panjiva-oauth-plugin 0.4.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (167) hide show
  1. checksums.yaml +15 -0
  2. data/.gitignore +12 -0
  3. data/CHANGELOG +178 -0
  4. data/Gemfile +27 -0
  5. data/Guardfile +8 -0
  6. data/MIT-LICENSE +20 -0
  7. data/README.rdoc +531 -0
  8. data/Rakefile +2 -0
  9. data/UPGRADE.rdoc +21 -0
  10. data/generators/oauth_consumer/USAGE +10 -0
  11. data/generators/oauth_consumer/oauth_consumer_generator.rb +50 -0
  12. data/generators/oauth_consumer/templates/consumer_token.rb +11 -0
  13. data/generators/oauth_consumer/templates/controller.rb +27 -0
  14. data/generators/oauth_consumer/templates/index.html.erb +29 -0
  15. data/generators/oauth_consumer/templates/index.html.haml +18 -0
  16. data/generators/oauth_consumer/templates/migration.rb +20 -0
  17. data/generators/oauth_consumer/templates/oauth_config.rb +73 -0
  18. data/generators/oauth_consumer/templates/show.html.erb +7 -0
  19. data/generators/oauth_consumer/templates/show.html.haml +8 -0
  20. data/generators/oauth_provider/USAGE +20 -0
  21. data/generators/oauth_provider/lib/insert_routes.rb +67 -0
  22. data/generators/oauth_provider/oauth_provider_generator.rb +127 -0
  23. data/generators/oauth_provider/templates/_form.html.erb +17 -0
  24. data/generators/oauth_provider/templates/_form.html.haml +21 -0
  25. data/generators/oauth_provider/templates/access_token.rb +16 -0
  26. data/generators/oauth_provider/templates/authorize.html.erb +14 -0
  27. data/generators/oauth_provider/templates/authorize.html.haml +16 -0
  28. data/generators/oauth_provider/templates/authorize_failure.html.erb +1 -0
  29. data/generators/oauth_provider/templates/authorize_failure.html.haml +1 -0
  30. data/generators/oauth_provider/templates/authorize_success.html.erb +1 -0
  31. data/generators/oauth_provider/templates/authorize_success.html.haml +1 -0
  32. data/generators/oauth_provider/templates/client_application.rb +57 -0
  33. data/generators/oauth_provider/templates/client_application_spec.rb +29 -0
  34. data/generators/oauth_provider/templates/client_application_test.rb +42 -0
  35. data/generators/oauth_provider/templates/client_applications.yml +23 -0
  36. data/generators/oauth_provider/templates/clients_controller.rb +52 -0
  37. data/generators/oauth_provider/templates/clients_controller_spec.rb +176 -0
  38. data/generators/oauth_provider/templates/clients_controller_test.rb +280 -0
  39. data/generators/oauth_provider/templates/controller.rb +23 -0
  40. data/generators/oauth_provider/templates/edit.html.erb +7 -0
  41. data/generators/oauth_provider/templates/edit.html.haml +4 -0
  42. data/generators/oauth_provider/templates/index.html.erb +43 -0
  43. data/generators/oauth_provider/templates/index.html.haml +39 -0
  44. data/generators/oauth_provider/templates/migration.rb +47 -0
  45. data/generators/oauth_provider/templates/new.html.erb +5 -0
  46. data/generators/oauth_provider/templates/new.html.haml +5 -0
  47. data/generators/oauth_provider/templates/oauth2_authorize.html.erb +16 -0
  48. data/generators/oauth_provider/templates/oauth2_authorize.html.haml +17 -0
  49. data/generators/oauth_provider/templates/oauth2_token.rb +20 -0
  50. data/generators/oauth_provider/templates/oauth2_token_spec.rb +52 -0
  51. data/generators/oauth_provider/templates/oauth2_verifier.rb +35 -0
  52. data/generators/oauth_provider/templates/oauth2_verifier_spec.rb +44 -0
  53. data/generators/oauth_provider/templates/oauth_nonce.rb +13 -0
  54. data/generators/oauth_provider/templates/oauth_nonce_spec.rb +24 -0
  55. data/generators/oauth_provider/templates/oauth_nonce_test.rb +26 -0
  56. data/generators/oauth_provider/templates/oauth_nonces.yml +13 -0
  57. data/generators/oauth_provider/templates/oauth_token.rb +30 -0
  58. data/generators/oauth_provider/templates/oauth_token_spec.rb +309 -0
  59. data/generators/oauth_provider/templates/oauth_token_test.rb +57 -0
  60. data/generators/oauth_provider/templates/oauth_tokens.yml +17 -0
  61. data/generators/oauth_provider/templates/request_token.rb +40 -0
  62. data/generators/oauth_provider/templates/show.html.erb +27 -0
  63. data/generators/oauth_provider/templates/show.html.haml +30 -0
  64. data/init.rb +1 -0
  65. data/install.rb +2 -0
  66. data/lib/generators/active_record/oauth_consumer_generator.rb +33 -0
  67. data/lib/generators/active_record/oauth_consumer_templates/consumer_token.rb +11 -0
  68. data/lib/generators/active_record/oauth_consumer_templates/migration.rb +20 -0
  69. data/lib/generators/active_record/oauth_provider_generator.rb +39 -0
  70. data/lib/generators/active_record/oauth_provider_templates/access_token.rb +16 -0
  71. data/lib/generators/active_record/oauth_provider_templates/client_application.rb +57 -0
  72. data/lib/generators/active_record/oauth_provider_templates/migration.rb +47 -0
  73. data/lib/generators/active_record/oauth_provider_templates/oauth2_token.rb +20 -0
  74. data/lib/generators/active_record/oauth_provider_templates/oauth2_verifier.rb +35 -0
  75. data/lib/generators/active_record/oauth_provider_templates/oauth_nonce.rb +13 -0
  76. data/lib/generators/active_record/oauth_provider_templates/oauth_token.rb +30 -0
  77. data/lib/generators/active_record/oauth_provider_templates/request_token.rb +40 -0
  78. data/lib/generators/erb/oauth_consumer_generator.rb +14 -0
  79. data/lib/generators/erb/oauth_consumer_templates/index.html.erb +29 -0
  80. data/lib/generators/erb/oauth_consumer_templates/show.html.erb +7 -0
  81. data/lib/generators/erb/oauth_provider_generator.rb +23 -0
  82. data/lib/generators/erb/oauth_provider_templates/_form.html.erb +17 -0
  83. data/lib/generators/erb/oauth_provider_templates/authorize.html.erb +14 -0
  84. data/lib/generators/erb/oauth_provider_templates/authorize_failure.html.erb +1 -0
  85. data/lib/generators/erb/oauth_provider_templates/authorize_success.html.erb +1 -0
  86. data/lib/generators/erb/oauth_provider_templates/edit.html.erb +7 -0
  87. data/lib/generators/erb/oauth_provider_templates/index.html.erb +43 -0
  88. data/lib/generators/erb/oauth_provider_templates/new.html.erb +5 -0
  89. data/lib/generators/erb/oauth_provider_templates/oauth2_authorize.html.erb +16 -0
  90. data/lib/generators/erb/oauth_provider_templates/show.html.erb +27 -0
  91. data/lib/generators/haml/oauth_consumer_generator.rb +21 -0
  92. data/lib/generators/haml/oauth_consumer_templates/index.html.haml +18 -0
  93. data/lib/generators/haml/oauth_consumer_templates/show.html.haml +8 -0
  94. data/lib/generators/haml/oauth_provider_generator.rb +28 -0
  95. data/lib/generators/haml/oauth_provider_templates/_form.html.haml +21 -0
  96. data/lib/generators/haml/oauth_provider_templates/authorize.html.haml +16 -0
  97. data/lib/generators/haml/oauth_provider_templates/authorize_failure.html.haml +1 -0
  98. data/lib/generators/haml/oauth_provider_templates/authorize_success.html.haml +1 -0
  99. data/lib/generators/haml/oauth_provider_templates/edit.html.haml +4 -0
  100. data/lib/generators/haml/oauth_provider_templates/index.html.haml +39 -0
  101. data/lib/generators/haml/oauth_provider_templates/new.html.haml +5 -0
  102. data/lib/generators/haml/oauth_provider_templates/oauth2_authorize.html.haml +17 -0
  103. data/lib/generators/haml/oauth_provider_templates/show.html.haml +30 -0
  104. data/lib/generators/mongoid/oauth_consumer_generator.rb +15 -0
  105. data/lib/generators/mongoid/oauth_consumer_templates/consumer_token.rb +41 -0
  106. data/lib/generators/mongoid/oauth_provider_generator.rb +21 -0
  107. data/lib/generators/mongoid/oauth_provider_templates/access_token.rb +16 -0
  108. data/lib/generators/mongoid/oauth_provider_templates/client_application.rb +71 -0
  109. data/lib/generators/mongoid/oauth_provider_templates/oauth2_token.rb +20 -0
  110. data/lib/generators/mongoid/oauth_provider_templates/oauth2_verifier.rb +35 -0
  111. data/lib/generators/mongoid/oauth_provider_templates/oauth_nonce.rb +24 -0
  112. data/lib/generators/mongoid/oauth_provider_templates/oauth_token.rb +44 -0
  113. data/lib/generators/mongoid/oauth_provider_templates/request_token.rb +36 -0
  114. data/lib/generators/oauth_consumer/USAGE +11 -0
  115. data/lib/generators/oauth_consumer/oauth_consumer_generator.rb +31 -0
  116. data/lib/generators/oauth_consumer/templates/controller.rb +59 -0
  117. data/lib/generators/oauth_consumer/templates/oauth_config.rb +68 -0
  118. data/lib/generators/oauth_inflections.rb +6 -0
  119. data/lib/generators/oauth_plugin.rb +0 -0
  120. data/lib/generators/oauth_provider/USAGE +18 -0
  121. data/lib/generators/oauth_provider/oauth_provider_generator.rb +37 -0
  122. data/lib/generators/oauth_provider/templates/clients_controller.rb +52 -0
  123. data/lib/generators/oauth_provider/templates/controller.rb +23 -0
  124. data/lib/generators/rspec/oauth_provider_generator.rb +35 -0
  125. data/lib/generators/rspec/templates/client_application_spec.rb +29 -0
  126. data/lib/generators/rspec/templates/client_applications.yml +23 -0
  127. data/lib/generators/rspec/templates/clients_controller_spec.rb +176 -0
  128. data/lib/generators/rspec/templates/oauth2_token_spec.rb +52 -0
  129. data/lib/generators/rspec/templates/oauth2_verifier_spec.rb +44 -0
  130. data/lib/generators/rspec/templates/oauth_nonce_spec.rb +24 -0
  131. data/lib/generators/rspec/templates/oauth_nonces.yml +13 -0
  132. data/lib/generators/rspec/templates/oauth_token_spec.rb +309 -0
  133. data/lib/generators/rspec/templates/oauth_tokens.yml +17 -0
  134. data/lib/generators/test_unit/oauth_provider_generator.rb +33 -0
  135. data/lib/generators/test_unit/templates/client_application_test.rb +42 -0
  136. data/lib/generators/test_unit/templates/client_applications.yml +23 -0
  137. data/lib/generators/test_unit/templates/clients_controller_test.rb +280 -0
  138. data/lib/generators/test_unit/templates/oauth_nonce_test.rb +26 -0
  139. data/lib/generators/test_unit/templates/oauth_nonces.yml +13 -0
  140. data/lib/generators/test_unit/templates/oauth_token_test.rb +57 -0
  141. data/lib/generators/test_unit/templates/oauth_tokens.yml +17 -0
  142. data/lib/oauth-plugin.rb +24 -0
  143. data/lib/oauth-plugin/version.rb +5 -0
  144. data/lib/oauth/controllers/application_controller_methods.rb +136 -0
  145. data/lib/oauth/controllers/consumer_controller.rb +150 -0
  146. data/lib/oauth/controllers/provider_controller.rb +181 -0
  147. data/lib/oauth/models/consumers/service_loader.rb +28 -0
  148. data/lib/oauth/models/consumers/services/agree2_token.rb +15 -0
  149. data/lib/oauth/models/consumers/services/fireeagle_token.rb +39 -0
  150. data/lib/oauth/models/consumers/services/google_token.rb +21 -0
  151. data/lib/oauth/models/consumers/services/oauth2_token.rb +27 -0
  152. data/lib/oauth/models/consumers/services/opentransact_token.rb +15 -0
  153. data/lib/oauth/models/consumers/services/picomoney_token.rb +17 -0
  154. data/lib/oauth/models/consumers/services/twitter_token.rb +24 -0
  155. data/lib/oauth/models/consumers/simple_client.rb +50 -0
  156. data/lib/oauth/models/consumers/token.rb +93 -0
  157. data/lib/oauth/provider/authorizer.rb +83 -0
  158. data/lib/oauth/rack/oauth_filter.rb +93 -0
  159. data/oauth-plugin.gemspec +39 -0
  160. data/rails/init.rb +1 -0
  161. data/spec/dummy_provider_models.rb +53 -0
  162. data/spec/oauth/provider/authorizer_spec.rb +202 -0
  163. data/spec/rack/oauth_filter_spec.rb +244 -0
  164. data/spec/spec_helper.rb +3 -0
  165. data/tasks/oauth_tasks.rake +4 -0
  166. data/uninstall.rb +1 -0
  167. metadata +362 -0
@@ -0,0 +1,39 @@
1
+ .flash= flash[:notice]
2
+ %h1 OAuth Client Applications
3
+ - unless @tokens.empty?
4
+
5
+ %p
6
+ The following tokens have been issued to applications in your name
7
+
8
+ %table
9
+ %tr
10
+ %th Application
11
+ %th Issued
12
+ %th  
13
+ - @tokens.each do |token|
14
+ - content_tag_for :tr, token do
15
+ %td= link_to token.client_application.name, token.client_application.url
16
+ %td= token.authorized_at
17
+ %td
18
+ - form_tag :controller => 'oauth', :action => 'revoke' do
19
+ = hidden_field_tag 'token', token.token
20
+ = submit_tag "Revoke!"
21
+
22
+ %h3 Application Developers
23
+
24
+ - if @client_applications.empty?
25
+ %p
26
+ Do you have an application you would like to register for use with us using the <a href="http://oauth.net">OAuth</a> standard?
27
+ You must register your web application before it can make OAuth requests to this service
28
+ - else
29
+ %p
30
+ You have the following client applications registered:
31
+
32
+ - @client_applications.each do |client|
33
+ - div_for client do
34
+ = link_to client.name, :action => :show, :id => client.id
35
+ = link_to 'Edit', edit_oauth_client_path(client)
36
+ = link_to 'Delete', oauth_client_path(client), :confirm => "Are you sure?", :method => :delete
37
+ %br
38
+ %h3
39
+ = link_to "Register your application", :action => :new
@@ -0,0 +1,5 @@
1
+ %h1 Register a new application
2
+
3
+ = form_for :client_application, :url => { :action => :create } do |f|
4
+ = render :partial => "form", :locals => { :f => f }
5
+ = submit_tag "Register"
@@ -0,0 +1,17 @@
1
+ %h1 Authorize access to your account
2
+ %p
3
+ Would you like to authorize
4
+ = link_to @client_application.name,@client_application.url
5
+ (
6
+ = link_to @client_application.url,@client_application.url
7
+ ) to access your account?
8
+ = form_tag authorize_url do
9
+ = hidden_field_tag "response_type", params[:response_type]
10
+ = hidden_field_tag "client_id", params[:client_id]
11
+ = hidden_field_tag "redirect_uri", params[:redirect_uri]
12
+ = hidden_field_tag "state", params[:state]
13
+ = hidden_field_tag "scope", params[:scope]
14
+ = check_box_tag 'authorize'
15
+ authorize access
16
+ %p
17
+ = submit_tag
@@ -0,0 +1,30 @@
1
+ %h1
2
+ OAuth details for
3
+ =@client_application.name
4
+ %p
5
+ %strong Consumer Key:
6
+ %code=@client_application.key
7
+ %p
8
+ %strong Consumer Secret:
9
+ %code=@client_application.secret
10
+
11
+ %p
12
+ %strong Request Token URL
13
+ %code
14
+ ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.request_token_path}"
15
+
16
+ %p
17
+ %strong Access Token URL
18
+ %code
19
+ ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.access_token_path}"
20
+
21
+ %p
22
+ %strong Authorize URL
23
+ %code
24
+ ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.authorize_path}"
25
+
26
+ %p
27
+ We support hmac-sha1 (recommended) as well as plain text in ssl mode.
28
+
29
+ = link_to 'Edit', edit_oauth_client_path(@client_application)
30
+ = link_to 'Back', oauth_clients_path
@@ -0,0 +1,15 @@
1
+ module Mongoid
2
+ module Generators
3
+ class OauthConsumerGenerator < Rails::Generators::Base
4
+ source_root File.expand_path('../oauth_consumer_templates', __FILE__)
5
+
6
+ def check_class_collisions
7
+ class_collisions '', %w(ConsumerToken)
8
+ end
9
+
10
+ def copy_models
11
+ template 'consumer_token.rb', File.join('app/models', 'consumer_token.rb')
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,41 @@
1
+ require 'oauth/models/consumers/token'
2
+ class ConsumerToken
3
+ include Mongoid::Document
4
+ include Mongoid::Timestamps
5
+ include Oauth::Models::Consumers::Token
6
+
7
+ # You can safely remove this callback if you don't allow login from any of your services
8
+ before_create :create_user
9
+
10
+ field :token, :type => String
11
+ field :secret, :type => String
12
+
13
+ index :token
14
+
15
+ # Add the following to your user model:
16
+ #
17
+ # embeds_many :consumer_tokens
18
+ # index "consumer_tokens.token"
19
+ #
20
+ embedded_in :user, :inverse_of => :consumer_tokens
21
+
22
+ def self.find_or_create_from_access_token(user,access_token)
23
+ secret = access_token.respond_to?(:secret) ? access_token.secret : nil
24
+
25
+ if user
26
+ user.consumer_tokens.where(:_type=>self.to_s,:token=>access_token.token).first ||
27
+ self.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>secret, :user=>user)
28
+ else
29
+ user = User.where("consumer_tokens._type"=>self.to_s,"consumer_tokens.token"=>access_token.token).first
30
+ if user
31
+ user.consumer_tokens.detect{|t| t.token==access_token.token && t.is_a?(self)}
32
+ else
33
+ user = User.new
34
+ self.create!(:_type=>self.to_s,:token=>access_token.token, :secret=>secret, :user=>user)
35
+ user.save!
36
+ user.consumer_tokens.last
37
+ end
38
+ end
39
+ end
40
+
41
+ end
@@ -0,0 +1,21 @@
1
+ module Mongoid
2
+ module Generators
3
+ class OauthProviderGenerator < Rails::Generators::Base
4
+ source_root File.expand_path('../oauth_provider_templates', __FILE__)
5
+
6
+ def check_class_collisions
7
+ class_collisions '', %w(ClientApplication OauthNonce RequestToken AccessToken OauthToken)
8
+ end
9
+
10
+ def copy_models
11
+ template 'client_application.rb', File.join('app/models', 'client_application.rb')
12
+ template 'oauth_token.rb', File.join('app/models', 'oauth_token.rb')
13
+ template 'request_token.rb', File.join('app/models', 'request_token.rb')
14
+ template 'access_token.rb', File.join('app/models', 'access_token.rb')
15
+ template 'oauth2_token.rb', File.join('app/models', 'oauth2_token.rb')
16
+ template 'oauth2_verifier.rb', File.join('app/models', 'oauth2_verifier.rb')
17
+ template 'oauth_nonce.rb', File.join('app/models', 'oauth_nonce.rb')
18
+ end
19
+ end
20
+ end
21
+ end
@@ -0,0 +1,16 @@
1
+ class AccessToken < OauthToken
2
+ validates_presence_of :user, :secret
3
+ before_create :set_authorized_at
4
+
5
+ # Implement this to return a hash or array of the capabilities the access token has
6
+ # This is particularly useful if you have implemented user defined permissions.
7
+ # def capabilities
8
+ # {:invalidate=>"/oauth/invalidate",:capabilities=>"/oauth/capabilities"}
9
+ # end
10
+
11
+ protected
12
+
13
+ def set_authorized_at
14
+ self.authorized_at = Time.now
15
+ end
16
+ end
@@ -0,0 +1,71 @@
1
+ require 'oauth'
2
+
3
+ class ClientApplication
4
+ include Mongoid::Document
5
+ include Mongoid::Timestamps
6
+
7
+ field :name, :type => String
8
+ field :url, :type => String
9
+ field :support_url, :type => String
10
+ field :callback_url, :type => String
11
+ field :key, :type => String
12
+ field :secret, :type => String
13
+ field :secret, :type => String
14
+
15
+ index :key, :unique => true
16
+
17
+ referenced_in :user
18
+ references_many :tokens, :class_name => 'OauthToken'
19
+ references_many :access_tokens
20
+ references_many :oauth2_verifiers
21
+ references_many :oauth_tokens
22
+
23
+ validates_presence_of :name, :url, :key, :secret
24
+ validates_uniqueness_of :key
25
+ before_validation :generate_keys, :on => :create
26
+
27
+ validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i
28
+ validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
29
+ validates_format_of :callback_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
30
+
31
+ attr_accessor :token_callback_url
32
+
33
+ def self.find_token(token_key)
34
+ token = OauthToken.where(:token => token_key)
35
+ if token && token.authorized?
36
+ token
37
+ else
38
+ nil
39
+ end
40
+ end
41
+
42
+ def self.verify_request(request, options = {}, &block)
43
+ begin
44
+ signature = OAuth::Signature.build(request, options, &block)
45
+ return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp)
46
+ value = signature.verify
47
+ value
48
+ rescue OAuth::Signature::UnknownSignatureMethod => e
49
+ false
50
+ end
51
+ end
52
+
53
+ def oauth_server
54
+ @oauth_server ||= OAuth::Server.new("http://your.site")
55
+ end
56
+
57
+ def credentials
58
+ @oauth_client ||= OAuth::Consumer.new(key, secret)
59
+ end
60
+
61
+ # If your application requires passing in extra parameters handle it here
62
+ def create_request_token(params={})
63
+ RequestToken.create :client_application => self, :callback_url=>self.token_callback_url
64
+ end
65
+
66
+ protected
67
+ def generate_keys
68
+ self.key = OAuth::Helper.generate_key(40)[0,40]
69
+ self.secret = OAuth::Helper.generate_key(40)[0,40]
70
+ end
71
+ end
@@ -0,0 +1,20 @@
1
+ class Oauth2Token < AccessToken
2
+ attr_accessor :state
3
+ def as_json(options={})
4
+ d = {:access_token=>token, :token_type => 'bearer'}
5
+ d[:expires_in] = expires_in if expires_at
6
+ d
7
+ end
8
+
9
+ def to_query
10
+ q = "access_token=#{token}&token_type=bearer"
11
+ q << "&state=#{URI.escape(state)}" if @state
12
+ q << "&expires_in=#{expires_in}" if expires_at
13
+ q << "&scope=#{URI.escape(scope)}" if scope
14
+ q
15
+ end
16
+
17
+ def expires_in
18
+ expires_at.to_i - Time.now.to_i
19
+ end
20
+ end
@@ -0,0 +1,35 @@
1
+ class Oauth2Verifier < OauthToken
2
+ validates_presence_of :user
3
+ attr_accessor :state
4
+
5
+ def exchange!(params={})
6
+ OauthToken.transaction do
7
+ token = Oauth2Token.create! :user=>user,:client_application=>client_application, :scope => scope
8
+ invalidate!
9
+ token
10
+ end
11
+ end
12
+
13
+ def code
14
+ token
15
+ end
16
+
17
+ def redirect_url
18
+ callback_url
19
+ end
20
+
21
+ def to_query
22
+ q = "code=#{token}"
23
+ q << "&state=#{URI.escape(state)}" if @state
24
+ q
25
+ end
26
+
27
+ protected
28
+
29
+ def generate_keys
30
+ self.token = OAuth::Helper.generate_key(20)[0,20]
31
+ self.expires_at = 10.minutes.from_now
32
+ self.authorized_at = Time.now
33
+ end
34
+
35
+ end
@@ -0,0 +1,24 @@
1
+ # Simple store of nonces. The OAuth Spec requires that any given pair of nonce and timestamps are unique.
2
+ # Thus you can use the same nonce with a different timestamp and viceversa.
3
+ class OauthNonce
4
+ include Mongoid::Document
5
+ include Mongoid::Timestamps
6
+
7
+ field :nonce, :type => String
8
+ field :timestamp, :type => Integer
9
+
10
+ index [
11
+ [:nonce, Mongo::ASCENDING],
12
+ [:timestamp, Mongo::ASCENDING]
13
+ ], :unique => true
14
+
15
+ validates_presence_of :nonce, :timestamp
16
+ validates_uniqueness_of :nonce, :scope => :timestamp
17
+
18
+ # Remembers a nonce and it's associated timestamp. It returns false if it has already been used
19
+ def self.remember(nonce, timestamp)
20
+ oauth_nonce = OauthNonce.create(:nonce => nonce, :timestamp => timestamp)
21
+ return false if oauth_nonce.new_record?
22
+ oauth_nonce
23
+ end
24
+ end
@@ -0,0 +1,44 @@
1
+ class OauthToken
2
+ include Mongoid::Document
3
+ include Mongoid::Timestamps
4
+
5
+ field :token, :type => String
6
+ field :secret, :type => String
7
+ field :callback_url, :type => String
8
+ field :verifier, :type => String
9
+ field :scope, :type => String
10
+ field :authorized_at, :type => Time
11
+ field :invalidated_at, :type => Time
12
+ field :expires_at, :type => Time
13
+
14
+ index :token, :unique => true
15
+
16
+ referenced_in :user
17
+ referenced_in :client_application
18
+
19
+ validates_uniqueness_of :token
20
+ validates_presence_of :client_application, :token
21
+ before_validation :generate_keys, :on => :create
22
+
23
+ def invalidated?
24
+ !invalidated_at.nil?
25
+ end
26
+
27
+ def invalidate!
28
+ update_attribute(:invalidated_at, Time.now)
29
+ end
30
+
31
+ def authorized?
32
+ !authorized_at.nil? && !invalidated?
33
+ end
34
+
35
+ def to_query
36
+ "oauth_token=#{token}&oauth_token_secret=#{secret}"
37
+ end
38
+
39
+ protected
40
+ def generate_keys
41
+ self.token = OAuth::Helper.generate_key(40)[0,40]
42
+ self.secret = OAuth::Helper.generate_key(40)[0,40]
43
+ end
44
+ end
@@ -0,0 +1,36 @@
1
+ class RequestToken < OauthToken
2
+ attr_accessor :provided_oauth_verifier
3
+
4
+ def authorize!(user)
5
+ return false if authorized?
6
+ self.user = user
7
+ self.authorized_at = Time.now
8
+ self.verifier = OAuth::Helper.generate_key(20)[0,20] unless oauth10?
9
+ self.save
10
+ end
11
+
12
+ def exchange!
13
+ return false unless authorized?
14
+ return false unless oauth10? || verifier == provided_oauth_verifier
15
+
16
+ AccessToken.create(:user => user, :client_application => client_application).tap do
17
+ invalidate!
18
+ end
19
+ end
20
+
21
+ def to_query
22
+ if oauth10?
23
+ super
24
+ else
25
+ "#{super}&oauth_callback_confirmed=true"
26
+ end
27
+ end
28
+
29
+ def oob?
30
+ callback_url.nil? || callback_url.downcase == 'oob'
31
+ end
32
+
33
+ def oauth10?
34
+ (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
35
+ end
36
+ end
@@ -0,0 +1,11 @@
1
+ This creates an OAuth Consumer controller as well as requisite models.
2
+
3
+ It requires an authentication framework such as acts_as_authenticated, restful_authentication or restful_open_id_authentication that provides the methods "login_required" and "current_user".
4
+
5
+ See comments in generated controller for more info about overriding these.
6
+
7
+ If you generated the migration file (true by default), make sure you run
8
+
9
+ rake db:migrate
10
+
11
+ See README.rdoc for more.