panjiva-oauth-plugin 0.4.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (167) hide show
  1. checksums.yaml +15 -0
  2. data/.gitignore +12 -0
  3. data/CHANGELOG +178 -0
  4. data/Gemfile +27 -0
  5. data/Guardfile +8 -0
  6. data/MIT-LICENSE +20 -0
  7. data/README.rdoc +531 -0
  8. data/Rakefile +2 -0
  9. data/UPGRADE.rdoc +21 -0
  10. data/generators/oauth_consumer/USAGE +10 -0
  11. data/generators/oauth_consumer/oauth_consumer_generator.rb +50 -0
  12. data/generators/oauth_consumer/templates/consumer_token.rb +11 -0
  13. data/generators/oauth_consumer/templates/controller.rb +27 -0
  14. data/generators/oauth_consumer/templates/index.html.erb +29 -0
  15. data/generators/oauth_consumer/templates/index.html.haml +18 -0
  16. data/generators/oauth_consumer/templates/migration.rb +20 -0
  17. data/generators/oauth_consumer/templates/oauth_config.rb +73 -0
  18. data/generators/oauth_consumer/templates/show.html.erb +7 -0
  19. data/generators/oauth_consumer/templates/show.html.haml +8 -0
  20. data/generators/oauth_provider/USAGE +20 -0
  21. data/generators/oauth_provider/lib/insert_routes.rb +67 -0
  22. data/generators/oauth_provider/oauth_provider_generator.rb +127 -0
  23. data/generators/oauth_provider/templates/_form.html.erb +17 -0
  24. data/generators/oauth_provider/templates/_form.html.haml +21 -0
  25. data/generators/oauth_provider/templates/access_token.rb +16 -0
  26. data/generators/oauth_provider/templates/authorize.html.erb +14 -0
  27. data/generators/oauth_provider/templates/authorize.html.haml +16 -0
  28. data/generators/oauth_provider/templates/authorize_failure.html.erb +1 -0
  29. data/generators/oauth_provider/templates/authorize_failure.html.haml +1 -0
  30. data/generators/oauth_provider/templates/authorize_success.html.erb +1 -0
  31. data/generators/oauth_provider/templates/authorize_success.html.haml +1 -0
  32. data/generators/oauth_provider/templates/client_application.rb +57 -0
  33. data/generators/oauth_provider/templates/client_application_spec.rb +29 -0
  34. data/generators/oauth_provider/templates/client_application_test.rb +42 -0
  35. data/generators/oauth_provider/templates/client_applications.yml +23 -0
  36. data/generators/oauth_provider/templates/clients_controller.rb +52 -0
  37. data/generators/oauth_provider/templates/clients_controller_spec.rb +176 -0
  38. data/generators/oauth_provider/templates/clients_controller_test.rb +280 -0
  39. data/generators/oauth_provider/templates/controller.rb +23 -0
  40. data/generators/oauth_provider/templates/edit.html.erb +7 -0
  41. data/generators/oauth_provider/templates/edit.html.haml +4 -0
  42. data/generators/oauth_provider/templates/index.html.erb +43 -0
  43. data/generators/oauth_provider/templates/index.html.haml +39 -0
  44. data/generators/oauth_provider/templates/migration.rb +47 -0
  45. data/generators/oauth_provider/templates/new.html.erb +5 -0
  46. data/generators/oauth_provider/templates/new.html.haml +5 -0
  47. data/generators/oauth_provider/templates/oauth2_authorize.html.erb +16 -0
  48. data/generators/oauth_provider/templates/oauth2_authorize.html.haml +17 -0
  49. data/generators/oauth_provider/templates/oauth2_token.rb +20 -0
  50. data/generators/oauth_provider/templates/oauth2_token_spec.rb +52 -0
  51. data/generators/oauth_provider/templates/oauth2_verifier.rb +35 -0
  52. data/generators/oauth_provider/templates/oauth2_verifier_spec.rb +44 -0
  53. data/generators/oauth_provider/templates/oauth_nonce.rb +13 -0
  54. data/generators/oauth_provider/templates/oauth_nonce_spec.rb +24 -0
  55. data/generators/oauth_provider/templates/oauth_nonce_test.rb +26 -0
  56. data/generators/oauth_provider/templates/oauth_nonces.yml +13 -0
  57. data/generators/oauth_provider/templates/oauth_token.rb +30 -0
  58. data/generators/oauth_provider/templates/oauth_token_spec.rb +309 -0
  59. data/generators/oauth_provider/templates/oauth_token_test.rb +57 -0
  60. data/generators/oauth_provider/templates/oauth_tokens.yml +17 -0
  61. data/generators/oauth_provider/templates/request_token.rb +40 -0
  62. data/generators/oauth_provider/templates/show.html.erb +27 -0
  63. data/generators/oauth_provider/templates/show.html.haml +30 -0
  64. data/init.rb +1 -0
  65. data/install.rb +2 -0
  66. data/lib/generators/active_record/oauth_consumer_generator.rb +33 -0
  67. data/lib/generators/active_record/oauth_consumer_templates/consumer_token.rb +11 -0
  68. data/lib/generators/active_record/oauth_consumer_templates/migration.rb +20 -0
  69. data/lib/generators/active_record/oauth_provider_generator.rb +39 -0
  70. data/lib/generators/active_record/oauth_provider_templates/access_token.rb +16 -0
  71. data/lib/generators/active_record/oauth_provider_templates/client_application.rb +57 -0
  72. data/lib/generators/active_record/oauth_provider_templates/migration.rb +47 -0
  73. data/lib/generators/active_record/oauth_provider_templates/oauth2_token.rb +20 -0
  74. data/lib/generators/active_record/oauth_provider_templates/oauth2_verifier.rb +35 -0
  75. data/lib/generators/active_record/oauth_provider_templates/oauth_nonce.rb +13 -0
  76. data/lib/generators/active_record/oauth_provider_templates/oauth_token.rb +30 -0
  77. data/lib/generators/active_record/oauth_provider_templates/request_token.rb +40 -0
  78. data/lib/generators/erb/oauth_consumer_generator.rb +14 -0
  79. data/lib/generators/erb/oauth_consumer_templates/index.html.erb +29 -0
  80. data/lib/generators/erb/oauth_consumer_templates/show.html.erb +7 -0
  81. data/lib/generators/erb/oauth_provider_generator.rb +23 -0
  82. data/lib/generators/erb/oauth_provider_templates/_form.html.erb +17 -0
  83. data/lib/generators/erb/oauth_provider_templates/authorize.html.erb +14 -0
  84. data/lib/generators/erb/oauth_provider_templates/authorize_failure.html.erb +1 -0
  85. data/lib/generators/erb/oauth_provider_templates/authorize_success.html.erb +1 -0
  86. data/lib/generators/erb/oauth_provider_templates/edit.html.erb +7 -0
  87. data/lib/generators/erb/oauth_provider_templates/index.html.erb +43 -0
  88. data/lib/generators/erb/oauth_provider_templates/new.html.erb +5 -0
  89. data/lib/generators/erb/oauth_provider_templates/oauth2_authorize.html.erb +16 -0
  90. data/lib/generators/erb/oauth_provider_templates/show.html.erb +27 -0
  91. data/lib/generators/haml/oauth_consumer_generator.rb +21 -0
  92. data/lib/generators/haml/oauth_consumer_templates/index.html.haml +18 -0
  93. data/lib/generators/haml/oauth_consumer_templates/show.html.haml +8 -0
  94. data/lib/generators/haml/oauth_provider_generator.rb +28 -0
  95. data/lib/generators/haml/oauth_provider_templates/_form.html.haml +21 -0
  96. data/lib/generators/haml/oauth_provider_templates/authorize.html.haml +16 -0
  97. data/lib/generators/haml/oauth_provider_templates/authorize_failure.html.haml +1 -0
  98. data/lib/generators/haml/oauth_provider_templates/authorize_success.html.haml +1 -0
  99. data/lib/generators/haml/oauth_provider_templates/edit.html.haml +4 -0
  100. data/lib/generators/haml/oauth_provider_templates/index.html.haml +39 -0
  101. data/lib/generators/haml/oauth_provider_templates/new.html.haml +5 -0
  102. data/lib/generators/haml/oauth_provider_templates/oauth2_authorize.html.haml +17 -0
  103. data/lib/generators/haml/oauth_provider_templates/show.html.haml +30 -0
  104. data/lib/generators/mongoid/oauth_consumer_generator.rb +15 -0
  105. data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb +41 -0
  106. data/lib/generators/mongoid/oauth_provider_generator.rb +21 -0
  107. data/lib/generators/mongoid/oauth_provider_templates/access_token.rb +16 -0
  108. data/lib/generators/mongoid/oauth_provider_templates/client_application.rb +71 -0
  109. data/lib/generators/mongoid/oauth_provider_templates/oauth2_token.rb +20 -0
  110. data/lib/generators/mongoid/oauth_provider_templates/oauth2_verifier.rb +35 -0
  111. data/lib/generators/mongoid/oauth_provider_templates/oauth_nonce.rb +24 -0
  112. data/lib/generators/mongoid/oauth_provider_templates/oauth_token.rb +44 -0
  113. data/lib/generators/mongoid/oauth_provider_templates/request_token.rb +36 -0
  114. data/lib/generators/oauth_consumer/USAGE +11 -0
  115. data/lib/generators/oauth_consumer/oauth_consumer_generator.rb +31 -0
  116. data/lib/generators/oauth_consumer/templates/controller.rb +59 -0
  117. data/lib/generators/oauth_consumer/templates/oauth_config.rb +68 -0
  118. data/lib/generators/oauth_inflections.rb +6 -0
  119. data/lib/generators/oauth_plugin.rb +0 -0
  120. data/lib/generators/oauth_provider/USAGE +18 -0
  121. data/lib/generators/oauth_provider/oauth_provider_generator.rb +37 -0
  122. data/lib/generators/oauth_provider/templates/clients_controller.rb +52 -0
  123. data/lib/generators/oauth_provider/templates/controller.rb +23 -0
  124. data/lib/generators/rspec/oauth_provider_generator.rb +35 -0
  125. data/lib/generators/rspec/templates/client_application_spec.rb +29 -0
  126. data/lib/generators/rspec/templates/client_applications.yml +23 -0
  127. data/lib/generators/rspec/templates/clients_controller_spec.rb +176 -0
  128. data/lib/generators/rspec/templates/oauth2_token_spec.rb +52 -0
  129. data/lib/generators/rspec/templates/oauth2_verifier_spec.rb +44 -0
  130. data/lib/generators/rspec/templates/oauth_nonce_spec.rb +24 -0
  131. data/lib/generators/rspec/templates/oauth_nonces.yml +13 -0
  132. data/lib/generators/rspec/templates/oauth_token_spec.rb +309 -0
  133. data/lib/generators/rspec/templates/oauth_tokens.yml +17 -0
  134. data/lib/generators/test_unit/oauth_provider_generator.rb +33 -0
  135. data/lib/generators/test_unit/templates/client_application_test.rb +42 -0
  136. data/lib/generators/test_unit/templates/client_applications.yml +23 -0
  137. data/lib/generators/test_unit/templates/clients_controller_test.rb +280 -0
  138. data/lib/generators/test_unit/templates/oauth_nonce_test.rb +26 -0
  139. data/lib/generators/test_unit/templates/oauth_nonces.yml +13 -0
  140. data/lib/generators/test_unit/templates/oauth_token_test.rb +57 -0
  141. data/lib/generators/test_unit/templates/oauth_tokens.yml +17 -0
  142. data/lib/oauth-plugin.rb +24 -0
  143. data/lib/oauth-plugin/version.rb +5 -0
  144. data/lib/oauth/controllers/application_controller_methods.rb +136 -0
  145. data/lib/oauth/controllers/consumer_controller.rb +150 -0
  146. data/lib/oauth/controllers/provider_controller.rb +181 -0
  147. data/lib/oauth/models/consumers/service_loader.rb +28 -0
  148. data/lib/oauth/models/consumers/services/agree2_token.rb +15 -0
  149. data/lib/oauth/models/consumers/services/fireeagle_token.rb +39 -0
  150. data/lib/oauth/models/consumers/services/google_token.rb +21 -0
  151. data/lib/oauth/models/consumers/services/oauth2_token.rb +27 -0
  152. data/lib/oauth/models/consumers/services/opentransact_token.rb +15 -0
  153. data/lib/oauth/models/consumers/services/picomoney_token.rb +17 -0
  154. data/lib/oauth/models/consumers/services/twitter_token.rb +24 -0
  155. data/lib/oauth/models/consumers/simple_client.rb +50 -0
  156. data/lib/oauth/models/consumers/token.rb +93 -0
  157. data/lib/oauth/provider/authorizer.rb +83 -0
  158. data/lib/oauth/rack/oauth_filter.rb +93 -0
  159. data/oauth-plugin.gemspec +39 -0
  160. data/rails/init.rb +1 -0
  161. data/spec/dummy_provider_models.rb +53 -0
  162. data/spec/oauth/provider/authorizer_spec.rb +202 -0
  163. data/spec/rack/oauth_filter_spec.rb +244 -0
  164. data/spec/spec_helper.rb +3 -0
  165. data/tasks/oauth_tasks.rake +4 -0
  166. data/uninstall.rb +1 -0
  167. metadata +362 -0
@@ -0,0 +1,57 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class RequestTokenTest < ActiveSupport::TestCase
4
+
5
+ fixtures :client_applications, :users, :oauth_tokens
6
+
7
+ def setup
8
+ @token = RequestToken.create :client_application=>client_applications(:one)
9
+ end
10
+
11
+ def test_should_be_valid
12
+ assert @token.valid?
13
+ end
14
+
15
+ def test_should_not_have_errors
16
+ assert @token.errors.empty?
17
+ end
18
+
19
+ def test_should_have_a_token
20
+ assert_not_nil @token.token
21
+ end
22
+
23
+ def test_should_have_a_secret
24
+ assert_not_nil @token.secret
25
+ end
26
+
27
+ def test_should_not_be_authorized
28
+ assert !@token.authorized?
29
+ end
30
+
31
+ def test_should_not_be_invalidated
32
+ assert !@token.invalidated?
33
+ end
34
+
35
+ def test_should_authorize_request
36
+ @token.authorize!(users(:quentin))
37
+ assert @token.authorized?
38
+ assert_not_nil @token.authorized_at
39
+ assert_equal users(:quentin), @token.user
40
+ end
41
+
42
+ def test_should_not_exchange_without_approval
43
+ assert_equal false, @token.exchange!
44
+ assert_equal false, @token.invalidated?
45
+ end
46
+
47
+ def test_should_not_exchange_without_approval
48
+ @token.authorize!(users(:quentin))
49
+ @access = @token.exchange!
50
+ assert_not_equal false, @access
51
+ assert @token.invalidated?
52
+
53
+ assert_equal users(:quentin), @access.user
54
+ assert @access.authorized?
55
+ end
56
+
57
+ end
@@ -0,0 +1,17 @@
1
+ # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
2
+ one:
3
+ id: 1
4
+ user_id: 1
5
+ client_application_id: 1
6
+ token: one
7
+ secret: MyString
8
+ created_at: 2007-11-19 07:31:46
9
+ updated_at: 2007-11-19 07:31:46
10
+ two:
11
+ id: 2
12
+ user_id: 1
13
+ client_application_id: 1
14
+ token: two
15
+ secret: MyString
16
+ created_at: 2007-11-19 07:31:46
17
+ updated_at: 2007-11-19 07:31:46
@@ -0,0 +1,40 @@
1
+ class RequestToken < OauthToken
2
+
3
+ attr_accessor :provided_oauth_verifier
4
+
5
+ def authorize!(user)
6
+ return false if authorized?
7
+ self.user = user
8
+ self.authorized_at = Time.now
9
+ self.verifier=OAuth::Helper.generate_key(20)[0,20] unless oauth10?
10
+ self.save
11
+ end
12
+
13
+ def exchange!
14
+ return false unless authorized?
15
+ return false unless oauth10? || verifier==provided_oauth_verifier
16
+
17
+ RequestToken.transaction do
18
+ access_token = AccessToken.create(:user => user, :client_application => client_application)
19
+ invalidate!
20
+ access_token
21
+ end
22
+ end
23
+
24
+ def to_query
25
+ if oauth10?
26
+ super
27
+ else
28
+ "#{super}&oauth_callback_confirmed=true"
29
+ end
30
+ end
31
+
32
+ def oob?
33
+ callback_url.nil? || callback_url.downcase == 'oob'
34
+ end
35
+
36
+ def oauth10?
37
+ (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
38
+ end
39
+
40
+ end
@@ -0,0 +1,27 @@
1
+ <h1>OAuth details for <%%=@client_application.name %></h1>
2
+ <p>
3
+ <strong>Consumer Key:</strong>
4
+ <code><%%=@client_application.key %></code>
5
+ </p>
6
+ <p>
7
+ <strong>Consumer Secret:</strong>
8
+ <code><%%=@client_application.secret %></code>
9
+ </p>
10
+ <p>
11
+ <strong>Request Token URL</strong>
12
+ <code>http<%%='s' if request.ssl? %>://<%%= request.host_with_port %><%%=@client_application.oauth_server.request_token_path %></code>
13
+ </p>
14
+ <p>
15
+ <strong>Access Token URL</strong>
16
+ <code>http<%%='s' if request.ssl? %>://<%%= request.host_with_port %><%%=@client_application.oauth_server.access_token_path %></code>
17
+ </p>
18
+ <p>
19
+ <strong>Authorize URL</strong>
20
+ <code>http<%%='s' if request.ssl? %>://<%%= request.host_with_port %><%%=@client_application.oauth_server.authorize_path %></code>
21
+ </p>
22
+
23
+ <p>
24
+ We support hmac-sha1 (recommended) as well as plain text in ssl mode.
25
+ </p>
26
+ <%%= link_to 'Edit', edit_oauth_client_path(@client_application) %> |
27
+ <%%= link_to 'Back', oauth_clients_path %>
@@ -0,0 +1,30 @@
1
+ %h1
2
+ OAuth details for
3
+ =@client_application.name
4
+ %p
5
+ %strong Consumer Key:
6
+ %code=@client_application.key
7
+ %p
8
+ %strong Consumer Secret:
9
+ %code=@client_application.secret
10
+
11
+ %p
12
+ %strong Request Token URL
13
+ %code
14
+ ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.request_token_path}"
15
+
16
+ %p
17
+ %strong Access Token URL
18
+ %code
19
+ ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.access_token_path}"
20
+
21
+ %p
22
+ %strong Authorize URL
23
+ %code
24
+ ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.authorize_path}"
25
+
26
+ %p
27
+ We support hmac-sha1 (recommended) as well as plain text in ssl mode.
28
+
29
+ = link_to 'Edit', edit_oauth_client_path(@client_application)
30
+ = link_to 'Back', oauth_clients_path
data/init.rb ADDED
@@ -0,0 +1 @@
1
+ require File.dirname(__FILE__) + "/rails/init"
@@ -0,0 +1,2 @@
1
+ #should we do any text formatting?
2
+ puts IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))
@@ -0,0 +1,33 @@
1
+ require 'rails/generators/active_record'
2
+
3
+ module ActiveRecord
4
+ module Generators
5
+ class OauthConsumerGenerator < Rails::Generators::Base
6
+ include Rails::Generators::Migration
7
+
8
+ source_root File.expand_path('../oauth_consumer_templates', __FILE__)
9
+
10
+ # Implement the required interface for Rails::Generators::Migration.
11
+ def self.next_migration_number(dirname) #:nodoc:
12
+ next_migration_number = current_migration_number(dirname) + 1
13
+ if ActiveRecord::Base.timestamped_migrations
14
+ [Time.now.utc.strftime("%Y%m%d%H%M%S"), "%.14d" % next_migration_number].max
15
+ else
16
+ "%.3d" % next_migration_number
17
+ end
18
+ end
19
+
20
+ def check_class_collisions
21
+ class_collisions '', %w(ConsumerToken)
22
+ end
23
+
24
+ def copy_models
25
+ template 'consumer_token.rb', File.join('app/models', 'consumer_token.rb')
26
+ end
27
+
28
+ def copy_migration
29
+ migration_template 'migration.rb', 'db/migrate/create_oauth_consumer_tokens'
30
+ end
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,11 @@
1
+ require 'oauth/models/consumers/token'
2
+ class ConsumerToken < ActiveRecord::Base
3
+ include Oauth::Models::Consumers::Token
4
+
5
+ # You can safely remove this callback if you don't allow login from any of your services
6
+ before_create :create_user
7
+
8
+ # Modify this with class_name etc to match your application
9
+ belongs_to :user
10
+
11
+ end
@@ -0,0 +1,20 @@
1
+ class CreateOauthConsumerTokens < ActiveRecord::Migration
2
+ def self.up
3
+
4
+ create_table :consumer_tokens do |t|
5
+ t.integer :user_id
6
+ t.string :type, :limit => 30
7
+ t.string :token, :limit => 1024 # This has to be huge because of Yahoo's excessively large tokens
8
+ t.string :secret
9
+ t.timestamps
10
+ end
11
+
12
+ add_index :consumer_tokens, :token, :unique => true, :length => 100
13
+
14
+ end
15
+
16
+ def self.down
17
+ drop_table :consumer_tokens
18
+ end
19
+
20
+ end
@@ -0,0 +1,39 @@
1
+ require 'rails/generators/active_record'
2
+
3
+ module ActiveRecord
4
+ module Generators
5
+ class OauthProviderGenerator < Rails::Generators::Base
6
+ include Rails::Generators::Migration
7
+
8
+ source_root File.expand_path('../oauth_provider_templates', __FILE__)
9
+
10
+ # Implement the required interface for Rails::Generators::Migration.
11
+ def self.next_migration_number(dirname) #:nodoc:
12
+ next_migration_number = current_migration_number(dirname) + 1
13
+ if ActiveRecord::Base.timestamped_migrations
14
+ [Time.now.utc.strftime("%Y%m%d%H%M%S"), "%.14d" % next_migration_number].max
15
+ else
16
+ "%.3d" % next_migration_number
17
+ end
18
+ end
19
+
20
+ def check_class_collisions
21
+ class_collisions '', %w(ClientApplication OauthNonce RequestToken AccessToken OauthToken)
22
+ end
23
+
24
+ def copy_models
25
+ template 'client_application.rb', File.join('app/models', 'client_application.rb')
26
+ template 'oauth_token.rb', File.join('app/models', 'oauth_token.rb')
27
+ template 'request_token.rb', File.join('app/models', 'request_token.rb')
28
+ template 'access_token.rb', File.join('app/models', 'access_token.rb')
29
+ template 'oauth2_token.rb', File.join('app/models', 'oauth2_token.rb')
30
+ template 'oauth2_verifier.rb', File.join('app/models', 'oauth2_verifier.rb')
31
+ template 'oauth_nonce.rb', File.join('app/models', 'oauth_nonce.rb')
32
+ end
33
+
34
+ def copy_migration
35
+ migration_template 'migration.rb', 'db/migrate/create_oauth_tables'
36
+ end
37
+ end
38
+ end
39
+ end
@@ -0,0 +1,16 @@
1
+ class AccessToken < OauthToken
2
+ validates_presence_of :user, :secret
3
+ before_create :set_authorized_at
4
+
5
+ # Implement this to return a hash or array of the capabilities the access token has
6
+ # This is particularly useful if you have implemented user defined permissions.
7
+ # def capabilities
8
+ # {:invalidate=>"/oauth/invalidate",:capabilities=>"/oauth/capabilities"}
9
+ # end
10
+
11
+ protected
12
+
13
+ def set_authorized_at
14
+ self.authorized_at = Time.now
15
+ end
16
+ end
@@ -0,0 +1,57 @@
1
+ require 'oauth'
2
+ class ClientApplication < ActiveRecord::Base
3
+ belongs_to :user
4
+ has_many :tokens, :class_name => "OauthToken"
5
+ has_many :access_tokens
6
+ has_many :oauth2_verifiers
7
+ has_many :oauth_tokens
8
+ validates_presence_of :name, :url, :key, :secret
9
+ validates_uniqueness_of :key
10
+ before_validation :generate_keys, :on => :create
11
+
12
+ validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i
13
+ validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
14
+ validates_format_of :callback_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
15
+
16
+ attr_accessor :token_callback_url
17
+
18
+ def self.find_token(token_key)
19
+ token = OauthToken.find_by_token(token_key, :include => :client_application)
20
+ if token && token.authorized?
21
+ token
22
+ else
23
+ nil
24
+ end
25
+ end
26
+
27
+ def self.verify_request(request, options = {}, &block)
28
+ begin
29
+ signature = OAuth::Signature.build(request, options, &block)
30
+ return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp)
31
+ value = signature.verify
32
+ value
33
+ rescue OAuth::Signature::UnknownSignatureMethod => e
34
+ false
35
+ end
36
+ end
37
+
38
+ def oauth_server
39
+ @oauth_server ||= OAuth::Server.new("http://your.site")
40
+ end
41
+
42
+ def credentials
43
+ @oauth_client ||= OAuth::Consumer.new(key, secret)
44
+ end
45
+
46
+ # If your application requires passing in extra parameters handle it here
47
+ def create_request_token(params={})
48
+ RequestToken.create :client_application => self, :callback_url=>self.token_callback_url
49
+ end
50
+
51
+ protected
52
+
53
+ def generate_keys
54
+ self.key = OAuth::Helper.generate_key(40)[0,40]
55
+ self.secret = OAuth::Helper.generate_key(40)[0,40]
56
+ end
57
+ end
@@ -0,0 +1,47 @@
1
+ class CreateOauthTables < ActiveRecord::Migration
2
+ def self.up
3
+ create_table :client_applications do |t|
4
+ t.string :name
5
+ t.string :url
6
+ t.string :support_url
7
+ t.string :callback_url
8
+ t.string :key, :limit => 40
9
+ t.string :secret, :limit => 40
10
+ t.integer :user_id
11
+
12
+ t.timestamps
13
+ end
14
+ add_index :client_applications, :key, :unique => true
15
+
16
+ create_table :oauth_tokens do |t|
17
+ t.integer :user_id
18
+ t.string :type, :limit => 20
19
+ t.integer :client_application_id
20
+ t.string :token, :limit => 40
21
+ t.string :secret, :limit => 40
22
+ t.string :callback_url
23
+ t.string :verifier, :limit => 20
24
+ t.string :scope
25
+ t.timestamp :authorized_at, :invalidated_at, :expires_at
26
+ t.timestamps
27
+ end
28
+
29
+ add_index :oauth_tokens, :token, :unique => true
30
+
31
+ create_table :oauth_nonces do |t|
32
+ t.string :nonce
33
+ t.integer :timestamp
34
+
35
+ t.timestamps
36
+ end
37
+ add_index :oauth_nonces,[:nonce, :timestamp], :unique => true
38
+
39
+ end
40
+
41
+ def self.down
42
+ drop_table :client_applications
43
+ drop_table :oauth_tokens
44
+ drop_table :oauth_nonces
45
+ end
46
+
47
+ end
@@ -0,0 +1,20 @@
1
+ class Oauth2Token < AccessToken
2
+ attr_accessor :state
3
+ def as_json(options={})
4
+ d = {:access_token=>token, :token_type => 'bearer'}
5
+ d[:expires_in] = expires_in if expires_at
6
+ d
7
+ end
8
+
9
+ def to_query
10
+ q = "access_token=#{token}&token_type=bearer"
11
+ q << "&state=#{URI.escape(state)}" if @state
12
+ q << "&expires_in=#{expires_in}" if expires_at
13
+ q << "&scope=#{URI.escape(scope)}" if scope
14
+ q
15
+ end
16
+
17
+ def expires_in
18
+ expires_at.to_i - Time.now.to_i
19
+ end
20
+ end
@@ -0,0 +1,35 @@
1
+ class Oauth2Verifier < OauthToken
2
+ validates_presence_of :user
3
+ attr_accessor :state
4
+
5
+ def exchange!(params={})
6
+ OauthToken.transaction do
7
+ token = Oauth2Token.create! :user=>user,:client_application=>client_application, :scope => scope
8
+ invalidate!
9
+ token
10
+ end
11
+ end
12
+
13
+ def code
14
+ token
15
+ end
16
+
17
+ def redirect_url
18
+ callback_url
19
+ end
20
+
21
+ def to_query
22
+ q = "code=#{token}"
23
+ q << "&state=#{URI.escape(state)}" if @state
24
+ q
25
+ end
26
+
27
+ protected
28
+
29
+ def generate_keys
30
+ self.token = OAuth::Helper.generate_key(20)[0,20]
31
+ self.expires_at = 10.minutes.from_now
32
+ self.authorized_at = Time.now
33
+ end
34
+
35
+ end