pelle-oauth-plugin 0.3.5

data/generators/oauth_provider/templates/oauth_token_spec.rb

@@ -0,0 +1,309 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe RequestToken do
+  fixtures :client_applications, :users, :oauth_tokens
+  before(:each) do
+    @token = RequestToken.create :client_application => client_applications(:one)
+  end
+
+  it "should be valid" do
+    @token.should be_valid
+  end
+  
+  it "should not have errors" do
+    @token.errors.should_not == []
+  end
+  
+  it "should have a token" do
+    @token.token.should_not be_nil
+  end
+
+  it "should have a secret" do
+    @token.secret.should_not be_nil
+  end
+  
+  it "should not be authorized" do 
+    @token.should_not be_authorized
+  end
+
+  it "should not be invalidated" do
+    @token.should_not be_invalidated
+  end
+  
+  it "should not have a verifier" do
+    @token.verifier.should be_nil
+  end
+  
+  it "should not be oob" do
+    @token.should_not be_oob
+  end
+  
+  describe "OAuth 1.0a" do
+    
+    describe "with provided callback" do
+      before(:each) do
+        @token.callback_url="http://test.com/callback"        
+      end
+
+      it "should not be oauth10" do
+        @token.should_not be_oauth10
+      end
+      
+      it "should not be oob" do
+        @token.should_not be_oob
+      end
+
+      describe "authorize request" do
+        before(:each) do
+          @token.authorize!(users(:quentin))      
+        end
+
+        it "should be authorized" do
+          @token.should be_authorized      
+        end
+
+        it "should have authorized at" do
+          @token.authorized_at.should_not be_nil      
+        end
+
+        it "should have user set" do
+          @token.user.should == users(:quentin)      
+        end
+
+        it "should have verifier" do
+          @token.verifier.should_not be_nil      
+        end
+
+        describe "exchange for access token" do
+
+          before(:each) do
+            @token.provided_oauth_verifier=@token.verifier
+            @access = @token.exchange!
+          end
+          
+          it "should be valid" do
+            @access.should be_valid
+          end
+          
+          it "should have no error messages" do
+            @access.errors.full_messages.should==[]
+          end
+          
+          it "should invalidate request token" do
+            @token.should be_invalidated
+          end
+
+          it "should set user on access token" do
+            @access.user.should == users(:quentin)        
+          end
+          
+          it "should authorize accesstoken" do
+            @access.should be_authorized        
+          end
+        end
+
+        describe "attempt exchange with invalid verifier (OAuth 1.0a)" do
+
+          before(:each) do
+            @value = @token.exchange!
+          end
+
+          it "should return false" do
+            @value.should==false
+          end
+
+          it "should not invalidate request token" do
+            @token.should_not be_invalidated
+          end
+        end
+
+      end
+
+      describe "attempt exchange with out authorization" do
+
+        before(:each) do
+          @value = @token.exchange!
+        end
+
+        it "should return false" do
+          @value.should==false
+        end
+
+        it "should not invalidate request token" do
+          @token.should_not be_invalidated
+        end
+      end
+
+      it "should return 1.0a style to_query" do
+        @token.to_query.should=="oauth_token=#{@token.token}&oauth_token_secret=#{@token.secret}&oauth_callback_confirmed=true"
+      end
+
+    end
+
+    describe "with oob callback" do
+      before(:each) do
+        @token.callback_url='oob'
+      end
+
+      it "should not be oauth10" do
+        @token.should_not be_oauth10
+      end
+      
+      it "should be oob" do
+        @token.should be_oob
+      end
+
+      describe "authorize request" do
+        before(:each) do
+          @token.authorize!(users(:quentin))      
+        end
+
+        it "should be authorized" do
+          @token.should be_authorized      
+        end
+
+        it "should have authorized at" do
+          @token.authorized_at.should_not be_nil      
+        end
+
+        it "should have user set" do
+          @token.user.should == users(:quentin)      
+        end
+
+        it "should have verifier" do
+          @token.verifier.should_not be_nil      
+        end
+
+        describe "exchange for access token" do
+
+          before(:each) do
+            @token.provided_oauth_verifier=@token.verifier
+            @access = @token.exchange!
+          end
+
+          it "should invalidate request token" do
+            @token.should be_invalidated
+          end
+
+          it "should set user on access token" do
+            @access.user.should == users(:quentin)        
+          end
+
+          it "should authorize accesstoken" do
+            @access.should be_authorized        
+          end
+        end
+
+        describe "attempt exchange with invalid verifier (OAuth 1.0a)" do
+
+          before(:each) do
+            @value = @token.exchange!
+          end
+
+          it "should return false" do
+            @value.should==false
+          end
+
+          it "should not invalidate request token" do
+            @token.should_not be_invalidated
+          end
+        end
+
+      end
+
+      describe "attempt exchange with out authorization invalid verifier" do
+
+        before(:each) do
+          @value = @token.exchange!
+        end
+
+        it "should return false" do
+          @value.should==false
+        end
+
+        it "should not invalidate request token" do
+          @token.should_not be_invalidated
+        end
+      end
+
+      it "should return 1.0 style to_query" do
+        @token.to_query.should=="oauth_token=#{@token.token}&oauth_token_secret=#{@token.secret}&oauth_callback_confirmed=true"
+      end
+    end
+  end
+
+  if defined? OAUTH_10_SUPPORT && OAUTH_10_SUPPORT
+    describe "OAuth 1.0" do
+    
+      it "should be oauth10" do
+        @token.should be_oauth10
+      end
+      
+      it "should not be oob" do
+        @token.should_not be_oob
+      end
+
+      describe "authorize request" do
+        before(:each) do
+          @token.authorize!(users(:quentin))      
+        end
+
+        it "should be authorized" do
+          @token.should be_authorized      
+        end
+
+        it "should have authorized at" do
+          @token.authorized_at.should_not be_nil      
+        end
+
+        it "should have user set" do
+          @token.user.should == users(:quentin)      
+        end
+
+        it "should not have verifier" do
+          @token.verifier.should be_nil      
+        end
+
+        describe "exchange for access token" do
+
+          before(:each) do
+            @access = @token.exchange!
+          end
+
+          it "should invalidate request token" do
+            @token.should be_invalidated
+          end
+
+          it "should set user on access token" do
+            @access.user.should == users(:quentin)        
+          end
+
+          it "should authorize accesstoken" do
+            @access.should be_authorized        
+          end
+        end
+
+      end
+
+      describe "attempt exchange with out authorization" do
+
+        before(:each) do
+          @value = @token.exchange!
+        end
+
+        it "should return false" do
+          @value.should==false
+        end
+
+        it "should not invalidate request token" do
+          @token.should_not be_invalidated
+        end
+      end
+
+      it "should return 1.0 style to_query" do
+        @token.to_query.should=="oauth_token=#{@token.token}&oauth_token_secret=#{@token.secret}"
+      end
+
+    end
+  end
+end

data/generators/oauth_provider/templates/oauth_token_test.rb

@@ -0,0 +1,57 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class RequestTokenTest < ActiveSupport::TestCase
+
+  fixtures :client_applications, :users, :oauth_tokens
+  
+  def setup
+    @token = RequestToken.create :client_application=>client_applications(:one)
+  end
+
+  def test_should_be_valid
+    assert @token.valid?
+  end
+  
+  def test_should_not_have_errors
+    assert @token.errors.empty?
+  end
+  
+  def test_should_have_a_token
+    assert_not_nil @token.token
+  end
+
+  def test_should_have_a_secret
+    assert_not_nil @token.secret
+  end
+  
+  def test_should_not_be_authorized 
+    assert !@token.authorized?
+  end
+
+  def test_should_not_be_invalidated
+    assert !@token.invalidated?
+  end
+  
+  def test_should_authorize_request
+    @token.authorize!(users(:quentin))
+    assert @token.authorized?
+    assert_not_nil @token.authorized_at
+    assert_equal users(:quentin), @token.user
+  end
+  
+  def test_should_not_exchange_without_approval
+    assert_equal false, @token.exchange!
+    assert_equal false, @token.invalidated?
+  end
+  
+  def test_should_not_exchange_without_approval
+    @token.authorize!(users(:quentin))
+    @access = @token.exchange!
+    assert_not_equal false, @access
+    assert @token.invalidated?
+    
+    assert_equal users(:quentin), @access.user
+    assert @access.authorized?
+  end
+  
+end

data/generators/oauth_provider/templates/oauth_tokens.yml

@@ -0,0 +1,17 @@
+# Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
+one:
+  id: 1
+  user_id: 1
+  client_application_id: 1
+  token: one
+  secret: MyString
+  created_at: 2007-11-19 07:31:46
+  updated_at: 2007-11-19 07:31:46
+two:
+  id: 2
+  user_id: 1
+  client_application_id: 1
+  token: two
+  secret: MyString
+  created_at: 2007-11-19 07:31:46
+  updated_at: 2007-11-19 07:31:46

data/generators/oauth_provider/templates/request_token.rb

@@ -0,0 +1,40 @@
+class RequestToken < OauthToken
+  
+  attr_accessor :provided_oauth_verifier
+  
+  def authorize!(user)
+    return false if authorized?
+    self.user = user
+    self.authorized_at = Time.now
+    self.verifier=OAuth::Helper.generate_key(16)[0,20] unless oauth10?
+    self.save
+  end
+  
+  def exchange!
+    return false unless authorized?
+    return false unless oauth10? || verifier==provided_oauth_verifier
+    
+    RequestToken.transaction do
+      access_token = AccessToken.create(:user => user, :client_application => client_application)
+      invalidate!
+      access_token
+    end
+  end
+  
+  def to_query
+    if oauth10?
+      super
+    else
+      "#{super}&oauth_callback_confirmed=true"
+    end
+  end
+  
+  def oob?
+    self.callback_url=='oob'
+  end
+  
+  def oauth10?
+    (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
+  end
+
+end

data/generators/oauth_provider/templates/show.html.erb

@@ -0,0 +1,27 @@
+<h1>OAuth details for <%%=@client_application.name %></h1>
+<p>
+  <strong>Consumer Key:</strong>
+  <code><%%=@client_application.key %></code>
+</p>
+<p>
+  <strong>Consumer Secret:</strong>
+  <code><%%=@client_application.secret %></code>
+</p>
+<p>
+  <strong>Request Token URL</strong>
+  <code>http<%%='s' if request.ssl? %>://<%%= request.host_with_port %><%%=@client_application.oauth_server.request_token_path %></code>
+</p>
+<p>
+  <strong>Access Token URL</strong>
+  <code>http<%%='s' if request.ssl? %>://<%%= request.host_with_port %><%%=@client_application.oauth_server.access_token_path %></code>
+</p>
+<p>
+  <strong>Authorize URL</strong>
+  <code>http<%%='s' if request.ssl? %>://<%%= request.host_with_port %><%%=@client_application.oauth_server.authorize_path %></code>
+</p>
+
+<p>
+  We support hmac-sha1 (recommended) as well as plain text in ssl mode.
+</p>
+<%%= link_to 'Edit', edit_oauth_client_path(@client_application) %> |
+<%%= link_to 'Back', oauth_clients_path %>

data/generators/oauth_provider/templates/show.html.haml

@@ -0,0 +1,30 @@
+%h1 
+  OAuth details for 
+  =@client_application.name
+%p
+  %strong Consumer Key:
+  %code=@client_application.key
+%p
+  %strong Consumer Secret:
+  %code=@client_application.secret 
+
+%p
+  %strong Request Token URL
+  %code
+    ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.request_token_path}"
+
+%p
+  %strong Access Token URL
+  %code
+    ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.access_token_path}"
+
+%p
+  %strong Authorize URL
+  %code
+    ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.authorize_path}"
+
+%p
+  We support hmac-sha1 (recommended) as well as plain text in ssl mode.
+
+= link_to 'Edit', edit_oauth_client_path(@client_application)
+= link_to 'Back', oauth_clients_path

data/init.rb

@@ -0,0 +1,7 @@
+gem 'oauth', '>=0.3.5'
+require 'oauth/signature/hmac/sha1'
+require 'oauth/request_proxy/action_controller_request'
+require 'oauth/server'
+require 'oauth/controllers/application_controller_methods'
+
+ActionController::Base.send :include, OAuth::Controllers::ApplicationControllerMethods

data/install.rb

@@ -0,0 +1,2 @@
+#should we do any text formatting?
+puts IO.read(File.join(File.dirname(__FILE__), 'README.rdoc'))

data/lib/oauth/controllers/application_controller_methods.rb

@@ -0,0 +1,110 @@
+require 'oauth/signature'
+module OAuth
+  module Controllers
+   
+    module ApplicationControllerMethods
+      protected
+      
+      def current_token
+        @current_token
+      end
+      
+      def current_client_application
+        @current_client_application
+      end
+      
+      def oauthenticate
+        verified=verify_oauth_signature 
+        return verified && current_token.is_a?(::AccessToken)
+      end
+      
+      def oauth?
+        current_token!=nil
+      end
+      
+      # use in a before_filter
+      def oauth_required
+        if oauthenticate
+          if authorized?
+            return true
+          else
+            invalid_oauth_response
+          end
+        else          
+          invalid_oauth_response
+        end
+      end
+      
+      # This requies that you have an acts_as_authenticated compatible authentication plugin installed
+      def login_or_oauth_required
+        if oauthenticate
+          if authorized?
+            return true
+          else
+            invalid_oauth_response
+          end
+        else
+          login_required
+        end
+      end
+      
+      
+      # verifies a request token request
+      def verify_oauth_consumer_signature
+        begin
+          valid = ClientApplication.verify_request(request) do |request_proxy|
+            @current_client_application = ClientApplication.find_by_key(request_proxy.consumer_key)
+            
+            # Store this temporarily in client_application object for use in request token generation 
+            @current_client_application.token_callback_url=request_proxy.oauth_callback if request_proxy.oauth_callback
+            
+            # return the token secret and the consumer secret
+            [nil, @current_client_application.secret]
+          end
+        rescue
+          valid=false
+        end
+
+        invalid_oauth_response unless valid
+      end
+
+      def verify_oauth_request_token
+        verify_oauth_signature && current_token.is_a?(RequestToken)
+      end
+
+      def invalid_oauth_response(code=401,message="Invalid OAuth Request")
+        render :text => message, :status => code
+      end
+
+      private
+      
+      def current_token=(token)
+        @current_token=token
+        if @current_token
+          @current_user=@current_token.user
+          @current_client_application=@current_token.client_application 
+        end
+        @current_token
+      end
+      
+      # Implement this for your own application using app-specific models
+      def verify_oauth_signature
+        begin
+          valid = ClientApplication.verify_request(request) do |request_proxy|
+            self.current_token = ClientApplication.find_token(request_proxy.token)
+            if self.current_token.respond_to?(:provided_oauth_verifier=)
+              self.current_token.provided_oauth_verifier=request_proxy.oauth_verifier 
+            end
+            # return the token secret and the consumer secret
+            [(current_token.nil? ? nil : current_token.secret), (current_client_application.nil? ? nil : current_client_application.secret)]
+          end
+          # reset @current_user to clear state for restful_...._authentication
+          @current_user = nil if (!valid)
+          valid
+        rescue
+          false
+        end
+      end
+    end
+  end
+end

data/lib/oauth/controllers/consumer_controller.rb

@@ -0,0 +1,69 @@
+module Oauth
+  module Controllers
+    module ConsumerController
+      def self.included(controller)
+        controller.class_eval do  
+          before_filter :login_required
+          before_filter :load_consumer
+          skip_before_filter :verify_authenticity_token
+        end
+      end
+      
+      # creates request token and redirects on to oauth provider's auth page
+      # If user is already connected it displays a page with an option to disconnect and redo
+      def show
+        unless @token
+          @request_token=@consumer.get_request_token(callback_oauth_consumer_url(params[:id]))
+          session[@request_token.token]=@request_token.secret
+          if @request_token.callback_confirmed?
+            redirect_to @request_token.authorize_url
+          else
+            redirect_to(@request_token.authorize_url + "&oauth_callback=#{callback_oauth_consumer_url(params[:id])}")
+          end
+        end
+      end
+
+      def callback
+        @request_token_secret=session[params[:oauth_token]]
+        if @request_token_secret
+          @token=@consumer.create_from_request_token(current_user,params[:oauth_token],@request_token_secret,params[:oauth_verifier])
+          if @token
+            flash[:notice] = "#{params[:id].humanize} was successfully connected to your account"
+            go_back
+          else
+            flash[:error] = "An error happened, please try connecting again"
+            redirect_to oauth_consumer_url(params[:id])
+          end
+        end
+
+      end
+
+      def destroy
+        throw RecordNotFound unless @token
+        @token.destroy
+        if params[:Reconnect]
+          redirect_to oauth_consumer_url(params[:id])
+        else
+          flash[:notice] = "#{params[:id].humanize} was successfully disconnected from your account"
+          
+          go_back
+        end
+      end
+
+      protected
+      
+      # Override this in your controller to decide where you want to redirect user to after callback is finished.
+      def go_back
+        redirect_to root_url
+      end
+      
+      def load_consumer
+        consumer_key=params[:id].to_sym
+        throw RecordNotFound unless OAUTH_CREDENTIALS.include?(consumer_key)
+        @consumer="#{consumer_key.to_s.camelcase}Token".constantize
+        @token=@consumer.find_by_user_id current_user.id
+      end
+      
+    end
+  end
+end