pelle-oauth-plugin 0.3.5

data/generators/oauth_provider/USAGE

@@ -0,0 +1,20 @@
+./script/generate oauth_provider 
+
+This creates an OAuth Provider controller as well as the requisite models.
+
+It requires an authentication framework such as acts_as_authenticated, restful_authentication or restful_open_id_authentication.
+
+If you generated the migration file (true by default), make sure you run
+
+  rake db:migrate
+
+include the following in your user.rb
+
+  has_many :client_applications
+  has_many :tokens, :class_name=>"OauthToken",:order=>"authorized_at desc",:include=>[:client_application]
+
+For legacy OAUTH 1.0 support add the following constant in your environment.rb
+
+  OAUTH_10_SUPPORT = true
+
+Note, you should only do this if you really positively require to support old OAuth1.0 clients. There is a serious security issue with this.

data/generators/oauth_provider/lib/insert_routes.rb

@@ -0,0 +1,67 @@
+# Stolen from http://github.com/technoweenie/restful-authentication
+
+Rails::Generator::Commands::Create.class_eval do
+  def route_entry(raw)
+    sentinel = 'ActionController::Routing::Routes.draw do |map|'
+ 
+    logger.route raw
+    unless options[:pretend]
+      gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
+        "#{match}\n  #{raw}\n"
+      end
+    end
+  end
+
+  def route_resource(*resources)
+    resource_list = resources.map { |r| r.to_sym.inspect }.join(', ')
+    sentinel = 'ActionController::Routing::Routes.draw do |map|'
+ 
+    logger.route "map.resource #{resource_list}"
+    unless options[:pretend]
+      gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
+        "#{match}\n  map.resource #{resource_list}\n"
+      end
+    end
+  end
+  
+  def route_name(name, path, route_options = {})
+    sentinel = 'ActionController::Routing::Routes.draw do |map|'
+    
+    logger.route "map.#{name} '#{path}', :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
+    unless options[:pretend]
+      gsub_file 'config/routes.rb', /(#{Regexp.escape(sentinel)})/mi do |match|
+        "#{match}\n  map.#{name} '#{path}', :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
+      end
+    end
+  end
+end
+ 
+Rails::Generator::Commands::Destroy.class_eval do
+  def route_resource(*resources)
+    resource_list = resources.map { |r| r.to_sym.inspect }.join(', ')
+    look_for = "\n  map.resource #{resource_list}\n"
+    logger.route "map.resource #{resource_list}"
+    unless options[:pretend]
+      gsub_file 'config/routes.rb', /(#{look_for})/mi, ''
+    end
+  end
+  
+  def route_name(name, path, route_options = {})
+    look_for =   "\n  map.#{name} '#{path}', :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
+    logger.route "map.#{name} '#{path}',     :controller => '#{route_options[:controller]}', :action => '#{route_options[:action]}'"
+    unless options[:pretend]
+      gsub_file    'config/routes.rb', /(#{look_for})/mi, ''
+    end
+  end
+end
+ 
+Rails::Generator::Commands::List.class_eval do
+  def route_resource(*resources)
+    resource_list = resources.map { |r| r.to_sym.inspect }.join(', ')
+    logger.route "map.resource #{resource_list}"
+  end
+  
+  def route_name(name, path, options = {})
+    logger.route "map.#{name} '#{path}', :controller => '{options[:controller]}', :action => '#{options[:action]}'"
+  end
+end

data/generators/oauth_provider/oauth_provider_generator.rb

@@ -0,0 +1,124 @@
+require File.expand_path(File.dirname(__FILE__) + "/lib/insert_routes.rb")
+class OauthProviderGenerator < Rails::Generator::Base
+  default_options :skip_migration => false
+  attr_reader   :class_path,
+                :controller_name,
+                :controller_class_path,
+                :controller_file_path,
+                :controller_class_name,
+                :controller_singular_name,
+                :controller_plural_name
+  alias_method  :controller_file_name,  :controller_singular_name
+
+  def initialize(runtime_args, runtime_options = {})
+    super
+
+    @controller_name = args.shift || 'oauth'
+    @controller_singular_name = 'oauth'
+    @controller_plural_name = 'oauth'
+    @controller_file_name = 'oauth'
+    @controller_class_name="Oauth"
+    @class_path=''
+    @controller_class_path=''
+  end
+
+  def manifest
+    record do |m|
+      
+      # Check for class naming collisions.
+      # Check for class naming collisions.
+      m.class_collisions controller_class_path,       "#{controller_class_name}Controller", # Oauth Controller
+                                                      "#{controller_class_name}Helper",
+                                                      "#{controller_class_name}ClientsController",
+                                                      "#{controller_class_name}ClientsHelper"
+      m.class_collisions class_path,                  "ClientApplication","OauthNonce","RequestToken","AccessToken","OauthToken"
+
+      # Controller, model, views, and test directories.
+      m.directory File.join('app/models', class_path)
+      m.directory File.join('app/controllers', controller_class_path)
+      m.directory File.join('app/views', controller_class_path, controller_file_name)
+      m.directory File.join('app/views', controller_class_path, 'oauth_clients')
+
+      m.template 'client_application.rb',File.join('app/models',"client_application.rb")
+      m.template 'oauth_token.rb',    File.join('app/models',"oauth_token.rb")
+      m.template 'request_token.rb',  File.join('app/models',"request_token.rb")
+      m.template 'access_token.rb',   File.join('app/models',"access_token.rb")
+      m.template 'oauth_nonce.rb',    File.join('app/models',"oauth_nonce.rb")
+
+      m.template 'controller.rb',File.join('app/controllers',controller_class_path,"#{controller_file_name}_controller.rb")
+
+      m.template 'clients_controller.rb',File.join('app/controllers',controller_class_path,"#{controller_file_name}_clients_controller.rb")
+      m.route_name 'oauth', '/oauth',:controller=>'oauth',:action=>'index'
+      m.route_name 'authorize', '/oauth/authorize',:controller=>'oauth',:action=>'authorize'
+      m.route_name 'request_token', '/oauth/request_token',:controller=>'oauth',:action=>'request_token'
+      m.route_name 'access_token', '/oauth/access_token',:controller=>'oauth',:action=>'access_token'
+      m.route_name 'test_request', '/oauth/test_request',:controller=>'oauth',:action=>'test_request'
+      m.route_resources "#{controller_file_name}_clients".to_sym
+      
+      if !options[:test_unit]
+        m.directory File.join('spec')
+        m.directory File.join('spec/models')
+        m.directory File.join('spec/fixtures', class_path)
+        m.directory File.join('spec/controllers', controller_class_path)
+        
+        m.template 'client_application_spec.rb',File.join('spec/models',"client_application_spec.rb")
+        m.template 'oauth_token_spec.rb',    File.join('spec/models',"oauth_token_spec.rb")
+        m.template 'oauth_nonce_spec.rb',    File.join('spec/models',"oauth_nonce_spec.rb")
+        m.template 'client_applications.yml',File.join('spec/fixtures',"client_applications.yml")
+        m.template 'oauth_tokens.yml',    File.join('spec/fixtures',"oauth_tokens.yml")
+        m.template 'oauth_nonces.yml',    File.join('spec/fixtures',"oauth_nonces.yml")
+        m.template 'controller_spec_helper.rb', File.join('spec/controllers', controller_class_path,"#{controller_file_name}_controller_spec_helper.rb")
+        m.template 'controller_spec.rb',File.join('spec/controllers',controller_class_path,"#{controller_file_name}_controller_spec.rb")      
+        m.template 'clients_controller_spec.rb',File.join('spec/controllers',controller_class_path,"#{controller_file_name}_clients_controller_spec.rb")
+      else
+        m.directory File.join('test')
+        m.directory File.join('test/unit')
+        m.directory File.join('test/fixtures', class_path)
+        m.directory File.join('test/functional', controller_class_path)
+        m.template 'client_application_test.rb',File.join('test/unit',"client_application_test.rb")
+        m.template 'oauth_token_test.rb',    File.join('test/unit',"oauth_token_test.rb")
+        m.template 'oauth_nonce_test.rb',    File.join('test/unit',"oauth_nonce_test.rb")
+        m.template 'client_applications.yml',File.join('test/fixtures',"client_applications.yml")
+        m.template 'oauth_tokens.yml',    File.join('test/fixtures',"oauth_tokens.yml")
+        m.template 'oauth_nonces.yml',    File.join('test/fixtures',"oauth_nonces.yml")
+        m.template 'controller_test_helper.rb', File.join('test', controller_class_path,"#{controller_file_name}_controller_test_helper.rb")
+        m.template 'controller_test.rb',File.join('test/functional',controller_class_path,"#{controller_file_name}_controller_test.rb")
+        m.template 'clients_controller_test.rb',File.join('test/functional',controller_class_path,"#{controller_file_name}_clients_controller_test.rb")
+      end
+      
+      
+      @template_extension= options[:haml] ? "haml" : "erb"
+      
+      m.template "_form.html.#{@template_extension}",  File.join('app/views', controller_class_path, 'oauth_clients', "_form.html.#{@template_extension}")
+      m.template "new.html.#{@template_extension}",  File.join('app/views', controller_class_path, 'oauth_clients', "new.html.#{@template_extension}")
+      m.template "index.html.#{@template_extension}",  File.join('app/views', controller_class_path, 'oauth_clients', "index.html.#{@template_extension}")
+      m.template "show.html.#{@template_extension}",  File.join('app/views', controller_class_path, 'oauth_clients', "show.html.#{@template_extension}")
+      m.template "edit.html.#{@template_extension}",  File.join('app/views', controller_class_path, 'oauth_clients', "edit.html.#{@template_extension}")
+      m.template "authorize.html.#{@template_extension}",  File.join('app/views', controller_class_path, controller_file_name, "authorize.html.#{@template_extension}")
+      m.template "authorize_success.html.#{@template_extension}",  File.join('app/views', controller_class_path, controller_file_name, "authorize_success.html.#{@template_extension}")
+      m.template "authorize_failure.html.#{@template_extension}",  File.join('app/views', controller_class_path, controller_file_name, "authorize_failure.html.#{@template_extension}")
+      
+      unless options[:skip_migration]
+        m.migration_template 'migration.rb', 'db/migrate', :assigns => {
+          :migration_name => "CreateOauthTables"
+        }, :migration_file_name => "create_oauth_tables"
+      end
+    end
+  end
+
+  protected
+    def banner
+      "Usage: #{$0} #{spec.name}"
+    end
+
+    def add_options!(opt)
+      opt.separator ''
+      opt.separator 'Options:'
+      opt.on("--skip-migration", 
+             "Don't generate a migration file") { |v| options[:skip_migration] = v }
+      opt.on("--test-unit", 
+             "Generate the Test::Unit compatible tests instead of RSpec") { |v| options[:test_unit] = v }
+      opt.on("--haml", 
+            "Templates use haml") { |v| options[:haml] = v }
+    end
+end

data/generators/oauth_provider/templates/_form.html.erb

@@ -0,0 +1,17 @@
+<%%= error_messages_for :client_application %>
+<div class="field">
+  <label for="client_application_name">Name*</label><br/>
+  <%%= f.text_field :name %>
+</div>
+<div class="field">
+  <label for="client_application_url">Main Application URL*</label><br/>
+  <%%= f.text_field :url %>
+</div>
+<div class="field">
+  <label for="client_application_callback_url">Callback URL*</label><br/>
+  <%%= f.text_field :callback_url %>
+</div>
+<div class="field">
+  <label for="client_application_support_url">Support URL</label><br/>
+  <%%= f.text_field :support_url %>
+</div>

data/generators/oauth_provider/templates/_form.html.haml

@@ -0,0 +1,21 @@
+=error_messages_for :client_application
+.field
+  %label{:for=>"client_application_name"} Name*
+  %br
+  = f.text_field :name 
+
+.field
+  %label{:for=>"client_application_url"} Main Application URL*
+  %br
+  = f.text_field :url 
+
+.field
+  %label{:for=>"client_application_callback_url"} Callback URL*
+  %br
+  = f.text_field :callback_url 
+
+.field
+  %label{:for=>"client_application_support_url"} Support URL
+  %br
+  = f.text_field :support_url 
+

data/generators/oauth_provider/templates/access_token.rb

@@ -0,0 +1,10 @@
+class AccessToken < OauthToken
+  validates_presence_of :user
+  before_create :set_authorized_at
+  
+  protected 
+  
+  def set_authorized_at
+    self.authorized_at = Time.now
+  end
+end

data/generators/oauth_provider/templates/authorize.html.erb

@@ -0,0 +1,14 @@
+<h1>Authorize access to your account</h1>
+<p>Would you like to authorize <%%= link_to @token.client_application.name,@token.client_application.url %> (<%%= link_to @token.client_application.url,@token.client_application.url %>) to access your account?</p>
+<%% form_tag authorize_url do %>
+  <%%= hidden_field_tag "oauth_token", @token.token %>
+  <%%- if params[:oauth_callback] -%>
+  <%%= hidden_field_tag "oauth_callback", params[:oauth_callback] %>
+<%%- end -%>
+<p>
+  <%%= check_box_tag 'authorize' %> authorize access
+</p>
+<p>
+  <%%= submit_tag %>
+</p>
+<%% end %>

data/generators/oauth_provider/templates/authorize.html.haml

@@ -0,0 +1,16 @@
+%h1 Authorize access to your account
+%p
+  Would you like to authorize
+  = link_to @token.client_application.name,@token.client_application.url
+  (
+  = link_to @token.client_application.url,@token.client_application.url
+  ) to access your account?
+- form_tag authorize_url do
+  = hidden_field_tag "oauth_token", @token.token
+  - if params[:oauth_callback]
+    = hidden_field_tag "oauth_callback", params[:oauth_callback]
+  %p
+    = check_box_tag 'authorize'
+    authorize access
+  %p
+    = submit_tag

data/generators/oauth_provider/templates/authorize_failure.html.erb

@@ -0,0 +1 @@
+<h1>You have disallowed this request</h1>

data/generators/oauth_provider/templates/authorize_failure.html.haml

@@ -0,0 +1 @@
+%h1 You have disallowed this request

data/generators/oauth_provider/templates/authorize_success.html.erb

@@ -0,0 +1 @@
+<h1>You have allowed this request</h1>

data/generators/oauth_provider/templates/authorize_success.html.haml

@@ -0,0 +1 @@
+%h1 You have allowed this request

data/generators/oauth_provider/templates/client_application.rb

@@ -0,0 +1,55 @@
+require 'oauth'
+class ClientApplication < ActiveRecord::Base
+  belongs_to :user
+  has_many :tokens, :class_name => "OauthToken"
+  validates_presence_of :name, :url, :key, :secret
+  validates_uniqueness_of :key
+  before_validation_on_create :generate_keys
+
+  validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i
+  validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
+  validates_format_of :callback_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
+
+  attr_accessor :token_callback_url
+  
+  def self.find_token(token_key)
+    token = OauthToken.find_by_token(token_key, :include => :client_application)
+    if token && token.authorized?
+      token
+    else
+      nil
+    end
+  end
+  
+  def self.verify_request(request, options = {}, &block)
+    begin
+      signature = OAuth::Signature.build(request, options, &block)
+      return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp)
+      value = signature.verify
+      value
+    rescue OAuth::Signature::UnknownSignatureMethod => e
+      logger.info "ERROR"+e.to_s
+      false
+    end
+  end
+  
+  def oauth_server
+    @oauth_server ||= OAuth::Server.new("http://your.site")
+  end
+  
+  def credentials
+    @oauth_client ||= OAuth::Consumer.new(key, secret)
+  end
+    
+  def create_request_token
+    RequestToken.create :client_application => self,:callback_url=>self.token_callback_url
+  end
+  
+protected
+  
+  def generate_keys
+    oauth_client = oauth_server.generate_consumer_credentials
+    self.key = oauth_client.key[0,20]
+    self.secret = oauth_client.secret[0,40]
+  end
+end

data/generators/oauth_provider/templates/client_application_spec.rb

@@ -0,0 +1,29 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe ClientApplication do 
+  fixtures :users, :client_applications, :oauth_tokens
+  before(:each) do
+    @application = ClientApplication.create :name => "Agree2", :url => "http://agree2.com", :user => users(:quentin)
+  end
+
+  it "should be valid" do
+    @application.should be_valid
+  end
+  
+    
+  it "should not have errors" do
+    @application.errors.full_messages.should == []
+  end
+  
+  it "should have key and secret" do
+    @application.key.should_not be_nil
+    @application.secret.should_not be_nil
+  end
+
+  it "should have credentials" do
+    @application.credentials.should_not be_nil
+    @application.credentials.key.should == @application.key
+    @application.credentials.secret.should == @application.secret
+  end
+  
+end
+

data/generators/oauth_provider/templates/client_application_test.rb

@@ -0,0 +1,42 @@
+require File.dirname(__FILE__) + '/../test_helper'
+module OAuthHelpers
+  
+  def create_consumer
+    @consumer=OAuth::Consumer.new(@application.key,@application.secret,
+      {
+        :site=>@application.oauth_server.base_url
+      })
+  end
+  
+end
+
+class ClientApplicationTest < ActiveSupport::TestCase
+  include OAuthHelpers
+  fixtures :users,:client_applications,:oauth_tokens
+  
+  def setup
+    @application = ClientApplication.create :name=>"Agree2",:url=>"http://agree2.com",:user=>users(:quentin)
+    create_consumer
+  end
+
+  def test_should_be_valid
+    assert @application.valid?
+  end
+  
+    
+  def test_should_not_have_errors
+    assert_equal [], @application.errors.full_messages
+  end
+  
+  def test_should_have_key_and_secret
+    assert_not_nil @application.key
+    assert_not_nil @application.secret
+  end
+
+  def test_should_have_credentials
+    assert_not_nil @application.credentials
+    assert_equal @application.key, @application.credentials.key
+    assert_equal @application.secret, @application.credentials.secret
+  end
+  
+end

data/generators/oauth_provider/templates/client_applications.yml

@@ -0,0 +1,23 @@
+# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
+one:
+  id: 1
+  name: MyString
+  url: MyString
+  support_url: MyString
+  callback_url: MyString
+  key: one_key
+  secret: MyString
+  user_id: 1
+  created_at: 2007-11-17 16:56:51
+  updated_at: 2007-11-17 16:56:51
+two:
+  id: 2
+  name: MyString
+  url: MyString
+  support_url: MyString
+  callback_url: MyString
+  key: two_key
+  secret: MyString
+  user_id: 1
+  created_at: 2007-11-17 16:56:51
+  updated_at: 2007-11-17 16:56:51

data/generators/oauth_provider/templates/clients_controller.rb

@@ -0,0 +1,52 @@
+class OauthClientsController < ApplicationController
+  before_filter :login_required
+  before_filter :get_client_application, :only => [:show, :edit, :update, :destroy]
+  
+  def index
+    @client_applications = current_user.client_applications
+    @tokens = current_user.tokens.find :all, :conditions => 'oauth_tokens.invalidated_at is null and oauth_tokens.authorized_at is not null'
+  end
+
+  def new
+    @client_application = ClientApplication.new
+  end
+
+  def create
+    @client_application = current_user.client_applications.build(params[:client_application])
+    if @client_application.save
+      flash[:notice] = "Registered the information successfully"
+      redirect_to :action => "show", :id => @client_application.id
+    else
+      render :action => "new"
+    end
+  end
+  
+  def show
+  end
+
+  def edit
+  end
+  
+  def update
+    if @client_application.update_attributes(params[:client_application])
+      flash[:notice] = "Updated the client information successfully"
+      redirect_to :action => "show", :id => @client_application.id
+    else
+      render :action => "edit"
+    end
+  end
+
+  def destroy
+    @client_application.destroy
+    flash[:notice] = "Destroyed the client application registration"
+    redirect_to :action => "index"
+  end
+  
+  private
+  def get_client_application
+    unless @client_application = current_user.client_applications.find(params[:id])
+      flash.now[:error] = "Wrong application id"
+      raise ActiveRecord::RecordNotFound
+    end
+  end
+end