57
+ @token = ::RequestToken.find_by_token! params[:oauth_token]
58
+ oauth1_authorize
59
+ else
60
+ if request.post?
61
+ @authorizer = OAuth::Provider::Authorizer.new current_user, user_authorizes_token?, params
62
+ redirect_to @authorizer.redirect_uri
63
+ else
64
+ @client_application = ClientApplication.find_by_key! params[:client_id]
65
+ render :action => "oauth2_authorize"
66
+ end
67
+ end
68
+ end
69
+
70
+ def revoke
71
+ @token = current_user.tokens.find_by_token! params[:token]
72
+ if @token
73
+ @token.invalidate!
74
+ flash[:notice] = "You've revoked the token for #{@token.client_application.name}"
75
+ end
76
+ redirect_to oauth_clients_url
77
+ end
78
+
79
+ # Invalidate current token
80
+ def invalidate
81
+ current_token.invalidate!
82
+ head :status=>410
83
+ end
84
+
85
+ # Capabilities of current_token
86
+ def capabilities
87
+ if current_token.respond_to?(:capabilities)
88
+ @capabilities=current_token.capabilities
89
+ else
90
+ @capabilities={:invalidate=>url_for(:action=>:invalidate)}
91
+ end
92
+
93
+ respond_to do |format|
94
+ format.json {render :json=>@capabilities}
95
+ format.xml {render :xml=>@capabilities}
96
+ end
97
+ end
98
+
99
+ protected
100
+
101
+ def oauth1_authorize
102
+ unless @token
103
+ render :action=>"authorize_failure"
104
+ return
105
+ end
106
+
107
+ unless @token.invalidated?
108
+ if request.post?
109
+ if user_authorizes_token?
110
+ @token.authorize!(current_user)
111
+ callback_url = @token.oob? ? @token.client_application.callback_url : @token.callback_url
112
+ @redirect_url = URI.parse(callback_url) unless callback_url.blank?
113
+
114
+ unless @redirect_url.to_s.blank?
115
+ @redirect_url.query = @redirect_url.query.blank? ?
116
+ "oauth_token=#{@token.token}&oauth_verifier=#{@token.verifier}" :
117
+ @redirect_url.query + "&oauth_token=#{@token.token}&oauth_verifier=#{@token.verifier}"
118
+ redirect_to @redirect_url.to_s
119
+ else
120
+ render :action => "authorize_success"
121
+ end
122
+ else
123
+ @token.invalidate!
124
+ render :action => "authorize_failure"
125
+ end
126
+ end
127
+ else
128
+ render :action => "authorize_failure"
129
+ end
130
+ end
131
+
132
+
133
+ # http://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-4.1.1
134
+ def oauth2_token_authorization_code
135
+ @verification_code = @client_application.oauth2_verifiers.find_by_token params[:code]
136
+ unless @verification_code
137
+ oauth2_error
138
+ return
139
+ end
140
+ if @verification_code.redirect_url != params[:redirect_uri]
141
+ oauth2_error
142
+ return
143
+ end
144
+ @token = @verification_code.exchange!
145
+ render :json=>@token
146
+ end
147
+
148
+ # http://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-4.1.2
149
+ def oauth2_token_password
150
+ @user = authenticate_user( params[:username], params[:password])
151
+ unless @user
152
+ oauth2_error
153
+ return
154
+ end
155
+ @token = Oauth2Token.create :client_application=>@client_application, :user=>@user, :scope=>params[:scope]
156
+ render :json=>@token
157
+ end
158
+
159
+ # should authenticate and return a user if valid password. Override in your own controller
160
+ def authenticate_user(username,password)
161
+ User.authenticate(username,password)
162
+ end
163
+
164
+ # autonomous authorization which creates a token for client_applications user
165
+ def oauth2_token_client_credentials
166
+ @token = Oauth2Token.create :client_application=>@client_application, :user=>@client_application.user, :scope=>params[:scope]
167
+ render :json=>@token
168
+ end
169
+
170
+ # Override this to match your authorization page form
171
+ def user_authorizes_token?
172
+ params[:authorize] == '1'
173
+ end
174
+
175
+ def oauth2_error(error="invalid_grant")
176
+ render :json=>{:error=>error}.to_json, :status => 400
177
+ end
178
+
179
+ end
180
+ end
181
+ end