panjiva-oauth-plugin 0.4.1

data/lib/generators/oauth_consumer/oauth_consumer_generator.rb

@@ -0,0 +1,31 @@
+require 'rails/generators/migration'
+require 'rails/generators/active_record'
+
+class OauthConsumerGenerator < Rails::Generators::Base
+  source_root File.expand_path("../templates", __FILE__)
+
+  hook_for :orm
+
+  def copy_models
+    template 'oauth_config.rb',   File.join('config', 'initializers', 'oauth_consumers.rb')
+  end
+
+  def copy_controller
+    template 'controller.rb', File.join('app', 'controllers', 'oauth_consumers_controller.rb')
+  end
+
+  hook_for :template_engine
+
+  def add_route
+    route <<-ROUTE.strip
+resources :oauth_consumers do
+    member do
+      get :callback
+      get :callback2
+      match 'client/*endpoint' => 'oauth_consumers#client'
+    end
+  end
+ROUTE
+  end
+
+end

data/lib/generators/oauth_consumer/templates/controller.rb

@@ -0,0 +1,59 @@
+require 'oauth/controllers/consumer_controller'
+class OauthConsumersController < ApplicationController
+  include Oauth::Controllers::ConsumerController
+  # Replace this with the equivalent for your authentication framework
+  # Eg. for devise
+  #
+  #   before_filter :authenticate_user!, :only=>:index
+  before_filter :login_required, :only=>:index
+
+  def index
+    @consumer_tokens=ConsumerToken.all :conditions=>{:user_id=>current_user.id}
+    @services=OAUTH_CREDENTIALS.keys-@consumer_tokens.collect{|c| c.class.service_name}
+  end
+
+  def callback
+  	super
+  end
+
+  def client
+    super
+  end
+
+
+  protected
+
+  # Change this to decide where you want to redirect user to after callback is finished.
+  # params[:id] holds the service name so you could use this to redirect to various parts
+  # of your application depending on what service you're connecting to.
+  def go_back
+    redirect_to root_url
+  end
+
+  # The plugin requires logged_in? to return true or false if the user is logged in. Uncomment and
+  # call your auth frameworks equivalent below if different. eg. for devise:
+  #
+  # def logged_in?
+  #   user_signed_in?
+  # end
+
+  # The plugin requires current_user to return the current logged in user. Uncomment and
+  # call your auth frameworks equivalent below if different.
+  # def current_user
+  #   current_person
+  # end
+
+  # The plugin requires a way to log a user in. Call your auth frameworks equivalent below
+  # if different. eg. for devise:
+  #
+  # def current_user=(user)
+  #   sign_in(user)
+  # end
+
+  # Override this to deny the user or redirect to a login screen depending on your framework and app
+  # if different. eg. for devise:
+  #
+  # def deny_access!
+  #   raise Acl9::AccessDenied
+  # end
+end

data/lib/generators/oauth_consumer/templates/oauth_config.rb

@@ -0,0 +1,68 @@
+# edit this file to contain credentials for the OAuth services you support.
+# each entry needs a corresponding token model.
+#
+# eg. :twitter => TwitterToken, :hour_feed => HourFeedToken etc.
+#
+# OAUTH_CREDENTIALS={
+#   :twitter=>{
+#     :key=>"",
+#     :secret=>"",
+#     :client=>:twitter_gem, # :twitter_gem or :oauth_gem (defaults to :twitter_gem)
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
+#     :allow_login => true # Use :allow_login => true to allow user to login to account
+#   },
+#   :google=>{
+#     :key=>"",
+#     :secret=>"",
+#     :expose => false, # expose client at /oauth_consumers/google/client see docs
+#     :scope=>"" # see http://code.google.com/apis/gdata/faq.html#AuthScopes
+#   },
+#   :github=>{
+#     :key => "",
+#     :secret => "",
+#     :expose => false, # expose client at /oauth_consumers/twitter/client see docs
+#
+#   },
+#   :facebook=>{
+#     :key => "",
+#     :secret => ""
+#   },
+#   :agree2=>{
+#     :key=>"",
+#     :secret=>""
+#   },
+#   :fireeagle=>{
+#     :key=>"",
+#     :secret=>""
+#   },
+#   :oauth2_server => {
+#      :key=>"",
+#      :secret=>"",
+#      :oauth_version => 2
+#      :options=>{ # OAuth::Consumer options
+#        :site=>"http://hourfeed.com" # Remember to add a site for a generic OAuth site
+#      }
+#   },
+#   :hour_feed=>{
+#     :key=>"",
+#     :secret=>"",
+#     :options=>{ # OAuth::Consumer options
+#       :site=>"http://hourfeed.com" # Remember to add a site for a generic OAuth site
+#     }
+#   },
+#   :nu_bux=>{
+#     :key=>"",
+#     :secret=>"",
+#     :super_class=>"OpenTransactToken",  # if a OAuth service follows a particular standard
+#                                         # with a token implementation you can set the superclass
+#                                         # to use
+#     :options=>{ # OAuth::Consumer options
+#       :site=>"http://nubux.heroku.com"
+#     }
+#   }
+# }
+#
+OAUTH_CREDENTIALS={
+} unless defined? OAUTH_CREDENTIALS
+
+load 'oauth/models/consumers/service_loader.rb'

data/lib/generators/oauth_inflections.rb

@@ -0,0 +1,6 @@
+require 'active_support'
+require 'active_support/inflector'
+
+ActiveSupport::Inflector.inflections do |inflect|
+  inflect.uncountable %w(oauth)
+end

data/lib/generators/oauth_provider/USAGE

@@ -0,0 +1,18 @@
+This creates an OAuth Provider controller as well as the requisite models.
+
+It requires an authentication framework such as acts_as_authenticated, restful_authentication or restful_open_id_authentication.
+
+If you generated the migration file (true by default), make sure you run
+
+  rake db:migrate
+
+include the following in your user.rb
+
+  has_many :client_applications
+  has_many :tokens, :class_name=>"OauthToken",:order=>"authorized_at desc",:include=>[:client_application]
+
+For legacy OAUTH 1.0 support add the following constant in your environment.rb
+
+  OAUTH_10_SUPPORT = true
+
+Note, you should only do this if you really positively require to support old OAuth1.0 clients. There is a serious security issue with this.

data/lib/generators/oauth_provider/oauth_provider_generator.rb

@@ -0,0 +1,37 @@
+require 'generators/oauth_inflections'
+
+class OauthProviderGenerator < Rails::Generators::NamedBase
+  source_root File.expand_path("../templates", __FILE__)
+
+  argument :name, :type => :string, :default => 'Oauth'
+
+  desc 'This creates an OAuth Provider controller as well as the requisite models.'
+
+  hook_for :orm
+
+  def check_class_collisions
+    # Check for class naming collisions.
+    class_collisions class_path, "#{class_name}Controller", # Oauth Controller
+                                 "#{class_name}Helper",
+                                 "#{class_name}ClientsController",
+                                 "#{class_name}ClientsHelper"
+  end
+
+  def copy_controller_files
+    template 'controller.rb',         File.join('app/controllers', class_path, "#{file_name}_controller.rb")
+    template 'clients_controller.rb', File.join('app/controllers', class_path, "#{file_name}_clients_controller.rb")
+  end
+
+  hook_for :test_framework, :template_engine
+
+  def add_routes
+    route "match '/oauth',               :to => 'oauth#index',         :as => :oauth"
+    route "match '/oauth/authorize',     :to => 'oauth#authorize',     :as => :authorize"
+    route "match '/oauth/request_token', :to => 'oauth#request_token', :as => :request_token"
+    route "match '/oauth/access_token',  :to => 'oauth#access_token',  :as => :access_token"
+    route "match '/oauth/token',         :to => 'oauth#token',         :as => :token"
+    route "match '/oauth/test_request',  :to => 'oauth#test_request',  :as => :test_request"
+
+    route "resources :#{file_name}_clients"
+  end
+end

data/lib/generators/oauth_provider/templates/clients_controller.rb

@@ -0,0 +1,52 @@
+class OauthClientsController < ApplicationController
+  before_filter :login_required
+  before_filter :get_client_application, :only => [:show, :edit, :update, :destroy]
+
+  def index
+    @client_applications = current_user.client_applications
+    @tokens = current_user.tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null'
+  end
+
+  def new
+    @client_application = ClientApplication.new
+  end
+
+  def create
+    @client_application = current_user.client_applications.build(params[:client_application])
+    if @client_application.save
+      flash[:notice] = "Registered the information successfully"
+      redirect_to :action => "show", :id => @client_application.id
+    else
+      render :action => "new"
+    end
+  end
+
+  def show
+  end
+
+  def edit
+  end
+
+  def update
+    if @client_application.update_attributes(params[:client_application])
+      flash[:notice] = "Updated the client information successfully"
+      redirect_to :action => "show", :id => @client_application.id
+    else
+      render :action => "edit"
+    end
+  end
+
+  def destroy
+    @client_application.destroy
+    flash[:notice] = "Destroyed the client application registration"
+    redirect_to :action => "index"
+  end
+
+  private
+  def get_client_application
+    unless @client_application = current_user.client_applications.find(params[:id])
+      flash.now[:error] = "Wrong application id"
+      raise ActiveRecord::RecordNotFound
+    end
+  end
+end

data/lib/generators/oauth_provider/templates/controller.rb

@@ -0,0 +1,23 @@
+require 'oauth/controllers/provider_controller'
+class OauthController < ApplicationController
+  include OAuth::Controllers::ProviderController
+
+  protected
+  # Override this to match your authorization page form
+  # It currently expects a checkbox called authorize
+  # def user_authorizes_token?
+  #   params[:authorize] == '1'
+  # end
+
+  # should authenticate and return a user if valid password.
+  # This example should work with most Authlogic or Devise. Uncomment it
+  # def authenticate_user(username,password)
+  #   user = User.find_by_email params[:username]
+  #   if user && user.valid_password?(params[:password])
+  #     user
+  #   else
+  #     nil
+  #   end
+  # end
+
+end

data/lib/generators/rspec/oauth_provider_generator.rb

@@ -0,0 +1,35 @@
+require 'generators/rspec'
+
+module Rspec
+  module Generators
+    class OauthProviderGenerator < Rails::Generators::NamedBase
+      source_root File.expand_path('../templates', __FILE__)
+
+      argument :name, :type => :string, :default => 'Oauth'
+      class_option :fixture, :type => :boolean
+
+      def copy_controller_spec_files
+        template 'clients_controller_spec.rb',
+          File.join('spec/controllers', class_path, "#{file_name}_clients_controller_spec.rb")
+      end
+
+      def copy_models_spec_files
+        template 'client_application_spec.rb',  File.join('spec/models', 'client_application_spec.rb')
+        template 'oauth_token_spec.rb',         File.join('spec/models', 'oauth_token_spec.rb')
+        template 'oauth2_token_spec.rb',        File.join('spec/models', 'oauth2_token_spec.rb')
+        template 'oauth2_verifier_spec.rb',     File.join('spec/models', 'oauth2_verifier_spec.rb')
+        template 'oauth_nonce_spec.rb',         File.join('spec/models', 'oauth_nonce_spec.rb')
+      end
+
+      hook_for :fixture_replacement
+
+      def create_fixture_file
+        if options[:fixtures] && options[:fixture_replacement].nil?
+          template 'client_applications.yml', File.join('test/fixtures', 'client_applications.yml')
+          template 'oauth_tokens.yml',        File.join('test/fixtures', 'oauth_tokens.yml')
+          template 'oauth_nonces.yml',        File.join('test/fixtures', 'oauth_nonces.yml')
+        end
+      end
+    end
+  end
+end

data/lib/generators/rspec/templates/client_application_spec.rb

@@ -0,0 +1,29 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe ClientApplication do
+  fixtures :users, :client_applications, :oauth_tokens
+  before(:each) do
+    @application = ClientApplication.create :name => "Agree2", :url => "http://agree2.com", :user => users(:quentin)
+  end
+
+  it "should be valid" do
+    @application.should be_valid
+  end
+
+
+  it "should not have errors" do
+    @application.errors.full_messages.should == []
+  end
+
+  it "should have key and secret" do
+    @application.key.should_not be_nil
+    @application.secret.should_not be_nil
+  end
+
+  it "should have credentials" do
+    @application.credentials.should_not be_nil
+    @application.credentials.key.should == @application.key
+    @application.credentials.secret.should == @application.secret
+  end
+
+end
+

data/lib/generators/rspec/templates/client_applications.yml

@@ -0,0 +1,23 @@
+# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
+one:
+  id: 1
+  name: MyString
+  url: http://test.com
+  support_url: http://test.com/support
+  callback_url: http://test.com/callback
+  key: one_key
+  secret: MyString
+  user_id: 1
+  created_at: 2007-11-17 16:56:51
+  updated_at: 2007-11-17 16:56:51
+two:
+  id: 2
+  name: MyString
+  url: http://test.com
+  support_url: http://test.com/support
+  callback_url: http://test.com/callback
+  key: two_key
+  secret: MyString
+  user_id: 1
+  created_at: 2007-11-17 16:56:51
+  updated_at: 2007-11-17 16:56:51

data/lib/generators/rspec/templates/clients_controller_spec.rb

@@ -0,0 +1,176 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+require File.dirname(__FILE__) + '/oauth_controller_spec_helper'
+require 'oauth/client/action_controller_request'
+
+describe OauthClientsController do
+  if defined?(Devise)
+    include Devise::TestHelpers
+  end
+  include OAuthControllerSpecHelper
+  fixtures :client_applications, :oauth_tokens, :users
+  before(:each) do
+    login_as_application_owner
+  end
+
+  describe "index" do
+    before do
+      @client_applications = @user.client_applications
+    end
+
+    def do_get
+      get :index
+    end
+
+    it "should be successful" do
+      do_get
+      response.should be_success
+    end
+
+    it "should assign client_applications" do
+      do_get
+      assigns[:client_applications].should==@client_applications
+    end
+
+    it "should render index template" do
+      do_get
+      response.should render_template('index')
+    end
+  end
+
+  describe "show" do
+
+    def do_get
+      get :show, :id => '1'
+    end
+
+    it "should be successful" do
+      do_get
+      response.should be_success
+    end
+
+    it "should assign client_applications" do
+      do_get
+      assigns[:client_application].should==current_client_application
+    end
+
+    it "should render show template" do
+      do_get
+      response.should render_template('show')
+    end
+
+  end
+
+  describe "new" do
+
+    def do_get
+      get :new
+    end
+
+    it "should be successful" do
+      do_get
+      response.should be_success
+    end
+
+    it "should assign client_applications" do
+      do_get
+      assigns[:client_application].class.should==ClientApplication
+    end
+
+    it "should render show template" do
+      do_get
+      response.should render_template('new')
+    end
+
+  end
+
+  describe "edit" do
+    def do_get
+      get :edit, :id => '1'
+    end
+
+    it "should be successful" do
+      do_get
+      response.should be_success
+    end
+
+    it "should assign client_applications" do
+      do_get
+      assigns[:client_application].should==current_client_application
+    end
+
+    it "should render edit template" do
+      do_get
+      response.should render_template('edit')
+    end
+
+  end
+
+  describe "create" do
+
+    def do_valid_post
+      post :create, 'client_application'=>{'name' => 'my site', :url=>"http://test.com"}
+      @client_application = ClientApplication.last
+    end
+
+    def do_invalid_post
+      post :create
+    end
+
+    it "should redirect to new client_application" do
+      do_valid_post
+      response.should be_redirect
+      response.should redirect_to(:action => "show", :id => @client_application.id)
+    end
+
+    it "should render show template" do
+      do_invalid_post
+      response.should render_template('new')
+    end
+  end
+
+  describe "destroy" do
+
+    def do_delete
+      delete :destroy, :id => '1'
+    end
+
+    it "should destroy client applications" do
+      do_delete
+      ClientApplication.should_not be_exists(1)
+    end
+
+    it "should redirect to list" do
+      do_delete
+      response.should be_redirect
+      response.should redirect_to(:action => 'index')
+    end
+
+  end
+
+  describe "update" do
+
+    def do_valid_update
+      put :update, :id => '1', 'client_application'=>{'name' => 'updated site'}
+    end
+
+    def do_invalid_update
+      put :update, :id => '1', 'client_application'=>{'name' => nil}
+    end
+
+    it "should redirect to show client_application" do
+      do_valid_update
+      response.should be_redirect
+      response.should redirect_to(:action => "show", :id => 1)
+    end
+
+    it "should assign client_applications" do
+      do_invalid_update
+      assigns[:client_application].should == ClientApplication.find(1)
+    end
+
+    it "should render show template" do
+      do_invalid_update
+      response.should render_template('edit')
+    end
+  end
+end